bug/65481 build agent image targets azure container registry (#2922)

* update powershell package url * put back url * remove tag when pushing all tags * add authentication info * use acr login instead of core docker
DFEAGILEDEVOPS · Sep 26, 2024 · 44a73b8 · 44a73b8
1 parent 6ddced7
commit 44a73b8
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 10 deletions.
diff --git a/deploy/build-agent/build-push-docker-hub.sh → deploy/build-agent/build-push-registry.sh b/deploy/build-agent/build-push-docker-hub.sh → deploy/build-agent/build-push-registry.sh
@@ -1,6 +1,8 @@
 #!/bin/bash
 set -e
 
+REGISTRY_NAME=$1
+
 GIT_STATUS_OUTPUT=$(git status ./Dockerfile --porcelain)
 if [ -n "$GIT_STATUS_OUTPUT" ]; then
   echo "There are uncommitted changes to the Dockerfile.
@@ -9,5 +11,5 @@ if [ -n "$GIT_STATUS_OUTPUT" ]; then
 fi
 
 GIT_COMMIT_SHORT=$(git log -1 --format=%h)
-docker build -t stamtc/devops-build-agent:latest -t stamtc/devops-build-agent:$GIT_COMMIT_SHORT --platform linux/amd64 .
-docker push --all-tags stamtc/devops-build-agent
+docker build -t $REGISTRY_NAME.azurecr.io/devops-build-agent:latest -t $REGISTRY_NAME.azurecr.io/devops-build-agent:$GIT_COMMIT_SHORT --platform linux/amd64 .
+docker push --all-tags $REGISTRY_NAME.azurecr.io/devops-build-agent
diff --git a/deploy/build-agent/create-instance.sh b/deploy/build-agent/create-instance.sh
@@ -5,7 +5,8 @@ AGENT_NAME=$1
 RESOURCE_GROUP=$2
 AZP_TOKEN=$3
 AZP_URL=$4
+REGISTRY=$5
 
-az container create -g $RESOURCE_GROUP --name $AGENT_NAME --image stamtc/devops-build-agent:latest \
+az container create -g $RESOURCE_GROUP --name $AGENT_NAME --image $REGISTRY_NAME.azurecr.io/devops-build-agent:latest \
   --environment-variables AZP_TOKEN=$AZP_TOKEN AZP_AGENT_NAME=$AGENT_NAME AZP_POOL=MTC AZP_URL=$AZP_URL \
   --cpu 4 --memory 8
diff --git a/deploy/build-agent/readme.md b/deploy/build-agent/readme.md
@@ -2,21 +2,30 @@
 
 ## Purpose
 
-- `build-push-docker-hub.sh` Builds the build agent docker image and pushes it to docker hub.  Any changes must be committed before running this script, as the commit hash is used for the image tag.
+- `build-push-registry.sh` Builds the agent docker image and pushes it to your azure container registry.
 - `cleanup.sh` Removes any temporary files and 'dead weight' from the image before it is finished building.  You do not need to execute this script, as it is called from within the Dockerfile itself.
-- `create-instance.sh` creates a container instance using the latest image in docker hub, via the Azure CLI.
+- `create-instance.sh` creates a container instance using the latest image in your registry, via the Azure CLI.
+
+## Prerequisites
+- Azure CLI is required, as it used to create the container instance in Azure
+- Docker is required, as it is used to push the docker images to the Azure Container Registry
+- Docker Desktop is recommended, as it automatically provides a secure credential store for registry credentials.
+- Any changes to the Dockerfile must be committed before running this script, as the commit hash is used for the image tag.
+- You must be logged into your target registry before you run this script.
 
 ## NOTE: Apple Silicon
 If you are building the image locally on an Apple Silicon device during developmet, you should use the `--platform linux/amd64` argument with the `docker build` command.  Otherwise, it will default to arm64, which lacks parity with the target hardware, and causes a lot of incompatibility issues during the image build.
 
 ## Steps
 1. update the `$AGENT_VERSION` variable in `./Dockerfile` to the [latest full release](https://github.com/microsoft/azure-pipelines-agent/releases)
 2. commit changes to ensure commit hash is aligned
-3. execute `./build-push-docker-hub.sh` to push new image
-4. delete existing build server container instances in azure
-5. run `./create-instance.sh` to create new build servers
-6. once created, connect to each container via the azure portal and run `curl 'https://api.ipify.org?format=json'`
-7. Add the outputted IP addresses to the necessary firewalls using the build tasks provided in Azure DevOps instance
+3. [login to the Azure CLI](https://learn.microsoft.com/en-us/cli/azure/authenticate-azure-cli), ensuring to target the appropriate subscription
+4. login to the Azure Container Registry with `az acr login --name <registry-name>`
+5. execute `./build-push-registry.sh` to push new image
+6. run `./create-instance.sh` to create new build servers
+7. delete any outdated build server container instances in azure
+8. once created, connect to each container via the azure portal (Container instances -> Containers -> Connect) and run `curl 'https://api.ipify.org?format=json'`
+9. Add the outputted IP addresses to the necessary firewalls using the build tasks provided in your Azure DevOps instance
 
 If you are unable to connect to any of the containers using the azure portal, use the alternative method below to obtain the IP address.