Last active
January 24, 2020 08:51
-
-
Save mortenlerudjordet/b5d50dbbe25219853030294aa59fcaa5 to your computer and use it in GitHub Desktop.
Terraform in private repo
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .SYNOPSIS | |
| Uses AzD agent Oauth token to set git config extraheader so terraform init can use private AzD git repo as module source | |
| .DESCRIPTION | |
| Section running this task needs to have access to Oauth token. This is configured on the agent step in the pipeline config. | |
| .PARAMETER AzDteamAccountURL | |
| Azure DevOps account url | |
| https://AccountName@dev.azure.com/AccountName | |
| .PARAMETER AccessToken | |
| Access token with access rights to run git clone on private repos that contain modules terraform code uses | |
| .PARAMETER Verbose | |
| If set will print git system config content to log | |
| .NOTES | |
| AUTHOR: Morten Lerudjordet | |
| #> | |
| [CmdletBinding()] | |
| param( | |
| [Parameter(Mandatory = $true)] | |
| [ValidateNotNullorEmpty()] | |
| [string]$AzDaccountURL, | |
| [Parameter(Mandatory = $true)] | |
| [ValidateNotNullorEmpty()] | |
| [string]$AccessToken | |
| ) | |
| try | |
| { | |
| Write-Host -Object "Task started at time: $(get-Date -format r).`nRunning PS version: $($PSVersionTable.PSVersion)`nOn agent: $($env:computername)" | |
| #region Checks | |
| # Check if agent is allowed to use access token | |
| if($AccessToken -eq '$(System.AccessToken)') | |
| { | |
| Write-Error -Message "Agent has not been allowed to use Oauth Token (System.AccessToken)" -ErrorAction Stop | |
| } | |
| # Check if git is installed on agent | |
| if(-not (Test-Path -Path "$env:ProgramFiles\Git\cmd\git.exe")) | |
| { | |
| Write-Error -Message "Git is missing from default location: $($env:ProgramFiles)\Git\cmd\git.exe on agent pipeline is running" -ErrorAction Stop | |
| } | |
| #endregion | |
| #region Variables | |
| # Put temp git config in agent temp dir so it will be cleaned up | |
| $GitTempConfigFileName = Join-Path -Path $($env:AGENT_TEMPDIRECTORY) -ChildPath ".gitconfig.$($env:Release_ReleaseId)" | |
| #endregion | |
| Write-Host -Object "Setting git extraheader config file for $AzDaccountURL with AzD access token" | |
| # Workaround to get powershell to run git command, git must be installed in default location on agents | |
| $GitCommand = "& `"$env:ProgramFiles\Git\cmd\git.exe`" config --file $GitTempConfigFileName http.$AzDaccountURL.extraheader `"AUTHORIZATION: bearer $AccessToken`"" | |
| $GitCommandResult = Invoke-Expression -Command $GitCommand -ErrorAction SilentlyContinue -ErrorVariable oErr | |
| if($oErr) | |
| { | |
| Write-Error -Message "Failed to run git command to set authorization header for: $AzDaccountURL.`nError: $($oErr.Message)" -ErrorAction Stop | |
| } | |
| if($GitCommandResult) | |
| { | |
| Write-Host -Object "Output from git command:" | |
| Write-Host -Object $GitCommandResult | |
| Write-Error -Message "Unexpected output from setting extraheader for $AzDaccountURL using AzD access token" -ErrorAction Stop | |
| } | |
| else | |
| { | |
| Write-Host -Object "Successfully set extraheader in git config file" | |
| } | |
| $GitCommand = "& `"$env:ProgramFiles\Git\cmd\git.exe`" config --global include.path $GitTempConfigFileName" | |
| $GitCommandResult = Invoke-Expression -Command $GitCommand -ErrorAction SilentlyContinue -ErrorVariable oErr | |
| if($oErr) | |
| { | |
| Write-Error -Message "Failed to run git command for including temp extraheader config.`nError: $($oErr.Message)" -ErrorAction Stop | |
| } | |
| if($GitCommandResult) | |
| { | |
| Write-Host -Object "Output from git command:" | |
| Write-Host -Object $GitCommandResult | |
| Write-Error -Message "Unexpected output from setting temp global extraheader config for: $AzDaccountURL" -ErrorAction Stop | |
| } | |
| else | |
| { | |
| Write-Host -Object "Successfully added config file to global config" | |
| } | |
| if($VerbosePreference -ne 'SilentlyContinue') | |
| { | |
| Write-Host -Object "Getting list of git global config from agent" | |
| $GitCommand = "& `"$env:ProgramFiles\Git\cmd\git.exe`" config --global --list" | |
| $GitCommandResult = Invoke-Expression -Command $GitCommand -ErrorAction SilentlyContinue -ErrorVariable oErr | |
| if($oErr) | |
| { | |
| Write-Error -Message "Failed to run git command to list global config: $AzDaccountURL.`nError: $($oErr.Message)" -ErrorAction Stop | |
| } | |
| if($GitCommandResult) | |
| { | |
| Write-Host -Object "List from global config:" | |
| Write-Host -Object $GitCommandResult | |
| } | |
| } | |
| } | |
| catch | |
| { | |
| if ($_.Exception.Message) | |
| { | |
| Write-Error -Message "$($_.Exception.Message)" -ErrorAction Continue | |
| Write-Host -Object "##[error]$($_.Exception.Message)" | |
| } | |
| else | |
| { | |
| Write-Error -Message "$($_.Exception)" -ErrorAction Continue | |
| Write-Host -Object "##[error]$($_.Exception)" | |
| } | |
| } | |
| finally | |
| { | |
| Write-Host -Object "Task ended at time: $(get-Date -format r)" | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment