Module 5 : Pipelines CD (Déploiement Continu)
Multi-stage Pipeline
+----------------------------------------------------------+
| PIPELINE CD |
+----------------------------------------------------------+
| |
| Build --> Deploy Dev --> Deploy Test --> Deploy Prod |
| (auto) (auto) (approval) |
| |
+----------------------------------------------------------+
# azure-pipelines.yml - Multi-stage
trigger:
- main
stages:
- stage: Build
jobs:
- job: BuildJob
pool:
vmImage: 'ubuntu-latest'
steps:
- script: echo "Building..."
- publish: $(Build.SourcesDirectory)/artifacts
artifact: synapse-deploy
- stage: DeployDev
dependsOn: Build
condition: succeeded()
jobs:
- deployment: DeployToDev
environment: 'folab-dev'
strategy:
runOnce:
deploy:
steps:
- download: current
artifact: synapse-deploy
- script: echo "Deploying to Dev..."
- stage: DeployTest
dependsOn: DeployDev
condition: succeeded()
jobs:
- deployment: DeployToTest
environment: 'folab-test'
strategy:
runOnce:
deploy:
steps:
- script: echo "Deploying to Test..."
- stage: DeployProd
dependsOn: DeployTest
condition: succeeded()
jobs:
- deployment: DeployToProd
environment: 'folab-prod'
strategy:
runOnce:
deploy:
steps:
- script: echo "Deploying to Prod..."Environments et Approbations
Les Environments permettent de :
- Tracker les déploiements
- Configurer des approbations
- Définir des checks de sécurité
- Voir l'historique
# Créer un environment via CLI (PowerShell)
az devops invoke --area distributedtask --resource environments --http-method POST --api-version 6.0 --in-file environment.json
# Configuration dans le portal:
# Pipelines > Environments > folab-prod
# + Approvals: jean.dupont@mycompany.com
# + Checks: Business hours only (9-18h)
# + Checks: Azure Policy complianceVersion Bash (cliquez pour afficher)
# Créer un environment via CLI (Bash)
az devops invoke \
--area distributedtask \
--resource environments \
--http-method POST \
--api-version 6.0 \
--in-file environment.jsonDéploiement Synapse
# Déployer des artefacts Synapse (PowerShell)
- stage: DeploySynapse
jobs:
- deployment: DeploySynapseArtifacts
environment: 'folab-dev'
strategy:
runOnce:
deploy:
steps:
- task: AzureCLI@2
inputs:
azureSubscription: 'DataLab-Dev'
scriptType: 'pscore'
scriptLocation: 'inlineScript'
inlineScript: |
# Deployer les pipelines Synapse
az synapse pipeline create --workspace-name syn-folab-dev --name "ESG-Bronze-Silver" --file @pipelines/esg-bronze-silver.json
# Deployer les notebooks
az synapse notebook import --workspace-name syn-folab-dev --name "transform-esg" --file @notebooks/transform_esg.ipynb --spark-pool-name sparkpoolVersion Bash (cliquez pour afficher)
# Déployer des artefacts Synapse (Bash)
- stage: DeploySynapse
jobs:
- deployment: DeploySynapseArtifacts
environment: 'folab-dev'
strategy:
runOnce:
deploy:
steps:
- task: AzureCLI@2
inputs:
azureSubscription: 'DataLab-Dev'
scriptType: 'bash'
scriptLocation: 'inlineScript'
inlineScript: |
# Deployer les pipelines Synapse
az synapse pipeline create \
--workspace-name syn-folab-dev \
--name "ESG-Bronze-Silver" \
--file @pipelines/esg-bronze-silver.json
# Deployer les notebooks
az synapse notebook import \
--workspace-name syn-folab-dev \
--name "transform-esg" \
--file @notebooks/transform_esg.ipynb \
--spark-pool-name sparkpoolDéploiement Power BI
# Déployer un rapport Power BI
- stage: DeployPowerBI
jobs:
- deployment: DeployReport
environment: 'powerbi-dev'
strategy:
runOnce:
deploy:
steps:
- task: PowerShell@2
inputs:
targetType: 'inline'
script: |
# Se connecter à Power BI
Connect-PowerBIServiceAccount -ServicePrincipal `
-TenantId $(tenantId) `
-ClientId $(clientId) `
-ClientSecret $(clientSecret)
# Publier le rapport
New-PowerBIReport `
-Path "reports/esg-dashboard.pbix" `
-WorkspaceId $(workspaceId) `
-ConflictAction CreateOrOverwriteRollback
# Stratégie de rollback
# Option 1: Redéployer la version précédente
- stage: Rollback
condition: failed()
jobs:
- deployment: RollbackProd
environment: 'folab-prod'
strategy:
runOnce:
deploy:
steps:
- download: previous
artifact: synapse-deploy
- script: echo "Rolling back..."
# Option 2: Blue-Green deployment
# - Deployer sur slot "staging"
# - Tester
# - Swap staging <-> production
# - Si probleme, swap a nouveauVariables par environnement
# Variables différentes par stage
stages:
- stage: DeployDev
variables:
environment: 'dev'
resourceGroup: 'rg-folab-dev'
synapseWorkspace: 'syn-folab-dev'
jobs:
- deployment: Deploy
...
- stage: DeployProd
variables:
environment: 'prod'
resourceGroup: 'rg-folab-prod'
synapseWorkspace: 'syn-folab-prod'
jobs:
- deployment: Deploy
...Gates et Checks
| Check | Description |
|---|---|
| Approval | Validation manuelle requise |
| Business Hours | Déploiement pendant heures ouvrables |
| Azure Policy | Vérifier la conformité |
| Invoke Azure Function | Logique custom |
| Query Work Items | Vérifier les bugs résolus |
Bonnes pratiques CD :
- Déploiements automatiques en Dev
- Approbations requises pour Prod
- Tests de smoke après déploiement
- Monitoring post-déploiement
- Capacité de rollback rapide