Skip to content
This repository has been archived by the owner on Aug 9, 2023. It is now read-only.

Feature/restructure #3

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/docker-image-ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,4 +15,4 @@ jobs:
steps:
- uses: actions/checkout@v2
- name: Build the Docker image
run: docker build .
run: cd image && docker build .
41 changes: 40 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -25,4 +25,43 @@ Only the CLI, no daemon. Installed by download, version controlled by build-arg

## docker-compose

Installed by download, version controlled by build-arg `ARG DOCKER_COMPOSE_VERSION=1.26.2`
Installed by download, version controlled by build-arg `ARG DOCKER_COMPOSE_VERSION=1.26.2`


## deploy with kustomize

The repo contains kustomize (https://kustomize.io/) for deployment and CI.
The originally create helm chart is now obsolete.

### Secrets management

For the Agent to work, these envrionment-variables need to be set.
This is documented here [Running a self hosted agent in Docker](https://docs.microsoft.com/en-us/.azure/devops/pipelines/agents/docker?view=azure-devops)


* AZP_URL: the url of the Azure Devops instance
* AZP_POOL: the name of the Agent Pool
* AZP_TOKEN: a PAT token with the "Agent Pool: Manage" permission

The kustomize manifests a "secretGenerator" named `lnx-adsagent-config` to
create a secret based on those values. The base manifests (./kustomize/bases)
use this secret, but doen't define those. It need to be defined in a environment branch.

#### kind

The `kind` environment (./kustomize/kind) defines a secretGenerator based on an .env
file (./kustomize/kind/.secrets.env). This is not commited into the repo. You need
to create this file if you clone the repo, and use the following structure:

```
AZP_URL=https://ads.example.com
AZP_POOL=the-pool-name
AZP_TOKEN=thetokenvalue
```

#### github-ci

The `github-ci` environment uses also a secrets file (`secrets.subst.env`), but these
only contain references to the corresponsing environment vars. Those are processed
using `envsubst`, and are stored as secrets in the repo

2 changes: 0 additions & 2 deletions healthcheck/dockerfile

This file was deleted.

4 changes: 0 additions & 4 deletions healthcheck/runcheck

This file was deleted.

13 changes: 8 additions & 5 deletions Dockerfile → image/Dockerfile
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
ARG UBUNTU_VERSION=16.04
FROM ubuntu:$UBUNTU_VERSION

ARG DOCKER_VERSION=18.09.9
ARG DOCKER_VERSION=20.10.14
ARG DOCKER_COMPOSE_VERSION=1.26.2


Expand Down Expand Up @@ -45,12 +45,15 @@ RUN curl -fsSL "https://github.com/docker/compose/releases/download/$DOCKER_COMP
# Print info
RUN docker --version && docker-compose --version

# add version to env to show in "Capabilies"
ENV DOCKER_VERSION=$DOCKER_VERSION
ENV DOCKER_COMPOSE_VERSION=$DOCKER_COMPOSE_VERSION

WORKDIR /azp

COPY ./config.sh .
RUN ./config.sh

COPY ./start.sh .
RUN chmod +x start.sh

# add healthcheck files
COPY ./healthcheck /healthcheck

CMD ["./start.sh"]
7 changes: 7 additions & 0 deletions image/config.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
#!/bin/bash
set -eu

echo Setup docker context to dind daemon
docker context create dind --docker=host=tcp://localhost:2375
docker context use dind

File renamed without changes.
40 changes: 40 additions & 0 deletions kustomize/bases/StatefulSet.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: lnx-adsagent
spec:
serviceName: lnx-adsagent
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: lnx-adsagent
template:
metadata:
labels:
app.kubernetes.io/name: lnx-adsagent
spec:
volumes:
- name: docker-graph-storage
emptyDir: {}

containers:
- name: ads-agent
image: AGENT_IMAGE
envFrom:
- secretRef:
name: lnx-adsagent-config
env:
# the agent name is the name of the pod
- name: AZP_AGENT_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name

- name: dind-daemon
image: docker:20.10.14-dind
command: ["dockerd", "--host", "tcp://127.0.0.1:2375"]
securityContext:
privileged: true
volumeMounts:
- name: docker-graph-storage
mountPath: /var/lib/docker
5 changes: 5 additions & 0 deletions kustomize/bases/kustomization.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

resources:
- StatefulSet.yaml
17 changes: 17 additions & 0 deletions kustomize/github-ci/kustomization.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

bases:
- ../bases/

secretGenerator:
- name: lnx-adsagent-config
envs:
- secrets.substr.env

images:
- name: AGENT_IMAGE
newName: lnx-adsagent
newTag: ci

nameSuffix: -ci
4 changes: 4 additions & 0 deletions kustomize/github-ci/secrets.subst.env
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
AZP_URL=$AZP_URL
AZP_POOL=$AZP_POOL
AZP_TOKEN=$AZP_TOKEN

1 change: 1 addition & 0 deletions kustomize/kind/.gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
.secrets.env
17 changes: 17 additions & 0 deletions kustomize/kind/kustomization.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

bases:
- ../bases/

secretGenerator:
- name: lnx-adsagent-config
envs:
- .secrets.env

images:
- name: AGENT_IMAGE
newName: lnx-adsagent
newTag: dev

nameSuffix: -dev
21 changes: 21 additions & 0 deletions makefile
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
image=lnx-adsagent
tag=dev

build-image:
cd image && \
docker build -t $(image):$(tag) .

kind-install: build-image
kind load docker-image $(image):$(tag)
kustomize build ./kustomize/dev | kubectl apply -f -
kubectl describe pod

kind-uninstall:
kustomize build ./kustomize/dev | kubectl delete -f -

kind-logs:
kubectl logs lnx-adsagent-dev-0 -c ads-agent

kind-exec-it:
kubectl exec lnx-adsagent-dev-0 -c ads-agent -it -- bash