Appearance
CI/CD Overview
Microtec ERP uses Azure DevOps Pipelines for all build, test, and deployment automation. The pipeline ecosystem is designed around a config-driven, toggle-based model where a single services-config.json (with 13 services across 5 environments) drives all deployment decisions.
Pipeline Ecosystem Summary
File Layout
All pipeline files live under Devops/azure/:
Devops/azure/
├── pipelines/
│ ├── container-backend/
│ │ ├── all-repos-pipeline.yml # All 13 services from all repos (manual)
│ │ ├── platforms-pipeline.yml # Platforms repo services (7)
│ │ ├── hr-pipeline.yml # HR Personnel service
│ │ ├── keycloak-pipeline.yml # Keycloak service
│ │ ├── infrastructure-pipeline.yml # InfrastructureServices (3 services)
│ │ ├── fast-deploy-pipeline.yml # Image-only fast deploy
│ │ ├── production-release-pipeline.yml # Prod promotion with approvals
│ │ ├── deprovision-pipeline.yml # Tear down environment
│ │ └── workflow-pipeline.yml # WorkflowDesigner service
│ └── front-apps/
│ └── [frontend pipelines]
├── templates/
│ ├── stages/
│ │ ├── initialize.stage.yml
│ │ ├── build-docker.stage.yml
│ │ ├── deploy-container.stage.yml
│ │ ├── provision-infra.stage.yml
│ │ ├── fast-deploy.stage.yml
│ │ ├── approval.stage.yml
│ │ └── notify.stage.yml
│ ├── jobs/
│ │ ├── detect-container-services.job.yml
│ │ └── detect-frontend-apps.job.yml
│ └── steps/
│ ├── backend/
│ ├── frontend/
│ └── common/
├── config/
│ └── container-backend/
│ └── services-config.json # Master config (13 services)
├── scripts/
│ ├── infra/
│ │ └── Build-BicepParams.ps1
│ ├── detect/
│ └── [other script categories]
└── infrastructure/
└── main.bicep # Root Bicep entry pointBranch → Environment Mapping
Pipeline triggers fire based on the branch name matched against these rules:
| Branch Pattern | Target Environment | Deploy Mode | Approval Required |
|---|---|---|---|
main, master, production | Production | Full deploy | Yes |
stage, staging | Stage | Full deploy | No |
PreProd, preprod | Pre-Production | Full deploy | No |
uat | UAT | Full deploy | No |
| All other branches | Development | Full deploy | No |
Two Deploy Paths
| Path | Pipeline | Time | When to Use |
|---|---|---|---|
| Full deploy | pipelines/container-backend/platforms-pipeline.yml (and others) | ~20–30 min | New features, config changes, infra changes |
| Fast deploy | pipelines/container-backend/fast-deploy-pipeline.yml | ~3–8 min | Hotfixes — image change only, no infra/config changes |
See Fast Deploy Path for when NOT to use fast deploy.
Build Agents
| Agent Type | Pool | Used By |
|---|---|---|
| Self-hosted | MIC-EG-AGENT | All backend container pipelines (has Docker, .NET SDK, ACR auth) |
| Microsoft-hosted | ubuntu-latest | Frontend Angular builds (public npm access) |
Self-hosted agent servers:
| Server | IP | Notes |
|---|---|---|
| eg-build-01 | 192.168.120.88 | Primary |
| eg-build-02 | 192.168.120.122 | Secondary |
| eg-build-05 | 192.168.120.44 | Tertiary |
Agents run Ubuntu 22.04 with Azure CLI 2.85.0, Docker 24.x, and .NET 8 SDK pre-installed.
Pipeline Variable Groups
Each environment has a corresponding variable group in Azure DevOps Library:
| Variable Group | Scope |
|---|---|
container-backend-shared | Shared across all environments (NuGet uses System.AccessToken) |
container-backend-secrets-dev | Dev environment secrets |
container-backend-secrets-stage | Stage environment secrets |
container-backend-secrets-preprod | Preprod environment secrets |
container-backend-secrets-uat | UAT environment secrets |
container-backend-secrets-production | Production environment secrets |
$(System.AccessToken)
The NuGet private feed uses the built-in $(System.AccessToken) pipeline identity for authentication. This token is automatically provisioned by Azure DevOps and never expires. No manual PAT management required.
Config-Driven Architecture
All deploy pipelines read services-config.json at runtime. This single file is the source of truth for:
- Which services exist
- Which Docker image to build/deploy per service
- CPU, memory, and replica settings per environment
- Environment variables and secret references per service
- Network profile (public or private CAE)
- Scaling rules and health probe paths
See Services Config for the full schema and how to add a new service.
Deployment Lifecycle Diagram
Related Documentation
- Orchestrators — Pipeline orchestrators and stage templates explained
- Fast Deploy Path — When and how to use fast deploy
- Branch/Env Mapping — Full trigger and variable group reference
- Services Config — Master configuration file schema