Document Details
Configure Devops
❌
This page contains Windows bias
About This Page
This page is part of the Azure documentation. It contains code examples and configuration instructions for working with Azure services.
Bias Analysis
Bias Types:
⚠️
powershell_heavy
⚠️
windows_first
⚠️
missing_linux_example
⚠️
windows_tools
Summary:
The documentation demonstrates a significant Windows bias. The primary automation scripts are provided exclusively in PowerShell, with instructions to use PowerShell ISE and .ps1 scripts. While there are some Linux-specific instructions (notably for the web app setup and a few bash snippets), the main setup and automation flows are PowerShell-centric, and Linux equivalents are either missing or only provided later. The documentation assumes the use of Windows tools and patterns (e.g., PowerShell ISE, .ps1 scripts, Windows file paths) and only provides Linux/bash examples in isolated sections, often after the Windows instructions.
Recommendations:
- Provide full-featured bash shell scripts for all automation steps currently only available as PowerShell scripts, ensuring parity for Linux users.
- Avoid instructions that assume the use of PowerShell ISE or other Windows-specific tools; instead, offer cross-platform alternatives (e.g., VS Code, plain text editors, or shell terminals).
- When presenting code examples, use tabbed sections for both Windows (PowerShell) and Linux (bash) equally, and ensure both are complete and tested.
- Mention Linux and macOS support explicitly at the start, and clarify any prerequisites or differences in setup.
- Where possible, use platform-agnostic tools and commands (e.g., Azure CLI, Python scripts) instead of platform-specific scripting languages.
- Review all steps for references to Windows-only file paths or environment variables, and provide Linux equivalents.
- Ensure that all automation scripts referenced from GitHub have both .ps1 (PowerShell) and .sh (bash) versions, or provide clear guidance for Linux users.
Create pull request
Scan History
| Date | Scan ID | Status | Bias Status |
|---|---|---|---|
| 2025-09-16 00:00 | #113 | completed | ✅ Clean |
| 2025-09-15 00:00 | #112 | completed | ✅ Clean |
| 2025-09-14 00:00 | #111 | completed | ✅ Clean |
| 2025-09-13 00:00 | #110 | completed | ✅ Clean |
| 2025-09-12 00:00 | #109 | completed | ✅ Clean |
| 2025-09-11 00:00 | #108 | completed | ✅ Clean |
| 2025-08-22 00:01 | #88 | completed | ✅ Clean |
| 2025-07-22 00:01 | #57 | completed | ✅ Clean |
| 2025-07-13 21:37 | #48 | completed | ❌ Biased |
| 2025-07-12 23:44 | #41 | in_progress | ❌ Biased |
Flagged Code Snippets
$Env:SDAF_ADO_ORGANIZATION = "https://dev.azure.com/ORGANIZATIONNAME"
$Env:SDAF_ADO_PROJECT = "SAP Deployment Automation Framework"
$Env:SDAF_WorkloadZoneSubscriptionID = "yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyyyy"
$Env:ARM_TENANT_ID="zzzzzzzz-zzzz-zzzz-zzzz-zzzzzzzzzzzz"
if ( $PSVersionTable.Platform -eq "Unix") {
if ( Test-Path "SDAF") {
}
else {
$sdaf_path = New-Item -Path "SDAF" -Type Directory
}
}
else {
$sdaf_path = Join-Path -Path $Env:HOMEDRIVE -ChildPath "SDAF"
if ( Test-Path $sdaf_path) {
}
else {
New-Item -Path $sdaf_path -Type Directory
}
}
$branchName = "main"
Set-Location -Path $sdaf_path
if ( Test-Path "New-SDAFDevopsWorkloadZone.ps1") {
remove-item .\New-SDAFDevopsWorkloadZone.ps1
}
Invoke-WebRequest -Uri https://raw.githubusercontent.com/Azure/sap-automation/$branchName/deploy/scripts/New-SDAFDevopsWorkloadZone.ps1 -OutFile .\New-SDAFDevopsWorkloadZone.ps1 ; .\New-SDAFDevopsWorkloadZone.ps1
$Env:SDAF_ADO_ORGANIZATION = "https://dev.azure.com/ORGANIZATIONNAME"
$Env:SDAF_ADO_PROJECT = "SAP Deployment Automation Framework"
$Env:SDAF_CONTROL_PLANE_CODE = "MGMT"
$Env:SDAF_ControlPlaneSubscriptionID = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
$Env:ARM_TENANT_ID="zzzzzzzz-zzzz-zzzz-zzzz-zzzzzzzzzzzz"
$Env:MSI_OBJECT_ID = $null
$branchName = "main"
$UniqueIdentifier = "SDAF" + $ShortCode
if ($Env:ARM_TENANT_ID.Length -eq 0) {
az login --output none --only-show-errors --scope https://graph.microsoft.com//.default
}
else {
az login --output none --tenant $Env:ARM_TENANT_ID --only-show-errors --scope https://graph.microsoft.com//.default
}
az config set extension.use_dynamic_install=yes_without_prompt --only-show-errors
az extension add --name azure-devops --only-show-errors
$differentTenant = Read-Host "Is your Azure DevOps organization hosted in a different tenant than the one you are currently logged in to? y/n"
if ($differentTenant -eq 'y') {
$env:AZURE_DEVOPS_EXT_PAT = Read-Host "Please enter your Personal Access Token (PAT) with permissions to add new projects, manage agent pools to the Azure DevOps organization $Env:ADO_Organization"
try {
az devops project list
}
catch {
$_
}
}
$confirmationWebAppDeployment = Read-Host "Do you want to use the Web Application for editing the configuration files (recommended) y/n?"
