Configure Terraform with Azure DevOps pipeline

This blog describes how you should write Terraform Infrastructure as Code (IaC) with Azure provider.

How to configure CICD pipeline which uses deployment cycle with Terraform.

How your code merge flow help developers to work on source control repository such as Git (or GitHub)?.

e.g.: when developers merge their code from their feature branch to master branch the there must be CI build in place which will validate the source branch code (feature branch) by build and deploy the code from source branch if developer

Image describes the deployment cycle with CICD in azure DevOps.

How to use deployment gate in the YAML pipeline ?.

Why Terraform in Azure (with regards to deployment cycle)?

The advantage of using Terraform, it generates the plan file which specifies the number of changes that will be going to apply to your infrastructure,

this plan file can be used for review purposes by the reviewer just to make sure only the intended changes are going to deploy.

Let's see how should we configure your IaC with terraform and setup the pipeline.

  1. Create files, this file contains all the variables used in your terraform code
variable "subscriptionId" {}
variable "resource_group_name" {}
variable "location" {}
variable "tags" {}

2. Create file, the file defines the terraform state file location, in this case we are storing it in a storage account, value decorated with #{}# will be replaced at deployment time using the replace token task

terraform {
backend "azurerm" {
storage_account_name = "#{state_storage_account_name}#"
resource_group_name = "#{state_resource_group_name}#"
container_name = "terraform-state"

3. Create terraform code file, this file has terraform implementation to create resource group

provider "azurerm" {
version = "=2.10.0"
features {}
resource "azurerm_resource_group" "platform-rg" {
name = var.resource_group_name
location = var.location
tags = var.tags

4. Create terraform_template.tfvars, the file holds the value of the variables defined in file. the actual values will be replace at build/deployment time using ‘replace token’ task.

subscriptionId = "#{subscription_id}#"
resource_group_name = "#{resource_group_name}#"
location = "#{location}#"

That’s it now we are done with the terraform template….remember this is just sample code in actual case your terraform templates might have more complex services code in terraform, here I have described basic building blocks,

Next, we need to create the azure Devops pipeline,

  1. In our pipeline we will be using below tasks terraform task (yaml version of this task).

2. We also need azure service endpoints configured in the azure DevOps project, this endpoint should have access to your Azure subscription so that pipeline can use this to provide the resources in Azure, to create a service endpoint you can refer below uri.

3. In my YAML pipeline I have 2 stages and a couple of template.yaml files will be used in these stages.

Stage-1: Build which build the terraform code, in the build phase we will be running the following 2 command

terraform init — command will initiate the terraform

terraform plan — command will generate the terraform plan against you code.

Stage-2: Deploy, this stage terraform deploy the changes to your azure environment using service endpoint connection.

I have my Youtube channel where I post videos on Azure/Azure DevOps/ Terraform / DotNet technologies every week.
Please Subscribe to my Youtube channel