Windows 10 Image Series – Part 0 – Prepare Azure DevOps

In this series I am going to show you how build a Windows 10 Image via Azure Pipelines and DevOps without 3rd party tooling, welcome to part 0!

On many request I will write about preparing your Azure/Azure DevOps environment. In addition, this will help you start with part 1.

These topics will be discussed in order to prepare you to create part 1:

  • Creating the Azure DevOps environment
  • Initiliaze your GIT repository and connecting it to Visual Studio Code
  • Connect Microsoft Azure to Azure DevOps (Service Connection)
  • Use self hosted agents

Prerequisites

There are some but not many prerequisites. These are the things you need:

  • Microsoft Azure tenant (with enough permissions to create an App Registration)
  • Microsoft Azure Subscription

Checkout/Skip to the other parts

1. Windows 10 Image Series – Part 1 (Creating the Windows 10 VM)

2. Windows 10 Image Series – Part 2 (Artifacts & Application Installation)

3. Windows 10 Image Series – Part 3 (Shared Image Gallery)

3.1 Windows 10 Image Series – Part 3.1 (Create test VM from Shared Image Gallery)

4. Windows 10 Image Series – Part 4 (SessionHost Deployment from Image)

5. Windows 10 Image Series – Part 5 (Convert the Image Build pipeline to YAML)

6. Windows 10 Image Series – Part 6 (Deploy Sessionhosts with Bicep and YAML)

Creating the Azure DevOps environment

Firstly, we need to create an Azure DevOps organisation.

Go to https://dev.azure.com/

You will land on this page:

Windows 10 Image Series - Part 0 - Prepare Azure DevOps

After that, click on sign in and log on with your Azure Active Directory credentials.

Windows 10 Image Series - Part 0 - Sign in to Azure DevOps

In addition, this is not mandatory but if you want to work with your team mates on the same project, you can add them later on.

After that, you will see this notification. This is where we create the Azure DevOps organization:

Name the project and select the project visibility:

Windows 10 Image Series - Part 0 - Create the Azure DevOps organization

After that, you will land on this page. In addition, an organization name has already been created:

Windows 10 Image Series - Part 0 - Organization Name

Furthermore, If you would like another organization name, please click on new organization:

Windows 10 Image Series - Part 0 - New Organization

Next up! Initiliaze your GIT repository and connecting it to Visual Studio Code

Initiliaze your GIT repository and connecting it to Visual Studio Code

Firstly, you need to install 2 applications. Git & Visual Studio Code. Here are the links to both applications:

Git

Visual Studio Code

Important! Please follow this guide to install GIT. In addition, the most important part is that you do not miss this part:

Windows 10 Image Series - Part 0 - Git installation

After that, you need to initialize the repository. Go back to Azure DevOps and click on your project:

Windows 10 Image Series - Part 0 - Git DevOps project

Click on “Repos”:

Windows 10 Image Series - Part 0 - Git DevOps repo

After that, click on initialize:

Windows 10 Image Series - Part 0 - Git initialize devops repo

As a result, you see the emptry repo with a read me file:

Windows 10 Image Series - Part 0 - Git Devops Repos

Lastly, we need to clone the repository to Visual Studio Code. Please click on clone:

Windows 10 Image Series - Part 0 - Git DevOps repo clone

After that, click on clone in Visual Studio Code:

Windows 10 Image Series - Part 0 - Git Clone in VS Code

You get this prompt in VS Code, Click on open

Windows 10 Image Series - Part 0 - Git VS Code prompt

Select a folder. In addition, don’t choose a folder which is synchronised with OneDrive or an application like that. This causes problems. Trust me, I know.

Windows 10 Image Series - Part 0 - Git folder select

Furthermore, I always create a seperate GIT folder on my machine to store the repository’s.

After that, you get a logon prompt. Login with your credentials:

Windows 10 Image Series - Part 0 - Git VS Code login prompt

As a result, the repository is now available in Visual Studio Code:

Windows 10 Image Series - Part 0 - Git VS Code repos

Furthermore, I like to configure this at the repository setting:

Windows 10 Image Series - Part 0 - Git VS Code repositry view

As a result, your repos look like this:

Windows 10 Image Series - Part 0 - Git VS Code repositry view 2

This was the GIT part.

Connect Microsoft Azure to Azure DevOps (Service Connection)

Firstly, log on to Azure Active Directory.

After that, go to:

Windows 10 Image Series - Part 0 - Git Azure Active Directory

Next, go to App Registrations. In addition, copy the “Tenant ID” to a notepad.

