diff --git a/.pipelines/pipeline.user.linux.yml b/.pipelines/pipeline.user.linux.yml index 9977e7a1a..a1175263e 100644 --- a/.pipelines/pipeline.user.linux.yml +++ b/.pipelines/pipeline.user.linux.yml @@ -47,4 +47,7 @@ package: repository_name: 'cdpxlinux' # only supported ones are cdpx acr repos tag: 'cidev' # OPTIONAL: Defaults to latest. The tag for the built image. Final tag will be 1.0.0alpha, 1.0.0-timestamp-commitID. latest: false # OPTIONAL: Defaults to false. If tag is not set to latest and this flag is set, then tag as latest as well and push latest as well. + publish_unique_tag: true # If set, the image in the registry is tagged with the unique tag generated by CDPx + metadata_file: + artifact_path: 'linux-image-meta.json' # If defined, the drop outputs relative path to the file into which JSON metadata about the created image is emitted. export_to_artifact_path: 'agentimage.tar.gz' # path for exported image and use this instead of fixed tag diff --git a/.pipelines/pipeline.user.windows.yml b/.pipelines/pipeline.user.windows.yml index e9d0105ab..8be92a316 100644 --- a/.pipelines/pipeline.user.windows.yml +++ b/.pipelines/pipeline.user.windows.yml @@ -53,4 +53,7 @@ package: repository_name: 'cdpxwin1809' # only supported ones are cdpx acr repos tag: 'win-cidev' # OPTIONAL: Defaults to latest. The tag for the built image. Final tag will be 1.0.0alpha, 1.0.0-timestamp-commitID. latest: false # OPTIONAL: Defaults to false. If tag is not set to latest and this flag is set, then tag as latest as well and push latest as well. + publish_unique_tag: true # If set, the image in the registry is tagged with the unique tag generated by CDPx + metadata_file: + artifact_path: 'windows-image-meta.json' # If defined, the drop outputs relative path to the file into which JSON metadata about the created image is emitted. export_to_artifact_path: 'agentimage.tar.zip' # path for exported image and use this instead of fixed tag diff --git a/deployment/agent-deployment/ServiceGroupRoot/Parameters/ContainerInsights.Linux.Parameters.json b/deployment/agent-deployment/ServiceGroupRoot/Parameters/ContainerInsights.Linux.Parameters.json index be9ddb6d6..b9ca8c407 100644 --- a/deployment/agent-deployment/ServiceGroupRoot/Parameters/ContainerInsights.Linux.Parameters.json +++ b/deployment/agent-deployment/ServiceGroupRoot/Parameters/ContainerInsights.Linux.Parameters.json @@ -27,30 +27,6 @@ "pushAgentToAcr.sh" ], "environmentVariables": [ - { - "name": "AGENT_IMAGE_URI", - "value": "__CONTAINER_URI__" - }, - { - "name": "AGENT_IMAGE_SAS", - "value": "__CONTAINER_SAS_TOKEN__" - }, - { - "name": "STORAGE_CONTAINER_NAME", - "value": "__STORAGE_CONTAINER_NAME__" - }, - { - "name": "STORAGE_ACCOUNT_NAME", - "value": "__STORAGE_ACCOUNT_NAME__" - }, - { - "name": "AGENT_IMAGE_TAR_FILE_NAME", - "value": "agentimage.tar.gz" - }, - { - "name": "RELEASE_ID", - "value": "__RELEASE_ID__" - }, { "name": "ACR_NAME", "value": "__ACR_NAME__" @@ -66,6 +42,22 @@ { "name": "AGENT_IMAGE_FULL_PATH", "value": "__ACR_NAME__/public/azuremonitor/containerinsights/__AGENT_RELEASE__:__AGENT_RELEASE____AGENT_IMAGE_TAG_SUFFIX__" + }, + { + "name": "CDPX_ACR", + "value": "__CDPX_LINUX_ACR__" + }, + { + "name": "CDPX_REGISTRY", + "value": "__CDPX_LINUX_REGISTRY__" + }, + { + "name": "CDPX_REPO_NAME", + "value": "__CDPX_LINUX_REPO_NAME__" + }, + { + "name": "CDPX_TAG", + "value": "__CDPX_LINUX_TAG__" } ], "identity": { diff --git a/deployment/agent-deployment/ServiceGroupRoot/Parameters/ContainerInsights.Windows.Parameters.json b/deployment/agent-deployment/ServiceGroupRoot/Parameters/ContainerInsights.Windows.Parameters.json index 9d208e0c6..f7f12218f 100644 --- a/deployment/agent-deployment/ServiceGroupRoot/Parameters/ContainerInsights.Windows.Parameters.json +++ b/deployment/agent-deployment/ServiceGroupRoot/Parameters/ContainerInsights.Windows.Parameters.json @@ -27,34 +27,6 @@ "pushAgentToAcr.sh" ], "environmentVariables": [ - { - "name": "WINDOWS", - "value": "win-" - }, - { - "name": "AGENT_IMAGE_URI", - "value": "__CONTAINER_URI__" - }, - { - "name": "AGENT_IMAGE_SAS", - "value": "__CONTAINER_SAS_TOKEN__" - }, - { - "name": "STORAGE_CONTAINER_NAME", - "value": "__STORAGE_CONTAINER_NAME__" - }, - { - "name": "STORAGE_ACCOUNT_NAME", - "value": "__STORAGE_ACCOUNT_NAME__" - }, - { - "name": "AGENT_IMAGE_TAR_FILE_NAME", - "value": "agentimage.tar.zip" - }, - { - "name": "RELEASE_ID", - "value": "__RELEASE_ID__" - }, { "name": "ACR_NAME", "value": "__ACR_NAME__" @@ -70,6 +42,22 @@ { "name": "AGENT_IMAGE_FULL_PATH", "value": "__ACR_NAME__/public/azuremonitor/containerinsights/__AGENT_RELEASE__:win-__AGENT_RELEASE____AGENT_IMAGE_TAG_SUFFIX__" + }, + { + "name": "CDPX_ACR", + "value": "__CDPX_WINDOWS_ACR__" + }, + { + "name": "CDPX_REGISTRY", + "value": "__CDPX_WINDOWS_REGISTRY__" + }, + { + "name": "CDPX_REPO_NAME", + "value": "__CDPX_WINDOWS_REPO_NAME__" + }, + { + "name": "CDPX_TAG", + "value": "__CDPX_WINDOWS_TAG__" } ], "identity": { diff --git a/deployment/agent-deployment/ServiceGroupRoot/ScopeBindings/Public.ScopeBindings.json b/deployment/agent-deployment/ServiceGroupRoot/ScopeBindings/Public.ScopeBindings.json index 99acfb68e..82a1fae73 100644 --- a/deployment/agent-deployment/ServiceGroupRoot/ScopeBindings/Public.ScopeBindings.json +++ b/deployment/agent-deployment/ServiceGroupRoot/ScopeBindings/Public.ScopeBindings.json @@ -17,31 +17,42 @@ "find": "__AGENT_IMAGE_TAG_SUFFIX__", "replaceWith": "$(AgentImageTagSuffix)" }, - { - "find": "__RELEASE_ID__", - "replaceWith": "$(Release.ReleaseId)" - }, { "find": "__MANAGED_IDENTITY__", "replaceWith": "$(ManagedIdentity)" }, { - "find": "__CONTAINER_URI__", - "replaceWith": "$(Storage.StorageContainerUri)" - }, + "find": "__CDPX_LINUX_ACR__", + "replaceWith": "$(CDPXLinuxACR)" + }, { - "find": "__CONTAINER_SAS_TOKEN__", - "replaceWith": "$(Storage.StorageContainerSasToken)" - }, + "find": "__CDPX_WINDOWS_ACR__", + "replaceWith": "$(CDPXWindowsACR)" + }, + { + "find": "__CDPX_LINUX_REGISTRY__", + "replaceWith": "$(CDPXLinuxRegistry)" + }, + { + "find": "__CDPX_WINDOWS_REGISTRY__", + "replaceWith": "$(CDPXWindowsRegistry)" + }, + { + "find": "__CDPX_LINUX_TAG__", + "replaceWith": "$(CDPXLinuxTag)" + }, + { + "find": "__CDPX_WINDOWS_TAG__", + "replaceWith": "$(CDPXWindowsTag)" + }, { - "find": "__STORAGE_CONTAINER_NAME__", - "replaceWith": "$(StorageContainerName)" + "find": "__CDPX_LINUX_REPO_NAME__", + "replaceWith": "$(CDPXLinuxRepoName)" }, { - "find": "__STORAGE_ACCOUNT_NAME__", - "replaceWith": "$(StorageAccountName)" + "find": "__CDPX_WINDOWS_REPO_NAME__", + "replaceWith": "$(CDPXWindowsRepoName)" } - ] } ] diff --git a/deployment/agent-deployment/ServiceGroupRoot/Scripts/pushAgentToAcr.sh b/deployment/agent-deployment/ServiceGroupRoot/Scripts/pushAgentToAcr.sh index bafd62b05..f319c3bbe 100644 --- a/deployment/agent-deployment/ServiceGroupRoot/Scripts/pushAgentToAcr.sh +++ b/deployment/agent-deployment/ServiceGroupRoot/Scripts/pushAgentToAcr.sh @@ -12,24 +12,29 @@ if [ -z $AGENT_RELEASE ]; then echo "-e error AGENT_RELEASE shouldnt be empty. check release variables" exit 1 fi +#! +if [ -z $AGENT_IMAGE_FULL_PATH ]; then + echo "-e error AGENT_IMAGE_FULL_PATH shouldnt be empty. check release variables" + exit 1 +fi -if [ -z $AGENT_IMAGE_URI ]; then - echo "-e error value of AGENT_IMAGE_URI shouldn't be empty. check output from file copy release task" +if [ -z $CDPX_ACR ]; then + echo "-e error value of CDPX_ACR shouldn't be empty. check release variables" exit 1 fi -if [ -z $AGENT_IMAGE_SAS ]; then - echo "-e error value of AGENT_IMAGE_SAS shouldn't be empty. check output