Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
157 lines (153 sloc) 7.98 KB
# Azure Pipeline that deploys the whole infrastructure continuously, using Terraform
trigger: none
variables:
vmImageName: 'ubuntu-latest'
terraformVersion: 0.12.3
azureSubscriptionServiceConnectionName: 'jucoriol'
tfStateResourceGroupName: 'terraform-ref-fr-rg'
tfStateAzureStorageAccountSku: 'Standard_LRS'
tfStateAzureStorageAccountName: 'tfstate201910'
tfStateContainerName: 'tfstate-ref'
# This pipeline uses variables and secrets defined in the Azure DevOps portal (see: https://docs.microsoft.com/en-us/azure/devops/pipelines/process/variables?view=azure-devops&tabs=yaml%2Cbatch#secret-variables)
# location: the Azure region where to deploy
# tenantId: the identifier of the Azure tenant
# environmentName: the name of the environment to deploy
# kubernetesVersion: the Kubernetes version to deploy
# aksServicePrincipalClientId: the service principal identifier to use with AKS
# aksServicePrincipalClientSecret: the service principal secret to use with AKS
# sshKeySecureFileName: a secure file that contains the SSH private key to use
# sshPublicKey: the SSH public key to use
# sshKnownHostsEntry: the SSH known hosts entry
stages:
- stage: CommonModule
displayName: Common Module
jobs:
# Common Module
- job: CommonModule
displayName: Deploy the Terraform Common module
pool:
vmImage: $(vmImageName)
steps:
- task: InstallSSHKey@0
displayName: 'Install an SSH key'
inputs:
knownHostsEntry: $(sshKnownHostsEntry)
sshPublicKey: $(sshPublicKey)
sshKeySecureFile: $(sshKeySecureFileName)
- task: charleszipp.azure-pipelines-tasks-terraform.azure-pipelines-tasks-terraform-installer.TerraformInstaller@0
displayName: 'Use Terraform $(terraformVersion)'
inputs:
terraformVersion: $(terraformVersion)
- task: charleszipp.azure-pipelines-tasks-terraform.azure-pipelines-tasks-terraform-cli.TerraformCLI@0
displayName: 'terraform init'
inputs:
command: init
workingDirectory: '$(System.DefaultWorkingDirectory)/tf/common'
backendType: azurerm
backendServiceArm: $(azureSubscriptionServiceConnectionName)
ensureBackend: true
backendAzureRmResourceGroupLocation: $(location)
backendAzureRmResourceGroupName: $(tfStateResourceGroupName)
backendAzureRmStorageAccountName: $(tfStateAzureStorageAccountName)
backendAzureRmStorageAccountSku: $(tfStateAzureStorageAccountSku)
backendAzureRmContainerName: $(tfStateContainerName)
backendAzureRmKey: 'common.tfstate'
- task: charleszipp.azure-pipelines-tasks-terraform.azure-pipelines-tasks-terraform-cli.TerraformCLI@0
displayName: 'terraform validate'
inputs:
workingDirectory: '$(System.DefaultWorkingDirectory)/tf/common'
- task: charleszipp.azure-pipelines-tasks-terraform.azure-pipelines-tasks-terraform-cli.TerraformCLI@0
displayName: 'terraform apply'
inputs:
command: apply
workingDirectory: '$(System.DefaultWorkingDirectory)/tf/common'
environmentServiceName: $(azureSubscriptionServiceConnectionName)
commandOptions: '-auto-approve -var location=$(location) -var tenant_id=$(tenantId)'
- stage: CoreNetworkingModule
displayName: Core Networking Module
jobs:
# Core Networking Module
- job: CoreNetworkingModule
displayName: Deploy the Terraform Core Networking module
pool:
vmImage: $(vmImageName)
steps:
- task: InstallSSHKey@0
displayName: 'Install an SSH key'
inputs:
knownHostsEntry: $(sshKnownHostsEntry)
sshPublicKey: $(sshPublicKey)
sshKeySecureFile: $(sshKeySecureFileName)
- task: charleszipp.azure-pipelines-tasks-terraform.azure-pipelines-tasks-terraform-installer.TerraformInstaller@0