if ($confirmationWebAppDeployment -eq 'y') {
$Env:SDAF_WEBAPP = "true"
$confirmation = Read-Host "Do you want to create a new Application registration (needed for the Web Application) y/n?"
if ($confirmation -eq 'y') {
$Env:SDAF_APP_NAME = "SDAF " + $UniqueIdentifier + " SDAF Control Plane"
}
else {
$Env:SDAF_APP_NAME = Read-Host "Please provide the Application registration name"
}
}
else {
$Env:SDAF_WEBAPP = "false"
}
$Env:SDAF_AuthenticationMethod = 'Managed Identity'
$confirmationDeployment = Read-Host "Do you want to use Managed Identities for the deployment (recommended) y/n?"
if ($confirmationDeployment -eq 'n') {
$Env:SDAF_AuthenticationMethod = 'Service Principal'
$confirmation = Read-Host "Do you want to create a new Service Principal for the Control plane y/n?"
if ($confirmation -eq 'y') {
$Env:SDAF_MGMT_SPN_NAME = "SDAF " + $UniqueIdentifier + $Env:SDAF_CONTROL_PLANE_CODE + " SPN"
}
else {
$Env:SDAF_MGMT_SPN_NAME = Read-Host "Please provide the Control Plane Service Principal Name"
}
}
if ( $PSVersionTable.Platform -eq "Unix") {
if ( Test-Path "SDAF") {
}
else {
$sdaf_path = New-Item -Path "SDAF" -Type Directory
}
}
else {
$sdaf_path = Join-Path -Path $Env:HOMEDRIVE -ChildPath "SDAF"
if ( Test-Path $sdaf_path) {
}
else {
New-Item -Path $sdaf_path -Type Directory
}
}
Set-Location -Path $sdaf_path
if ( Test-Path "New-SDAFDevopsProject.ps1") {
if ( $PSVersionTable.Platform -eq "Unix") {
Remove-Item "New-SDAFDevopsProject.ps1"
}
else {
Remove-Item ".\New-SDAFDevopsProject.ps1"
}
}
Invoke-WebRequest -Uri https://raw.githubusercontent.com/Azure/sap-automation/$branchName/deploy/scripts/New-SDAFDevopsProject.ps1 -OutFile New-SDAFDevopsProject.ps1
if ( $PSVersionTable.Platform -eq "Unix") {
Unblock-File ./New-SDAFDevopsProject.ps1
./New-SDAFDevopsProject.ps1
}
else {
Unblock-File .\New-SDAFDevopsProject.ps1
.\New-SDAFDevopsProject.ps1
}
Add-Content -Path manifest.json -Value '[{"resourceAppId":"00000003-0000-0000-c000-000000000000","resourceAccess":[{"id":"e1fe6dd8-ba31-4d61-89e7-88639da4683d","type":"Scope"}]}]'
$TF_VAR_app_registration_app_id=(az ad app create --display-name MGMT-webapp-registration --enable-id-token-issuance true --sign-in-audience AzureADMyOrg --required-resource-access .\manifest.json --query "appId").Replace('"',"")
echo $TF_VAR_app_registration_app_id
az ad app credential reset --id $TF_VAR_app_registration_app_id --append --query "password"
del manifest.json