from file copy release task" +if [ -z $CDPX_TAG ]; then + echo "-e error value of CDPX_TAG shouldn't be empty. check release variables" exit 1 fi -if [ -z $STORAGE_CONTAINER_NAME ]; then - echo "-e error value of STORAGE_CONTAINER_NAME shouldn't be empty. check release variables" +if [ -z $CDPX_REGISTRY ]; then + echo "-e error value of CDPX_REGISTRY shouldn't be empty. check release variables" exit 1 fi -if [ -z $STORAGE_ACCOUNT_NAME ]; then - echo "-e error value of STORAGE_ACCOUNT_NAME shouldn't be empty. check release variables" +if [ -z $CDPX_REPO_NAME ]; then + echo "-e error value of CDPX_REPO_NAME shouldn't be empty. check release variables" exit 1 fi @@ -38,79 +43,22 @@ if [ -z $ACR_NAME ]; then exit 1 fi -#Download agentimage tarball from blob storage account -echo "Downloading tarball image from $WINDOWS $AGENT_IMAGE_URI" -wget -O $AGENT_IMAGE_TAR_FILE_NAME "${AGENT_IMAGE_URI}${WINDOWS}${RELEASE_ID}${AGENT_IMAGE_SAS}" - - -if [ ! -f $AGENT_IMAGE_TAR_FILE_NAME ]; then - echo "Agent tarfile: ${AGENT_IMAGE_TAR_FILE_NAME} does not exist, unable to continue" - exit 1 -fi - -#Install crane -echo "Installing crane" -wget -O crane.tar.gz https://github.com/google/go-containerregistry/releases/download/v0.4.0/go-containerregistry_Linux_x86_64.tar.gz -if [ $? -eq 0 ]; then - echo "crane downloaded successfully" -else - echo "-e error crane download failed" - exit 1 -fi -tar xzvf crane.tar.gz -echo "Installed crane" - #Login to az cli and authenticate to acr echo "Login cli using managed identity" az login --identity - -echo "Getting acr credentials" -TOKEN_QUERY_RES=$(az acr login -n "$ACR_NAME" -t) -TOKEN=$(echo "$TOKEN_QUERY_RES" | jq -r '.accessToken') -if [ -z $TOKEN ]; then - echo "-e error failed to get az acr login token" +if [ $? -eq 0 ]; then + echo "Logged in successfully" +else + echo "-e error failed to login to az with managed identity credentials" exit 1 -fi - -DESTINATION_ACR=$(echo "$TOKEN_QUERY_RES" | jq -r '.loginServer') -if [ -z $DESTINATION_ACR ]; then - echo "-e error value of DESTINATION_ACR shouldnt be empty" +fi + +echo "Pushing ${AGENT_IMAGE_FULL_PATH} to ${ACR_NAME}" +az acr import --name $ACR_NAME --registry $CDPX_REGISTRY --source ${CDPX_ACR}/official/${CDPX_REPO_NAME}:${CDPX_TAG} --image $AGENT_IMAGE_FULL_PATH +if [ $? -eq 0 ]; then + echo "Retagged and pushed image successfully" +else + echo "-e error failed to retag and push image to destination ACR" exit 1 -fi - -./crane auth login "$DESTINATION_ACR" -u "00000000-0000-0000-0000-000000000000" -p "$TOKEN" - -#Prepare tarball and push to acr -if [[ "$AGENT_IMAGE_TAR_FILE_NAME" == *"tar.gz"* ]]; then - gunzip $AGENT_IMAGE_TAR_FILE_NAME -fi - -if [[ "$AGENT_IMAGE_TAR_FILE_NAME" == *"tar.zip"* ]]; then - apt-get -y install unzip - if [ $? -eq 0 ]; then - unzip $AGENT_IMAGE_TAR_FILE_NAME - else - echo "-e error failed to install unzip package and cannot unzip windows agent tarball" - exit 1 - fi -fi - -echo "Pushing file $TARBALL_IMAGE_FILE to $AGENT_IMAGE_FULL_PATH" -./crane push *.tar "$AGENT_IMAGE_FULL_PATH" - - -#Delete agentimage tarball from blob storage to prevent future conflicts -echo "Deleting agentimage copy from blob storage" - -BLOB_EXIST_RESULT=$(az storage blob exists --container-name $STORAGE_CONTAINER_NAME --name $WINDOWS$RELEASE_ID --account-name $STORAGE_ACCOUNT_NAME --sas-token $AGENT_IMAGE_SAS) -BLOB_EXIST=$(echo "$BLOB_EXIST_RESULT" | jq -r '.exists') -echo $BLOB_EXIST_RESULT -echo $BLOB_EXIST - -if $BLOB_EXIST; then - az storage blob delete --container-name "${STORAGE_CONTAINER_NAME}" --name "${WINDOWS}${RELEASE_ID}" --account-name "${STORAGE_ACCOUNT_NAME}" --sas-token "${AGENT_IMAGE_SAS}" - echo "Deleted agentimate copy from blob storage" -else - echo "Agentimage has already been deleted from blob storage" fi \ No newline at end of file