Securing your AzureDevOps SharePoint tenant credentials with an Azure key Vault.

If you are following an automated Build and Release process for your SharePoint Framework then you will have come across the need to store your tenant SharePoint admin username and password as variables in the pipeline.

Whle this works and I believe the credentials are encrypted, this is not going to fly with enterprise corporate security. They are going to insist that the credentials are kept centrally in a secure KeyVault. Conveniently for us, a KeyVault is available for us to use in Azure.

Using the process described by the Azure DevOps Labs team you can set up a KeyVault and integrate it into your pipeline.

I am adding the KeyVault pipeline into an older version of an SPFx release (for the most up to date doc check this post out).

Once that is run the new password is successfully utilized instead of the variable I had stored within Azure DevOps.

 

Fixing SPFx node-sass binding error on ADO release pipeline

When trying to run the gulp upload-to-sharepoint  encountered the following issue when creating a release pipeline for an SPFx web-part. There was a problem with no binding available for node-sass

[command]C:\NPM\Modules\gulp.cmd upload-to-sharepoint –gulpfile D:\a\r1\a\build\release\gulpfile.js –ship –username *** –password *** –tenant mckinseyandcompany –cdnsite sites/apps/ –cdnlib ClientSideAssets
2019-06-12T14:51:53.5954467Z [14:51:53] Working directory changed to D:\a\r1\a\build\release
2019-06-12T14:51:54.5490645Z D:\a\r1\a\build\release\node_modules\node-sass\lib\binding.js:15
2019-06-12T14:51:54.5497252Z throw new Error(errors.missingBinary());
2019-06-12T14:51:54.5498022Z ^
2019-06-12T14:51:54.5498662Z
2019-06-12T14:51:54.5499258Z Error: Missing binding D:\a\r1\a\build\release\node_modules\node-sass\vendor\win32-x64-48\binding.node
2019-06-12T14:51:54.5499538Z Node Sass could not find a binding for your current environment: Windows 64-bit with Node.js 6.x
2019-06-12T14:51:54.5499731Z
2019-06-12T14:51:54.5499883Z Found bindings for the following environments:
2019-06-12T14:51:54.5500034Z – Windows 64-bit with Node.js 8.x

and the error was actually staring us in the face – “binding available for Node 8″……..

The solution, just like for the build process, you have to add an agent task to ensure the correct version of node is used for the release process.

Using npm ci as part of the SPFx CI CD process through Azure Dev Ops

During the Automated Build and Deploy process for a SharePoint Framework Web Part (as documented here) one of the steps you go through to install the application on the build server is a familiar step ‘npm install’.

This works just fine when working locally and should be, but it is inefficient as part of an automated build process.

For a good explaination of why, check out this stackoverflow answer https://stackoverflow.com/questions/52499617/what-is-the-difference-between-npm-install-and-npm-ci/53325242#53325242

npm install reads package.json to create a list of dependencies and uses package-lock.json to inform which versions of these dependencies to install. If a dependency is not in package-lock.json it will be added by npm install.

npm ci (named after Continuous Integration) installs dependencies directly from package-lock.json and uses package.json only to validate that there are no mismatched versions. If any dependencies are missing or have incompatible versions, it will throw an error.

In my experience this can speed up the build process by more than 50% and as the npm install is the rate determining step for the overall buil, this is very helpful.

The step in the process for the build should look like this:

I have submitted a pull request to update the documentation and we will see if it is worthy 🙂

 

 

Correcting SPFx gulp –ship Uglify Errors: Unexpected token: punc (()

We came across the following problem when trying to execute a gulp --ship on out SPFx development


[15:03:34] Starting subtask 'webpack'...
[15:03:49] Error - [webpack] 'dist':
list-view-demo-webpart-web-part.js from UglifyJs
Unexpected token: punc (() [list-view-demo-webpart-web-part.js:962,7]

In researching this issue it turns out that this issue stems from a problem with the webpack uglify plugin (uglify-webpack-plugin) which historically does not work with ES6 code.

From what I read, it seems like the current SPFx 1.8 does use the correct version of webpack and the uglify plugin to avoid this issue but it was still coming up.