Windows 10 Image Series - Part 0 - Git tenant id

Create a new registration:

Windows 10 Image Series - Part 0 - Git App reg

After that, fill in the Name and click on Register:

Windows 10 Image Series - Part 0 - Git App reg name

The app registration is created. In addition, copy the Application (client ID) in the same notepad as the tenant ID:

Windows 10 Image Series - Part 0 - Git App ID

After that, go to Certificates & secrets:

Windows 10 Image Series - Part 0 - Git Certificates secrets

Create a new secret:

Windows 10 Image Series - Part 0 - Git Certificates secrets 2

After that, name the secret and click on add:

Windows 10 Image Series - Part 0 - Git Certificates secrets naming

In addition, copy the Value of the secret to the same notepad as the App ID & the tenant ID.

Windows 10 Image Series - Part 0 - Git Certificates secrets values

Lastly, go to subscriptions in the Azure portal:

After that, select the subscription where you want to deploy resources in via Azure DevOps. For example:

Go to Access Control (IAM):

After that, click on Add:

Search for the app registration created earlier and give it the permissions it needs:

Furthermore, copy the subscription ID to your notepad with all the information:

The notepad looks like this:

Go back to Azure DevOps and got to your project:

After that, go to project settings:

Then click on “Service Connections’:

Click on “Create service connection”:

After that, select Azure Resource Manager:

Then select Service principal (manual):

Fill in all the variables we stored in the notepad, you can choose the subscription name and service connection name yourself:

Subscription: –> “Subscription ID from Notepad”
Subscription Name: –> “Name this yourself”
Service Principal Id: –> “Application ID from Notepad”
Service Principal Key: –> “Secret from Notepad”
Tenant ID: –> “Tenant ID from Notepad”
Service Connection Name: –> “Name this yourself”

After that, click on verify, name the service connection and click on add:


After that, the service connection is created and your connection to Azure tenant has been setup!

Use self hosted agents

Lastly, in Windows 10 Image Series part 0, self hosted agents. The newly created Azure DevOps organization do not allow you to use free Microsoft Hosted agents anymore. As a result we need to provide our own agents which will run our Azure Pipelines.

You can run these agents on any OS. If it is just for testing purposes, you can use a VM on your laptop to run your Azure DevOps self hosted agent. You need to install Azure CLI and Powershell Modules on these agents!

I prefer Azure Container Instances to run my agents. You can use this post to configure this. I use the windows based agents.

For the example I will show you how to use Windows based agents on Windows 10.

PAT Token

Firstly, we need to create a PAT Token. Go to your Azure DevOps environment.

After that, go to personal access tokens:

Create a new token:


Name the token, select the expiration and only select the Agent Pools permissions:

After that copy the token to a notepad. We need this later in the process:

Agent Pool

Secondly, we need to create an “Agent Pool”.

After that, go to your organization settings:

Next, go to “Agent pools”:

Create a new agent pool:


Select the pool type: “Self-hosted”, name the agent pool and select the permissions:

After that, you have a new agent pool:

Click on the pool and click on “New Agent”:


You now can download the agent. Make sure you download, or move, the downloaded agent to the machine where you want to run the agent. Click on download:

Configuring the agent

After that, logon to the machine where you want to run your agent from. Unzip the downloaded agent so you have these files in front of you:

In addition, I usually unpack the zip file to the folder where I am going to run the agent. This is where files and logs are stored. Make sure this is the proper folder to do so.

Open a command prompt/Powershell as administrator and browse to the folder in question:

After that, run the config.cmd and fill in these variables accordingly:

(Use your local user account to run the agent or use a specific account)

When the variables are entered correctly you should have an agent available in your agent pool:

This was Windows 10 Image Series – Part 0, check out the other parts:

1. Windows 10 Image Series – Part 1 (Creating the Windows 10 VM)

2. Windows 10 Image Series – Part 2 (Artifacts & Application Installation)

3. Windows 10 Image Series – Part 3 (Shared Image Gallery)

3.1 Windows 10 Image Series – Part 3.1 (Create test VM from Shared Image Gallery)

4. Windows 10 Image Series – Part 4 (SessionHost Deployment from Image)

5. Windows 10 Image Series – Part 5 (Convert the Image Build pipeline to YAML)

6. Windows 10 Image Series – Part 6 (Deploy Sessionhosts with Bicep and YAML)

20 thoughts on “Windows 10 Image Series – Part 0 – Prepare Azure DevOps”

  1. Great post. I have hit an issue, following the guide to the tee but the agent pool is showing as ‘offline’. I have installed the agent on my local machine.

    I noticed that the service ‘Azure Pipelines Agent’. That didn’t seem to be running after a reboot of the machine so I have run it manually, it starts once successfully and then stops. If attempting to rerun it again I receive an error error1: incorrect function.

    In your screenshots it shows as online. So should that be online? When running through the steps I didn’t receive any errors with starting the service.

    Any ideas what could be the issue? Thank you

    Reply
  2. Hi Niels

    Question in the post you add the app registration owner rights on the subscription level.
    My question can just give the app registration onwer rights on the RG level ?
    Will all work ?

    Reply

Leave a Comment