Skip to content

Instantly share code, notes, and snippets.

@ardeshir

ardeshir/azure-pipelines.yml

Created September 16, 2022 20:09
Show Gist options
  • Save ardeshir/b37292563c97c3341e14b25b5fdf1341 to your computer and use it in GitHub Desktop.
Save ardeshir/b37292563c97c3341e14b25b5fdf1341 to your computer and use it in GitHub Desktop.
Download ZIP
Azure Infra with Terraform
Raw
azure-pipelines.yml
trigger:
- devel
pool:
vmImage: ubuntu-latest
variables:
- group: TerraformConfiguration
- group: TerraformVariables
parameters:
- name: ENVIRONMENT
default: DEV
values:
- DEV
- QA
- name: provisionType
type: string
default: Apply
values:
- Apply
- Destroy
stages:
- stage: ${{ parameters.ENVIRONMENT }}
displayName: ${{ parameters.ENVIRONMENT }} Environment Provision
jobs:
- job: InfraCreation
displayName: Provision Infra in ${{ parameters.ENVIRONMENTE }}
steps:
- task: Bash@3
inputs:
targetType: 'inline'
script: |
wget -qO - terraform.gpg https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/terraform-archive-keyring.gpg
sudo echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/terraform-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" > /etc/apt/sources.list.d/terraform.list
sudo apt update
sudo apt install terraform
terraform --version
displayName: Install Terraform
- bash: |
set -eux # fail on error
az login --service-principal -u $ARM_CLIENT_ID -p $ARM_CLIENT_SECRET --tenant $ARM_TENANT_ID
subscriptionId=$(az account show --query id -o tsv)
terraform init \
-backend-config=storage_account_name=$(TerraformBackendStorageAccount) \
-backend-config=container_name=$(TerraformBackendStorageContainer) \
-backend-config=key=${{ parameters.ENVIRONMENT }}.tfstate \
-backend-config=resource_group_name=$(TerraformBackendResourceGroup) \
-backend-config=subscription_id="$ARM_SUBSCRIPTION_ID" \
-backend-config=tenant_id="$ARM_TENANT_ID" \
-backend-config=client_id="$ARM_CLIENT_ID" \
-backend-config=client_secret="$ARM_CLIENT_SECRET"
displayName: 'Terraform Init'
workingDirectory: $(System.DefaultWorkingDirectory)/
enabled: true
env:
ARM_CLIENT_ID: $(servicePrincipalId)
ARM_CLIENT_SECRET: $(servicePrincipalKey)
ARM_TENANT_ID: $(tenantId)
ARM_SUBSCRIPTION_ID: $(subscriptionId)
- bash: |
az login --service-principal -u $ARM_CLIENT_ID -p $ARM_CLIENT_SECRET --tenant $ARM_TENANT_ID
terraform plan -out=plan.tfplan -input=false -var="location=$(${{ parameters.ENVIRONMENT_NAME }}_LOCATION)" -var="resource_group_name=$(${{ parameters.ENVIRONMENT }}_RESOURCE_GROUP_NAME)" -var="storage_account_name=$(${{ parameters.ENVIRONMENT }}_STORAGE_NAME)" -var="storage_account_tier=$(${{ parameters.ENVIRONMENT }}_STORAGE_TIER)" -var="virtual_network_name=$(${{ parameters.ENVIRONMENT }}_VNET_NAME)"
terraform apply -input=false -auto-approve plan.tfplan
displayName: 'Terraform Apply'
condition: eq('${{ parameters.provisionType }}', 'Apply')
workingDirectory: $(System.DefaultWorkingDirectory)/
env:
ARM_CLIENT_ID: $(servicePrincipalId)
ARM_CLIENT_SECRET: $(servicePrincipalKey)
ARM_TENANT_ID: $(tenantId)
ARM_SUBSCRIPTION_ID: $(subscriptionId)
- bash: |
az login --service-principal -u $ARM_CLIENT_ID -p $ARM_CLIENT_SECRET --tenant $ARM_TENANT_ID
terraform destroy -input=false -auto-approve
displayName: 'Terraform Destroy'
condition: eq('${{ parameters.provisionType }}', 'Destroy')
workingDirectory: $(System.DefaultWorkingDirectory)/
env:
ARM_CLIENT_ID: $(servicePrincipalId)
ARM_CLIENT_SECRET: $(servicePrincipalKey)
ARM_TENANT_ID: $(tenantId)
ARM_SUBSCRIPTION_ID: $(subscriptionId)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment