Azure Pipelines (part of Azure DevOps) defines CI/CD in a YAML file (azure-pipelines.yml). Its structure mirrors most systems:

• Trigger — what starts the pipeline (branch pushes, PRs)
• Stages → Jobs → Steps/Tasks — tasks are reusable building blocks
• Agents — run jobs (Microsoft-hosted or self-hosted agent pools)
• Environments — deployment targets with approvals and gates
• Service connections — authenticate to Azure/clouds; variable groups and Key Vault supply secrets

It integrates tightly with Azure (deploy to App Service/AKS) and provides approvals for controlled production releases.

trigger:
  branches: { include: [main] }

stages:
  - stage: Build
    jobs:
      - job: build
        pool: { vmImage: ubuntu-latest }
        steps:
          - script: npm ci && npm test
  - stage: Deploy
    dependsOn: Build
    jobs:
      - deployment: deployProd
        environment: production    # approvals attach here
        strategy:
          runOnce:
            deploy:
              steps:
                - script: ./deploy.sh

1. Identify the stage → job → step hierarchy in a pipeline.
2. Add a deploy stage that depends on a build stage.
3. Explain how an Environment enables an approval gate before production.
4. Describe how a variable group or Key Vault supplies secrets to a pipeline.

• ↗ Microsoft — Azure Pipelines