-
Notifications
You must be signed in to change notification settings - Fork 0
/
scaleToZeroAgent.bicep
161 lines (147 loc) · 5.34 KB
/
scaleToZeroAgent.bicep
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
@description('''A name must consist of lower case alphanumeric characters or '-', start with an alphabetic character, and end with an alphanumeric character
and cannot have '--'. The length must not be more than 32 characters.''')
@maxLength(32)
param appName string
param environmentId string
@secure()
param azureDevOpsPAT string
param azureDevOpsOrgUrl string
param azureDevOpsAgentPoolName string
@description('The container image to use for the agent. Should be in format <registry>/<image>:<tag>')
param agentContainerImage string
param workloadProfileName string
@description('The maximum number of replicas to run in parallel')
param parallelism int
@description('Registry login server and the admin username')
param registryLoginServer string
param registryPullerIdentityResourceId string
param location string
var identityName = last(split(registryPullerIdentityResourceId, '/'))
var identityRg = split(registryPullerIdentityResourceId, '/')[4]
resource userAssignedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' existing = {
name: identityName
scope: resourceGroup(identityRg)
}
resource agentJob 'Microsoft.App/jobs@2023-05-01' = {
name: replace(toLower(appName), '--', '-')
location: location
identity: {
type: 'UserAssigned'
userAssignedIdentities: {
'${userAssignedIdentity.id}': {}
}
}
properties: {
workloadProfileName: workloadProfileName
environmentId: environmentId
configuration: {
secrets: [
{
name: 'azure-devops-pat'
value: azureDevOpsPAT
}
{
name: 'azure-devops-org-url'
value: azureDevOpsOrgUrl
}
{
name: 'azure-devops-agent-pool-name'
value: azureDevOpsAgentPoolName
}
]
registries: [
{
server: registryLoginServer
identity: userAssignedIdentity.id
}
]
replicaTimeout: 1800
replicaRetryLimit: 1
triggerType: 'Event'
eventTriggerConfig: {
parallelism: parallelism
replicaCompletionCount: 1
scale: {
pollingInterval: 10
rules: [
{
name: 'azure-pipelines'
type: 'azure-pipelines'
metadata: {
poolName: azureDevOpsAgentPoolName
targetPipelinesQueueLength: '1' // If one pod can handle 10 jobs, set the queue length target to 10. If the actual number of jobs in the queue is 30, the scaler scales to 3 pods.
activationTargetPipelinesQueueLength: '0' // Target value for activating the scaler. Learn more about activation https://keda.sh/docs/2.12/concepts/scaling-deployments/#activating-and-scaling-thresholds .(Default: 0, Optional)
}
auth: [
{
secretRef: 'azure-devops-pat'
triggerParameter: 'personalAccessToken'
}
{
secretRef: 'azure-devops-org-url'
triggerParameter: 'organizationURL'
}
]
}
]
}
}
}
template: {
containers: [
{
name: 'devopsagent'
image: agentContainerImage
args: [// Shut down agent after each job
'--once'
]
env: [
{
name: 'AZP_TOKEN'
secretRef: 'azure-devops-pat'
}
{
name: 'AZP_URL'
secretRef: 'azure-devops-org-url'
}
{
name: 'AZP_POOL'
secretRef: 'azure-devops-agent-pool-name'
}
]
resources: {
cpu: any('1.25') // Need more than 1 core to enable 8GB of ephemeral storage
memory: '5.3Gi'
}
}
]
}
}
}
var placeHolderScript = '''
## If you are creating this agent pool for the first time, you will need to create a placeholder agent run there. Do it with this script.
$AZP_TOKEN=REPLACEME
az containerapp job create -n "placeholder" -g RGNAME --environment ENVNAME \
--trigger-type Manual \
--replica-timeout 300 \
--replica-retry-limit 1 \
--replica-completion-count 1 \
--parallelism 1 \
--image "IMAGENAME" \
--cpu "2.0" \
--memory "4Gi" \
--secrets "azure-devops-pat=$AZP_TOKEN" "azure-devops-org-url=ORGURL "azure-devops-agent-pool-name=POOLNAME\
--env-vars "AZP_TOKEN=secretref:azure-devops-pat" "AZP_URL=secretref:azure-devops-org-url" "AZP_POOL=secretref:azure-devops-agent-pool-name" "AZP_PLACEHOLDER=1" "AZP_AGENT_NAME=placeholder-agent" \
--registry-server "REGISTRYLOGINSERVER"
az containerapp job start -n placeholder -g RGNAME
az containerapp job execution list \
--name placeholder \
--resource-group "RGNAME" \
--output table \
--query '[].{Status: properties.status, Name: name, StartTime: properties.startTime}'
## az containerapp job delete -n placeholder -g RGNAME
'''
// 🤮
var replacedScript = replace(replace(replace(replace(replace(replace(placeHolderScript, 'RGNAME', resourceGroup().name), 'ENVNAME', last(split(environmentId, '/'))), 'IMAGENAME', agentContainerImage), 'ORGURL', azureDevOpsOrgUrl), 'POOLNAME', azureDevOpsAgentPoolName), 'REGISTRYLOGINSERVER', registryLoginServer)
output createPlaceHolderAgent string = replacedScript
output scaledAgentName string = agentJob.name