readme updated | azure pipelines apply

kolosovpetro · Aug 30, 2023 · ff0cc63 · ff0cc63
1 parent 58103d6
commit ff0cc63
Show file tree

Hide file tree

Showing 2 changed files with 135 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -1,11 +1,17 @@
-# terraform-template
+# Terraform template
+
+Terraform template for modules and sub-modules.
+Includes pre-commit hooks that lint the terraform code and generate module's
+documentation as part of README file.
+Contains examples of terraform CI/CD pipelines for GitHub Actions and Azure Pipelines.
 
 ## Pre-commit configuration
 
 - Install python3 via windows store
 - `pip install --upgrade pip`
 - `pip install pre-commit`
 - Update PATH variable
+- `pre-commit install`
 
 ## Install terraform docs
 

diff --git a/azure-pipelines/azdo-terraform-cicd.yml b/azure-pipelines/azdo-terraform-cicd.yml
@@ -0,0 +1,128 @@
+trigger:
+  batch: true
+  branches:
+    include:
+      - master
+
+pr:
+  branches:
+    include:
+      - '*'
+
+variables:
+  - name: TF_LOG
+    value: INFO
+  - name: workingDir
+    value: '$(System.DefaultWorkingDirectory)'
+  - group: 'TF_SETTINGS_APPLY' # update to your variable group name
+
+stages:
+  - stage: "Terraform_Plan"
+    displayName: "Terraform_Plan"
+    jobs:
+      - job: 'Terraform_Plan'
+        displayName: "Terraform_Plan"
+        pool:
+          vmImage: "ubuntu-latest"
+        steps:
+          - checkout: self
+            fetchDepth: 0
+
+          - script: |
+              terraform init -backend=false
+              terraform validate
+              terraform fmt -check
+            displayName: "Run tf validate"
+            workingDirectory: '$(workingDir)'
+
+          - task: AzureCLI@2
+            name: SasTokenStep
+            displayName: 'Set SAS Token'
+            inputs:
+              azureSubscription: 'TerraformTemplateServiceConnection' # update to your service connection name
+              scriptType: 'pscore'
+              scriptLocation: 'inlineScript'
+              inlineScript: |
+                $Date = (Get-Date).AddDays(1).ToString('yyyy-MM-dd')
+                $key = $( az storage account keys list --resource-group $(rgName) --account-name $(storageAccount) --query [0].value -o tsv )
+                $sas = $( az storage container generate-sas --name $(container) --expiry $Date --permissions "racwdli" --account-name $(storageAccount) --account-key "$key" )
+                $sas = $sas.Replace("`"","")
+                Write-Host "##vso[task.setvariable variable=SAS_TOKEN;isOutput=true]$sas"
+
+          - bash: |
+              terraform init \
+                -backend-config="storage_account_name=$TF_STATE_BLOB_ACCOUNT_NAME" \
+                -backend-config="container_name=$TF_STATE_BLOB_CONTAINER_NAME" \
+                -backend-config="key=$TF_STATE_BLOB_FILE" \
+                -backend-config="sas_token=$TF_STATE_BLOB_SAS_TOKEN"
+            displayName: Terraform Init
+            workingDirectory: $(workingDir)
+            env:
+              TF_STATE_BLOB_ACCOUNT_NAME: $(storageAccount)
+              TF_STATE_BLOB_CONTAINER_NAME: $(container)
+              TF_STATE_BLOB_FILE: $(stateFile)
+              TF_STATE_BLOB_SAS_TOKEN: $(SasTokenStep.SAS_TOKEN)
+
+          - bash: |
+              terraform plan -var "prefix=$PREFIX" -out main.tfplan
+            workingDirectory: $(workingDir)
+            displayName: 'Terraform Plan'
+            env:
+              PREFIX: $(prefix)
+
+          - bash: cp main.tfplan $(Build.ArtifactStagingDirectory)
+            displayName: 'Copy Plan'
+            workingDirectory: $(workingDir)
+
+          - task: PublishBuildArtifacts@1
+            displayName: 'Publish Artifacts'
+            inputs:
+              PathtoPublish: '$(Build.ArtifactStagingDirectory)'
+              ArtifactName: 'drop'
+              publishLocation: 'Container'
+
+  - stage: 'Terraform_Apply'
+    displayName: 'Terraform_Apply'
+    dependsOn: 'Terraform_Apply'
+    condition: succeeded('Terraform_Plan')
+    jobs:
+      - deployment: 'Terraform_Apply'
+        displayName: 'Terraform_Apply'
+        pool:
+          vmImage: 'ubuntu-latest'
+        environment: 'terraform' # update to your environment name
+        variables:
+          SasToken: $[ stageDependencies.Terraform_Plan.Terraform_Plan.outputs['SasTokenStep.SAS_TOKEN'] ]
+        strategy:
+          runOnce:
+            deploy:
+              steps:
+                - checkout: self
+                  fetchDepth: 0
+
+                - download: current
+                  artifact: drop
+
+                - bash: |
+                    terraform init \
+                      -backend-config="storage_account_name=$TF_STATE_BLOB_ACCOUNT_NAME" \
+                      -backend-config="container_name=$TF_STATE_BLOB_CONTAINER_NAME" \
+                      -backend-config="key=$TF_STATE_BLOB_FILE" \
+                      -backend-config="sas_token=$TF_STATE_BLOB_SAS_TOKEN"
+                  displayName: 'Terraform Init'
+                  workingDirectory: $(workingDir)
+                  env:
+                    TF_STATE_BLOB_ACCOUNT_NAME: $(storageAccount)
+                    TF_STATE_BLOB_CONTAINER_NAME: $(container)
+                    TF_STATE_BLOB_FILE: $(stateFile)
+                    TF_STATE_BLOB_SAS_TOKEN: $(SasToken)
+
+                - bash: |
+                    cp $(Agent.BuildDirectory)/drop/main.tfplan main.tfplan
+                  displayName: 'Copy Plan'
+                  workingDirectory: $(workingDir)
+
+                - bash: |
+                    terraform apply -auto-approve main.tfplan
+                  displayName: 'Terraform Apply'
+                  workingDirectory: $(workingDir)