mirror of
https://github.com/microsoft/vcpkg.git
synced 2024-12-30 20:59:12 +08:00
7f52deab66
* Update PowerShell Core to not vulnerable versions. * Fix Android create-image relative paths. * Update pools and add docs. * Get android create-vmss to setup managed identity.
128 lines
4.0 KiB
PowerShell
Executable File
128 lines
4.0 KiB
PowerShell
Executable File
# Copyright (c) Microsoft Corporation.
|
|
# SPDX-License-Identifier: MIT
|
|
#
|
|
|
|
<#
|
|
.SYNOPSIS
|
|
Creates a Linux virtual machine scale set, set up for vcpkg's CI.
|
|
|
|
.DESCRIPTION
|
|
create-vmss.ps1 creates an Azure Linux VM scale set, set up for vcpkg's CI
|
|
system. See https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/overview
|
|
for more information.
|
|
|
|
This script assumes you have installed Azure tools into PowerShell by following the instructions
|
|
at https://docs.microsoft.com/en-us/powershell/azure/install-az-ps?view=azps-3.6.1
|
|
or are running from Azure Cloud Shell.
|
|
|
|
This script assumes you have installed the OpenSSH Client optional Windows component.
|
|
|
|
|
|
.PARAMETER ImageName
|
|
The name of the image to deploy into the scale set.
|
|
#>
|
|
|
|
[CmdLetBinding()]
|
|
Param(
|
|
[parameter(Mandatory=$true)]
|
|
[string]$ImageName,
|
|
[parameter(Mandatory=$false)]
|
|
[string]$Prefix = "PrLin-",
|
|
[switch]$AddAndroidContainerRegistryPermissions
|
|
)
|
|
|
|
$Location = 'eastasia'
|
|
$Prefix += (Get-Date -Format 'yyyy-MM-dd')
|
|
$VMSize = 'Standard_D32a_v4'
|
|
$LiveVMPrefix = 'BUILD'
|
|
$ErrorActionPreference = 'Stop'
|
|
|
|
Import-Module "$PSScriptRoot/../create-vmss-helpers.psm1" -DisableNameChecking
|
|
|
|
$sshDir = [System.IO.Path]::GetTempPath() + [System.IO.Path]::GetRandomFileName()
|
|
mkdir $sshDir
|
|
try {
|
|
ssh-keygen.exe -q -b 2048 -t rsa -f "$sshDir/key" -P [string]::Empty
|
|
$sshPublicKey = Get-Content "$sshDir/key.pub"
|
|
} finally {
|
|
Remove-Item $sshDir -Recurse -Force
|
|
}
|
|
$ResourceGroupName = Find-ResourceGroupName $Prefix
|
|
$AdminPW = New-Password
|
|
$Image = Get-AzImage -ResourceGroupName 'vcpkg-image-minting' -ImageName $ImageName
|
|
|
|
New-AzResourceGroup -Name $ResourceGroupName -Location $Location
|
|
|
|
$VirtualNetwork = Create-LockedDownNetwork -ResourceGroupName $ResourceGroupName -Location $Location
|
|
$VmssIpConfigName = $ResourceGroupName + 'VmssIpConfig'
|
|
$VmssIpConfig = New-AzVmssIpConfig -SubnetId $VirtualNetwork.Subnets[0].Id -Primary -Name $VmssIpConfigName
|
|
$VmssName = $ResourceGroupName + 'Vmss'
|
|
$Vmss = New-AzVmssConfig `
|
|
-Location $Location `
|
|
-SkuCapacity 0 `
|
|
-SkuName $VMSize `
|
|
-SkuTier 'Standard' `
|
|
-Overprovision $false `
|
|
-UpgradePolicyMode Manual `
|
|
-EvictionPolicy Delete `
|
|
-Priority Spot `
|
|
-MaxPrice -1 `
|
|
-IdentityType SystemAssigned
|
|
|
|
$NicName = $ResourceGroupName + 'NIC'
|
|
New-AzNetworkInterface `
|
|
-Name $NicName `
|
|
-ResourceGroupName $ResourceGroupName `
|
|
-Location $Location `
|
|
-Subnet $VirtualNetwork.Subnets[0]
|
|
|
|
$Vmss = Add-AzVmssNetworkInterfaceConfiguration `
|
|
-VirtualMachineScaleSet $Vmss `
|
|
-Primary $true `
|
|
-IpConfiguration $VmssIpConfig `
|
|
-NetworkSecurityGroupId $VirtualNetwork.Subnets[0].NetworkSecurityGroup.Id `
|
|
-Name $NicName
|
|
|
|
$VmssPublicKey = New-Object -TypeName 'Microsoft.Azure.Management.Compute.Models.SshPublicKey' `
|
|
-ArgumentList @('/home/AdminUser/.ssh/authorized_keys', $sshPublicKey)
|
|
|
|
$Vmss = Set-AzVmssOsProfile `
|
|
-VirtualMachineScaleSet $Vmss `
|
|
-ComputerNamePrefix $LiveVMPrefix `
|
|
-AdminUsername AdminUser `
|
|
-AdminPassword $AdminPW `
|
|
-LinuxConfigurationDisablePasswordAuthentication $true `
|
|
-PublicKey @($VmssPublicKey)
|
|
|
|
$Vmss = Set-AzVmssStorageProfile `
|
|
-VirtualMachineScaleSet $Vmss `
|
|
-OsDiskCreateOption 'FromImage' `
|
|
-OsDiskCaching ReadOnly `
|
|
-DiffDiskSetting Local `
|
|
-ImageReferenceId $Image.Id
|
|
|
|
$Vmss = Set-AzVmssBootDiagnostic `
|
|
-VirtualMachineScaleSet $Vmss `
|
|
-Enabled $true
|
|
|
|
$VmssCreated = New-AzVmss `
|
|
-ResourceGroupName $ResourceGroupName `
|
|
-Name $VmssName `
|
|
-VirtualMachineScaleSet $Vmss
|
|
|
|
if ($AddAndroidContainerRegistryPermissions) {
|
|
$spID = $VmssCreated.Identity.PrincipalId
|
|
|
|
$acrGroup = "And-Registry"
|
|
$acrName = "AndContainerRegistry"
|
|
|
|
$resourceID = (Get-AzContainerRegistry -ResourceGroupName $acrGroup -Name $acrName).Id
|
|
|
|
# needs admin privileges
|
|
New-AzRoleAssignment -ObjectId $spID -Scope $resourceID -RoleDefinitionName AcrPull
|
|
}
|
|
|
|
Write-Host "Location: $Location"
|
|
Write-Host "Resource group name: $ResourceGroupName"
|
|
Write-Host 'Finished!'
|