{"id":18578894,"url":"https://github.com/libre-devops/azdo-agent-containers","last_synced_at":"2025-04-10T10:31:23.471Z","repository":{"id":118713309,"uuid":"475198888","full_name":"libre-devops/azdo-agent-containers","owner":"libre-devops","description":"Example on how to build self-hosted Azure DevOps agents inside containers :rocket:!","archived":false,"fork":false,"pushed_at":"2025-04-08T19:20:21.000Z","size":166,"stargazers_count":3,"open_issues_count":0,"forks_count":1,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-04-08T19:36:24.586Z","etag":null,"topics":["alpine","azure-devops","docker","kubernetes","podman","rhel","ubuntu","windows"],"latest_commit_sha":null,"homepage":"","language":"Dockerfile","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/libre-devops.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-03-28T22:28:51.000Z","updated_at":"2025-04-08T19:20:24.000Z","dependencies_parsed_at":null,"dependency_job_id":"e5def17d-ab47-4c50-a9a4-c883d5a1ed9a","html_url":"https://github.com/libre-devops/azdo-agent-containers","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/libre-devops%2Fazdo-agent-containers","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/libre-devops%2Fazdo-agent-containers/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/libre-devops%2Fazdo-agent-containers/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/libre-devops%2Fazdo-agent-containers/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/libre-devops","download_url":"https://codeload.github.com/libre-devops/azdo-agent-containers/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248199136,"owners_count":21063641,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["alpine","azure-devops","docker","kubernetes","podman","rhel","ubuntu","windows"],"created_at":"2024-11-06T23:38:10.836Z","updated_at":"2025-04-10T10:31:22.799Z","avatar_url":"https://github.com/libre-devops.png","language":"Dockerfile","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Azure DevOps Agent Containers\n\nHello :wave:\n\nIn this repo, you will find the various files needed to host a Self-Hosted Azure DevOps Agent inside a container as\nwell as examples of a CI/CD workflow.\n\nThese images try to follow\nthe [Microsoft documentation on running self-hosted agent in Docker](https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/docker?view=azure-devops),\nbut try to add some improvements to this workflow (at least for me), and the repos purpose is to give an overall example\nof a workflow on how you can do this. Obviously, being containers, we will all have different usability, so please, feel\nfree to take the examples and gut the parts you don't need.\n\nThere are several projects which attempt to do this, but never in a way that I \"_liked_\", so this workflow is to\ndocument those short-gaps and try and provide some community support where I can. I am by no means an expert in this,\nand this project comes with absolutely no warranty, but should you wish to raise an issue with question, or iterate an\nimprovement where I've missed something, then please, raise a PR and issue thread to discuss :smile:.\n\nThe only thing to note, these containers have no \"real\" inherit dependencies, in theory, passing `ENV` and/or `ARG`'s\ninto your container with the `start.sh` and `start.ps1` scripts that I have based from the Microsoft documentation is\nenough to get going. But I will try to document what parts are what and why - and my containers are only an example, so\ncheck out the Usage section for more info.\n\nOur containers probably don't follow best practice as I am not really employing any real shell-scripts tricks or layer\noptimization, but these work for me. Here is some high level.