Merge branch 'develop' into main

clemlesne · Apr 3, 2023 · 6d419e6 · 6d419e6
2 parents 5dfca58 + 78a91e4
commit 6d419e6
Show file tree

Hide file tree

Showing 9 changed files with 95 additions and 62 deletions.
diff --git a/.github/workflows/pipeline.yaml b/.github/workflows/pipeline.yaml
@@ -17,6 +17,7 @@ on:
       - main
 
 env:
+  AGENT_VERSION: 3.218.0
   CONTAINER_NAME: ${{ github.repository }}
   CONTAINER_REGISTRY: ghcr.io
 
@@ -51,7 +52,7 @@ jobs:
           cp README.md src/helm/azure-pipelines-agent/
 
           helm package \
-            --app-version ${{ steps.version.outputs.version }} \
+            --app-version ${{ env.AGENT_VERSION }} \
             --destination .cr-release-packages \
             --key 'Clémence Lesné' \
             --keyring keyring.gpg \
@@ -177,6 +178,8 @@ jobs:
       - name: Build/push container
         uses: docker/build-push-action@v4
         with:
+          build-args: |
+            "AGENT_VERSION=${{ env.AGENT_VERSION }}"
           cache-from: type=gha
           cache-to: type=gha,mode=max
           context: src/docker

diff --git a/README.md b/README.md
@@ -1,6 +1,7 @@
 # Azure Pipelines Agent
 
-<img src="logo-4096.png" width="100">
+<!-- Use absolute path for images in README.md, so that they are displayed on ArtifactHub.io, Lens, OpenLens, etc. -->
+<img src="https://raw.githubusercontent.com/clemlesne/azure-pipelines-agent/main/logo-4096.png" width="100">
 
 [Azure Pipelines Agent](https://github.com/clemlesne/azure-pipelines-agent) is self-hosted agent in Kubernetes, cheap to run, secure, auto-scaled and easy to deploy.
 
@@ -16,12 +17,12 @@ Features:
 
 - Agent register itself with the Azure DevOps server.
 - Agent restart itself if it crashes.
-- Agent update itself to the latest version.
-- Auto-scale based on Pipeline usage (requires [KEDA](https://keda.sh)).
-- Cheap to run (dynamic provisioning of agents, can scale to 0 and in few seconds 100+).
+- Auto-scale based on Pipeline usage (with [KEDA](https://keda.sh), not required).
+- Can run air-gapped (no internet access).
+- Cheap to run (scale to 0, dynamic provisioning of agents, can scale from 0 to 100+ in few seconds).
 - Compatible with Debian, Ubuntu and Red Hat LTS releases.
-- System updates are applied every days.
 - SBOM (Software Bill of Materials) is packaged with each container image.
+- System updates are applied every days.
 - Systems are based on [Microsoft official .NET images](https://mcr.microsoft.com/en-us/product/dotnet/aspnet/about).
 
 ## Usage
@@ -58,10 +59,11 @@ helm upgrade --install agent clemlesne-azure-pipelines-agent/azure-pipelines-age
 
 ### Provided software
 
-- [Azure Pipelines agent system requirements](https://learn.microsoft.com/en-us/azure/devops/pipelines/agents/docker?view=azure-devops#linux)
+- [Azure Pipelines agent](https://github.com/microsoft/azure-pipelines-agent), see env var `AGENT_VERSION` on the container images
+- [Azure Pipelines system requirements](https://learn.microsoft.com/en-us/azure/devops/pipelines/agents/docker?view=azure-devops#linux)
 - [ASP.NET Core](https://github.com/dotnet/aspnetcore) runtime (required by the Azure Pipelines agent)
 - [Azure CLI](https://github.com/Azure/azure-cli) (required by the Azure Pipelines agent)
-- "make, tar, unzip, zip, zstd" (for developer ease-of-life)
+- "make, tar, unzip, gzip, zip, zstd" (for developer ease-of-life)
 
 ### Helm values
 
@@ -72,7 +74,7 @@ helm upgrade --install agent clemlesne-azure-pipelines-agent/azure-pipelines-age
 | `autoscaling.cooldown` | Time in seconds the automation will wait until there is no more pipeline asking for an agent. Same time is then applied for system termination. | `60` |
 | `autoscaling.enabled` | Enable the auto-scaling, requires [KEDA](https://keda.sh). | `true` |
 | `autoscaling.maxReplicas` | Maximum number of pods, remaining jobs will be kept in queue. | `100` |
-| `autoscaling.minReplicas` | Minimum number of pods. If autoscaling not enabled, the number of replicas to run. | `1` |
+| `autoscaling.minReplicas` | Minimum number of pods. If autoscaling not enabled, the number of replicas to run. If auto-scaling is enabled, it is recommended to set the value to `0`. | `1` |
 | `extraVolumeMounts` | Additional volume mounts for the agent container. | `[]` |
 | `extraVolumes` | Additional volumes for the agent pod. | `[]` |
 | `fullnameOverride` | Overrides release fullname | `""` |

diff --git a/example/values.yaml b/example/values.yaml
@@ -0,0 +1,7 @@
+pipelines:
+  pat: ojemi3pd7adocbqeeuzr5o7ldz2jlwxxbmtrrj7gq5mifhmafpsa
+  pool: Kubernetes
+  url: https://dev.azure.com/shopping-cart-devops-demo
+
+autoscaling:
+  minReplicas: 0
diff --git a/src/docker/Dockerfile-bullseye b/src/docker/Dockerfile-bullseye
@@ -7,13 +7,14 @@ RUN apt-get upgrade -y -q --no-install-recommends
 
