Skip to content

ogmaresca/azp-agent

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

36 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

About

A chart for Azure Pipeline agents. This chart builds off of the vsts-agent images, adds docker-in-docker support, and uses the new startup script start.sh from https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/docker?view=azure-devops.

Installation

First, add this repo to Helm:

helm repo add azp-agent https://raw.githubusercontent.com/ggmaresca/azp-agent/master/charts
helm repo update

Then use this command to install it:

helm upgrade --install --namespace=azp azp-agent azp-agent/azp-agent --set 'azp.url=https://dev.azure.com/accountName,azp.token=AzureDevopsAccessToken'

If Docker is enabled, the cluster must be capable of running privileged containers.

The Docker Image used can be found here. If you wish to use the deprecated VSTS agent Docker image provided by Microsoft, add the following argument to the Helm command:

--set 'azp.image.repository=microsoft/vsts-agent,azp.image.tag=ubuntu-16.04-docker-18.06.1-ce-standard,azp.useStartupScript=true'

Configuration

The values azp.token and azp.url are required to install the chart. azp.token is your Personal Acces token. This token requires Agent Pools (Read & Manage) permission. azp.url is your Azure Devops URL, usually https://dev.azure.com/<Your Organization>.

If docker.persistence.enabled is true and docker.persistence.name is equal to azp.persistence.name, then the AZP workspace and the Docker workspace will use a share volume.

When adding extra environment variables, you can set azp.extraEnv[x].secret=true to add the environment variable to the secret. This option requires value to be set instead of valueFrom.

If scaling.enabled is set to true, then:

  • If scaling.cpu is set, a HorizontalPodAutoscaler will be created with the CPU scaling defined.
  • If scaling.cpu is not set, azp-agent-autoscaler will get deployed in the release.

You can find the limit on parallel jobs by going to your project settings in Azure Devops, clicking on Parallel jobs, and viewing your limit of self-hosted jobs.

