AArnott/azp-agent-linux.dockerfile

## azp-agent-linux.dockerfile
# Inspired by https://github.com/MicrosoftDocs/azure-devops-docs/blob/main/docs/pipelines/agents/docker.md#linux
FROM ubuntu:22.04
ENV TARGETARCH="linux-x64"
# Also can be "linux-arm", "linux-arm64".

# Add a Capability that pipelines can filter to when they require a linux agent that supports creating docker containers.
ENV HasDockerAccess="true"

RUN apt-get update
RUN apt-get upgrade -y
RUN apt-get install -y \
        curl \
        git \
        jq \
        libicu70 \
        build-essential \
        wget \
        apt-transport-https \
        software-properties-common \
	sudo \
	squashfs-tools \
	unzip \
	docker.io

# Install Powershell
RUN wget -q https://packages.microsoft.com/config/ubuntu/22.04/packages-microsoft-prod.deb \
        && dpkg -i packages-microsoft-prod.deb \
        && rm packages-microsoft-prod.deb \
        && apt-get update \
        && apt-get install -y powershell

# Get Rust; NOTE: using sh for better compatibility with other base images
RUN curl https://sh.rustup.rs -sSf | sh -s -- -y

# Add .cargo/bin to PATH
ENV PATH="/root/.cargo/bin:${PATH}"

WORKDIR /azp/

COPY ./start.sh ./multi-start.sh ./
RUN chmod +x ./start.sh ./multi-start.sh

ENV AGENT_ALLOW_RUNASROOT="true"

ENTRYPOINT [ "./multi-start.sh" ]

## build-and-run.sh
#!/bin/bash

if [ -z "$1" ]
then
    echo "Error: No access token provided. Please provide your Azure Pipelines access token with permissions to manage agent queues as a script parameter."
    exit 1
fi

# Use the provided token
ACCESS_TOKEN=$1

# Use the provided agent name suffix or default to '00'
AGENT_NAME_SUFFIX=${2:-00}

docker build --tag "azp-agent:linux" --file "./azp-agent-linux.dockerfile" .
docker run --rm \
    -e AZP_URL="https://dev.azure.com/YOUR-ACCOUNT-NAME-HERE" \
    -e AZP_TOKEN="$ACCESS_TOKEN" \
    -e AZP_POOL="CustomAgents" \
    -e AZP_AGENT_NAME="linuxagent-$AGENT_NAME_SUFFIX" \
    --name "azp-agent-linux-$AGENT_NAME_SUFFIX" \
    --runtime=sysbox-runc \
    -d \
    azp-agent:linux

## multi-start.sh
#!/bin/bash

dockerd > /var/log/dockerd.log 2>&1 &
./start.sh

## start.sh
#!/bin/bash
set -e

if [ -z "${AZP_URL}" ]; then
  echo 1>&2 "error: missing AZP_URL environment variable"
  exit 1
fi

if [ -z "${AZP_TOKEN_FILE}" ]; then
  if [ -z "${AZP_TOKEN}" ]; then
    echo 1>&2 "error: missing AZP_TOKEN environment variable"
    exit 1
  fi

  AZP_TOKEN_FILE="/azp/.token"
  echo -n "${AZP_TOKEN}" > "${AZP_TOKEN_FILE}"
fi

unset AZP_TOKEN

if [ -n "${AZP_WORK}" ]; then
  mkdir -p "${AZP_WORK}"
fi

cleanup() {
  trap "" EXIT

  if [ -e ./config.sh ]; then
    print_header "Cleanup. Removing Azure Pipelines agent..."

    # If the agent has some running jobs, the configuration removal process will fail.
    # So, give it some time to finish the job.
    while true; do
      ./config.sh remove --unattended --auth "PAT" --token $(cat "${AZP_TOKEN_FILE}") && break

      echo "Retrying in 30 seconds..."
      sleep 30
    done
  fi
}

print_header() {
  lightcyan="\033[1;36m"
  nocolor="\033[0m"
  echo -e "\n${lightcyan}$1${nocolor}\n"
}

# Let the agent ignore the token env variables
export VSO_AGENT_IGNORE="AZP_TOKEN,AZP_TOKEN_FILE"

print_header "1. Determining matching Azure Pipelines agent..."

