Dependencies & Packages
Security & Compliance
The course is part of this learning path
This course explains how to implement dependency management with Azure DevOps. It explores the strategies, tools, and methods used for creating and managing dependencies. First, you will learn what dependency management is and which packages are available for Azure DevOps. A practical demonstration then shows how to build a package. The course moves on to explore the strategies for dependency management, including versioning and componentization, and provides a demo that guides you through how to consume a package. Finally, you will learn about security and compliance, and watch a practical demonstration of WhiteSource Bolt.
By the end of this course, you should have a good understanding of how packages are managed within Azure DevOps and the implications of package management methodologies.
If you have any feedback relating to this course, please contact us at firstname.lastname@example.org.
- Explore what dependencies are
- Understand the various package types in Azure DevOps
- Manage packages in Azure DevOps through Artifacts
- Explore building software and creating dependencies
- Understand the strategies and methods for creating and managing dependencies
- Explore package security and compliance scanning options
- Individuals who want to learn more about Azure DevOps
- Individuals aiming to become Azure DevOps engineers
- Students preparing for Microsoft’s AZ-400 exam
To get the most from this course, you should have:
- Experience with version control and pushing changes into an Azure repo
- An Azure DevOps account
- Visual Studio installed if you want to follow along during the demos
- An understanding of Git and how to push code
In the last session, we created this depclass in Visual Studio, and we use the Azure Pipeline to build that project and upload it into the artifacts.
This artifact here, if we look at it, happens to have the two dependencies we put in there, and it's now published. In this session, we're going to consume this package. We're just gonna create a new project and connect up to this feed, and then install that dependency within our environment.
Before we do that, we're just going to take a look at the options here on the package feed. And we did talk about promoting packages into the different views. So, if we look here, we have prerelease, release and local, which is the feed we're in at the moment. So, you can choose to promote any different version of a package into different feeds.
So, here we can choose the version one, and we can put that into prerelease. And we can see here that's tagged with a different view. We'll come back to our project here, and we gonna create a new project. And we're gonna create a new console app. And we're gonna choose a new folder for this, as if it was a new project, use dependency, and select Create.
Now, we have the dependencies over here, and what we wanna do is go to the Manage NuGet packages, and we'd like to install our current package. So, up here we've got package sources, and if we choose the drop-down, we can see we have nuget.org Visual Studio offline. And we select the gear. Here we can add a new package. So, if we choose Add new package, it's looking for a name and a source.
We return to our view over here, and we choose to Connect to this feed. If we choose Visual Studio, it will give us some information on how to connect to these different feeds. So, in this case, we can see that prerelease feed. We wanna connect to the main feed. So, we come back here, connect to feed, Visual Studio, and there's the feed name, and that's the local feed link. Scroll across, copy that and paste that into the source. And we'll give the same name for the package name. And if you select that from our source, and choose Browse, you can see the dependency class that we created, and the different versions there. We wanna use one for this instance. And if we expand this, we can see the dependency class, which was our module.
We come back to our menu here, the Artifacts. I've already deployed this once. So, I can say the downloads are counting up, the number of users that are consuming it. So, I get information here telling me that how many people are using this package. In this case, we want to now update to the latest version. So, here we can see update to latest version.
Now, when we update the latest version that included the extension and the Newtonsoft JSON dependencies, which the login came with these licenses. So, I've got to accept these licenses, and now they're available in my dependencies. This brings the session to a conclusion. I hope you found this useful, in showing how to consume a dependency that we've created.
Matthew Quickenden is a motivated Infrastructure Consultant with over 20 years of industry experience supporting Microsoft systems and other Microsoft products and solutions. He works as a technical delivery lead managing resources, understanding and translating customer requirements and expectations into architecture, and building technical solutions. In recent years, Matthew has been focused on helping businesses consume and utilize cloud technologies with a focus on leveraging automation to rapidly deploy and manage cloud resources at scale.