Last active
May 5, 2023 12:39
-
-
Save jamesrcounts/c854e1b2bcc2d7208ca2844a758d95ab to your computer and use it in GitHub Desktop.
Snippets to illustrate getting started with Terraform in Azure DevOps
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
set -euo pipefail | |
ID=$(uuidgen) | |
LOCATION=westus | |
RG=terraformrg | |
# Create unique name for storage account | |
STORAGE_ACCOUNT=$(echo "terraform-${ID}" | tr '[:upper:]' '[:lower:]' | sed 's/-//g' | cut -c1-24) | |
# Create Resource Group for Backend Storage | |
az group create \ | |
--location ${LOCATION} \ | |
--name ${RG} | |
# Create Geo-Redundant Storage Account | |
az storage account create \ | |
--kind StorageV2 \ | |
--location ${LOCATION} \ | |
--name "${STORAGE_ACCOUNT}" \ | |
--resource-group ${RG} \ | |
--sku Standard_GRS | |
# Enable blob soft-deletes | |
az storage blob service-properties delete-policy update \ | |
--account-name "${STORAGE_ACCOUNT}" \ | |
--days-retained 365 \ | |
--enable true | |
# Create storage container | |
az storage container create \ | |
--account-name "${STORAGE_ACCOUNT}" \ | |
--name terraform |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: 0.1.$(Rev:r) | |
trigger: | |
batch: true | |
branches: | |
include: | |
- master | |
variables: | |
- name: terraform_download_sha | |
value: 43806e68f7af396449dd4577c6e5cb63c6dc4a253ae233e1dddc46cf423d808b | |
- name: terraform_version | |
value: 0.12.8 | |
- name: tf_in_automation | |
value: true | |
stages: | |
- stage: Build | |
jobs: | |
- job: Build | |
pool: | |
vmImage: 'ubuntu-latest' | |
steps: | |
- checkout: self | |
fetchDepth: 1 | |
- task: Bash@3 | |
inputs: | |
filePath: './scripts/terraform-download.sh' | |
displayName: 'Terraform Download' | |
- task: AzureCLI@1 | |
inputs: | |
azureSubscription: 'Azure MSDN' | |
scriptLocation: 'scriptPath' | |
scriptPath: './scripts/environment-setup.sh' | |
addSpnToEnvironment: true | |
failOnStandardError: true | |
displayName: 'Environment Setup' | |
- task: Bash@3 | |
inputs: | |
filePath: './scripts/terraform-init.sh' | |
arguments: '$(Build.SourcesDirectory)' | |
failOnStderr: true | |
env: | |
ARM_CLIENT_ID: $(AZURE_CLIENT_ID) | |
ARM_CLIENT_SECRET: $(AZURE_CLIENT_SECRET) | |
ARM_SUBSCRIPTION_ID: $(AZURE_SUBSCRIPTION_ID) | |
ARM_TENANT_ID: $(AZURE_TENANT_ID) | |
displayName: 'Terraform Init' | |
- task: Bash@3 | |
inputs: | |
filePath: './scripts/terraform-plan.sh' | |
arguments: '$(Build.SourcesDirectory)' | |
failOnStderr: true | |
env: | |
ARM_CLIENT_ID: $(AZURE_CLIENT_ID) | |
ARM_CLIENT_SECRET: $(AZURE_CLIENT_SECRET) | |
ARM_SUBSCRIPTION_ID: $(AZURE_SUBSCRIPTION_ID) | |
ARM_TENANT_ID: $(AZURE_TENANT_ID) | |
displayName: 'Terraform Plan' | |
- task: ArchiveFiles@2 | |
inputs: | |
rootFolderOrFile: '$(Build.SourcesDirectory)' | |
includeRootFolder: false | |
archiveType: 'tar' | |
tarCompression: 'gz' | |
archiveFile: '$(Build.ArtifactStagingDirectory)/$(Build.BuildId).tgz' | |
replaceExistingArchive: true | |
displayName: 'Create Plan Artifact' | |
- task: PublishBuildArtifacts@1 | |
inputs: | |
PathtoPublish: '$(Build.ArtifactStagingDirectory)' | |
ArtifactName: 'drop' | |
publishLocation: 'Container' | |
displayName: 'Publish Plan Artifact' | |
- stage: Deploy | |
jobs: | |
- deployment: DeployDev | |
displayName: 'Dev Environment Deployment' | |
pool: | |
vmImage: 'ubuntu-latest' | |
environment: 'dev' | |
strategy: | |
runOnce: | |
deploy: | |
steps: | |
- checkout: none | |
- task: DownloadBuildArtifacts@0 | |
inputs: | |
artifactName: 'drop' | |
displayName: 'Download Plan Artifact' | |
- task: ExtractFiles@1 | |
inputs: | |
archiveFilePatterns: '$(System.ArtifactsDirectory)/drop/$(Build.BuildId).tgz' | |
destinationFolder: '$(System.DefaultWorkingDirectory)/' | |
cleanDestinationFolder: false | |
displayName: 'Extract Plan Artifact' | |
- task: Bash@3 | |
inputs: | |
filePath: './scripts/terraform-download.sh' | |
displayName: 'Terraform Download' | |
- task: AzureCLI@1 | |
inputs: | |
azureSubscription: 'Azure MSDN' | |
scriptLocation: 'scriptPath' | |
scriptPath: './scripts/environment-setup.sh' | |
addSpnToEnvironment: true | |
failOnStandardError: true | |
displayName: 'Environment Setup' | |