AZP_AGENT_PACKAGES=$(curl -LsS \
    -u user:$(cat "${AZP_TOKEN_FILE}") \
    -H "Accept:application/json;" \
    "${AZP_URL}/_apis/distributedtask/packages/agent?platform=${TARGETARCH}&top=1")

AZP_AGENT_PACKAGE_LATEST_URL=$(echo "${AZP_AGENT_PACKAGES}" | jq -r ".value[0].downloadUrl")

if [ -z "${AZP_AGENT_PACKAGE_LATEST_URL}" -o "${AZP_AGENT_PACKAGE_LATEST_URL}" == "null" ]; then
  echo 1>&2 "error: could not determine a matching Azure Pipelines agent"
  echo 1>&2 "check that account "${AZP_URL}" is correct and the token is valid for that account"
  exit 1
fi

print_header "2. Downloading and extracting Azure Pipelines agent..."

curl -LsS "${AZP_AGENT_PACKAGE_LATEST_URL}" | tar -xz & wait $!

source ./env.sh

trap "cleanup; exit 0" EXIT
trap "cleanup; exit 130" INT
trap "cleanup; exit 143" TERM

print_header "3. Configuring Azure Pipelines agent..."

./config.sh --unattended \
  --agent "${AZP_AGENT_NAME:-$(hostname)}" \
  --url "${AZP_URL}" \
  --auth "PAT" \
  --token $(cat "${AZP_TOKEN_FILE}") \
  --pool "${AZP_POOL:-Default}" \
  --work "${AZP_WORK:-_work}" \
  --replace \
  --acceptTeeEula & wait $!

print_header "4. Running Azure Pipelines agent..."

chmod +x ./run.sh

# To be aware of TERM and INT signals call ./run.sh
# Running it with the --once flag at the end will shut down the agent after the build is executed
./run.sh "$@" & wait $!
	# Inspired by https://github.com/MicrosoftDocs/azure-devops-docs/blob/main/docs/pipelines/agents/docker.md#linux
	FROM ubuntu:22.04
	ENV TARGETARCH="linux-x64"
	# Also can be "linux-arm", "linux-arm64".

	# Add a Capability that pipelines can filter to when they require a linux agent that supports creating docker containers.
	ENV HasDockerAccess="true"

	RUN apt-get update
	RUN apt-get upgrade -y
	RUN apt-get install -y \
	curl \
	git \
	jq \
	libicu70 \
	build-essential \
	wget \
	apt-transport-https \
	software-properties-common \
	sudo \
	squashfs-tools \
	unzip \
	docker.io

	# Install Powershell
	RUN wget -q https://packages.microsoft.com/config/ubuntu/22.04/packages-microsoft-prod.deb \
	&& dpkg -i packages-microsoft-prod.deb \
	&& rm packages-microsoft-prod.deb \
	&& apt-get update \
	&& apt-get install -y powershell

	# Get Rust; NOTE: using sh for better compatibility with other base images
	RUN curl https://sh.rustup.rs -sSf \| sh -s -- -y

	# Add .cargo/bin to PATH
	ENV PATH="/root/.cargo/bin:${PATH}"

	WORKDIR /azp/

	COPY ./start.sh ./multi-start.sh ./
	RUN chmod +x ./start.sh ./multi-start.sh

	ENV AGENT_ALLOW_RUNASROOT="true"

	ENTRYPOINT [ "./multi-start.sh" ]
	#!/bin/bash

	if [ -z "$1" ]
	then
	echo "Error: No access token provided. Please provide your Azure Pipelines access token with permissions to manage agent queues as a script parameter."
	exit 1
	fi

