This section describes how to configure Azure Devops as the CI/CD system for your DevOPS Workflow.
- Permissions: The ability to create Projects in your Azure DevOps Organization.
- Azure CLI installed on your machine.
az devops project create -n $PROJECT_NAME- Within your newly created Azure DevOPS project, create a Github service connection within Settings->Pipelines->Service Connections->Github
- Authenticate your Azure DevOPS account to GitHub
- Within your azure devops project, create a new pipeline
- Select GitHub as your source
Add the azure-pipelines.yml file to its root to defines the build rules for your Azure Devops pipeline.
- After selecting your service connection, provide the location of your target repository.
- Point the build definition to the repository's target yaml pipeline location.
Secrets like service principal credentials and the storage account key terraform uses to manage backend state is collected in Azure Key Vault. You'll need to create a keyvault resource that includes the secrets listed below.
AD-SP-CLIENT-ID- The Azure service principal client id used for the deployment.AD-SP-SECRET- The Azure service principal secret used for the deployment.AD-SP-SUBSCRIPTION-ID- The Azure subscription of the service principal used for the deployment.AD-SP-TENANT-ID- The Azure service principal tenant id used for the deployment.ARM-ACCESS-KEY- The remote state storage account access key used for the deployment.DOCKER-PASSWORD- The ACR password for the image repository for the hosted base image.
Follow these instructions to associate all the above secrets to a variable group called KV Secrets.
Setup the below variables to the build pipeline definition.
DATACENTER_LOCATION- The deployment location.ACR_USERNAME- The ACR username of the base image location.ACR_HOST- The ACR hostname of the base image location.TF_VAR_remote_state_account- The terraform remote state storage account name.TF_VAR_remote_state_container- The terraform remote state storage container name.