1 november 2024
Managing Azure Linux VMs via SSH in DevOps Pipelines Without Service Connections
Working with Azure Linux virtual machines through Azure DevOps can be challenging when SSH access is required without using service connections. Standard Azure DevOps tasks assume the existence of a preconfigured service connection, making it inconvenient and inefficient to work with dynamically created or temporary virtual machines.
This article explores ways to solve this issue.

Azure DevOps offers various standard tasks for interacting with virtual machines, such as “SSH Task” and “Azure CLI”. However, these tasks require a pre-configured Service Connection, which implies that the machine has already been created and configured manually or through separate procedures. This can conflict with automation principles, especially in agile environments where infrastructure is frequently recreated.


For example, in situations where virtual machines are created as part of automated CI/CD roadmaps and require immediate configuration, standard service connections are not appropriate. Regularly creating and deleting service accounts becomes an impractical and time-consuming process.


The problem is especially acute in automated test environments where resources change rapidly and any manual work becomes a bottleneck that slows down the process. DevOps environments require a fully automated solution that seamlessly integrates and configures virtual machines within a single Pipeline without additional manual operations.


Solution to the problem


An effective solution to the problem is to use Azure CLI and Bash scripts directly in Azure DevOps pipelines, allowing virtual machines to be created, configured and managed dynamically without preconfiguring service connections.


Example of automated pipelining using AzureCLI. We will create a virtual machine, configure certificate authorization, and establish an SSH connection:

# Étape 1 : Générer une clé SSH dans Pipeline
- script: |
    ssh-keygen -t rsa -b 2048 -f ~/.ssh/id_rsa -q -N ""

# Etape 2 : Créer automatiquement une VM Azure Linux avec une clé SSH
- task: AzureCLI@2
  inputs:
    azureSubscription: '<SUBSCRIPTION>'
    scriptType: 'bash'
    scriptLocation: 'inlineScript'
    inlineScript: |
      az vm create \
        --resource-group myResourceGroup \
        --name myVM \
        --image UbuntuLTS \
        --admin-username azureuser \
        --ssh-key-values ~/.ssh/id_rsa.pub

# Étape 3 : Obtenir l'IP et l'auto-configuration via SSH
- task: AzureCLI@2
  inputs:
    azureSubscription: '<SUBSCRIPTION>'
    scriptType: 'bash'
    scriptLocation: 'inlineScript'
    inlineScript: | 
      vm_ip=$(az vm show -d -g myResourceGroup -n myVM --query publicIps -o tsv)
      ssh -o StrictHostKeyChecking=no azureuser@$vm_ip << EOF
      sudo apt-get update
      sudo apt-get install -y nginx
      echo "Hello from Azure DevOps!" | sudo tee /var/www/html/index.html
      EOF

Alternatively, you can use an ssh connection from a bash script. For example with login and password.
- task: Bash@3
  inputs:
    targetType: 'inline'
    script: |
      sudo apt-get update
      sudo apt-get install sshpass

      vmdnsname=<VM_DNS_NAME>
      vmusername=<VM_USERNAME>
      mpassword=<VM_PASSWORD>

      sshpass -p $vmpassword ssh $vmusername@$vmdnsname -o "StrictHostKeyChecking no" "echo "Hello from Azure DevOps!"