	# Use the provided token
	ACCESS_TOKEN=$1

	# Use the provided agent name suffix or default to '00'
	AGENT_NAME_SUFFIX=${2:-00}

	docker build --tag "azp-agent:linux" --file "./azp-agent-linux.dockerfile" .
	docker run --rm \
	-e AZP_URL="https://dev.azure.com/YOUR-ACCOUNT-NAME-HERE" \
	-e AZP_TOKEN="$ACCESS_TOKEN" \
	-e AZP_POOL="CustomAgents" \
	-e AZP_AGENT_NAME="linuxagent-$AGENT_NAME_SUFFIX" \
	--name "azp-agent-linux-$AGENT_NAME_SUFFIX" \
	--runtime=sysbox-runc \
	-d \
	azp-agent:linux
	#!/bin/bash
	set -e

	if [ -z "${AZP_URL}" ]; then
	echo 1>&2 "error: missing AZP_URL environment variable"
	exit 1
	fi

	if [ -z "${AZP_TOKEN_FILE}" ]; then
	if [ -z "${AZP_TOKEN}" ]; then
	echo 1>&2 "error: missing AZP_TOKEN environment variable"
	exit 1
	fi

	AZP_TOKEN_FILE="/azp/.token"
	echo -n "${AZP_TOKEN}" > "${AZP_TOKEN_FILE}"
	fi

	unset AZP_TOKEN

	if [ -n "${AZP_WORK}" ]; then
	mkdir -p "${AZP_WORK}"
	fi

	cleanup() {
	trap "" EXIT

	if [ -e ./config.sh ]; then
	print_header "Cleanup. Removing Azure Pipelines agent..."

	# If the agent has some running jobs, the configuration removal process will fail.
	# So, give it some time to finish the job.
	while true; do
	./config.sh remove --unattended --auth "PAT" --token $(cat "${AZP_TOKEN_FILE}") && break

	echo "Retrying in 30 seconds..."
	sleep 30
	done
	fi
	}

	print_header() {
	lightcyan="\033[1;36m"
	nocolor="\033[0m"
	echo -e "\n${lightcyan}$1${nocolor}\n"
	}

	# Let the agent ignore the token env variables
	export VSO_AGENT_IGNORE="AZP_TOKEN,AZP_TOKEN_FILE"

	print_header "1. Determining matching Azure Pipelines agent..."

	AZP_AGENT_PACKAGES=$(curl -LsS \
	-u user:$(cat "${AZP_TOKEN_FILE}") \
	-H "Accept:application/json;" \
	"${AZP_URL}/_apis/distributedtask/packages/agent?platform=${TARGETARCH}&top=1")

	AZP_AGENT_PACKAGE_LATEST_URL=$(echo "${AZP_AGENT_PACKAGES}" \| jq -r ".value[0].downloadUrl")

	if [ -z "${AZP_AGENT_PACKAGE_LATEST_URL}" -o "${AZP_AGENT_PACKAGE_LATEST_URL}" == "null" ]; then
	echo 1>&2 "error: could not determine a matching Azure Pipelines agent"
	echo 1>&2 "check that account "${AZP_URL}" is correct and the token is valid for that account"
	exit 1
	fi

	print_header "2. Downloading and extracting Azure Pipelines agent..."

	curl -LsS "${AZP_AGENT_PACKAGE_LATEST_URL}" \| tar -xz & wait $!

	source ./env.sh

	trap "cleanup; exit 0" EXIT
	trap "cleanup; exit 130" INT
	trap "cleanup; exit 143" TERM

	print_header "3. Configuring Azure Pipelines agent..."

	./config.sh --unattended \
	--agent "${AZP_AGENT_NAME:-$(hostname)}" \
	--url "${AZP_URL}" \
	--auth "PAT" \
	--token $(cat "${AZP_TOKEN_FILE}") \
	--pool "${AZP_POOL:-Default}" \
	--work "${AZP_WORK:-_work}" \
	--replace \
	--acceptTeeEula & wait $!

	print_header "4. Running Azure Pipelines agent..."

	chmod +x ./run.sh

	# To be aware of TERM and INT signals call ./run.sh
	# Running it with the --once flag at the end will shut down the agent after the build is executed
	./run.sh "$@" & wait $!