- task: Bash@3 | |
inputs: | |
filePath: './scripts/terraform-apply.sh' | |
arguments: '$(Build.SourcesDirectory)' | |
failOnStderr: true | |
env: | |
ARM_CLIENT_ID: $(AZURE_CLIENT_ID) | |
ARM_CLIENT_SECRET: $(AZURE_CLIENT_SECRET) | |
ARM_SUBSCRIPTION_ID: $(AZURE_SUBSCRIPTION_ID) | |
ARM_TENANT_ID: $(AZURE_TENANT_ID) | |
displayName: 'Terraform Apply' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: 0.1.$(Rev:r) | |
trigger: | |
batch: true | |
branches: | |
include: | |
- master | |
variables: | |
- name: terraform_download_sha | |
value: 43806e68f7af396449dd4577c6e5cb63c6dc4a253ae233e1dddc46cf423d808b | |
- name: terraform_version | |
value: 0.12.8 | |
- name: tf_in_automation | |
value: true | |
stages: | |
- stage: Build | |
jobs: | |
- job: Build | |
pool: | |
vmImage: 'ubuntu-latest' | |
steps: | |
- checkout: self | |
fetchDepth: 1 | |
- task: Bash@3 | |
inputs: | |
filePath: './scripts/terraform-download.sh' | |
displayName: 'Terraform Download' | |
- task: AzureCLI@1 | |
inputs: | |
azureSubscription: 'Azure MSDN' | |
scriptLocation: 'scriptPath' | |
scriptPath: './scripts/environment-setup.sh' | |
addSpnToEnvironment: true | |
failOnStandardError: true | |
displayName: 'Environment Setup' | |
- task: Bash@3 | |
inputs: | |
filePath: './scripts/terraform-init.sh' | |
arguments: '$(Build.SourcesDirectory)' | |
failOnStderr: true | |
env: | |
ARM_CLIENT_ID: $(AZURE_CLIENT_ID) | |
ARM_CLIENT_SECRET: $(AZURE_CLIENT_SECRET) | |
ARM_SUBSCRIPTION_ID: $(AZURE_SUBSCRIPTION_ID) | |
ARM_TENANT_ID: $(AZURE_TENANT_ID) | |
displayName: 'Terraform Init' | |
- task: Bash@3 | |
inputs: | |
filePath: './scripts/terraform-plan.sh' | |
arguments: '$(Build.SourcesDirectory)' | |
failOnStderr: true | |
env: | |
ARM_CLIENT_ID: $(AZURE_CLIENT_ID) | |
ARM_CLIENT_SECRET: $(AZURE_CLIENT_SECRET) | |
ARM_SUBSCRIPTION_ID: $(AZURE_SUBSCRIPTION_ID) | |
ARM_TENANT_ID: $(AZURE_TENANT_ID) | |
displayName: 'Terraform Plan' | |
- task: ArchiveFiles@2 | |
inputs: | |
rootFolderOrFile: '$(Build.SourcesDirectory)' | |
includeRootFolder: false | |
archiveType: 'tar' | |
tarCompression: 'gz' | |
archiveFile: '$(Build.ArtifactStagingDirectory)/$(Build.BuildId).tgz' | |
replaceExistingArchive: true | |
displayName: 'Create Plan Artifact' | |
- task: PublishBuildArtifacts@1 | |
inputs: | |
PathtoPublish: '$(Build.ArtifactStagingDirectory)' | |
ArtifactName: 'drop' | |
publishLocation: 'Container' | |
displayName: 'Publish Plan Artifact' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
set -euo pipefail | |
echo "##vso[task.setvariable variable=AZURE_CLIENT_ID;issecret=true]${servicePrincipalId}" | |
echo "##vso[task.setvariable variable=AZURE_CLIENT_SECRET;issecret=true]${servicePrincipalKey}" | |
echo "##vso[task.setvariable variable=AZURE_SUBSCRIPTION_ID;issecret=true]$(az account show --query 'id' -o tsv)" | |
echo "##vso[task.setvariable variable=AZURE_TENANT_ID;issecret=true]${tenantId}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
set -euo pipefail | |
WORKING_DIRECTORY=${1} | |
cd ${WORKING_DIRECTORY} | |
terraform apply -input=false ${BUILD_BUILDNUMBER}.tfplan |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
terraform { | |
required_version = ">= 0.12" | |
backend "azurerm" { | |
resource_group_name = "terraformrg" | |
storage_account_name = "terraformde3fb0d9c9a7413" | |
container_name = "terraform" | |
key = "terraform-getting-started.tfstate" | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
set -euo pipefail | |
curl -SL "https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip" --output terraform.zip | |
echo "${TERRAFORM_DOWNLOAD_SHA} terraform.zip" | sha256sum -c - | |
unzip "terraform.zip" | |
sudo mv terraform /usr/local/bin | |
terraform --version | |
rm terraform.zip |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
set -euo pipefail | |
WORKING_DIRECTORY=${1} | |
cd ${WORKING_DIRECTORY} | |
terraform init -input=false |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
set -euo pipefail | |
WORKING_DIRECTORY=${1} | |
cd ${WORKING_DIRECTORY} | |
terraform plan -input=false -out ${BUILD_BUILDNUMBER}.tfplan |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Nice Scripts, cheers