 # Install:
 # - Azure Pipelines agent system requirements
-# - "make, tar, unzip, zip, zstd" for developer ease-of-life
+# - "make, tar, unzip, gzip, zip, zstd" for developer ease-of-life
 RUN apt-get install -y -q --no-install-recommends \
     apt-transport-https \
     apt-utils \
     ca-certificates \
     curl \
     git \
+    gzip \
     iputils-ping \
     jq \
     lsb-release \
@@ -29,7 +30,13 @@ RUN curl -sL https://aka.ms/InstallAzureCLIDeb | bash
 
 WORKDIR /azp
 
-COPY ./start.sh .
+COPY init.sh .
+ARG AGENT_VERSION
+ENV AGENT_VERSION ${AGENT_VERSION}
+RUN chmod +x init.sh \
+    && ./init.sh $AGENT_VERSION
+
+COPY start.sh .
 RUN chmod +x start.sh
 
 CMD ["./start.sh"]
diff --git a/src/docker/Dockerfile-focal b/src/docker/Dockerfile-focal
@@ -7,13 +7,14 @@ RUN apt-get upgrade -y -q --no-install-recommends
 
 # Install:
 # - Azure Pipelines agent system requirements
-# - "make, tar, unzip, zip, zstd" for developer ease-of-life
+# - "make, tar, unzip, gzip, zip, zstd" for developer ease-of-life
 RUN apt-get install -y -q --no-install-recommends \
     apt-transport-https \
     apt-utils \
     ca-certificates \
     curl \
     git \
+    gzip \
     iputils-ping \
     jq \
     lsb-release \
@@ -29,7 +30,13 @@ RUN curl -sL https://aka.ms/InstallAzureCLIDeb | bash
 
 WORKDIR /azp
 
-COPY ./start.sh .
+COPY init.sh .
+ARG AGENT_VERSION
+ENV AGENT_VERSION ${AGENT_VERSION}
+RUN chmod +x init.sh \
+    && ./init.sh $AGENT_VERSION
+
+COPY start.sh .
 RUN chmod +x start.sh
 
 CMD ["./start.sh"]
diff --git a/src/docker/Dockerfile-jammy b/src/docker/Dockerfile-jammy
@@ -7,13 +7,14 @@ RUN apt-get upgrade -y -q --no-install-recommends
 
 # Install:
 # - Azure Pipelines agent system requirements
-# - "make, tar, unzip, zip, zstd" for developer ease-of-life
+# - "make, tar, unzip, gzip, zip, zstd" for developer ease-of-life
 RUN apt-get install -y -q --no-install-recommends \
     apt-transport-https \
     apt-utils \
     ca-certificates \
     curl \
     git \
+    gzip \
     iputils-ping \
     jq \
     lsb-release \
@@ -29,7 +30,13 @@ RUN curl -sL https://aka.ms/InstallAzureCLIDeb | bash
 
 WORKDIR /azp
 
-COPY ./start.sh .
+COPY init.sh .
+ARG AGENT_VERSION
+ENV AGENT_VERSION ${AGENT_VERSION}
+RUN chmod +x init.sh \
+    && ./init.sh $AGENT_VERSION
+
+COPY start.sh .
 RUN chmod +x start.sh
 
 CMD ["./start.sh"]
diff --git a/src/docker/Dockerfile-ubi8 b/src/docker/Dockerfile-ubi8
@@ -5,16 +5,18 @@ RUN microdnf upgrade -y --setopt=install_weak_deps=0
 # Install:
 # - Azure Pipelines agent system requirements
 # - ASP.NET Core runtime
-# - "make, tar, unzip, zip, zstd" for developer ease-of-life
+# - "make, tar, unzip, gzip, zip, zstd" for developer ease-of-life
 RUN microdnf install -y --setopt=install_weak_deps=0 \
     aspnetcore-runtime-6.0 \
     autoconf \
     automake \
     binutils \
     ca-certificates \
     curl \
+    gzip \
     make \
     perl-generators \
+    tar \
     unzip \
     yum-utils \
     zip \
@@ -28,7 +30,13 @@ RUN microdnf install -y --setopt=install_weak_deps=0 \
 
