Raffaele Fanizzi's Blog

Life Runs On Code
This is the first of a series of posts I will write about a topic I care a lot: secrets management. What is a secret First I want to clarify and give a definition about what is a secret. In software development, a secret is confidential information that is used to access protected resources. There are a lot of examples we can do: database connection strings, credentials such as username/password or app id/app secret, certificates with private key, personal access tokens.
In the previous post we have seen how to create a container image with an Azure Self Hosted Agent based on a Windows container. Then we have run this container on a local Docker installation. This is not very useful because usually we need the agent continuously running somewhere. In Azure, we have multiple ways to host a container: Azure Kubernetes Service, Azure Container Instance or Web App for Containers. In this article I will talk about how to run the DevOps Agent on the last one.
Azure DevOps provides basically two types of agents: Microsoft-Hosted agents and Self-Hosted agents. Microsoft-Hosted agents Microsoft-Hosted agents are completely managed by Microsoft in the cloud, can be based on Windows, Ubuntu or macOS. For each OS, a set of software in included in the VM image used to spin up a new VM when a new job need to be executed (more details here). The main advantage in using Microsoft-Hosted agents is that most of the time provide everything you need to build and deploy your solution without the need to set up, configure and maintain the OS and software packages required.