Azure DevOps Engineer — Complete Learning Package

Beginner Labs (1–15)

• Create Azure DevOps project + repo
• YAML pipeline: build → test → publish
• Release pipeline to App Service
• Branch policies (PR + reviewer + build validation)
• GitHub Actions CI/CD
• Variable groups + Key Vault integration
• Bicep deployment via pipeline
• Deployment slot swap
• Service connection (service principal)
• Terraform infra deployment
• PR build validation
• Scheduled pipeline
• Test execution in pipeline
• Docker build + push to ACR
• Deploy container to App Service

Intermediate Labs (16–35)

• Multi-stage pipeline with approvals
• Blue/green deployment (App Service)
• Canary deployment (AKS)
• Bicep module library
• Terraform remote state
• Terraform plan → approval → apply
• AKS Helm deployment
• Feature flags deployment
• Infra what-if validation
• Self-hosted agent setup
• Secret scanning (detect-secrets)
• SAST (CodeQL/SonarQube)
• SCA (Dependabot/Snyk)
• Container scanning (Trivy/Defender)
• IaC scanning (Checkov/tfsec)
• DAST (OWASP ZAP)
• Pipeline template reuse
• Env-based configs
• Auto rollback
• GitOps with Flux

Advanced Labs (36–50)

• Full DevSecOps pipeline
• Multi-region deployments
• AKS blue/green with Front Door
• A/B testing pipeline
• Database migrations in CI/CD
• Multi-tenant deployment pipeline
• Self-service provisioning pipeline
• Compliance-as-code validation
• DR deployment pipeline
• Observability deployment pipeline
• Canary analysis + rollback
• Multi-cloud pipeline
• Container promotion pipeline
• SBOM generation
• Enterprise CI/CD pipeline

Major Projects

Core CI/CD Systems

• Enterprise microservices CI/CD (AKS)
• Multi-environment pipeline with IaC
• DevSecOps pipeline
• Blue/green deployment system
• Canary deployment with rollback

Advanced Systems

• Multi-region deployment orchestration
• Database CI/CD pipeline
• Feature flag system
• Self-service provisioning
• Container promotion pipeline

Platform Engineering

• GitOps platform with Flux
• Compliance-as-code system
• DR automation
• DORA metrics tracking
• Full enterprise DevOps platform

Gotchas & Common Mistakes

• YAML errors only show at runtime
• Service principal secrets expire
• Terraform state contains secrets
• Use specific image tags (not latest)
• ACR replication lag
• Pipeline variables vs variable groups confusion
• Approval gates need timeout
• Rollback must handle DB schema
• Feature flags need kill switch
• AKS autoscaler delay (5–10 mins)
• Pipeline caching requires correct key
• GitOps must be Git-only (no manual changes)
• Hosted agents are ephemeral
• Deployment slots not in free tier
• CI/CD is mandatory (no manual deploys)

Pipeline Design Checklist

• Build → test → lint
• Security scan (SAST, SCA, secrets)
• Package artifact/container
• Deploy to staging
• Run integration tests
• Approval before production
• Deploy production (blue/green or canary)
• Smoke test
• Rollback plan
• Monitoring integration

DORA Metrics

• Deployment Frequency
• Lead Time
• Change Failure Rate
• MTTR (Mean Time To Recovery)

IaC Pipeline Flow

Push → Validate → Lint → Security Scan → Plan → Review → Deploy Staging → Validate → Approve → Deploy Prod → Verify