As a data engineer working on infrastructure-as-code using Bicep, I'm trying to understand the best practices for structuring my Azure Pipeline. I have separate environments for DEV and PRD, and I'm not sure when to use a deployment job versus a normal job.
For DEV, I don't need detailed deployment history, but for PRD, I might (I can't understand the differences between the history of a pipeline run and an environment run, you can still view the history right?). For instance, I have read: https://learn.microsoft.com/en-us/azure/devops/pipelines/process/deployment-jobs?view=azure-devops and understandably for PRD I would want my peers to approve the deployment, then I would opt for the special deployment job right.
Can someone explain the key considerations for choosing between these job types, especially in the context of Bicep deployments? Are there specific advantages to using deployment jobs for different environment that I should be aware of?
And how about using a deployment job for DEV or even UAT, does that make sense?
Some sample code for visualization of what I would do currently, but is this the way to go:
trigger:
- main
variables:
- name: devResourceGroup
value: 'rg-dev-001'
- name: prdResourceGroup
value: 'rg-prd-001'
stages:
- stage: DeployDev
jobs:
- job: DeployToDev
pool:
vmImage: 'ubuntu-latest'
steps:
- task: AzureCLI@2
inputs:
azureSubscription: 'Dev-ServiceConnection'
scriptType: 'bash'
scriptLocation: 'inlineScript'
inlineScript: |
az deployment group create --resource-group $(devResourceGroup) --template-file main.bicep
- stage: DeployPrd
jobs:
- deployment: DeployToPrd
pool:
vmImage: 'ubuntu-latest'
environment: 'Production'
strategy:
runOnce:
deploy:
steps:
- task: AzureCLI@2
inputs:
azureSubscription: 'Prd-ServiceConnection'
scriptType: 'bash'
scriptLocation: 'inlineScript'
inlineScript: |
az deployment group create --resource-group $(prdResourceGroup) --template-file main.bicep