Run this pipeline when a PR is done.
branches.include - What branches to include in those that are going to call the pipeline
branches.exclude - What branches to exclude in those that are going to not call the pipeline
To include all branches put in include - '*'

The resources that I am going to use in the pipe line.
repositories - I give:
The type - in this case its github.
The endpoint - which is the service connections that I am using to get this resource.
The trigger - which says whether this repo trigger the pipeline when it have a PR.
The containers - If I want to use a container to run steps - this is the container that I am using. I will refer to it in the stage where I want to use it, by the name after container.

group - Used for variables group - you can deinfe a variable group through the ui and use it afterwards, so it won't appear in the pipeline as raw text.
System.Debug - The best way to debug your pipeline. Much more information on the pipeline run.
Other names are self explanatory.

First of all I give the first stage a name: Fetch.
The condition condition: eq(variables['Build.Repository.Name'], 'repo1') - check whether the current branch is repo1, so this stage will run only if the pipeline that had a pr that started the pipeline is repo1.

The NodeTool is self explanatory - download and cache Nodejs, add it to path and then use it.
DownloadSecureFile - Download a secure file that you put in Azure.

Next script tasks, copy the secure file and run npm prod - some package script that you want npm to run
Then I wanted to publish file that were built in this build to other parts of the pipeline so I used PublishPipelineArtifact.

I give it as input targetpath, which is the target that I want to be published as an artifacr
And artifactName - which is the name of the artifact that is going to be used in the next stages.

---

I publish all the static file that were created, and specific files like css files and js.

Second stage - The build itself.

or(succeeded(), eq(variables['Build.Repository.Name'], 'repo2')) - Do this stage in one of two cases - if the last one succeeded or if the repository running the build is repo2.

Checkout and Download - Like in the last stage - Checkout the repo and download secure file for nodejs.
Move the npmrc file to the local path of where the pipeline is running.
Run script to create directories for files if doesn't exist(You can create whatever paths you need)
Download the artifact created before with: DownloadPipelineArtifact@2
For input you give:
source - The place where you take the artifacts from, in this case current means the current pipeline.
artifact - The name of the artifact you want to download.
path - Where you want to download the artifact to.

Download all the artifacts to the places where they are suppose to be -
All static file to $LocalPath/static
JS files are going to $LocalPath/static/js
CSS files are going to $LocalPath/static/css

In the next step I want to see that all the files are in the right places.
So I do a script that prints the names of the artifact that I suppose to be looking at and list the contents of the places where it is suppose to be.

And the last stage is to push an image of the container that I created (The container that the pipeline is running on) to the registry that I want, in this case my own ACR.
ServiceConnection - The service connection to the ACR that I want to use.
containerRegistry - The name of the container registry that I want to use.
command - There are few options for command when using Docker task, in this case - buildAndPush does exactly what it says.
Dockerfile - What dockerfile to use when building - ** searches through all the directories in the repo that the pipeline is in.
tags - The tag to push the image with to the repo, after building.
The condition succeededOrFailed means that this step is running whether the last step succeeded or failed.

Last stage - Run the container and connect it to the application gateway
condition - only if the last stage succeded (meaning, all stages).
DownloadSecureFile@1 - Download file of environment variables
AzureCLI@2 - Enable to run a script that uses az commands.

To be able to run it I need to use a service connection that enables connection to resource - azurerm-connection in this case.
I provide a script type with the value of scriptType- in this case bash.
And then I do the script itself, writing it after inlineScript:
• file1_envfile - The path to the file that contains all environment variables of the container that will be initialized.
• registrypass - a secret that is defined in the variable group - 'groupname' - in the begining of the file. You use the secrets there in correspondence to their hirarchy - this secret is stored directly in the group, so it doesn't have a prefix, only the name.
az container create... - The command to create a container with all the information from above. I take the image that was created in stage before. Using the registry username and password, which can be achieved from within azure. Use Private ip address so it will be accessible only from my vnet.
--command-line - Start the command by login to azure, using the identity which is mentoined in the next parameter. Only then I can run the app with npm.
Using port 443, with myvnet, and subnet that the container instance is in with the assigned identity inside the quotes (not mentioned here), and the environment variables in one line, which I can get by printing the file with env variables from above and using xargs which print all of them in one line.