Closed hepsi204 closed 3 years ago
@hepsi204
Were you able to run the terraform apply
step without the Azure variables (Client ID, Tenant ID, Subscription ID
)?\
I keep getting this error during this phase:
@allantargino
it turns out, I still had reference to variable group JMETER_AZUR_PRINCIPAL in the pipeline YAML during my test and removed it after I tested it. I have tested 2 solutions today. First solution is I put back the variable group name and rectify the readme, second solution is adding the variable group entries to key vault and update terraform script below:
- script: terraform apply -auto-approve
workingDirectory: ./terraform
env:
ARM_CLIENT_SECRET: $(arm-client-secret)
TF_VAR_JMETER_IMAGE_REGISTRY_PASSWORD: $(acr-secret)
displayName: 'SETUP: Run Terraform Apply (target=all)'
to this
- script: terraform apply -auto-approve
workingDirectory: ./terraform
env:
ARM_SUBSCRIPTION_ID: $(arm-subscription-id)
ARM_TENANT_ID: $(arm-tenant-id)
ARM_CLIENT_ID: $(arm-client-id)
ARM_CLIENT_SECRET: $(arm-client-secret)
TF_VAR_JMETER_IMAGE_REGISTRY_PASSWORD: $(acr-secret)
displayName: 'SETUP: Run Terraform Apply (target=all)'
@hepsi204 What option do you think it is the more appropriate?
@allantargino I think prefer having ARM details in key vault. lets go with that. We will have to keep the one variable group for data that isn't as sensitive/or is needed before access to key vault is established. I will push up following changes shortly:
LGTM! Thank you so much for this amazing contribution @hepsi204!
The implementation uses azure key vault and Azure devOps service connections.
fix #30