home / skills / ntaksh42 / agents / multi-stage-pipeline

multi-stage-pipeline skill

safe

This skill builds multi-stage Azure Pipelines with deployment gates, approvals, and canary or blue-green strategies across environments.

npx playbooks add skill ntaksh42/agents --skill multi-stage-pipeline

Review the files below or copy the command above to add this skill to your agents.

Files (1)

SKILL.md

5.2 KB

---
name: multi-stage-pipeline
description: Create multi-stage Azure Pipelines with deployment gates and approvals. Use when implementing complex deployment pipelines with multiple environments.
---

# Multi-Stage Pipeline Skill

Azure DevOpsマルチステージパイプラインを構築するスキルです。

## 主な機能

- **複数ステージ**: Build → Test → Deploy
- **承認ゲート**: 手動承認
- **並列実行**: 複数環境同時デプロイ
- **条件分岐**: ブランチ、環境による条件
- **デプロイ戦略**: Blue-Green、Canary

## 完全なマルチステージパイプライン

```yaml
trigger:
  branches:
    include:
      - main
      - develop

pool:
  vmImage: 'ubuntu-latest'

variables:
  - group: Common-Variables

stages:
  # ビルドステージ
  - stage: Build
    displayName: 'Build Application'
    jobs:
      - job: BuildJob
        steps:
          - task: NodeTool@0
            inputs:
              versionSpec: '18.x'

          - script: |
              npm install
              npm run build
              npm test
            displayName: 'Build and Test'

          - task: PublishBuildArtifacts@1
            inputs:
              PathtoPublish: 'dist'
              ArtifactName: 'app'

  # テストステージ
  - stage: Test
    displayName: 'Run Tests'
    dependsOn: Build
    jobs:
      - job: UnitTests
        displayName: 'Unit Tests'
        steps:
          - script: npm run test:unit
            displayName: 'Run Unit Tests'

      - job: IntegrationTests
        displayName: 'Integration Tests'
        steps:
          - script: npm run test:integration
            displayName: 'Run Integration Tests'

      - job: E2ETests
        displayName: 'E2E Tests'
        steps:
          - script: npm run test:e2e
            displayName: 'Run E2E Tests'

  # セキュリティスキャン
  - stage: Security
    displayName: 'Security Scan'
    dependsOn: Build
    jobs:
      - job: SecurityScan
        steps:
          - task: WhiteSource@21
            inputs:
              cwd: '$(System.DefaultWorkingDirectory)'

  # Dev環境デプロイ
  - stage: Deploy_Dev
    displayName: 'Deploy to Dev'
    dependsOn: 
      - Test
      - Security
    condition: and(succeeded(), eq(variables['Build.SourceBranch'], 'refs/heads/develop'))
    jobs:
      - deployment: DeployDev
        environment: 'Development'
        strategy:
          runOnce:
            deploy:
              steps:
                - task: AzureWebApp@1
                  inputs:
                    azureSubscription: 'Azure-Dev'
                    appName: 'myapp-dev'
                    package: '$(Pipeline.Workspace)/app'

  # Staging環境デプロイ
  - stage: Deploy_Staging
    displayName: 'Deploy to Staging'
    dependsOn: Deploy_Dev
    condition: succeeded()
    jobs:
      - deployment: DeployStaging
        environment: 'Staging'
        strategy:
          runOnce:
            preDeploy:
              steps:
                - script: echo "Pre-deployment validation"
            deploy:
              steps:
                - task: AzureWebApp@1
                  inputs:
                    azureSubscription: 'Azure-Staging'
                    appName: 'myapp-staging'
                    package: '$(Pipeline.Workspace)/app'
            routeTraffic:
              steps:
                - script: echo "Routing traffic"
            postRouteTraffic:
              steps:
                - task: InvokeRESTAPI@1
                  inputs:
                    connectionType: 'connectedServiceName'
                    serviceConnection: 'SmokeTests'
                    method: 'POST'
                    urlSuffix: '/run-smoke-tests'

  # Production環境デプロイ（承認必要）
  - stage: Deploy_Production
    displayName: 'Deploy to Production'
    dependsOn: Deploy_Staging
    condition: and(succeeded(), eq(variables['Build.SourceBranch'], 'refs/heads/main'))
    jobs:
      - deployment: DeployProd
        environment: 'Production'  # 承認設定済み
        strategy:
          # Blue-Green デプロイ
          canary:
            increments: [10, 25, 50, 100]
            preDeploy:
              steps:
                - script: echo "Health check"
            deploy:
              steps:
                - task: AzureWebApp@1
                  inputs:
                    azureSubscription: 'Azure-Prod'
                    appName: 'myapp-prod'
                    package: '$(Pipeline.Workspace)/app'
                    deploymentMethod: 'zipDeploy'
            on:
              success:
                steps:
                  - script: echo "Deployment successful"
              failure:
                steps:
                  - script: echo "Rolling back"
                  - task: AzureAppServiceManage@0
                    inputs:
                      action: 'Swap Slots'
                      sourceSlot: 'staging'
```

## Canaryデプロイ

```yaml
strategy:
  canary:
    increments: [10, 25, 50, 100]
    deploy:
      steps:
        - script: echo "Deploying $(strategy.increment)%"
        - task: AzureTrafficManager@1
          inputs:
            trafficPercentage: $(strategy.increment)
```

## バージョン情報
- Version: 1.0.0

Overview

This skill creates multi-stage Azure Pipelines with gates, approvals, and advanced deployment strategies. It helps define Build → Test → Security → Deploy flows, including staged environments (Dev, Staging, Production) and controlled rollouts like canary and blue-green. Use it to standardize complex CI/CD workflows across branches and environments.

How this skill works

The skill generates YAML pipeline stages with explicit dependencies, conditions, and environment-targeted deployment jobs. It supports deployment strategies (runOnce, canary/blue-green), pre/post hooks, route-traffic steps, and integrations for artifact publishing, security scans, and smoke tests. Production deployments can be gated by branch checks and environment approvals to enforce manual approvals and safe rollouts.

When to use it

When you need a standardized pipeline for multiple environments (Dev, Staging, Production).
When deployments require manual approvals or environment gates before production.
When you want staged rollouts (canary or blue-green) to reduce risk.
When parallel test jobs and security scans must run before deployment.
When branch-based conditions should control which environment receives a release.

Best practices

Keep build artifacts versioned and published so downstream stages consume immutable packages.
Use environment approvals and checks for Production to enforce manual gating and compliance.
Run security scans and automated tests in separate stages before any deployment stage.
Parameterize subscriptions, app names, and variable groups to reuse the pipeline across projects.
Use incremental canary percentages and health checks between increments to detect regressions early.

Example use cases

Automatically build and run unit/integration/E2E tests on feature and main branches, then deploy to Dev for develop branch only.
Run security scanning stage in parallel with tests and block deployments if vulnerabilities are detected.
Deploy to Staging after Dev with pre-deploy validations and automated smoke tests triggered post-route.
Gate Production deploys with branch checks (main) and require manual environment approval before canary rollout.
Perform a blue-green swap or progressive traffic shift using canary increments and traffic manager steps.

FAQ

How do I require manual approval before production?

Configure the Production environment in Azure DevOps with approval checks. The pipeline will pause at the environment step until approvers sign off.

Can I run multiple environments in parallel?

Yes. Use separate deployment stages or jobs without dependsOn or with parallel jobs to deploy environments concurrently.