This example shows how to bootstrap an Azure account with Terraform. It performs the following:
- Creates Azure AD Application and Service Principal
- Creates Resource Group
- Creates Azure Storage Account (where state is stored)
- Updates GitHub Repository Secrets
- Creates Documentation in Confluence
-
Terraform >= 1.5
-
Azure CLI >= 2.0.0
-
A GitHub Repository for maintaining other repositories. You can create one with the following command replacing the values with your own:
gh repo create myorg/devops --description "Repository to maintain other repositories in the organization" --add-readme --private
-
A Confluence Space for maintaining documentation
Create a file terraform.tfvars
with the following content. Replace the values with your own:
name = "terraform"
location = "westus"
confluence_username="email@example.com"
confluence_token="ATATT3xqbcdefghjklmnopqrstuvwxyz"
confluence_site="example.atlassian.net"
confluence_space="DevOps"
github_owner = "wernerstrydom"
github_token = "ghp_abcdefghjklmnopqrstuvwxyz"
github_repository_name = "devops"
The values are as follows:
Name | Description | Reference |
---|---|---|
name | The name of the storage account, resource group and application | |
location | The location of the storage account and resource group | Azure Regions |
confluence_username | The username of the Confluence user | |
confluence_token | The API token of the Confluence user | Confluence API Tokens |
confluence_site | The site of the Confluence instance | |
confluence_space | The space of the Confluence instance | |
github_owner | The organization where repos are being stored | |
github_token | The API token of the GitHub user | GitHub API Tokens |
github_repository_name | The name of the repository responsible to manage GitHub, Azure and whatnot |
For example, you could create a devops
repository in your organization which would be reponsible for managing all the other repositories in your organization. You can create it using the gh
command line tool:
gh repo create myorg/devops --description "Repository to maintain other repositories in the organization" --add-readme --private
Before running Terraform apply, be sure to login to Azure. You can do this with the following commands:
az login
az account set --subscription <subscription_id>
terraform init
terraform plan
terraform apply
Once the resources are created, you'll may need to copy the state to the storage account. You can do this with the following command:
First, you'll need to add a backend configuration to your terraform.tf
file, replacing the values with the ones generated:
terraform output -raw backend > backend.tf
Then, run the following commands:
terraform state push terraform.tfstate
You can now delete the local state file.
:note: You may want to remove the
backend.tf
file as well.
If you'd like to delete the resources you just created, run the following command:
terraform destroy
terraform fmt -recursive
This library is licensed under the MIT License. See the LICENSE file.