Adding Azure DevOps Git host support in flux

docker/Dockerfile.flux

@@ -6,7 +6,7 @@ RUN apk add --no-cache openssh ca-certificates tini 'git>=2.3.0'
 
 # Add git hosts to known hosts file so we can use
 # StrickHostKeyChecking with git+ssh
-RUN ssh-keyscan github.com gitlab.com bitbucket.org >> /etc/ssh/ssh_known_hosts
+RUN ssh-keyscan github.com gitlab.com bitbucket.org ssh.dev.azure.com >> /etc/ssh/ssh_known_hosts
 
 # Verify newly added known_hosts (man-in-middle mitigation)
 ADD ./verify_known_hosts.sh /home/flux/verify_known_hosts.sh

docker/Dockerfile.helm-operator

@@ -6,7 +6,7 @@ RUN apk add --no-cache openssh ca-certificates tini 'git>=2.3.0'
 
 # Add git hosts to known hosts file so we can use
 # StrickHostKeyChecking with git+ssh
-RUN ssh-keyscan github.com gitlab.com bitbucket.org >> /etc/ssh/ssh_known_hosts
+RUN ssh-keyscan github.com gitlab.com bitbucket.org ssh.dev.azure.com >> /etc/ssh/ssh_known_hosts
 # Add default SSH config, which points at the private key we'll mount
 COPY ./ssh_config /etc/ssh/ssh_config
 

docker/verify_known_hosts.sh

@@ -7,7 +7,7 @@ known_hosts_file=${known_hosts_file:-/etc/ssh/ssh_known_hosts}
 
 # The heredoc below was generated by constructing a known_hosts using
 #
-#     ssh-keyscan github.com gitlab.com bitbucket.org > ./known_hosts
+#     ssh-keyscan github.com gitlab.com bitbucket.org ssh.dev.azure.com > ./known_hosts
 #
 # then generating the sorted fingerprints with
 #
@@ -31,6 +31,7 @@ ssh-keygen -l -f ${known_hosts_file} | sort > "$fingerprints"
 diff - "$fingerprints" <<EOF
 2048 SHA256:ROQFvPThGrW4RuWLoL9tq9I9zJ42fK4XywyRtbOz/EQ gitlab.com (RSA)
 2048 SHA256:nThbg6kXUpJWGl7E1IGOCspRomTxdCARLviKw6E5SY8 github.com (RSA)
+2048 SHA256:ohD8VZEXGWo6Ez8GSEJQ9WpafgLFsOfLOtGGQCQo6Og ssh.dev.azure.com (RSA)
 2048 SHA256:zzXQOXSRBEiUtuE8AikJYKwbHaxvSc0ojez9YXaGp1A bitbucket.org (RSA)
 256 SHA256:HbW3g8zUjNSksFbqTiUWPWg2Bq1x8xdGUrliXFzSnUw gitlab.com (ECDSA)
 256 SHA256:eUXGGm1YGsMAS7vkcx6JOJdOGHPem5gQp4taiCfCLB8 gitlab.com (ED25519)

site/faq.md

@@ -22,7 +22,7 @@ menu_order: 60
   * [How do I use my own deploy key?](#how-do-i-use-my-own-deploy-key)
   * [Why are my images not showing up in the list of images?](#why-are-my-images-not-showing-up-in-the-list-of-images)
   * [Why do my image tags appear out of order?](#why-do-my-image-tags-appear-out-of-order)
-  * [How do I use a private git host (or one that's not github.com, gitlab.com, or bitbucket.org)?](#how-do-i-use-a-private-git-host-or-one-thats-not-githubcom-gitlabcom-or-bitbucketorg)
+  * [How do I use a private git host (or one that's not github.com, gitlab.com, bitbucket.org, or dev.azure.com)?](#how-do-i-use-a-private-git-host-or-one-thats-not-githubcom-gitlabcom-bitbucketorg-or-dev.azure.com)
   * [Will Flux delete resources that are no longer in the git repository?](#will-flux-delete-resources-that-are-no-longer-in-the-git-repository)
   * [Why does my CI pipeline keep getting triggered?](#why-does-my-ci-pipeline-keep-getting-triggered)
   * [What is the "sync tag"; or, why do I see a `flux-sync` tag in my git repo?](#what-is-the-sync-tag-or-why-do-i-see-a-flux-sync-tag-in-my-git-repo)
@@ -285,14 +285,14 @@ build has its own creation time is to label it with a build time;
 e.g., using
 [OpenContainers pre-defined annotations](https://github.com/opencontainers/image-spec/blob/master/annotations.md#pre-defined-annotation-keys).
 
-### How do I use a private git host (or one that's not github.com, gitlab.com, or bitbucket.org)?
+### How do I use a private git host (or one that's not github.com, gitlab.com, bitbucket.org, or dev.azure.com)?
 
 As part of using git+ssh securely from the Flux daemon, we make sure
 `StrictHostKeyChecking` is on in the
 [SSH config](http://man7.org/linux/man-pages/man5/ssh_config.5.html). This
 mitigates against man-in-the-middle attacks.
 
-We bake host keys for `github.com`, `gitlab.com`, and `bitbucket.org`
+We bake host keys for `github.com`, `gitlab.com`, `bitbucket.org`, and `dev.azure.com`
 into the image to cover some common cases. If you're using another
 service, or running your own git host, you need to supply your own
 host key(s).
@@ -333,6 +333,7 @@ Here's the relevant docs for some common CI systems:
  - [TravisCI](https://docs.travis-ci.com/user/customizing-the-build#Building-Specific-Branches)
  - [GitLab](https://docs.gitlab.com/ee/ci/yaml/#only-and-except-simplified)
  - [Bitbucket Pipelines](https://confluence.atlassian.com/bitbucket/configure-bitbucket-pipelines-yml-792298910.html#Configurebitbucket-pipelines.yml-ci_defaultdefault)
+ - [Azure Pipelines](https://docs.microsoft.com/en-us/azure/devops/pipelines/index?view=azure-devops)
 
 ### What is the "sync tag"; or, why do I see a `flux-sync` tag in my git repo?
 

site/helm-get-started.md

@@ -79,7 +79,7 @@ In this next step you install Weave Flux using `helm`. Simply
       *Just make sure you replace `YOURUSER` with your GitHub username
       in the command below:*
 
-    - Using a public git server from `bitbucket.com`, `github.com` or `gitlab.com`:
+    - Using a public git server from `bitbucket.com`, `github.com`, `gitlab.com` or `dev.azure.com`:
 
       ```sh
       helm upgrade -i flux \

site/troubleshooting.md

@@ -48,8 +48,7 @@ This means Flux can't read from and write to the git repo. Check that
 
  - ... that the host where your git repo lives is in
    `~/.ssh/known_hosts` in the fluxd container. We prime the container
-   _image_ with host keys for `github.com`, `gitlab.com` and
-   `bitbucket.org`, but if you're using your own git server, you'll
+   _image_ with host keys for `github.com`, `gitlab.com`, `bitbucket.org`, and `dev.azure.com`, but if you're using your own git server, you'll
    need to add its host key. See
    [./standalone-setup.md](./standalone-setup.md#using-a-private-git-host).