displayName: 'Use Terraform $(terraformVersion)'
inputs:
terraformVersion: $(terraformVersion)
- task: charleszipp.azure-pipelines-tasks-terraform.azure-pipelines-tasks-terraform-cli.TerraformCLI@0
displayName: 'terraform init'
inputs:
command: init
workingDirectory: '$(System.DefaultWorkingDirectory)/tf/core'
backendType: azurerm
backendServiceArm: $(azureSubscriptionServiceConnectionName)
ensureBackend: true
backendAzureRmResourceGroupLocation: $(location)
backendAzureRmResourceGroupName: $(tfStateResourceGroupName)
backendAzureRmStorageAccountName: $(tfStateAzureStorageAccountName)
backendAzureRmStorageAccountSku: $(tfStateAzureStorageAccountSku)
backendAzureRmContainerName: $(tfStateContainerName)
backendAzureRmKey: 'core-$(environmentName).tfstate'
- task: charleszipp.azure-pipelines-tasks-terraform.azure-pipelines-tasks-terraform-cli.TerraformCLI@0
displayName: 'terraform validate'
inputs:
workingDirectory: '$(System.DefaultWorkingDirectory)/tf/core'
- task: charleszipp.azure-pipelines-tasks-terraform.azure-pipelines-tasks-terraform-cli.TerraformCLI@0
displayName: 'terraform apply'
inputs:
command: apply
workingDirectory: '$(System.DefaultWorkingDirectory)/tf/core'
environmentServiceName: $(azureSubscriptionServiceConnectionName)
commandOptions: '-auto-approve -var location=$(location) -var environment=$(environmentName)'
- stage: AzureKubernetesModule
displayName: Azure Kubernetes Service Module
jobs:
# Azure Kubernetes Service Module
- job: AzureKubernetesModule
displayName: Deploy the Terraform Azure Kubernetes Service module
pool:
vmImage: $(vmImageName)
steps:
- task: InstallSSHKey@0
displayName: 'Install an SSH key'
inputs:
knownHostsEntry: $(sshKnownHostsEntry)
sshPublicKey: $(sshPublicKey)
sshKeySecureFile: $(sshKeySecureFileName)
- task: charleszipp.azure-pipelines-tasks-terraform.azure-pipelines-tasks-terraform-installer.TerraformInstaller@0
displayName: 'Use Terraform $(terraformVersion)'
inputs:
terraformVersion: $(terraformVersion)
- task: charleszipp.azure-pipelines-tasks-terraform.azure-pipelines-tasks-terraform-cli.TerraformCLI@0
displayName: 'terraform init'
inputs:
command: init
workingDirectory: '$(System.DefaultWorkingDirectory)/tf/aks'
backendType: azurerm
backendServiceArm: $(azureSubscriptionServiceConnectionName)
ensureBackend: true
backendAzureRmResourceGroupLocation: $(location)
backendAzureRmResourceGroupName: $(tfStateResourceGroupName)
backendAzureRmStorageAccountName: $(tfStateAzureStorageAccountName)
backendAzureRmStorageAccountSku: $(tfStateAzureStorageAccountSku)
backendAzureRmContainerName: $(tfStateContainerName)
backendAzureRmKey: 'aks-$(environmentName).tfstate'
- task: charleszipp.azure-pipelines-tasks-terraform.azure-pipelines-tasks-terraform-cli.TerraformCLI@0
displayName: 'terraform validate'
inputs:
workingDirectory: '$(System.DefaultWorkingDirectory)/tf/aks'
- task: charleszipp.azure-pipelines-tasks-terraform.azure-pipelines-tasks-terraform-cli.TerraformCLI@0
displayName: 'terraform apply'
inputs:
command: apply
workingDirectory: '$(System.DefaultWorkingDirectory)/tf/aks'
environmentServiceName: $(azureSubscriptionServiceConnectionName)
commandOptions: '-auto-approve -var location=$(location) -var environment=$(environmentName) -var kubernetes_version=$(kubernetesVersion) -var service_principal_client_id="$(aksServicePrincipalClientId)" -var service_principal_client_secret="$(aksServicePrincipalClientSecret)" -var ssh_public_key="$(sshPublicKey)"'
You can’t perform that action at this time.