We solved the issue by implementing a suggestion to a related issue on github

https://github.com/SharePoint/sp-dev-docs/issues/2782

The key was presented in one of the responses to the issue

https://github.com/SharePoint/sp-dev-docs/issues/2782#issuecomment-475519680

By replacing the uglify plugin with the terser plugin for webpack, the issue was resolved and we were able to Build and deploy.

PSC Tech Talk: Using AzureDevOps to Automate the Build and Deployment of SharePoint Framework widgets

During this PSC Tech Talk, Mark Roden gave a precursory run-through presentation for his SharePointFest Chicago 2018 presentation on the automation of build and deployment for SharePoint Framework widgets.

What is AzureDevops

Mark briefly walked through why AzureDevOps is PSC’s tool of choice for managing Agile projects. During an Agile project we build and deploy projects every two weeks so that progress can be demonstrated to clients and to ensure that the process is tested and working. Azure DevOps allows us to manage the whole process from:

  • Requirements Management (Backlog)
  • Project Management (Sprint Boards)
  • Code Source Control (git)
  • Automated Build and Deploy pipelines
  • Automated Testing

Quality

Having a transparent, visible to a client, Quality control process generates trust. Not only in the development process but also in the process for deployment. PSC uses AzureDevOps capabilities to run unit tests and where appropriate load testing of projects in development. SharePoint Framework is no exception. We want to make sure that anything being developed does not break existing code or the user interface. Traditionally testing would be done at the end of the project. In an Agile project it is done every two weeks.

What is SharePoint Framework?

Traditionally SharePoint on premises allowed an organization to customize the functionality using a “trusted-code” model whereby they were in complete control of the code going into their environment. When SharePoint online came out though this model was not available. Because of the shared-tenant model and because of a lack of access to modify SharePoint in a similar manner than on prem, Microsoft create the front-end-based SharePoint Framework model.

SharePoint online and therefore the SharePoint Framework (SPFx) are based on the React JavaScript framework. Developers create components which are directly integrated into the SharePoint online experience as if they were a first class member of the site.

Hello world 

Mark’s presentation used the Hello World example provided by Microsoft as a simple demonstration of how to build and deploy an SPFx widget locally. Mark then walked through the process of adding the widget manually to his SharePoint on line development tenant. Manually this process takes a couple of hours to set up and then about 10-15 minutes for every successful deployment.

Using AzureDevOps

Mark walked through the “build” and “deployment” processes provided by Microsoft in the AzureDevOps tool. The Build process manager has the ability to create separate tasks which simulate the manual process of creating the deployable code as explained in the Hello World example. The build process is triggered by checking the code into the Master branch.

The deployment process is similar and automates the process of taking the code and moving it out to the SharePoint tenant. The deployment is triggered on the completion of a successful “build”.

The Build and deployment process takes approximately 5 minutes and Mark showed the ability to track progress and see the console logging provided. Mark’s example also provided code coverage reports and testing dashboards.

Summary

When working on agile projects PSC recommends using AzureDevOps as the management tool of choice and as Mark demonstrated in this Tech Talk, building, testing and deploying SharePoint Framework widgets can automated.

 

 

 

 

 

Speaking at SharePointFest Chicago 2018

I am very lucky enough to have been accepted to speak at SharePointFest Chicago for the third year running now. The subject is Automated Build and deploy of SharePoint Framework webparts.

One of the really fascinating things about working in a modern large development team is the outstanding benefits for automated testing, automated build, and automated deployment. Even for something which might not on the surface seem to be a “big deal” such as SPFx webpart development, has many advantages to be gained by using a professional automated development environment.

Since I submitted and was accepted to speak, VSTS has been renamed to Azure DevOps, so this might be difficult to pull off as a topic – but i think we will be ok 😉

SharePointFest is always  alot of fun with a good crowd of speakers and attendees. I am excited to attend and excited to speak 🙂

 

DEV304 – Using VSTS to automate build and deployment tasks for SharePoint Framework webparts

Working on your own and building SharePoint Framework webparts is one thing, but when you have to work in a team on a larger project, the team approach to development has to be more structured and automated.

Modern team web development practices demand the use of unit tests, load testing and automated build and deploy methodologies. Why should developing for the Sharepoint framework be any different?

In this presentation Mark will highlight the advantages to using VSTS to create and manage and continuous build and deploy process for working with the Sharepoint Framework. Come and see how modern team development techniques can be applied to SPFx.

S106A Fri 2:20 PM – 3:30 pm