Newsletter zu Aktionen
Trage dich ein um keine Aktionen von uns zu verpassen.
Wir senden 1-2 E-Mails pro Quartal.
In our previous lab (See), we have learn how to deploy purely on Azure using ARM/Bicep, which is a powerful tools with one crucial disadvantage. ARM and Bicep only works for Azure. But when dealing with large solution it is not uncommon to have multiple providers involve even if you decide to stick solely to the Microsoft universe.
So let’s take our case to the next level. Our Storage Account Explorer was a big hit, we got at least 5 users right from the start and the number is likely to grow.
The management was quite impressed by Infrastructure as Code. Your team and you are now entrusted with the mission to bring Infrastructure as Code to every new feature project. Even the project setup is meant to be done by Infrastructure as Code. The idea is: if a new PoC project got approved, the respective team just need to run the „script“ and a new DevOps project is created along with a few resources on Azure. This should ease and speed up the deployment process for new projects significantly.
In this exercise, we will create a new Azure DevOps project and a storage account using Terraform. Please mind! Althought Azure DevOps and Azure Cloud are both from Microsoft, they are independent services and consider different cloud solution. We could also deploy some AWS, Google Cloud or other resources here.
Bash
.mkdir terraform
cd terraform
touch variables.tf
touch providers.tf
touch main-azurerm.tf
touch main-azuredevops.tf
touch output.tf
code .
azurerm
provider in providers.tf
to access Azure capabilitiesterraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = ">=2.77.0"
}
}
}
# Configure the Microsoft Azure Provider
provider "azurerm" {
features {}
}
main-azurerm.tf
.uniqueString
function like ARM/Bicep. But you can use random_string
(docs) provider instead.terraform init
at the root of your project folder `/terraform/`
to initialize the providers.terraform plan -out tf.tfplan
to create an execution plan.terraform apply tf.tfplan
to apply the changes in the plan.static_website
service (see Docs).resource "azurerm_resource_group" "draphony" {
name = "azlab-iac-tf"
location = "westeurope"
}
resource "random_string" "draphony" {
keepers {
rgid = azurerm_resource_group.draphony.id
}
length = 13
special = false
upper = false
}
resource "azurerm_storage_account" "draphony" {
name = "draphony${random_string.draphony.id}"
location = azurerm_resource_group.draphony.location
account_replication_type = "LRS"
account_tier = "Standard"
resource_group_name = azurerm_resource_group.draphony.name
}
Bonus: Modify the output.tf
so that it outputs the keys from the storage account
Please mind that you need an Azure DevOps account for this part. You can create a free account here.
providers.tf
.required_providers
and add and new provider block for azuredevops
as shown below:terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = ">=2.77.0"
}
azuredevops = {
source = "microsoft/azuredevops"
version = ">=0.1.0"
}
}
}
provider "azurerm" {
features {}
}
provider "azuredevops" {
personal_access_token = "TO_BE_REPLACED"
org_service_url = "TO_BE_REPLACED"
}
PAT
with full scope
and the org_service_url
and replace it in the providers.tf
main-azuredevops.tf
and write the Terraform script, which should deploy:terraform plan -out tf.tfplan
to create an execution plan.terraform apply tf.tfplan
to apply the changes.resource "azuredevops_project" "draphony" {
name = "Awesome Project"
description = "You did it man!"
visibility = "private"
version_control = "Git"
work_item_template = "Scrum"
}
resource "azuredevops_git_repository" "draphony" {
project_id = azuredevops_project.draphony.id
name = "webapp"
initialization {
init_type = "Clean"
}
}
resource "azuredevops_repository_policy_author_email_pattern" "draphony" {
project_id = azuredevops_project.draphony.id
enabled = true
blocking = true
author_email_patterns = ["*@draphony.com", "*@draphony.de"]
}
Bonus: Modify the
and main-azuredevops.tf
variables.tf
so users can create a configurable amount of repos.
terraform
destroy at the root of your project folder `/terraform/`
to tear down everything.Trage dich ein um keine Aktionen von uns zu verpassen.
Wir senden 1-2 E-Mails pro Quartal.