\n\n## High-level info\n\n- CI/CD with Azure DevOps :rocket:\n    - Using easy, readable, script params instead of in-built Steps, Templates \u0026 Actions for easy migrations to other\n      CI/CDs\n- Container registry using GitHub Packages with GitHub Container Registry :sunglasses:\n- Example scripts in Podman, CI/CD pipelines in Podman for Linux and Docker for Windows :whale:\n- Linux Images used in the repo:\n    - [RedHat 9 Universal Basic Image ](https://catalog.redhat.com/software/container-stacks/detail/5ec53f50ef29fd35586d9a56)\n    - [Ubuntu 22.04](https://hub.docker.com/_/ubuntu)\n    - [Alpine](https://hub.docker.com/_/alpine)\n\n- Windows Image used in the repo:\n    - [Windows Server 2022 LTSC](https://hub.docker.com/_/microsoft-windows-server/)\n\n- Agent Name is auto-generated for pool to avoid conflicts, in format:\n    - Linux: `azdo-${OS-NAME}-agent-${{ddmmyyy}-${random_chars}`\n    - Windows: `azdo-${OS-NAME}-agent-${ddmmyyyy}-${RANDOM_NUMBERS}`\n\n# Quickstart\n\n## Linux\n\n```shell\ndocker run -it ghcr.io/libre-devops/azdo-agent-containers/ubuntu:latest \\\n-e AZP_URL=\"${AZP_URL}\" \\\n-e AZP_TOKEN=\"${AZP_TOKEN}\" \\\n-e AZP_POOL=\"${AZP_POOL}\" \\\n-e AZP_WORK=\"${AZP_WORK}\"\n```\n\nor minimally\n\n```shell\ndocker run -it \\\n-e AZP_URL=\"${AZP_URL}\" \\\n-e AZP_TOKEN=\"${AZP_TOKEN}\" \\\nghcr.io/libre-devops/azdo-agent-containers/ubuntu:latest\n\n```\n\n## Windows\n\n```powershell\ndocker run -it `\n-e AZP_URL = \"${AZP_URL}\" `\n-e AZP_TOKEN = \"${AZP_TOKEN}\" `\n-e AZP_POOL = \"${AZP_POOL}\" `\n-e AZP_WORK = \"${AZP_WORK}\" `\nghcr.io/libre-devops/azdo-agent-containers/windows-servercore2022:latest \n```\n\n## Podman-in-Podman\n\nLooking to run Podman containers within a container? The `rhel` and `default` containers in this repo support it!. To do this however,\nyou do need to run the container in `--priviledged` mode and run the container user as root. You can still run the container itself as a standard user, it's just the inside user that will need to be root. Here is an example on\nhow to run:\n\n```shell\npodman run -it --privileged -u root \\\n-e AZP_URL=\"${AZP_URL}\" \\\n-e AZP_TOKEN=\"${AZP_TOKEN}\" \\\n-e AGENT_ALLOW_RUNASROOT=1 \\\nghcr.io/libre-devops/azdo-agent-containers/default:latest\n```\n\n```shell\npodman run -it --privileged -u root \\\n-e AZP_URL=\"${AZP_URL}\" \\\n-e AZP_TOKEN=\"${AZP_TOKEN}\" \\\n-e AGENT_ALLOW_RUNASROOT=1 \\\nghcr.io/libre-devops/azdo-agent-containers/rhel:latest\n```\n\nAnd then inside the container:\n\n```shell\nroot@7483265642f0:/azp# podman run -it ubuntu:latest\nResolved \"ubuntu\" as an alias (/etc/containers/registries.conf.d/000-shortnames.conf)\nTrying to pull docker.io/library/ubuntu:latest...\nGetting image source signatures\nCopying blob e0b25ef51634 done\nCopying config 825d55fb63 done\nWriting manifest to image destination\nStoring signatures\nroot@7483265642f0:/# ls\nbin  boot  dev  etc  home  lib  lib32  lib64  libx32  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var\n```\n\n## Run Azure DevOps agent as root\n```shell\npodman run -it --privileged -u root \\\n    -e AZP_URL=\"${AZP_URL}\" \\\n    -e AZP_TOKEN=\"${AZP_TOKEN}\" \\\n    -e AGENT_ALLOW_RUNASROOT=1 \\\n    ghcr.io/libre-devops/azdo-agent-containers/rhel:latest\n```\n\n## As Kubernetes\n\n### Create a kube-azdo-creds.yaml\n```yaml\napiVersion: v1\nkind: Secret\nmetadata:\n  name: azdo-agents-creds\ntype: Opaque\ndata:\n  azdo-token: \u003cbase64-encoded-token-without-newline\u003e\n  azdo-url: \u003cbase64-encoded-url-without-newline\u003e\n```\n### Run kubectl\n```shell\nkubectl apply -f azdo-agents-creds.yaml \u0026\u0026 \\\nkubectl apply -f azdo-agents-deployment.yaml\n```\n\n## As Kubernetes in Podman\n\nRun the helper script\n\n```shell\n# Ensure the script stops if an error occurs\nset -e\n\n# Pull the necessary pause image\npodman pull k8s.gcr.io/pause:3.5\n\npodman kube play kube-azdo-creds.yaml \u0026\u0026 \\\npodman play kube podman-kube-deployment.yaml\n```\n\nAlternatively, you can fork the repo and edit the pipelines to include your secrets as build args into the template!\n\nWe do not own or give any explicit license agreements which may be contained with the software in these images, but have\ngiven images for examples and published them to allow experiments :scientist:. The images are as follows:\n\n- All images are tagged as latest and YYYY-MM and available in `ghcr.io/libre-devops/azdo-agent-containers/${name}`\n- For legacy reasons, the image `ghcr.io/libre-devops/azdo-agent-rhel:latest` (also tagged `ghcr.io/libre-devops/azdo-agent-rhel:april-2023`) is kept for legacy users. Please use an alternative image for updates\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flibre-devops%2Fazdo-agent-containers","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flibre-devops%2Fazdo-agent-containers","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flibre-devops%2Fazdo-agent-containers/lists"}