Add Azure DevOps

.github/workflows/_containerTemplate.yml

@@ -74,7 +74,7 @@ jobs:
       - name: Login Container Registry
         id: registry_login
         uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
-        if: github.event_name != 'pull_request'
+        # if: github.event_name != 'pull_request'
         with:
           registry: ${{ inputs.registry_uri }}
           username: ${{ secrets.USER_NAME }}
@@ -101,7 +101,7 @@ jobs:
         with:
           context: ${{ inputs.working_directory }}
           file: ${{ inputs.working_directory }}/Dockerfile
-          push: ${{ github.event_name != 'pull_request' }}
+          push: true # ${{ github.event_name != 'pull_request' }}
           tags: ${{ steps.metadata.outputs.tags }}
           labels: ${{ steps.metadata.outputs.labels }}
           cache-from: type=gha

.github/workflows/container-ado.yml

@@ -0,0 +1,30 @@
+name: Container ADO
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - "code/container-ado/**"
+
+  pull_request:
+    branches:
+      - main
+    paths:
+      - "code/container-ado/**"
+
+  schedule:
+    - cron: '0 0 * * *'
+
+jobs:
+  build_and_publish:
+    uses: ./.github/workflows/_containerTemplate.yml
+    name: "Build & Publish"
+    with:
+      environment: "dev"
+      working_directory: "./code/container-ado"
+      registry_uri: "ghcr.io"
+      image_namespace_name: "PerfectThymeTech"
+      image_name: "AzureDevOpsAgentAzure"
+    secrets:
+      USER_NAME: ${{ github.actor }}
+      PASSWORD: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/terraform-ado.yml

@@ -0,0 +1,32 @@
+name: Infrastructure Deployment - ADO
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - "code/infra-ado/**"
+      - ".github/workflows/terraform-ado.yml"
+
+  pull_request:
+    branches:
+      - main
+    paths:
+      - "code/infra-ado/**"
+      - ".github/workflows/terraform-ado.yml"
+
+jobs:
+  terraform_dev:
+    uses: ./.github/workflows/_terraformEnvironmentTemplate.yml
+    name: "Dev"
+    with:
+      environment: "dev"
+      config: "PerfectThymeTech-ado"
+      terraform_version: "1.14.4"
+      node_version: 24
+      working_directory: "./code/infra-ado"
+      tenant_id: "37963dd4-f4e6-40f8-a7d6-24b97919e452"
+      subscription_id: "e82c5267-9dc4-4f45-ac13-abdd5e130d27"
+    secrets:
+      CLIENT_ID: ${{ secrets.CLIENT_ID }}
+      CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
+      APP_PRIVATE_KEY: ${{ secrets.APP_PRIVATE_KEY }}

code/container-ado/Dockerfile

@@ -0,0 +1,33 @@
+FROM myoung34/github-runner-base:ubuntu-noble
+LABEL maintainer="info@perfectthymetech.com"
+
+# Can be 'linux-x64', 'linux-arm64', 'linux-arm', 'rhel.6-x64'.
+ENV TARGETARCH=linux-x64
+ENV AGENT_TOOLSDIRECTORY=/opt/hostedtoolcache
+RUN mkdir -p /opt/hostedtoolcache
+
+ARG AZURE_CLI_VERSION="2.72.0"
+ARG PWSH_VERSION="7.5.3"
+
+RUN DEBIAN_FRONTEND=noninteractive apt-get update
+RUN DEBIAN_FRONTEND=noninteractive apt-get upgrade -y
+
+RUN DEBIAN_FRONTEND=noninteractive apt-get install -y -qq --no-install-recommends \
+    apt-transport-https \
+    apt-utils \
+    ca-certificates \
+    curl \
+    git \
+    iputils-ping \
+    jq \
+    lsb-release \
+    software-properties-common
+
+WORKDIR /azp
+COPY install_dependencies.sh start.sh /azp/
+
+RUN chmod +x /azp/start.sh /azp/install_dependencies.sh \
+    && /azp/install_dependencies.sh ${AZURE_CLI_VERSION} ${PWSH_VERSION} \
+    && rm /azp/install_dependencies.sh
+
+ENTRYPOINT [ "./start.sh" ]

code/container-ado/install_dependencies.sh

@@ -0,0 +1,25 @@
+#!/bin/bash -ex
+AZURE_CLI_VERSION=$1
+PWSH_VERSION=$2
+
+# Install Azure CLI
+apt-get install -y apt-transport-https ca-certificates curl gnupg lsb-release \
+    && mkdir -p /etc/apt/keyrings \
+    && curl -sLS https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor | tee /etc/apt/keyrings/microsoft.gpg > /dev/null \
+    && chmod go+r /etc/apt/keyrings/microsoft.gpg \
+    && AZ_DIST=$(lsb_release -cs) \
+    && echo "deb [arch=`dpkg --print-architecture` signed-by=/etc/apt/keyrings/microsoft.gpg] https://packages.microsoft.com/repos/azure-cli/ $AZ_DIST main" | tee /etc/apt/sources.list.d/azure-cli.list \
+    && apt-get update \
+    && AZ_DIST=$(lsb_release -cs) \
+    && apt-get install -y azure-cli=$AZURE_CLI_VERSION-1~$AZ_DIST
+
+# Install Azure CLI - AKS
+az aks install-cli
+
+# Install Powershell
+apt-get install -y wget \
+    && wget https://github.com/PowerShell/PowerShell/releases/download/v$PWSH_VERSION/powershell_$PWSH_VERSION-1.deb_amd64.deb \
+    && dpkg -i powershell_$PWSH_VERSION-1.deb_amd64.deb \
+    && apt-get install -fy \
+    && rm powershell_$PWSH_VERSION-1.deb_amd64.deb \
+    && pwsh -Command "Install-Module -Name Az -Repository PSGallery -Force"

