The Project
I created a lot of new systems and procedures using modern best practices, but was still manually deploying many of them from my local machine. I needed to find a platform that could run my pipelines and integrate easily with Terraform. I also needed a way to project secrets injected at build and deploy time.
Azure DevOps
At the time I was using Azure DevOps Boards for Agile planning, as well as Repos hosting my git repos. Naturally I developed our CI/CD using Azure DevOps Pipelines. I was then able to deploy Terraform automatically on pull request or manually from the UI.
Azure Automation Accounts
To solve the patching and scripting issue, I utilized Azure Automation Accounts to automatically deploy patches on a regular schedule. Using the same system, I was also able to deploy PowerShell, Bash or Python scripts to any systems in Azure. This greatly simplified auto-remediation for issues found in the environment, before a rebuild could take place.
Migration to Github
After a little over two years in Azure DevOps, I decided to switch to Github and Github Actions. This platform feels better thought out and integrates nicely with other tools and performs security scanning using Dependabot. I also migrated our service principals to using OIDC tokens, to add better security to our pipelines and further segregate our development, qa and production environments.
Wrap Up
I thoroughly enjoy automating processes in our CI/CD pipelines and using platforms like Azure Automation Accounts. While I do prefer GitHub, Azure DevOps does offer a great all-in-one platform for managing your DevOps solution. I am continually finding ways to further automate and and simplify our build and deployment.