How It's Built

AZ-104 Microsoft Azure Administrator Associate (Renewed 2025) and SC-300 Microsoft Identity and Access Administrator Associate (2025).

CV written in HTML and CSS, hosted as a static website in Azure Blob Storage with the $web container serving files publicly.

Azure Front Door provides HTTPS termination and custom domain routing. DNS points to the Front Door endpoint which forwards traffic to the blob storage origin.

Async fetch call to the Azure Function API on page load. localStorage caches the last known count to mask cold start delays. Error handling ensures the counter never shows a broken state.

NoSQL document database storing a single counter document with id 1. The input binding fetches the document before the function runs and the output binding writes it back after. No manual connection code required.

HTTP triggered Python function on Flex Consumption plan. Decorator pattern wires up the HTTP trigger, Cosmos DB input binding and output binding. CORS headers lock the API to trusted domains only.

ARM template defines the Function App, Cosmos DB account, database and container, Storage Account and App Service Plan. The Cosmos DB connection string is fetched dynamically at deploy time and never stored in the template or any pipeline variable.

Separate GitHub repositories for frontend and backend. All credentials stored as GitHub Secrets and Azure Environment Variables. No secrets ever committed to source control.

Two separate GitHub Actions workflows with path filtering. The ARM template pipeline triggers only when the infrastructure file changes. The Python code pipeline triggers only when function code changes. Both use the Flex Consumption specific deployment approach via SCM Basic Auth and publish profile.

GitHub Actions uploads static files to Azure Blob Storage on every push to main using the Azure CLI upload-batch command. Service principal authentication via GitHub Secrets. No manual uploads to the portal required.

Unit tests written using pytest covering core counter logic — increment behaviour, integer validation and JSON response structure. Tests run as Stage 0 in both the GitHub Actions and Azure DevOps pipelines. If any test fails the pipeline stops and nothing deploys.

All GitHub Actions pipelines replicated in Azure DevOps — frontend, backend code and ARM infrastructure. The backend code pipeline introduced a two stage deployment not present in GitHub Actions: code deploys automatically to the Development environment first, then pauses at an approval gate before releasing to Production. This keeps both environments in sync and ensures production only receives code that has already been validated in Development.

A write up of the key learnings, architectural decisions and challenges encountered throughout the project. Published to document the journey from initial setup through to a fully automated cloud deployment on Azure.