In this series I am going to show you how build a Windows 10 Image via Azure Pipelines and DevOps without 3rd party tooling, welcome to part 0!
On many request I will write about preparing your Azure/Azure DevOps environment. In addition, this will help you start with part 1.
These topics will be discussed in order to prepare you to create part 1:
- Creating the Azure DevOps environment
- Initiliaze your GIT repository and connecting it to Visual Studio Code
- Connect Microsoft Azure to Azure DevOps (Service Connection)
- Use self hosted agents
Prerequisites
There are some but not many prerequisites. These are the things you need:
- Microsoft Azure tenant (with enough permissions to create an App Registration)
- Microsoft Azure Subscription
Checkout/Skip to the other parts
1. Windows 10 Image Series – Part 1 (Creating the Windows 10 VM)
2. Windows 10 Image Series – Part 2 (Artifacts & Application Installation)
3. Windows 10 Image Series – Part 3 (Shared Image Gallery)
3.1 Windows 10 Image Series – Part 3.1 (Create test VM from Shared Image Gallery)
4. Windows 10 Image Series – Part 4 (SessionHost Deployment from Image)
5. Windows 10 Image Series – Part 5 (Convert the Image Build pipeline to YAML)
6. Windows 10 Image Series – Part 6 (Deploy Sessionhosts with Bicep and YAML)
Creating the Azure DevOps environment
Firstly, we need to create an Azure DevOps organisation.
Go to https://dev.azure.com/
You will land on this page:
After that, click on sign in and log on with your Azure Active Directory credentials.
In addition, this is not mandatory but if you want to work with your team mates on the same project, you can add them later on.
After that, you will see this notification. This is where we create the Azure DevOps organization:
Name the project and select the project visibility:
After that, you will land on this page. In addition, an organization name has already been created:
Furthermore, If you would like another organization name, please click on new organization:
Next up! Initiliaze your GIT repository and connecting it to Visual Studio Code
Initiliaze your GIT repository and connecting it to Visual Studio Code
Firstly, you need to install 2 applications. Git & Visual Studio Code. Here are the links to both applications:
Git
Visual Studio Code
Important! Please follow this guide to install GIT. In addition, the most important part is that you do not miss this part:
After that, you need to initialize the repository. Go back to Azure DevOps and click on your project:
Click on “Repos”:
After that, click on initialize:
As a result, you see the emptry repo with a read me file:
Lastly, we need to clone the repository to Visual Studio Code. Please click on clone:
After that, click on clone in Visual Studio Code:
You get this prompt in VS Code, Click on open
Select a folder. In addition, don’t choose a folder which is synchronised with OneDrive or an application like that. This causes problems. Trust me, I know.
Furthermore, I always create a seperate GIT folder on my machine to store the repository’s.
After that, you get a logon prompt. Login with your credentials:
As a result, the repository is now available in Visual Studio Code:
Furthermore, I like to configure this at the repository setting:
As a result, your repos look like this:
This was the GIT part.
Connect Microsoft Azure to Azure DevOps (Service Connection)
Firstly, log on to Azure Active Directory.
After that, go to:
Next, go to App Registrations. In addition, copy the “Tenant ID” to a notepad.
Create a new registration:
After that, fill in the Name and click on Register:
The app registration is created. In addition, copy the Application (client ID) in the same notepad as the tenant ID:
After that, go to Certificates & secrets:
Create a new secret:
After that, name the secret and click on add:
In addition, copy the Value of the secret to the same notepad as the App ID & the tenant ID.
Lastly, go to subscriptions in the Azure portal:
After that, select the subscription where you want to deploy resources in via Azure DevOps. For example:
Go to Access Control (IAM):
After that, click on Add:
Search for the app registration created earlier and give it the permissions it needs:
Furthermore, copy the subscription ID to your notepad with all the information:
The notepad looks like this:
Go back to Azure DevOps and got to your project:
After that, go to project settings:
Then click on “Service Connections’:
Click on “Create service connection”:
After that, select Azure Resource Manager:
Then select Service principal (manual):
Fill in all the variables we stored in the notepad, you can choose the subscription name and service connection name yourself:
Subscription: –> “Subscription ID from Notepad”
Subscription Name: –> “Name this yourself”
Service Principal Id: –> “Application ID from Notepad”
Service Principal Key: –> “Secret from Notepad”
Tenant ID: –> “Tenant ID from Notepad”
Service Connection Name: –> “Name this yourself”
After that, click on verify, name the service connection and click on add:
After that, the service connection is created and your connection to Azure tenant has been setup!
