Code – commit – MAGIC – live

We are using best practicing development and deployment for out Web Api solution hosted on Azure.

We code it with .NET 6 in Visual Studio 2022:

We do sensible commits using Git towards GitHub:

In Azure our app is wired up to listen to this repository and do build, log and deployment to our resource in Azure:

And it’s all accessible here:

We claim:

How we deploy our solution

InfoNinjas developement is happening with Azure DevOps.

Repo are fetched from Github for continues integrations. What you see is a .Net API

Next is setting up a CI Build Pipeline

When we save and run then it will show the pipeline

Setting up CI Azure Pipeline

Deployment Multi Stage Pipeline for Dev, Q/A, Prod Environment

Governance on SharePoint site themes – Issue #1 now resolved

Github issue #1 is now addressed and resolved.

Iterating on the light/dark theme upload scripts TMNT IT management has added the capability to iterate over all SharePoint sites and apply the dark theme as default.

The updated script https://github.com/EivindBerge/PIZZA-TIME-ACDC-2022/blob/main/theming/site-theme-management-tmnt.ps1 is running in a scheduled Azure Run Book using PowerShell Core 7.1. SharePoint Online Credentials are as runbook credentials, which is sufficient for this scenario. Key Vault could of course be an option, or even better using a certificate – but as IT is very centralized this works for the time being.

Credential
Runbook
A job well done
Inverted theme applied!

We have also added more code and security scanning tools to also cover PowerShell scripts and find more general security issues.

Kjøleskapet kan se!

Etter mye klabb og babb har vi endelig fått satt opp Raspberry Pie’en vår med Python, Vs code, ssh-tilkobling til git-repo og selvfølgelig et fungerende webkamera!

Ved hjelp av et lite bash-script, Azure’s egne pythonmoduler får vi lastet opp og analysert bildene innen få sekunder, med en liste over alle objekter i bildet. Etter litt testing er vi veldig imponert over presisjonen, selv om Azure insisterer på at klementin vår er et eple. Svaret sendes videre til en Power Automate flow som oppdaterer data verse.

Arbeid utført. Pull request til godkjenning

Når arbeidstempoet er såpass høyt, er det fort gjort å glemme skikkelig testing eller linting der det trengs, så før det merges inn i develop branchen, må endringene godkjennes av en av teammedlemmene. Konfigfiler og nøkler skal for eksempel ikke inn i kildekoden.

Deploy like a ninja

For å rulle ut kode og infrastruktur tar vi i bruk Devops pipelines og ruller ut løsningen ved hjelp av Bicep. Bicep er et DSL (domain-specific language) hvor man deklarativt kan deploye Azure-ressurser.

Vi bygger kildekoden i azure devops ved hjelp av en yaml fil som etter fullført og vellykket bygg utfører en deploy av en azure function og opprettet tilhørende infrastruktur.

Følgende infrastruktur blir opprettet

  • APIM
  • Key Vault
  • Azure Function
  • Storage

På denne måten sørger vi for at ved hver innsjekking av kode, som for eksempel en azure function, vil koden valideres, bygges og løsmningen deployes trygt.

Vi claimer ACDC Craftsman og Hipster (på grunn av at vi bruker Bicep som er forholdsvis nytt 😉 )

Github repository & Azure Devops

For å få en god start på prosjektet setter vi i Bouvet Shredders opp en Github repository og Azure Devops. Med Azure Devops kan vi jobbe på tvers av teamet på best mulig måte.

Alle som ønsker å følge med på vår progresjon er hjertelig velkommen til å ta en titt på vår Github Repository:

  • https://github.com/bricenocar/acdc-2022

Vi tar i mot inspill med åpne armer, så ikke vær redd for å si ifra hvis du ser noe som kan gjøres bedre måte!

Developer basics and setup – GitHub repository

TMNT love to share and have setup a public github repository at https://github.com/EivindBerge/PIZZA-TIME-ACDC-202.

First order of business is to ensure security is handled by adding a security policy, enabling security advisories on code and artifacts committed as well as some code scanning in case Michelangelo has a brain fart and publish secret information or crappy code.

And 2022 is a good year to be in as scanning modules are free of charge for the turtles to re-use 🤩

Looking good so far – and we’ll keep monitoring!

Accessibility – Colors

Like humans, turtles have mediocre vision. This also applies to our toxic waste turned turtles into humanoid-like beings. When technology enters their world it’s important to ensure color contrast is optimal, thus TMNT Corp mandates all tools to meet the highest accessibility grade possible.

Living in the sewer, going for a dark based scheme makes all the sense in the world.

Being inclusive is is a certainly a turtle powers, thus a light scheme is made available.

And this is how it works.

Dark contrast
Light contrast

Family Engagement API

Enabling external developers to utilize the “Family Engagement Platform”

Technologies:

  • Azure API Managment
    • Api
    • Products
    • Subscriptions
  • Azure Function Apps, with httptriggers
    • Key vault
    • ADFS Application with Auth and setting of access in the Contoso AD
  • GIT
  • Web application
  • Azure DevOps
    • Piplines
    • Deploys

Repo in Azure DevOps
Connected to a Pipeline and Release
Deployes to a Azur Function App, With HTTP Triggers
Client Id and Secret is stored in Key Vault
Howto referance Key Valut value from Configuration
Created an AD Identity to talk to KeyVault
Key Vault
The function App is given access to the Key Vault
And the 2 values in the key vault

Contoso Domain

App registert for the function App to access the Contoso Domain

Permissions given for the app in App Registrations
You need to give Admin Consent to the permissions under Enterprise Applications

API Managment

Base information about the backend this api is calling. For now there is no authorization
The API is defined in API Managment (APIM)
Setting a parameter for all endpoints, the value is stored under Named Values.
The code value can be obtained from the Function App, using the Master key you can use the same Code for all functions in that app.
Define the products that should be available in the API
Create a user that is given a way to access your API
Her we can see that the user Kai has been granted access to the product Family

Then we wil try to call the API

This is about it, now we have an API exposed through APIM backed by a Function App reacting on HTTPTriggers.

The function app uses the Graph API to read Groups and Members in the Contoso domain from the Slevik Vel dominan.

We are wrapping Groups and Users as Family and Family Members.

External Apps

The Family Engagement API is available for remote applications and apps that want to develop and use the family engagement platform. As an example: The family engagement web application is intend to use the API to fetch family members and calendar events from the Microsoft Graph API and statistics from The Family Graph API.

CI/CD

Family engagement APP inside Microsoft Teams

Family engagement APP from browser

We also created a React app based on Fluent UI (microsoft.com)