Deploy VSTS Web Deploy package from Agent machine to another machine - azure-devops

I am trying to implement CI/CD for a web application hosted in a local network. Which means the local machine/IIS server which hosted the web application is not directly connected to the internet (so not a VSTS agent).
So we are putting a virtual machine acts as an intermediary between internet & local intranet machines. The Azure DevOps release pipeline will copy the deployment package to this "Virtual Machine"
Now I want to deploy this package to another machine in the local network which is actually hosting the application for an intranet. How can we achieve this step in the release pipeline?

I have tried below solution and it seems ok for me.
From Azure Release Pipeline, copy the build artifacts to a local path in the server (mentioned as "Virtual machine" in question)
Using MSDeploy.exe to deploy the release artifact to an intranet website hosted on "Local Machine" IIS.
https://learn.microsoft.com/en-us/aspnet/web-forms/overview/deployment/web-deployment-in-the-enterprise/deploying-web-packages
Note: The destination local machine should be configured for WebDeploy as instructed in https://learn.microsoft.com/en-us/aspnet/web-forms/overview/deployment/configuring-server-environments-for-web-deployment/configuring-a-web-server-for-web-deploy-publishing-web-deploy-handler

Related

VSTS Agent Check if VM Already in Release Environment

I'm trying to use Powershell DSC to provision virtual machines in Azure and use Azure DevOps to manage the actually code deployment onto the virtual machines. The DSC script is setup to install IIS, asp.net core hosting, setup the sites in IIS, but not actually deploy any application code. The last step in the DSC is to add the virtual machine to azure devops. I went into the Environments tab in devops and copied the powershell script provided, parameterized my PAT so it could be passed into the configuration script, and executed. However, when the script runs a second time, it gives an error because the a resource already exists with the same name in that environment. I could not find a way to check if the VM was already registered as an environment resource in devops using the vsts agent config. I'm considering using the --replace flag, but I don't know if that will lose my deployment history or has any other consequences.
Is there a way to check if a Virtual Machine is already registered as a resource in an Azure DevOps environment.

How to integrate OnPrem Azure DevOps Server with the cloud one?

My firm has the Azure DevOps online version where we have all our projects and repo's. We were not able to configure CI/CD for the repo's because our internal server network doesn't have access to the internet.
To overcome this issue, we built a new server that has access to the internet and also to the internal network. On the new server, we installed and configured Azure DevOps Server 2019. We don't want to migrate our repo's from the cloud version to the online version.
I am trying to link the OnPrem repo to the cloud repo but it was not working. I issued a PAT on the cloud version and added it as a service connection under Pipelines in the OnPrem version but still, I am not able to see and link the cloud repo's.
I can clone the repo from the cloud to the OnPrem server but that will not get the latest code as the code is being checked in the cloud repo's
Can anyone please guide me on how to link both of them, please.
Thanks!!!
I don't think there's a meaningful way to integrate Azure DevOps Services and Azure DevOps Server, as they are essentially the same product. I assume (but don't know) that you're looking to integrate Azure DevOps Services to on-premise builds and deployments, as you state that you want to keep the repos in Azure DevOps Services. So, in essence, you want to run build and deployment group agents in on-premise environment.
Take a look at the agent-documentation and especially the communication subsection:
https://learn.microsoft.com/en-us/azure/devops/pipelines/agents/agents?view=azure-devops
Or this old blog post, from which the communication section originates:
https://devblogs.microsoft.com/devops/deploying-to-on-premises-environments-with-visual-studio-team-services-or-team-foundation-server/
The ideal solution would probably be that you run self-hosted build agents in your server that's open to internet, and configure an agent pool for them in Azure DevOps Services. For deployments, you'll want to use Deployment Groups and install deployment group agents to target servers, where they'll just need outbound 443 access for communicating with Azure DevOps Services.
If that's not possible, you'd have to install deployment agents to the build machine, which then sees your other on-premise servers, but this is rather unsatisfactory solution since you'd either have to rely on WinRm capabilities for deployments, or expose too much network between your build server and other on-premise servers.

Could not able to create an executable(.exe) from Azure Devops pipelines release

I am working for a WPF application, and recently I have migrated TFS to Azure DevOps and I am successfully able to create build artifacts as well, unfortunately, I could not create executable from the artifacts as Azure DevOps does not support InstallShield Package creation with it, now I decided to move the build artifacts to my local build server,again my company law doesn't allow to access my server from outside network, what should do to create executable.
The Build Agent needs to be able to connect to Azure DevOps. It's enough for it to be able to make an outgoing connection over https (443). The agent can be configured to connect through a web proxy server.
What alternatives do you have:
Use the hosted agent and install InstallShield as part of the build process. This will be slow, but it is doable. You'll need to execute this step as part of every build that tries to create the InstallShield package and requires you to do a head-less installation of InstallShield (given that they are the kings of Installers, I suppose this is doable).
Use a private agent in Azure. You can spin up any IaaS server on Azure, install Visual Studio, InstallShield and the Azure DevOps Agent on it and use it as a build server. There is a set of standard images file available which you can use as a basis.

Are there seperate VSTS agents for build vs release?

I am getting my first VSTS build and release definitions setup.
Test server destination, on prem
project is using VS 2017 professional
Earlier I setup a private agent for doing the build, following this.
https://learn.microsoft.com/en-us/vsts/build-release/actions/agents/v2-windows?view=vsts
The agent installed fine and I can see it from build & release / agent pools
However, have now switched to using a hosted agent for that so I can remove the need to install visual studio on a test server.
Now I want to deploy the build to my test server, which is on premises. Do I need yet another agent or can I use the one I setup already. In other words are build agents separate from release agents? The agent I setup earlier is running as a service.
The build agent can be used in VSTS build and release, also the deployment group agent is configuring with build agent too.
You don’t need to setup another build/release agent, there are many tasks to deploy app to another server, such as IIS Web App Deployment Using WinRM, PowerShell on Target machine, Windows Machine File Copy.
The build and release agents are the same, but you have to install an on-premise agent to deploy your projects in your network. Is not that you can not use the hosted agent, but you would have to use WinRM and open you network, which may not be a good idea.
After you installed your on-premise agent, you don't have to install VS on the machine to run tests. You can add the following task to your release.

VSTS Continuous Delivery to non-Azure web server

It doesn't look like this is possible but is there a way to use VSTS Continuous Delivery and deploy to a server outside Azure?
Sure. VSTS Continuous Delivery can deploy to anything that can run the VSTS agent or anything that can be targetted from a VSTS agent. Basically you have two options:
Let the VSTS (hosted) agent communicate directly to your deployment target. Out of the box tasks can use MsDeploy or WinRM. There are also tasks for Octopus Deploy, AWS and other systems available through the Marketplace. Powershell has options to connect directly to other systems and you can use many different protocols from a powershell script.
Install the VSTS agent on your target machine (or network). The VSTS agent can be downloaded and installed onto the target server. That way you have full local access to the target machine and can simply copy the files to the target folder straight from the Release Management artefacts. By installing a VSTS agent in you local network, you can use the options listed under 1 to bypass firewalls that might be blocking the hosted agent.