Now that we’ve got the Terraform part sorted, we’d like to take this project to a logical conclusion and build a reusable template for our future endeavors.
Our initial idea was to write a small console app that would gather parameters and make all API calls. But this repository got us thinking, that it’s way more efficient to be able to just run the script off GitHub. So, we went to the drawing board and ended up with a Bash script. It ain’t much but it’s honest work.
Ultimately the script goes to create an ADO Project, imports its own GitHub repo into a newly created project and proceeds to set up the pipeline.
With this tooling, we can now automate most of our process. We’d start by obtaining the parameters and setting up required credentials:
- In ADO we’ll need to create and grab a PAT of a user with permissions to manage the organization
2. In target Azure environment we need to start with finding the tenant id
- While we’re collecting intel, we’d also grab target Subscription Name and Id.
- Next step would be creating a Service Principal for Terraform.
6. Finally, it’s good practice to name Azure resources in such a way that it makes sense later. We come up with a distinct prefix for Terraform state storage account. Since storage accounts have strict naming policies, our prefix must be 2-13 characters long and must only contain alphanumerics.
Once all prep work is done, running script should produce an ADO project:
This repository gives us a good starting point in our engagements with clients using ADO. As more clients start to pick GitHub as their platform of choice, we may have to upgrade it to use Actions. Until then, happy infrastructure-as-coding!