Azure DevOps Free BuildAgent

Azure DevOps, DevOps 1 Minute

Hello Team,

As you all know, in Azure DevOps you can use a free build agent with 1 limitation – no static IP address. It may generate and it will generate a lot of problems (DB deploy, Firewall troubles and etc.). If you open a ticket to MS Support, they will ask you to open all Region in your Firewall (thousands of IPs πŸ™‚ ).

A small workaround for AWS:

  1. Add PowerShell step:

powershell


$ip = (Invoke-WebRequest -uri "https://api.ipify.org/").Content
Write-Host "$ip 1 step"
Write-Host "##vso[task.setvariable variable=IP]$ip"

2. Then add next step: AWS Tools for Windows PowerShell Script:

powershell2


$allow = @{IpProtocol="tcp"; FromPort="1433"; ToPort="1433"; IpRanges="$(ip)/32"}
Grant-EC2SecurityGroupIngress -GroupID sg-805f89e8 -IpPermission @($allow)

3. And add the last step to remove the rule: AWS Tools for Windows PowerShell Script

powershell3


$allow = @{IpProtocol="tcp"; FromPort="1433"; ToPort="1433"; IpRanges="$(ip)/32"}
Revoke-EC2SecurityGroupIngress -GroupID sg-805f89e8 -IpPermission @($allow)

These steps will automatically add temporary security rule to AWS and then in may case (for DB upgrade) remove all the rules created earlier.

Have fun.

Published by OlegShalnov

More than 15y experience with MS solutions. Big Azure and Office365 fun.

Published

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s