Use self hosted agents
Lastly, in Windows 10 Image Series part 0, self hosted agents. The newly created Azure DevOps organization do not allow you to use free Microsoft Hosted agents anymore. As a result we need to provide our own agents which will run our Azure Pipelines.
You can run these agents on any OS. If it is just for testing purposes, you can use a VM on your laptop to run your Azure DevOps self hosted agent. You need to install Azure CLI and Powershell Modules on these agents!
I prefer Azure Container Instances to run my agents. You can use this post to configure this. I use the windows based agents.
For the example I will show you how to use Windows based agents on Windows 10.
PAT Token
Firstly, we need to create a PAT Token. Go to your Azure DevOps environment.
After that, go to personal access tokens:
Create a new token:
Name the token, select the expiration and only select the Agent Pools permissions:
After that copy the token to a notepad. We need this later in the process:
Agent Pool
Secondly, we need to create an “Agent Pool”.
After that, go to your organization settings:
Next, go to “Agent pools”:
Create a new agent pool:
Select the pool type: “Self-hosted”, name the agent pool and select the permissions:
After that, you have a new agent pool:
Click on the pool and click on “New Agent”:
You now can download the agent. Make sure you download, or move, the downloaded agent to the machine where you want to run the agent. Click on download:
Configuring the agent
After that, logon to the machine where you want to run your agent from. Unzip the downloaded agent so you have these files in front of you:
In addition, I usually unpack the zip file to the folder where I am going to run the agent. This is where files and logs are stored. Make sure this is the proper folder to do so.
Open a command prompt/Powershell as administrator and browse to the folder in question:
After that, run the config.cmd and fill in these variables accordingly:
(Use your local user account to run the agent or use a specific account)
When the variables are entered correctly you should have an agent available in your agent pool:
This was Windows 10 Image Series – Part 0, check out the other parts:
1. Windows 10 Image Series – Part 1 (Creating the Windows 10 VM)
2. Windows 10 Image Series – Part 2 (Artifacts & Application Installation)
3. Windows 10 Image Series – Part 3 (Shared Image Gallery)
3.1 Windows 10 Image Series – Part 3.1 (Create test VM from Shared Image Gallery)
4. Windows 10 Image Series – Part 4 (SessionHost Deployment from Image)
5. Windows 10 Image Series – Part 5 (Convert the Image Build pipeline to YAML)
6. Windows 10 Image Series – Part 6 (Deploy Sessionhosts with Bicep and YAML)
thats great thank you !
Great post. I have hit an issue, following the guide to the tee but the agent pool is showing as ‘offline’. I have installed the agent on my local machine.
I noticed that the service ‘Azure Pipelines Agent’. That didn’t seem to be running after a reboot of the machine so I have run it manually, it starts once successfully and then stops. If attempting to rerun it again I receive an error error1: incorrect function.
In your screenshots it shows as online. So should that be online? When running through the steps I didn’t receive any errors with starting the service.
Any ideas what could be the issue? Thank you
Hi,
Yes, you have run the agent as the NTLocalService, please use a local admin account to run the agent. That will fix your issue.
Niels
Many thanks for that. Yep that sorted the issue out 🙂
Hi Niels
Question in the post you add the app registration owner rights on the subscription level.
My question can just give the app registration onwer rights on the RG level ?
Will all work ?
Hi David,
Contributor rights on the subscription are also enough. And it will work on the resource group level also.
Thanks,
Niels
Thx Niels
btw your doing a great job!
Hi David,
That’s nice to hear! Thank you! 🙂
Regards,
Niels