Building Infrastructure with Azure Pipelines using Terraform
Date published:
Terraform is a tool for building, changing and versioning infrastructure as code. Terraform can manage existing cloud service providers as well as onsite infrastructure. In this tutorial, you will learn how to automate your infrastructure using Terraform by deploying a Resource group, an App service plan and an App service required to deploy a website. This example here will use a sample Terraform Azure DevOps project containing a web application called PartsUnlimited.
Go to this link and Azure DevOps Demo Generator and select a project name to host all the code and run the pipeline on and ensure you have the extension enabled too. If you do not have the extension installed, please go to the marketplace and install it in your organisation. Once done, please click on create a project.
Navigate back to the Azure DevOps project, select the project created and then go to the repo and select terraform as the branch. Inside the branch, you will see a folder called terraform, and within the folder, you will file “webapp.tf”
webapp.tf is the main terraform configuration file. Terraform used HCL language, similar to YAML for azure pipelines.
Next, I will want to run the pipeline to build the resources. Go to pipeline and edit your terraform.CI that has been created for you, and you should see something like the below. You might need to select an agent specification for your agent pool to run. I have chosen windows-latest to use the operating system.
This process will use the dotnet tasks in the pipeline to restore dependencies, build, test and publish the build output into a zip file deployed as a web application.
I will need to publish the terraform files to build the artefact, so it is in your pipeline. In your copy files task, it will copy the Terraform file to an Artifact directory. You can click on Save & Queue, give it a name and click on save and run to start the build and create the artefact. This build will take several minutes to complete.
In this stage, I created azure resources using Terraform as part of the pipeline and deployed the PartsUnlimited web application to the App service. I navigated to the pipeline, clicked on release, and edited the release created.
Select the job and task under the Dev stages.
You might need to authorise the Azure CLI task. Select the Azure subscription from the drop-down list and click authorise to set up the Azure service connection automatically.
Terraform stores state locally in a file named terraform.tfstate. When dealing with a remote state, terraform writes the state data to a remote data store. The Azure CLI task will create an Azure storage account and storage container to store Terraform state.
Go to the Azure PowerShell task and ensure the azure connection type is selected as Azure Resource Manager and select your Azure service connection from the list under your subscription. I will need to configure the terraform backend, and for this, we will need the storage account access key, which will obtain from the PowerShell script.
We will replace those values obtained with the defined variables on the Replace token in the terraform file. In this case, it has populated the name and value for you. These will be the value used as the Azure resources once deployed.
In this stage, we will configure the terraform task. The main terraform workflow usually is.
- init
- plan
- apply
First, you need to go to the Terraform init, set the subscription, and enter the name you want to call the container for the blob storage used to store the state file. This task runs terraform init command. The terraform init command will look through all code in your directory and download any required providers, such as the azurerm.
In the Terraform plan and Terraform Apply command, I ensure both have the correct subscription.
The plan command provides an overview of the action used to get the desired state, which often shows whether there are any errors, such as coding issues.
The apply will run the file to deploy the resources. I will get a prompt for the confirmation of the changes. We will auto-approve the command at this stage, so we do not need validation.
The final stage is configuring the app service; I need to set the subscription and ensure it has value in the app service field. I clicked on save to create the release.
Once you have run the release, it will begin to deploy the resources to azure to create the web app service.
Further Reading