There are many ways to get VSTS Agents deployed to a machine. You can find more on that here: https://docs.microsoft.com/en-us/vsts/pipelines/agents/agents?view=vsts. In this post you will find a way to deploy a VSTS Agent on a Linux Azure VM through an ARM template. For this we use a Custom Script Extension.
I intentionally left out the creation of the Linux VM in this post. I used a Packer script for this while my collegue Manuel Riezebosch created a very convenient VSTS Task for that! See this here: https://marketplace.visualstudio.com/items?itemName=riezebosch.Packer
To deploy the agent a couple of steps are involved;
- Get the download URL for the agent; blogged here: https://wp.me/p34BgL-81
- Encode a Linux script, to install the agent
- Use a Linux ARM Custom Script Extension in your ARM template
To create the encoded script I used another Inline PowerShell Task in VSTS. The full script can be found here: https://github.com/JasperGilhuis/VSTS-RestAPI/blob/master/Get-EncodedAgentDeployScript-Linux.ps1
To clarify the details I expanded the script a bit:
1. curl -s $(AgentDownloadUrl) > /tmp/agent.tar.gz;
2. for i in `seq 1 $(AgentsPerVM)`;
3. do mkdir /agent$i &&
4. cd /agent$i &&
5. tar zxf /tmp/agent.tar.gz -C . &&
6. chmod -R 777 . &&
7. sudo -u $(AdminUserName) ./config.sh --unattended --url $(VSTSAccount) --auth pat --token $(PersonalAccessToken) --pool $(AgentPool) --agent $(AgentName)$i --work ./_work --runAsService &&
8. ./svc.sh install &&
9. ./svc.sh start;
10. done;
The following lines comment the script above on line by line basis;
1. Download the VSTS Agent, save in the tmp folder
2. Loop for the desired number of agents
3. Create the agent directory
4. Go to agent specific directory
5. Unpack the agent in folder
6. Set permissions for the directory so that users can access it
7. For the user, configure the agent for to the specified VSTS account, using a PAT and named Pool and provided Agent name.
8. During the configuration a svc.sh file is generated. This needs to be run to install the service.
9. After installation the service can be started using the start method.
10. Done one loop
This script needs to be passed to the ARM template. The Custom Script Extension allows us to send a base64 encoded script. So we encrypt the script first and then encode it.
$Bytes = [System.Text.Encoding]::UTF8.GetBytes($script)
$EncodedText =[Convert]::ToBase64String($Bytes)
The encoded script is stored in a VSTS Variable
Write-Host "##vso[task.setvariable variable=EncodedScript;issecret=true]$EncodedText"
This script can be passed to a section in an ARM template through a parameter for the ARM template. The template can be deployed using the Azure Resource Group Deployment task.
In the ARM template you can add a section that executes the provided script. The section can be found here: https://github.com/JasperGilhuis/VSTS-RestAPI/blob/master/ARM-Linux-Custom-Script-Extension-Snippet.json
More details on the current Custom Script Extensions can be found here: https://github.com/Azure/custom-script-extension-linux/blob/master/README.md and here: https://docs.microsoft.com/en-us/azure/virtual-machines/extensions/custom-script-linux
Jasper Gilhuis 
Thank you for tthis