Initial commit

skills/ado-pipeline-best-practices.md

@@ -0,0 +1,155 @@
+---
+name: ado-pipeline-best-practices
+description: Azure DevOps pipeline best practices, patterns, and industry standards
+---
+
+## 🚨 CRITICAL GUIDELINES
+
+### Windows File Path Requirements
+
+**MANDATORY: Always Use Backslashes on Windows for File Paths**
+
+When using Edit or Write tools on Windows, you MUST use backslashes (`\`) in file paths, NOT forward slashes (`/`).
+
+**Examples:**
+- ❌ WRONG: `D:/repos/project/file.tsx`
+- ✅ CORRECT: `D:\repos\project\file.tsx`
+
+This applies to:
+- Edit tool file_path parameter
+- Write tool file_path parameter
+- All file operations on Windows systems
+
+
+### Documentation Guidelines
+
+**NEVER create new documentation files unless explicitly requested by the user.**
+
+- **Priority**: Update existing README.md files rather than creating new documentation
+- **Repository cleanliness**: Keep repository root clean - only README.md unless user requests otherwise
+- **Style**: Documentation should be concise, direct, and professional - avoid AI-generated tone
+- **User preference**: Only create additional .md files when user specifically asks for documentation
+
+
+---
+
+# Azure Pipelines Best Practices
+
+Comprehensive best practices for creating and maintaining Azure DevOps YAML pipelines.
+
+## Pipeline Structure
+
+**Multi-Stage Pipelines:**
+```yaml
+# Recommended structure
+stages:
+  - stage: Build
+  - stage: Test
+  - stage: DeployDev
+  - stage: DeployStaging  
+  - stage: DeployProduction
+```
+
+**Benefits:**
+- Clear separation of concerns
+- Conditional stage execution
+- Environment-specific configurations
+- Approval gates between stages
+
+## Triggers and Scheduling
+
+**Best practices:**
+- Use path filters to avoid unnecessary builds
+- Enable batch builds for high-frequency repos
+- Use PR triggers for validation
+- Schedule nightly/weekly builds for comprehensive testing
+
+```yaml
+trigger:
+  batch: true
+  branches:
+    include: [main, develop]
+  paths:
+    exclude: ['docs/*', '**.md']
+
+pr:
+  autoCancel: true
+  branches:
+    include: [main]
+
+schedules:
+  - cron: '0 0 * * *'
+    displayName: 'Nightly build'
+    branches:
+      include: [main]
+    always: false  # Only if code changed
+```
+
+## Variable Management
+
+**Hierarchy:**
+1. Pipeline-level variables (az devops YAML)
+2. Variable groups (shared across pipelines)
+3. Azure Key Vault (secrets)
+4. Runtime parameters (user input)
+
+**Security:**
+- Never hardcode secrets
+- Use Key Vault for sensitive data
+- Mark secrets in variable groups
+- Secrets are automatically masked in logs
+
+## Caching
+
+Implement caching for:
+- Package dependencies (npm, pip, NuGet, Maven)
+- Docker layers
+- Build outputs
+
+**Impact:**
+- Faster builds (up to 90% reduction)
+- Reduced network usage
+- Lower costs
+
+## Templates
+
+**Use templates for:**
+- Reusable build patterns
+- Standardized deployment steps
+- Consistent security scanning
+- Company-wide best practices
+
+**Benefits:**
+- DRY (Don't Repeat Yourself)
+- Centralized updates
+- Consistent processes
+
+## Security Practices
+
+**Essential:**
+- Code scanning (SAST, dependency)
+- Container image scanning
+- Secret scanning
+- Compliance checks
+- Branch protection policies
+- Required approvals
+
+## Performance
+
+**Optimize:**
+- Parallelize independent jobs
+- Use caching extensively
+- Shallow git clones (fetchDepth: 1)
+- Appropriate agent pools
+- Clean up artifacts
+
+## Monitoring
+
+**Track:**
+- Build success rates
+- Build durations
+- Test pass rates
+- Deployment frequency
+- Mean time to recovery (MTTR)
+
+Always verify best practices against latest Azure DevOps documentation.