Parameter Description Default
replicaCount Number of agents to deploy. 3
azp.workspace The workspace folder location. /workspace
azp.url The Azure Devops account URL. ex: https://dev.azure.com/Organization
azp.token The Azure Devops access token.
azp.existingSecret An existing secret that contains the token.
azp.existingSecretKey The key of the existing secret that contains the token.
azp.pool The name of the pipeline pool. kubernetes-azp-agents
azp.agentName The name of the agent. $(POD_NAME)
azp.useStartupScript If true, mount the start.sh script from Microsoft as the run command. Ignored if azp.command is set. false
azp.hostedToolCache The path to the hosted tool cache. /opt/hostedtoolcache
azp.image.repository The Docker Hub repository of the agent. docker.io/gmaresca/azure-pipeline-agent
azp.image.tag The image tag of the agent. ubuntu-18.04
azp.image.pullPolicy The image pull policy of the agent. IfNotPresent
azp.command Override the container start command. []
azp.args Override the container start args. []
azp.resources.requests.cpu The CPU requests of the agent. 0.5
azp.resources.requests.memory The memory requests of the agent. 2Gi
azp.resources.limits.cpu The CPU limits of the agent. 1
azp.resources.limits.memory The memory limits of the agent. 8Gi
azp.persistence.enabled Whether to create a PersistentVolume for the workspace. false
azp.persistence.name The name of the volume for the workspace. workspace
azp.persistence.toolCaches Directories in the hosted tool cache to mount. ["helm","kubectl","kompose","docker","dotnet","dncr","dncs","NuGet","VsTest","node","go","ArtifactTool","Duffle"]
azp.persistence.labels Labels to add to the PersistentVolume for the workspace. {}
azp.persistence.accessModes Access modes for the PersistentVolume for the workspace. [ "ReadWriteOnce" ]
azp.persistence.selector The label selector for the PVC for the workspace. {}
azp.persistence.storageClassName The storage class of the PersistentVolume for the workspace. default
azp.persistence.storage The requested capacity of the PersistentVolume for the workspace. 50Gi
azp.persistence.storageLimit The capacity limit of the PersistentVolume for the workspace. null
azp.lifecycle Lifecycle (postStart, preStop) for the agent. {}
azp.extraEnv Extra environment variables to add to the agent. []
azp.extraVolumeMounts Extra volume mounts to add to the agent. []
azp.securityContext The security context for the agent container. {}
docker.enabled If the Docker sidecar should be enabled. true
docker.tls Enable TLS communication for Docker (requires Docker 19.03+). true
docker.image.repository The Docker Hub repository of Docker. docker
docker.image.tag The image tag of Docker. 19.03.5-dind
docker.image.pullPolicy The image pull policy of Docker. IfNotPresent
docker.command Override the container start command. []
docker.args Override the container start args. []
docker.resources.requests.cpu The CPU requests of Docker. 0.5
docker.resources.requests.memory The memory requests of Docker. 2Gi
docker.resources.limits.cpu The CPU limits of Docker. 2
docker.resources.limits.memory The memory limits of Docker. 16Gi
docker.persistence.enabled Whether to create a PersistentVolume for Docker. false
docker.persistence.name The name of the volume for Docker. workspace
docker.persistence.labels Labels to add to the PersistentVolume for Docker. {}
docker.persistence.accessModes Access modes for the PersistentVolume for Docker. [ "ReadWriteOnce" ]
docker.persistence.selector The label selector for the PVC for Docker. {}
docker.persistence.storageClassName The storage class of the PersistentVolume for Docker. default
docker.persistence.storage The requested capacity of the PersistentVolume for Docker. 50Gi
docker.persistence.storageLimit The capacity limit of the PersistentVolume for Docker. null
docker.liveness.enabled Enable a liveness probe on the Docker sidecar. false
docker.liveness.failureThreshold The failure threshold for the Docker sidecar liveness probe. 3
docker.liveness.initialDelaySeconds The initial delay for the Docker sidecar liveness probe. 1
docker.liveness.periodSeconds The Docker sidecar liveness probe period. 10
docker.liveness.successThreshold The success threshold for the Docker sidecar liveness probe. 1
docker.liveness.timeoutSeconds The timeout for the Docker sidecar liveness probe. 1
docker.lifecycle Lifecycle (postStart, preStop) for Docker. {}
docker.clean Whether to run a preStop command to prune containers and images. true
docker.extraEnv Extra environment variables to add to Docker. []
docker.extraVolumeMounts Extra volume mounts to add to Docker. []
docker.securityContext The security context for the agent container. { privileged: true }
scaling.enabled Whether to enable autoscaling true
scaling.min The minimum number of agent pods. 1
scaling.max The maximum number of agent pods. 3
scaling.rate The autoscaler period to poll Azure Devops and the Kubernetes API 10s
scaling.logLevel Autoscaler log level (trace, debug, info, warn, error, fatal, panic) info
scaling.scaleDownMax The maximum number of pods allowed to scale down at a time 1
scaling.scaleDownDelay The time to wait before being allowed to scale down again 10s
scaling.image.repository The Docker Hub repository of the agent autoscaler. docker.io/gmaresca/azp-agent-autoscaler
scaling.image.tag The image tag of the agent autoscaler. 1.0.11
scaling.image.pullPolicy The image pull policy of the agent autoscaler. IfNotPresent
scaling.resources.requests.cpu The CPU requests of the agent autoscaler. 0.05
scaling.resources.requests.memory The memory requests of the agent autoscaler. 16Mi
scaling.resources.limits.cpu The CPU limits of the agent autoscaler. 0.1
scaling.resources.limits.memory The memory limits of the agent autoscaler. 32Mi
scaling.liveness.failureThreshold The failure threshold for the autoscaler liveness probe. 3
scaling.liveness.initialDelaySeconds The initial delay for the autoscaler liveness probe. 1
