Add scripts to generate new Virtual Machine Scale Sets and images for build machines

[BillyONeal]

This change reduces the likelihood of differing behavior between builds due to updates of Visual Studio, since all workers will be updated atomically. It also enables automatic scaling of the number of builders to meet pull request demand, since starting a VM takes a few minutes rather than 40+ minutes.

[barcharcraz]

does this still happen at some point? or do we just never enable defender on the generated images

[BillyONeal]

We don't turn Defender off any more, that's something we'll need to talk to Azure Pipelines team about since we no longer know where the work tree is.

And actually this was broken before since it should have excluded D:\ after we moved the build there.

[StephanTLavavej]

I think I found an issue that will prevent this from actually working (the branch issue). Other comments aren't critical.

[StephanTLavavej]

This line appears to expect microsoft/STL to have a branch named autoscale. I believe it should be master.

[StephanTLavavej]

How does the machine have this file, yet needs to download provision-image.ps1?

[BillyONeal]

The cmdlet Invoke-AzVMRunCommand on 204 of create-new-agent-image.ps takes care of getting this script onto the box. I suppose I could eliminate the need for this with a script that invokes itself....

[StephanTLavavej]

Is it possible to wrap to 120?

[BillyONeal]

Maybe, we'll see

[StephanTLavavej]

Period? Sounds like a complete sentence to me.

[StephanTLavavej]

I don't think this can ever generate '9'. According to https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/get-random?view=powershell-7 , "Get-Random returns a value that is less than the maximum (not equal)." Can you verify?

[BillyONeal]

PS D:\STL> for ($idx = 0; $idx -lt 10000; $idx++) { if ((Get-Random -Minimum 0 -Maximum 1) -eq 1) { 
>> Write-Output Pass
>> return
>> }}
PS D:\STL>

Talk about terrible parameter naming.

[StephanTLavavej]

Why Is This Title Case?

[StephanTLavavej]

Capitalize S?

[StephanTLavavej]

Terminate sounds a little ominous, do we need that? END OF LINE.

[BillyONeal]

I always like little helper tools like this to emit that message but no skin off my nose to remove it. Done.

[StephanTLavavej]

“Finished” is fine 😸

[cbezault]

I'm happy with what I see here and the output in ADO, but take my approval with a grain of salt, I don't have psychic debugging powers.

[cbezault]

Only one comment, no need to resolve if you don't feel like it.

[cbezault]

It might not matter that much but I think for our purposes setting -ScaleInPolicy to OldestVM could make sense.

[CaseyCarter]

There are no errors here so glaringly and obviously incorrect that I noticed them.

[BillyONeal]

After this merges I will update the instructions at https://github.com/microsoft/STL/wiki/Checklist-for-Updating-Toolset-and-or-Dependencies to:

1. Create a new branch in your own fork.
2. Edit $/azure-devops/create-new-agent-image.ps1 and $/azure-devops/provision-image.ps1 to make the changes/updates you want to make. Most changes will be merely updating version numbers which happens in provision-image.ps1.
3. If you have not before, follow the instructions at https://docs.microsoft.com/en-us/powershell/azure/install-az-ps?view=azps-3.6.1 to install the Azure PowerShell tools. (This only needs to be done once per machine.)
4. Run $/azure-devops/create-new-agent-image.ps1.
5. On https://dev.azure.com/vclibs/STL/_settings/agentqueues, add a new Azure virtual machine scale set pool pointing to the scale set generated in the previous step. Name the pool the same name as the generated resource group to make them easy to find. Choose 1 standby machine with a maximum of 6 so as to not exceed our 100 core quota.
6. Update $/azure-devops/run-build.yml to point to the new pool.
7. Create/update a PR from your branch to Microsoft/STL master. If there are substantial code review changes, delete the created pool from https://dev.azure.com/vclibs/_settings/agentpools, delete the resource group from the Azure portal, make the code review requested changes, and restart from step 4.
8. After your PR merges, delete the old unused pool from https://dev.azure.com/vclibs/_settings/agentpools, and the previous resource group from the Azure portal.

[StephanTLavavej]

1. I believe that $/meow is TFS jargon and shouldn't be in the wiki.
2. "This only need be done once per machine." would sound better as "This only needs to be done once per machine."
3. run-build.yaml is a typo - the correct filename is run-build.yml.
4. "Create/update a PR from your branch to master." Should you clarify that you mean microsoft/STL master?
5. "delete the old no longer used pool" would sound much better as "old unused pool".

[StephanTLavavej]

Can/should this verify something like %USERNAME%?

[BillyONeal]

No, it must not be that because here we're running as NT AUTHORITY\SYSTEM (that's the whole reason we need to do this dance in the first place)

[BillyONeal]

Oh, I see, this is in the "not elevating" branch; I think saying AdminUser is good still because it helps explain the explosion that will happen if you try to run the script unelevated :)

[BillyONeal]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[BillyONeal]

• I believe that $/meow is TFS jargon and shouldn't be in the wiki.

Do you have other suggestions? It is admittedly jargon I took from TFS world but I've used it in Git and svn worlds before and everyone always has understood what that meant. (I believe I applied your other suggestions)

[StephanTLavavej]

I wouldn't use any prefix at all; I might consider linking to the files in master like azure-devops/create-new-agent-image.ps1 but I suppose $/ is fine.