Post-generation scripts (from Virtual Machine extension)

[aleqsss]

As stated under the Post-generation-scripts step of the create-image-and-azure-resources documenation, one should run the following command (on machines which are using the generated virtual machine image):

sudo su -c "find /opt/post-generation -mindepth 1 -maxdepth 1 -type f -name '*.sh' -exec bash {} \;"

Because of the following stated reason:
The user, created during the image generation, does not exist in the result VHD hence some configuration files related to the user's home directory need to be changed as well as the file permissions for some directories.

The documentation also states:
Note: The default user for Linux should have sudo privileges.

And:

The scripts are copied to the VHD during the image generation process to the following paths:

• Windows: C:\post-generation
• Linux: /opt/post-generation

What if one would like to run these scripts from a Virtual Machine extension inside of Azure? So that when a Virtual Machine boots up, the scripts will be run. Will this be ok? Will the scripts be run and configure the resources as intended?

I'm asking this because we're using Virtual Machine Scale Set Agents, so that when a machine boots up I want the post-generation scripts to be run successfully, and then the pipelines/agent in this setup will be run with a user called AzDevOps (with a home directory of /home/AzDevOps).

So, if the post-generation scripts are run by an Azure Virtual Machine extension, will the Azure Pipelines agent (and its associated user: AzDevOps) have the correct settings from the scripts?

If not, how could this be achieved without any manual steps?

[miketimofeev]

@aleqsss we run the scripts on production VMs in a very similar way, so it's a good chance that everything will work as expected

[aleqsss]

Thank you for this information, I'll try it as I mentioned in my OP then. 🙂

Out of curiosity, and if I may ask. What is it looking like in your environment? The script is being run as a Virtual Machine extension and the pipeline agent user is another user than the one executing the scripts?

[miketimofeev]

We run all the scripts directly on VM using root user.

[lrebosio]

@aleqsss hope to not bother you too much since I've got the very same question. I deployed the VMSS with a custom script extension that executes the post-gen scripts. The post-gen scripts are runnned as soon as a VMSS is deployed so before it is added to the ADO VMSS Agentpool hence when they run, they modify every time $HOME occurs in the /etc/environment file with the VM initial username and not the AzDevOps username. Is it running as expected? As with this method I have plenty of problems with permissions denied, however if I run it after the ADO Agent $HOME get substituted with AzDevOps and I don't have so many permissions problem.

How do you run the post-gen script? Before or after installing the ADO VMSS Agent?

Thanks

[aleqsss]

Hello @lrebosio,

If I remember correctly, we had similar problems with that approach. We ended up not running them at all and have not since (~2 years on many agent pools). We've not yet noticed any issues connected to not running them (at least what we know) and hopefully we never will. 🙂

I never investigated it more than this, since I got caught up in many other things and this was not affecting us. Unfortunately I can't give you a better answer than that, or provide you with a direct solution.

[lrebosio]

Helo @aleqsss,

thank you for your quick reply; I'll avoid to run them me too and run some tests on daily operation we perform via pipelines to check if everything works ok!

[aleqsss]

Do that and hopefully it'll work for you. If not, hopefully you'll find a solution. If I ever pick this up again and come up with a better solution, I'll try to remember to share it here.

[fardarter]

Hi all, I'm running into what I think is a similar issue:

See pipeline output on git checkout:

How can we make the AzDevOps user the default user rather than azureuser?

I'm running the post-gen script as in the OP in a custom extension. Have built the image user the packer hcl files.