scaling.liveness.periodSeconds The autoscaler liveness probe period. 10
scaling.liveness.successThreshold The success threshold for the autoscaler liveness probe. 1
scaling.liveness.timeoutSeconds The timeout for the autoscaler liveness probe. 1
scaling.updateStrategy.type The Autoscaler Deployment Update Strategy type. Recreate
scaling.pdb.enabled Whether to enable a PodDisruptionBudget for the autoscaler. false
scaling.rbac.create Whether to create Role Based Access for the autoscaler. true
scaling.rbac.psp.enabled Whether to create a PodSecurityPolicy for the autoscaler. false
scaling.rbac.psp.name If set, the name of the autoscaler PodSecurityPolicy to use, or create if scaling.rbac.psp.enabled is true.
scaling.rbac.psp.labels Labels to add to the autoscaler PodSecurityPolicy. {}
scaling.rbac.psp.annotations Annotations to add to the autoscaler PodSecurityPolicy. {}
scaling.rbac.psp.appArmorProfile The AppArmor profile to use for the autoscaler (if empty, AppArmor annotations will not be added to the PodSecurityPolicy). runtime/default
scaling.rbac.psp.seccompProfile The Seccomp profile to use for the autoscaler (if empty, seccomp annotations will not be added to the PodSecurityPolicy). runtime/default
scaling.serviceAccount.create Whether to create a service account for the autoscaler. true
scaling.serviceAccount.name The name of an existing SA scaling.serviceAccount.create is false.
scaling.serviceAccount.labels Labels to add to the ServiceAccount for the autoscaler. {}
scaling.serviceAccount.annotations Annotations to add to the ServiceAccount for the autoscaler. {}
scaling.serviceMonitor.enabled Create a prometheus-operator ServiceMonitor false
scaling.serviceMonitor.namespace The namespace to install the ServiceMonitor .Release.Namespace
scaling.serviceMonitor.labels Labels to add to the ServiceMonitor {}
scaling.serviceMonitor.honorLabels Set honorLabels on the ServiceMonitor spec
scaling.serviceMonitor.interval The scrape interval on the ServiceMonitor Defaults to scaling.rate
scaling.serviceMonitor.metricRelabelings metricRelabelings to set on the ServiceMonitor false
scaling.serviceMonitor.relabelings relabelings to set on the ServiceMonitor false
scaling.grafanaDashboard.enabled Create a ConfigMap with a Grafana dashboard. false
scaling.grafanaDashboard.labels Labels to add to the Grafana dashboard ConfigMap. {"grafana_dashboard":"1"}
scaling.securityContext The autoscaler pod security context. {runAsUser:1000,runAsGroup:2000,fsGroup:3000,runAsNonRoot:true}
scaling.dnsPolicy The autoscaler pod DNS policy. null
scaling.dnsConfig The autoscaler pod DNS config. {}
scaling.restartPolicy The autoscaler pod restart policy. Always
scaling.nodeSelector The autoscaler pod node selector. {}
scaling.tolerations The autoscaler pod node tolerations. {}
scaling.affinity The autoscaler pod node affinity. {}
scaling.hostNetwork Whether the autoscaler will use the host network of the node. false
scaling.lifecycle Lifecycle (postStart, preStop) for the autoscaler. {}
scaling.initContainers Init containers to add for the autoscaler. []
scaling.sidecars Additional containers to add for the autoscaler. []
scaling.cpu HorizontalPodAutoscaler CPU theshold.
nameOverride An override value for the name.
fullnameOverride An override value for the full name.
podManagementPolicy The order that pods are created (OrderedReady or Parallel). OrderedReady
revisionHistoryLimit Number of StatefulSet versions to keep. 25
updateStrategy.type The StatefulSet Update Strategy type. RollingUpdate
updateStrategy.rollingUpdate The StatefulSet RollingUpdate update strategy values. { partition: 0 }
imagePullSecrets Image Pull Secrets to use. []
labels Labels to add to the StatefulSet. {}
annotations Annotations to add to the StatefulSet. {}
podLabels Labels to add to the Pods. {}
podAnnotations Annotations to add to the Pods. {}
pdb.enabled Whether to enable a PodDisruptionBudget. true
pdb.minAvailable The minimum number of pods to keep. Incompatible with maxUnavailable. 50%
pdb.maxUnavailable The maximum unvailable pods. Incompatible with minAvailable.
rbac.psp.enabled Whether to create a PodSecurityPolicy for the StatefulSet. false
rbac.psp.name If set, the name of the PodSecurityPolicy to use, or create if rbac.psp.enabled is true.
rbac.psp.labels Labels to add to the PodSecurityPolicy. {}
rbac.psp.annotations Annotations to add to the PodSecurityPolicy. {}
rbac.psp.appArmorProfile The AppArmor profile to use (if empty, AppArmor annotations will not be added to the PodSecurityPolicy). runtime/default
rbac.psp.seccompProfile The Seccomp profile to use (if empty, seccomp annotations will not be added to the PodSecurityPolicy). runtime/default
rbac.psp.allowedCapabilities The capabilities to allow for the PodSecurityPolicy. ['*']
rbac.psp.hostIPC Whether to allow host IPC for the PodSecurityPolicy. ['*']
rbac.psp.hostPID Whether to allow host PID for the PodSecurityPolicy. ['*']
rbac.psp.volumes The volumes to allow for the PodSecurityPolicy. ['*']
rbac.psp.allowedFlexVolumes The flex volumes to allow for the PodSecurityPolicy. []
serviceAccount.create Whether to create a service account for the StatefulSet. false
serviceAccount.name The name of an existing SA serviceAccount.create is false.
serviceAccount.labels Labels to add to the ServiceAccount. {}
serviceAccount.annotations Annotations to add to the ServiceAccount. {}
extraVolumes Extra volumes to add to the Pod. []
extraVolumeClaimTemplates Extra volumes claim templates to add to the StatefulSet. []
dnsPolicy The pod DNS policy. null
dnsConfig The pod DNS config. {}
restartPolicy The pod restart policy. Always
nodeSelector The pod node selector. {}
tolerations The pod node tolerations. {}
affinity The pod node affinity. {}
securityContext The pod security context. {}
hostNetwork Whether to use the host network of the node. false
initContainers Init containers to add. []
sidecars Additional containers to add. []