Skills measured as of July 26, 2024
- Design and implement processes and communications (10–15%)
- Design and implement a source control strategy (10–15%)
- Design and implement build and release pipelines (50–55%)
- Develop a security and compliance plan (10–15%)
- Implement an instrumentation strategy (5–10%)
- Design and implement a structure for the flow of work, including GitHub Flow
- Design and implement a strategy for feedback cycles, including notifications and GitHub issues
- Design and implement integration for tracking work, including GitHub projects, Azure Boards, and repositories
- Design and implement source, bug, and quality traceability
- Design and implement a dashboard, including flow of work metrics:
- Cycle times
- Time to recovery
- Lead time
- Design and implement appropriate metrics and queries for:
- Project planning
- Development
- Testing
- Security
- Delivery
- Operations
- Document a project by configuring wikis and process diagrams:
- Markdown syntax
- Mermaid syntax
- Configure release documentation:
- Release notes
- API documentation
- Automate creation of documentation from Git history
- Configure integration:
- Using webhooks
- Between Azure Boards and GitHub repositories
- Between GitHub/Azure DevOps and Microsoft Teams
- Design a branch strategy:
- Trunk-based
- Feature branch
- Release branch
- Design and implement pull request workflow using:
- Branch policies
- Branch protections
- Implement branch merging restrictions using:
- Branch policies
- Branch protections
- Design and implement strategy for managing large files:
- Git Large File Storage (LFS)
- git-fat
- Design repository optimization strategy:
- Scaling with Scalar
- Cross-repository sharing
- Configure repository management:
- Permissions
- Tags for organization
- Data recovery using Git commands
- Data removal from source control
- Recommend package management tools:
- GitHub Packages registry
- Azure Artifacts
- Design and implement:
- Package feeds and views for local/upstream packages
- Dependency versioning strategy (SemVer, CalVer)
- Versioning strategy for pipeline artifacts
- Design and implement:
- Quality and release gates
- Security and governance
- Design comprehensive testing strategy:
- Local tests
- Unit tests
- Integration tests
- Load tests
- Implement pipeline testing:
- Configure test tasks
- Configure test agents
- Test results integration
- Code coverage analysis
- Select deployment automation solution:
- GitHub Actions
- Azure Pipelines
- Design and implement runner/agent infrastructure:
- Cost considerations
- Tool selection
- Licensing
- Connectivity
- Maintainability
- Pipeline development and integration:
- GitHub repositories with Azure Pipelines
- Trigger rules
- YAML pipelines
- Job execution order (parallelism, multi-stage)
- Complex pipeline scenarios:
- Hybrid pipelines
- VM templates
- Self-hosted runners/agents
- Pipeline elements:
- YAML templates
- Task groups
- Variables and variable groups
- Checks and approvals using YAML-based environments
- Design deployment strategies:
- Blue-green
- Canary
- Ring
- Progressive exposure
- Feature flags
- A/B testing
- Implementation considerations:
- Dependency deployment ordering
- Downtime minimization (VIP swap, load balancing)
- Rolling deployments
- Deployment slots
- Hotfix path planning
- Resiliency strategy
- Feature implementation:
- Feature flags with Azure App Configuration
- Container/binary/script deployment
- Database task deployment
- Configuration management:
- Technology recommendations
- Strategy implementation
- IaC strategy:
- Source control
- Testing automation
- Deployment automation
- Environment configuration:
- Azure Automation State Configuration
- Azure Resource Manager
- Bicep
- Azure Automanage Machine Configuration
- Azure Deployment Environments
- Monitoring and optimization:
- Pipeline health (failure rate, duration, flaky tests)
- Cost optimization
- Time optimization
- Performance optimization
- Reliability optimization
- Concurrency optimization
- Management:
- Retention strategy for artifacts/dependencies
- Migration from classic to YAML in Azure Pipelines
- Identity management:
- Service Principals vs Managed Identity
- GitHub authentication (Apps, GITHUB_TOKEN, PATs)
- Azure DevOps connections and tokens
- Permission management:
- GitHub roles and permissions
- Azure DevOps security groups
- Access levels (stakeholder, collaborator)
- Project/team configuration
- Secrets management:
- Azure Key Vault integration
- GitHub Actions secrets
- Azure Pipelines secrets
- Sensitive file deployment
- Pipeline security for sensitive data
- Scanning strategy:
- Dependency scanning
- Code scanning
- Secret scanning
- License scanning
- Security tooling:
- Microsoft Defender for Cloud DevOps
- GitHub Advanced Security
- Container scanning
- CodeQL analysis
- Dependabot alerts
- DevOps monitoring:
- Azure Monitor
- Log Analytics integration
- Telemetry collection:
- Application Insights
- VM Insights
- Container Insights
- Storage Insights
- Network Insights
- GitHub monitoring:
- Insights configuration
- Chart creation
- Alerts for Actions and Pipelines
- Performance monitoring:
- CPU, memory, disk, network indicators
- Usage metrics
- Application performance
- Distributed tracing with Application Insights
- Log analysis:
- Basic KQL queries