Created
September 18, 2022 21:18
-
-
Save kewalaka/dbea964e82806506bc84e7efff3ae589 to your computer and use it in GitHub Desktop.
Docker file for an Azure DevOps self-hosted agent
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
FROM mcr.microsoft.com/azure-powershell | |
ARG TERRAFORM_VERSION="1.2.9" | |
RUN DEBIAN_FRONTEND=noninteractive apt-get update | |
RUN DEBIAN_FRONTEND=noninteractive apt-get upgrade -y | |
RUN DEBIAN_FRONTEND=noninteractive apt-get install -y -qq --no-install-recommends \ | |
apt-transport-https \ | |
apt-utils \ | |
ca-certificates \ | |
curl \ | |
git \ | |
iputils-ping \ | |
jq \ | |
lsb-release \ | |
software-properties-common \ | |
unzip | |
RUN curl -LO https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip \ | |
&& unzip '*.zip' -d /usr/local/bin \ | |
&& rm *.zip | |
RUN curl -sL https://aka.ms/InstallAzureCLIDeb | bash | |
# Can be 'linux-x64', 'linux-arm64', 'linux-arm', 'rhel.6-x64'. | |
ENV TARGETARCH=linux-x64 | |
WORKDIR /azp | |
COPY ./start.sh . | |
RUN chmod +x start.sh | |
ENTRYPOINT [ "./start.sh" ] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# This is from: https://learn.microsoft.com/en-us/azure/devops/pipelines/agents/docker?view=azure-devops | |
set -e | |
if [ -z "$AZP_URL" ]; then | |
echo 1>&2 "error: missing AZP_URL environment variable" | |
exit 1 | |
fi | |
if [ -z "$AZP_TOKEN_FILE" ]; then | |
if [ -z "$AZP_TOKEN" ]; then | |
echo 1>&2 "error: missing AZP_TOKEN environment variable" | |
exit 1 | |
fi | |
AZP_TOKEN_FILE=/azp/.token | |
echo -n $AZP_TOKEN > "$AZP_TOKEN_FILE" | |
fi | |
unset AZP_TOKEN | |
if [ -n "$AZP_WORK" ]; then | |
mkdir -p "$AZP_WORK" | |
fi | |
export AGENT_ALLOW_RUNASROOT="1" | |
cleanup() { | |
if [ -e config.sh ]; then | |
print_header "Cleanup. Removing Azure Pipelines agent..." | |
# If the agent has some running jobs, the configuration removal process will fail. | |
# So, give it some time to finish the job. | |
while true; do | |
./config.sh remove --unattended --auth PAT --token $(cat "$AZP_TOKEN_FILE") && break | |
echo "Retrying in 30 seconds..." | |
sleep 30 | |
done | |
fi | |
} | |
print_header() { | |
lightcyan='\033[1;36m' | |
nocolor='\033[0m' | |
echo -e "${lightcyan}$1${nocolor}" | |
} | |
# Let the agent ignore the token env variables | |
export VSO_AGENT_IGNORE=AZP_TOKEN,AZP_TOKEN_FILE | |
print_header "1. Determining matching Azure Pipelines agent..." | |
AZP_AGENT_PACKAGES=$(curl -LsS \ | |
-u user:$(cat "$AZP_TOKEN_FILE") \ | |
-H 'Accept:application/json;' \ | |
"$AZP_URL/_apis/distributedtask/packages/agent?platform=$TARGETARCH&top=1") | |
AZP_AGENT_PACKAGE_LATEST_URL=$(echo "$AZP_AGENT_PACKAGES" | jq -r '.value[0].downloadUrl') | |
if [ -z "$AZP_AGENT_PACKAGE_LATEST_URL" -o "$AZP_AGENT_PACKAGE_LATEST_URL" == "null" ]; then | |
echo 1>&2 "error: could not determine a matching Azure Pipelines agent" | |
echo 1>&2 "check that account '$AZP_URL' is correct and the token is valid for that account" | |
exit 1 | |
fi | |
print_header "2. Downloading and extracting Azure Pipelines agent..." | |
curl -LsS $AZP_AGENT_PACKAGE_LATEST_URL | tar -xz & wait $! | |
source ./env.sh | |
print_header "3. Configuring Azure Pipelines agent..." | |
./config.sh --unattended \ | |
--agent "${AZP_AGENT_NAME:-$(hostname)}" \ | |
--url "$AZP_URL" \ | |
--auth PAT \ | |
--token $(cat "$AZP_TOKEN_FILE") \ | |
--pool "${AZP_POOL:-Default}" \ | |
--work "${AZP_WORK:-_work}" \ | |
--replace \ | |
--acceptTeeEula & wait $! | |
print_header "4. Running Azure Pipelines agent..." | |
trap 'cleanup; exit 0' EXIT | |
trap 'cleanup; exit 130' INT | |
trap 'cleanup; exit 143' TERM | |
chmod +x ./run-docker.sh | |
# To be aware of TERM and INT signals call run.sh | |
# Running it with the --once flag at the end will shut down the agent after the build is executed | |
./run-docker.sh "$@" & wait $! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment