# Adopted challenge and breakout instructions
Challenge 3 and the breakout session will differ slightly if you've started
with the checkpoint for day5. The main difference is that you will only have
one environment named restore
to apply the changes to. Most of the time you
can stick to the original guide for day5.
# Differences in Challenge 3 - Protect SCM Contacts API with Azure AD
Now that we have created the needed applications in Azure AD it's time to deploy the SCM Contacts API to Azure with Azure AD integration to protect the API.
After the deployment the API can only be accessed with a valid access token issued by Azure AD. Yesterday we have created CI/CD Builds for all services. Today we want to continue with Azure Pipelines to deploy all services with Azure AD integration.
Create and checkout a new branch named features/scmcontactsaad in your Azure Repo.
Note: Make sure that you create the branch in the Azure Repo where you imported the Azure Developer College's sources yesterday.
Open the build file
build-scm-api.yaml
underday5/apps/checkpoint/pipelines/jobs
and change everything fromday4
today5
Open the deploy file
deploy-scm-api.yaml
underday5/apps/checkpoint/pipelines/jobs
and uncomment the additional parameters passed to the deploy template.Save the definition, commit the changes and push the branch to your remote repository
Navigate to your Azure DevOps Project and go to
Pipelines > Library > Day5RestoreAADVars
Add the following variables and to pass them as ARM Template's parameters:
Name Value ARM Template parameter Stage AadInstance https://login.microsoftonline.com aadInstance Development AadClientId API AppId, the value that you received from the output when you created the Azure AD application aadClientId Development AadTenantId The id of your Azure AD Tenant aadTenantId Development AadDomain The domain name of your Azure AD e.g. azuredevcollege.onmicrosoft.com aadDomain Development AadClientIdUri http://scmapi-dev aadClientIdUri Development Run the pipeline for SCM-API and select the features/scmcontactsaad branch to run the pipeline against.
You can continue with challenge 3 as to the regular guide.
# Modified steps for break-out session
As in challenge-3 we always perform the following steps for each service:
- Create and checkout a new branch
- Edit the the existing build definition and change everything from
day4
today5
- Edit the the existing deploy definition and uncomment the lines indicated.
- Save the definition, commit the changes and push the branch to the remote repository
- Check and fill the required variables under
Pipelines > Library > Day5RestoreAADVars
- Run the build/deploy pipeline again
- Merge the feature branch into the master branch
We don't need to create additional Azure AD applications for the remaining services. All APIs use the same Azure AD application that we already created in challenge-3 for each stage (Development and Production). The Frontend services uses the client application.