pipelines/vdc-terraform-apply-nobackend.yml

# This pipeline performs a full CI test of the VDC:
#  - Provision infrastructure
#  - Destroy infrastructure
# This CI pieline has as few dependencies as possible

trigger: none

pr:
  branches:
    include:
    - '*'
  paths:
    exclude:
    - '.devcontainer/*'  
    - '*.md'  
    - '*.png'  
    - '*.svg'  
    - '*.vsdx'  
    
schedules:
  - cron: '0 22 * * Tue,Thu,Sun'
    displayName: 'Daily early morning build (UTC)'
    # Run if there are no changes
    always: 'true'
    branches:
      include:
      - master

# Global variables shared by all jobs
variables:
- name: 'TF_IN_AUTOMATION'
  value: 'true'
- name: 'TF_INPUT'
  value: 0
- name: 'TF_VAR_resource_suffix'
  value: 'b$(Build.BuildId)'

# Inline variables shared across jobs
- name: 'jobTimeOutMinutes'
  value: 120
- name: 'scriptDirectory'
  value: '$(Build.SourcesDirectory)/scripts'
- name: 'terraformDirectory'
  value: '$(Build.SourcesDirectory)/terraform'

jobs:
- job: 'Prepare'
  displayName: 'Prepare'
  condition: succeeded()
  timeoutInMinutes: $[ variables['jobTimeOutMinutes'] ]

  pool:
    vmImage: 'ubuntu-latest'

  workspace:
    clean: all

  steps:
    - task: AzureCLI@2
      displayName: 'Gather Terraform settings'
      name: terraformConfig
      inputs:
        azureSubscription: '$(subscriptionConnection)'
        scriptType: 'pscore'
        scriptLocation: 'inlineScript'
        inlineScript: |
          # List environment variables
          Get-ChildItem -Path Env: -Recurse -Include ARM_*,TF_* | Sort-Object -Property Name
        
          # This will write version info as output variable
          $(scriptDirectory)/get_tf_version.ps1 -version preferred
        addSpnToEnvironment: true
        useGlobalConfig: true
        workingDirectory: '$(scriptDirectory)'
        failOnStandardError: true

# Provision on self-hosted agent
- job: 'Provision'
  dependsOn: Prepare
  displayName: 'Provision Infrastructure with Terraform'
  condition: succeeded()
  timeoutInMinutes: $[ variables['jobTimeOutMinutes'] ]

  variables:
    # Use earlier prepared Terraform config
    terraformVersion: $[ dependencies.Prepare.outputs['terraformConfig.version'] ]

  pool:
    vmImage: 'ubuntu-latest'

  workspace:
    clean: all

  steps:
    # We could do this with tfenv, however there is no task for that
    - task: TerraformInstaller@0
      displayName: 'Use preferred Terraform version'
      inputs:
        terraformVersion: '$(terraformVersion)'

    - task: AzureCLI@2
      displayName: 'Terraform init, apply & destroy'
      name: terraformConfig
      inputs:
        azureSubscription: '$(subscriptionConnection)'
        scriptType: 'pscore'
        scriptLocation: 'inlineScript'
        inlineScript: |
          $(scriptDirectory)/tf_deploy.ps1 -init -nobackend -apply -destroy -force
        addSpnToEnvironment: true
        useGlobalConfig: true
        workingDirectory: '$(scriptDirectory)'
        failOnStandardError: true
        retryCountOnTaskFailure: 3
      env:
        TF_VAR_default_create_timeout: '$(jobTimeOutMinutes)m'
        TF_VAR_default_delete_timeout: '$(jobTimeOutMinutes)m'
        TF_VAR_resource_suffix: $(TF_VAR_resource_suffix) # Fix case
    
# Clean up resources, in the event 'terraform destroy' fails   
- job: 'CleanUp'
  dependsOn:
    - Prepare
    - Provision
  displayName: 'Clean Up'
  # Run if Terraform provision or destroy failed, or the whole pipeline was canceled
  condition: or(ne(dependencies.Provision.result, 'Succeeded'), canceled())
  timeoutInMinutes: $[ variables['jobTimeOutMinutes'] ]

  variables:
    # Use earlier prepared Terraform config
    terraformVersion: $[ dependencies.Prepare.outputs['terraformConfig.version'] ]

  pool:
    vmImage: 'ubuntu-latest'

  workspace:
    clean: all

  steps:
    # Clear Terraform workspace, just in case
    # As a last resort, this also destroys any resources that may not have deleted before
    - task: AzureCLI@2
      name: terraform
      displayName: 'Clear Terraform workspace'
      condition: succeededOrFailed()
      enabled: true
      inputs:
        azureSubscription: '$(subscriptionConnection)'
        scriptType: pscore
        scriptLocation: inlineScript
        inlineScript: |
          $(scriptDirectory)/erase.ps1 -suffix $(TF_VAR_resource_suffix) -destroy -force -wait -timeoutminutes $(jobTimeOutMinutes)
        addSpnToEnvironment: false
        useGlobalConfig: true
        failOnStandardError: true
        workingDirectory: '$(terraformDirectory)'