 WORKDIR /azp
 
-COPY ./start.sh .
+COPY init.sh .
+ARG AGENT_VERSION
+ENV AGENT_VERSION ${AGENT_VERSION}
+RUN chmod +x init.sh \
+    && ./init.sh $AGENT_VERSION
+
+COPY start.sh .
 RUN chmod +x start.sh
 
 CMD ["./start.sh"]
diff --git a/src/docker/init.sh b/src/docker/init.sh
@@ -0,0 +1,31 @@
+#!/bin/bash
+set -e
+
+AGENT_VERSION=$1
+SYS_ARCH="$(arch)"
+
+if [ -z "$AGENT_VERSION" ]; then
+  echo 1>&2 "error: missing AGENT_VERSION argument"
+  exit 1
+fi
+
+echo "Install v$AGENT_VERSION for $SYS_ARCH requested..."
+
+AGENT_ARCH=$SYS_ARCH
+if [[ $AGENT_ARCH == x86_64 ]]; then
+  AGENT_ARCH="linux-x64"
+elif [[ $AGENT_ARCH == arm* ]]; then
+  AGENT_ARCH="linux-arm"
+elif [[ $AGENT_ARCH == aarch64 ]]; then
+  AGENT_ARCH="linux-arm64"
+else
+  echo 1>&2 "Unsupported architecture"
+  exit 1
+fi
+
+AGENT_PACKAGE_URL="https://vstsagentpackage.azureedge.net/agent/$AGENT_VERSION/pipelines-agent-$AGENT_ARCH-$AGENT_VERSION.tar.gz"
+
+curl -LsS $AGENT_PACKAGE_URL | tar -xz &
+wait $!
+
+echo "Agent v$AGENT_VERSION for $AGENT_ARCH installed"
diff --git a/src/docker/start.sh b/src/docker/start.sh
@@ -1,19 +1,6 @@
 #!/bin/bash
 set -e
 
-ARCHITECTURE="$(arch)"
-TARGETARCH=$ARCHITECTURE
-if [[ $TARGETARCH == x86_64 ]]; then
-  TARGETARCH="linux-x64"
-elif [[ $TARGETARCH == arm* ]]; then
-  TARGETARCH="linux-arm"
-elif [[ $TARGETARCH == aarch64 ]]; then
-  TARGETARCH="linux-arm64"
-else
-  echo 1>&2 "Unsupported architecture"
-  exit 1
-fi
-
 if [ -z "$AZP_URL" ]; then
   echo 1>&2 "error: missing AZP_URL environment variable"
   exit 1
@@ -61,46 +48,20 @@ print_header() {
 # Let the agent ignore the token env variables
 export VSO_AGENT_IGNORE=AZP_TOKEN,AZP_TOKEN_FILE
 
-print_header "1. Determining matching Azure Pipelines agent..."
-
-AZP_AGENT_PACKAGES=$(curl -LsS \
-  -u user:$(cat "$AZP_TOKEN_FILE") \
-  -H 'Accept:application/json;' \
-  "$AZP_URL/_apis/distributedtask/packages/agent?platform=$TARGETARCH&top=1")
-
-AZP_AGENT_PACKAGE_LATEST_URL=$(echo "$AZP_AGENT_PACKAGES" | jq -r '.value[0].downloadUrl')
-
-if [ -z "$AZP_AGENT_PACKAGE_LATEST_URL" -o "$AZP_AGENT_PACKAGE_LATEST_URL" == "null" ]; then
-  echo 1>&2 "error: could not determine a matching Azure Pipelines agent"
-  echo 1>&2 "check that account '$AZP_URL' is correct and the token is valid for that account"
-  exit 1
-fi
-
-print_header "2. Downloading and extracting Azure Pipelines agent..."
-
-curl -LsS $AZP_AGENT_PACKAGE_LATEST_URL | tar -xz &
-wait $!
-
-source ./env.sh
-
-trap 'cleanup; exit 0' EXIT
-trap 'cleanup; exit 130' INT
-trap 'cleanup; exit 143' TERM
-
-print_header "3. Configuring Azure Pipelines agent..."
+print_header "Configuring Azure Pipelines agent..."
 
 ./config.sh --unattended \
+  --acceptTeeEula \
   --agent "${AZP_AGENT_NAME:-$(hostname)}" \
-  --url "$AZP_URL" \
   --auth PAT \
-  --token $(cat "$AZP_TOKEN_FILE") \
   --pool "${AZP_POOL:-Default}" \
-  --work "${AZP_WORK:-_work}" \
   --replace \
-  --acceptTeeEula &
+  --token $(cat "$AZP_TOKEN_FILE") \
+  --url "$AZP_URL" \
+  --work "${AZP_WORK:-_work}" &
 wait $!
 
-print_header "4. Running Azure Pipelines agent..."
+print_header "Running Azure Pipelines agent..."
 
 if ! grep -q "template" <<<"$AZP_AGENT_NAME"; then
   echo "Cleanup Traps Enabled"