Is it possible to opening a Azure Bastion tunnel in a DevOps Pipeline?
I have successfully done so locally using native client but the tunneling command az network bastion tunnel but this results in a locked window until Ctrl-C is sent.
Is it possible to somehow integrate this into a DevOps Pipeline in order to ssh / scp to VM on a private network?
Thanks.
az network bastion rdp and az network bastion rdp commands(2) open tunnel, connect with native SSH or RDP client, and finally when the client is disconnected tunnel is being tear-down and az process exits. For SCP you might want to consult https://serverfault.com/questions/522258/file-copying-over-an-already-established-ssh-connection and check if existing SSH connection can be re-used for SCP.
Alternative solution: open tunnel with background process. E.g.
nohup az network bastion tunnel > /dev/null 2>&1 & echo $! > run.pid
scp something
scp something
scp something else
kill -p $(cat run.pid)
disclaimer: did not test but this kind of process management should work. If tunnel command requires pty then it is more complicated and requires running tmux or other terminal multiplexer.
If you just need to run command(s) on VM az vm run-command(1) might also be a good alternative.
(1) https://learn.microsoft.com/en-us/cli/azure/vm/run-command?view=azure-cli-latest
In my use case, we simply appended & to the end of the command to make it run in the background.
az network bastion tunnel &
https://www.maketecheasier.com/run-bash-commands-background-linux/
