0
votes

I've got a Azure Build pipeline, which runs on Microsoft Hosted Build Agent.

CI build contains integration tests that need to connect to a SQL Server, which is hosted on a Azure Virtual Machine, however that SQL Server is accessible only from private network.

Is there a way for CI build to connect to that SQL Server in order to run integration tests?

1
To configure a build agent to access resources on private networks, you will need to first host it yourself. The ones hosted by Microsoft can only reach public resources.Paul Turner
Microsoft provides IP ranges for their Microsoft Hosted Build Agent, docs.microsoft.com/en-us/azure/devops/pipelines/agents/…, you could try to add these ranges in your Virtual Machine firewall.Poney
@Poney that sounds also like an idea. I'll check with our admins about it : ) thanks!Evaldas Buinauskas

1 Answers

1
votes

Is there a way for CI build to connect to that SQL Server in order to run integration tests?

Indeed, just like Poney said, we could white list the IP address used by the Microsoft Azure Datacenter IP Ranges in the list mentioned:

https://www.microsoft.com/en-nz/download/details.aspx?id=41653

But this list gets updated every week, so please be mindful of this during the deployment planning.

As workaround, you could set start/stop IP range 0.0.0.0, but this option configures the firewall to allow all connections from Azure including connections from the subscriptions of other customers. When selecting this option, make sure your login and user permissions limit access to only authorized users.

Check the documents Azure SQL Database and SQL Data Warehouse IP firewall rules and Deploy .dacpc to Azure DB via VS Team Services Release–Using Hosted Agents for some more details.

This way you don't need to update the IP list according to the XML downloaded weekly.

Hope this helps.