code/container-ado/start.sh

@@ -0,0 +1,109 @@
+#!/bin/bash
+set -e
+
+if [ -z "$AZP_URL" ]; then
+  echo 1>&2 "error: missing AZP_URL environment variable"
+  exit 1
+fi
+
+if [ -z "$AZP_TOKEN_FILE" ]; then
+  if [ -z "$AZP_TOKEN" ]; then
+    echo 1>&2 "error: missing AZP_TOKEN environment variable"
+    exit 1
+  fi
+
+  AZP_TOKEN_FILE=/azp/.token
+  echo -n $AZP_TOKEN > "$AZP_TOKEN_FILE"
+fi
+
+unset AZP_TOKEN
+
+if [ -n "$AZP_WORK" ]; then
+  mkdir -p "$AZP_WORK"
+fi
+
+export AGENT_ALLOW_RUNASROOT="1"
+
+cleanup() {
+  # If $AZP_PLACEHOLDER is set, skip cleanup
+  if [ -n "$AZP_PLACEHOLDER" ]; then
+    echo 'Running in placeholder mode, skipping cleanup'
+    return
+  fi
+  if [ -e config.sh ]; then
+    print_header "Cleanup. Removing Azure Pipelines agent..."
+
+    # If the agent has some running jobs, the configuration removal process will fail.
+    # So, give it some time to finish the job.
+    while true; do
+      ./config.sh remove --unattended --auth PAT --token $(cat "$AZP_TOKEN_FILE") && break
+
+      echo "Retrying in 30 seconds..."
+      sleep 30
+    done
+  fi
+}
+
+print_header() {
+  lightcyan='\033[1;36m'
+  nocolor='\033[0m'
+  echo -e "${lightcyan}$1${nocolor}"
+}
+
+# Let the agent ignore the token env variables
+export VSO_AGENT_IGNORE=AZP_TOKEN,AZP_TOKEN_FILE
+
+print_header "1. Determining matching Azure Pipelines agent..."
+
+AZP_AGENT_PACKAGES=$(curl -LsS \
+    -u user:$(cat "$AZP_TOKEN_FILE") \
+    -H 'Accept:application/json;' \
+    "$AZP_URL/_apis/distributedtask/packages/agent?platform=$TARGETARCH&top=1")
+
+AZP_AGENT_PACKAGE_LATEST_URL=$(echo "$AZP_AGENT_PACKAGES" | jq -r '.value[0].downloadUrl')
+
+if [ -z "$AZP_AGENT_PACKAGE_LATEST_URL" -o "$AZP_AGENT_PACKAGE_LATEST_URL" == "null" ]; then
+  echo 1>&2 "error: could not determine a matching Azure Pipelines agent"
+  echo 1>&2 "check that account '$AZP_URL' is correct and the token is valid for that account"
+  exit 1
+fi
+
+print_header "2. Downloading and extracting Azure Pipelines agent..."
+echo "Agent package URL: $AZP_AGENT_PACKAGE_LATEST_URL"
+curl -LsS $AZP_AGENT_PACKAGE_LATEST_URL | tar -xz & wait $!
+
+source ./env.sh
+
+trap 'cleanup; exit 0' EXIT
+trap 'cleanup; exit 130' INT
+trap 'cleanup; exit 143' TERM
+
+print_header "3. Configuring Azure Pipelines agent..."
+
+./config.sh --unattended \
+  --agent "${AZP_AGENT_NAME:-$(hostname)}" \
+  --url "$AZP_URL" \
+  --auth PAT \
+  --token $(cat "$AZP_TOKEN_FILE") \
+  --pool "${AZP_POOL:-Default}" \
+  --work "${AZP_WORK:-_work}" \
+  --replace \
+  --acceptTeeEula & wait $!
+
+print_header "4. Running Azure Pipelines agent..."
+
+trap 'cleanup; exit 0' EXIT
+trap 'cleanup; exit 130' INT
+trap 'cleanup; exit 143' TERM
+
+chmod +x ./run.sh
+
+
+# If $AZP_PLACEHOLDER is set, skipping running the agent
+if [ -n "$AZP_PLACEHOLDER" ]; then
+  echo 'Running in placeholder mode, skipping running the agent'
+else
+  # To be aware of TERM and INT signals call run.sh
+  # Running it with the --once flag at the end will shut down the agent after the build is executed
+  ./run.sh --once & wait $!
+fi

code/infra-ado/agentpool.tf

@@ -0,0 +1,7 @@
+resource "azuredevops_agent_pool" "agent_pool" {
+  name = "${local.prefix}-pool001"
+
+  auto_provision = false
+  pool_type      = "automation"
+  auto_update    = false
+}

code/infra-ado/applicationinsights.tf

@@ -0,0 +1,14 @@
+module "application_insights" {
+  source = "github.com/PerfectThymeTech/terraform-azurerm-modules//modules/applicationinsights?ref=main"
+  providers = {
+    azurerm = azurerm
+  }
+
+  location                                        = var.location
+  resource_group_name                             = azurerm_resource_group.resource_group_container_app.name
+  tags                                            = var.tags
+  application_insights_name                       = "${local.prefix}-appi001"
+  application_insights_application_type           = "web"
+  application_insights_log_analytics_workspace_id = var.log_analytics_workspace_id
+  diagnostics_configurations                      = local.diagnostics_configurations
+}