DevOps agent

Om met Azure DevOps te automatiseren is het handig om je eigen agents te hosten, hierdoor heb je volledig controle over welke tooling en software je wil gebruiken in je agent. Hieronder staat beschreven hoe ik mijn eigen DevOps agent maak. Dit heb ik gedaan met behulp van de referentie documentatie van Microsoft

Diagram

graph LR
    AZDO[Devops Projects]
    AZP1[Azure pipelines]
    AZD1([Agent Pool])
    AZD2[Cloud resources]
    AZA2(Self hosted agent)
    R1[Self Hosted resources]

    AZDO --- AZD1
    AZP1 --- AZD1
    AZD1 --> AZA2
    AZA2 --> AZD2
    AZA2 --> R1

Tools

Tool	versie
Powershell Core	7.5.3
nuget	2.6.3
zip	4.8.4
python3	3.10
graphviz	2.42.2
pip	22.0
docker-ce	28.3.3
docker-ce-cli	28.3.3
containerd.io	1.7.27
docker-buildx-plugin	0.26
docker-compose-plugin	2.39.1
kubectl	1.30.14
mkdocs	1.6.1

Docker

Dockerfile
# syntax=docker/dockerfile:1
FROM ubuntu:22.04
ENV TARGETARCH="linux-x64"
ARG PSVERSION="7.5.3"
ARG OSVERSION="jammy"
ARG OSNUMBER="22.04"
ARG TARGETARCH
# set timezone prerequisites
RUN ln -fs /usr/share/zoneinfo/Europe/Amsterdam /etc/localtime
# install prerequisites and tools
RUN apt update && apt upgrade -y && apt install -y --no-install-recommends tzdata && apt install -y wget curl ca-certificates gpg git jq libicu70 apt-transport-https gnupg
# docker repo keys
RUN install -m 0755 -d /etc/apt/keyrings
RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
RUN chmod a+r /etc/apt/keyrings/docker.asc
# google-kubernetes keys
RUN curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.30/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
RUN chmod 644 /etc/apt/keyrings/kubernetes-apt-keyring.gpg
# Add the docker repository to Apt sources:
RUN echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu $(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" | tee /etc/apt/sources.list.d/docker.list
# Add the kubernetes repository to Apt sources
RUN echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.30/deb/ /' | tee /etc/apt/sources.list.d/kubernetes.list && chmod 644 /etc/apt/sources.list.d/kubernetes.list
#create directories
RUN mkdir /downloads && 
    mkdir /scripts && \
    mkdir /data && \
    mkdir /logs && \
    mkdir /azp && \
    mkdir /client && \
    mkdir /.dotnet && \
    mkdir -p /opt/microsoft/powershell/7 && \
    mkdir -p /etc/apt/keyrings && \
    mkdir /root/.docker
# install needed binaries and tools
RUN apt update && \
    apt install -y apt-transport-https \
    software-properties-common \
    apt-utils \
    ca-certificates \
    iputils-ping \
    libcurl4 \
    libunwind8 \
    netcat \
    libssl-dev \
    mono-complete \
    nuget \
    zip \
    python3 \
    python-is-python3 \
    graphviz \
    pip \
    dotnet-sdk-6.0 \
    libc6 \
    liblttng-ust1 \
    zlib1g \
    docker-ce \
    docker-ce-cli \
    containerd.io \
    docker-buildx-plugin \
    docker-compose-plugin \
    kubectl && \
    apt-get autoclean
# Run pip installs for Python packages
RUN pip install \
    mkdocs \
    mkdocs-awesome-pages-plugin \
    mkdocs-bootstrap386 \
    mkdocs-cinder \
    mkdocs-diagrams \
    mkdocs-ivory \
    mkdocs-material \
    mkdocs-material-extensions \
    mkdocs-static-i18n \
    mkdocs-include-markdown-plugin \
    mkdocstrings
# copy predefined configs
COPY kube.config /root/.kube/config
COPY jarvis /root/.docker/buildx/instances/jarvis
#run specific setup script
# This script will install PowerShell and Bicep based on the architecture
COPY setup.sh /setup.sh
RUN chmod +x /setup.sh
RUN /setup.sh $TARGETARCH $PSVERSION
RUN chmod +x /opt/microsoft/powershell/7/pwsh && \
    chmod +x ./bicep && mv ./bicep /usr/local/bin/bicep
RUN ln -s /opt/microsoft/powershell/7/pwsh /usr/bin/pwsh
# Install Azure CLI
RUN curl -sL https://aka.ms/InstallAzureCLIDeb | bash
WORKDIR /azp/
COPY ./start.sh ./
RUN chmod +x ./start.sh
#Expose volumes for data, scripts, logs, and PowerShell modules
# The volumes are used to persist data, scripts, logs, and PowerShell modules across containers
VOLUME /data
VOLUME /scripts
VOLUME /logs
VOLUME /root/.local/share/powershell/Modules
ENV PATH="$PATH:/.dotnet"
# Create agent user and set up home directory
RUN useradd -m -d /home/agent agent
COPY kube.config /home/agent/.kube/config
COPY jarvis /home/agent/.docker/buildx/instances/jarvis
RUN chown -R agent:agent /azp /home/agent
USER agent
# Another option is to run the agent as root.
# ENV AGENT_ALLOW_RUNASROOT="true"
ENTRYPOINT [ "./start.sh" ]

setup.sh
#!/usr/bin/env sh
PSVERSION=$2
if [ "$1" = "amd64" ]
then 
echo "building for AMD64"
    apt-get update && apt-get install -y dotnet-sdk-8.0 && apt-get autoclean
    wget -q https://github.com/PowerShell/PowerShell/releases/download/v$PSVERSION/powershell-$PSVERSION-linux-x64.tar.gz
    tar zxf powershell-$PSVERSION-linux-x64.tar.gz -C /opt/microsoft/powershell/7
    rm powershell-$PSVERSION-linux-x64.tar.gz
    curl -Lo bicep https://github.com/Azure/bicep/releases/latest/download/bicep-linux-x64
fi
if [ "$1" = "arm64" ]
then 
    echo "building for arm64"
    wget -q https://download.visualstudio.microsoft.com/download/pr/092bec24-9cad-421d-9b43-458b3a7549aa/84280dbd1eef750f9ed1625339235c22/dotnet-sdk-8.0.101-linux-arm64.tar.gz
    tar zxf dotnet-sdk-8.0.101-linux-arm64.tar.gz -C /.dotnet
    rm dotnet-sdk-8.0.101-linux-arm64.tar.gz
    wget -q https://github.com/PowerShell/PowerShell/releases/download/v$PSVERSION/powershell-$PSVERSION-linux-arm64.tar.gz 
    tar zxf powershell-$PSVERSION-linux-arm64.tar.gz -C /opt/microsoft/powershell/7
    rm powershell-$PSVERSION-linux-arm64.tar.gz
    curl -Lo bicep https://github.com/Azure/bicep/releases/latest/download/bicep-linux-arm64
fi