Azure Terraform(十)利用 Azure DevOps 的條件語句選擇發佈環境

一,引言

  之前我講過的所有的案例中,都是將整個Azure Resource 部署到同一個訂閱下,沒有做到靈活的在 Azure Pipeline 在運行前選擇需要部署的環境。在實際的項目開發中,我們也會遇到將這些基礎設施資源驗證完成後,分別部署到 DEV,UAT,PRD 等多個環境 。那麼我們就帶着個整個問題開始今天的分析。

-------------------- 我是分割線 --------------------

--------------------Azure Terraform 系列--------------------

1,Azure Terraform(一)入門簡介

2,Azure Terraform(二)語法詳解

3,Azure Terraform(三)部署 Web 應用程序

4,Azure Terraform(四)狀態文件存儲

5,Azure Terraform(五)利用Azure DevOps 實現自動化部署基礎資源

6,Azure Terraform(六)Common Module

7,Azure Terraform(七)利用Azure DevOps 實現自動化部署基礎資源(補充)

8,Azure Terraform(八)利用Azure DevOps 實現Infra資源和.NET CORE Web 應用程序的持續集成、持續部署

9,Azure Terraform(九)利用 Azure DevOps Pipeline 的審批來控制流程發佈

10,Azure Terraform(十)利用 Azure DevOps 的條件語句選擇發佈環境

二,正文

1,Azure DevOps Pipeline 中的條件語句

首先我們需要先定義參數,以便在 Pipeline 運行的時候進行選擇哪個環境

parameters:
  - name: deployEnv
    displayName: Select a Deployment Environment???
    type: string
    default: 'dev'
    values:
    - dev
    - uat
    - prd

接下來設置條件語句的變量的值可以根據 “deployEnv” 的值變化

variables:
  - name: tf_version
    value: 'latest'
  - name: env_name
    ${{ if eq(parameters['deployEnv'],'dev') }}:
      value: 'dev'
    ${{elseif eq(parameters['DeployEnv'],'uat') }}:
      value: 'uat'
    ${{elseif eq(parameters['DeployEnv'],'prd') }}:
      value: 'prd'

以上兩段代碼我們不難看出,veriables.env_name 的值取決於 parameters.deployEnv 的值,再經過條件語句的過濾,重新賦值

複製以上兩段代碼到 azure-pipelines.yml 中

azure-pipeline.yml 完整代碼

  1 # Starter pipeline
  2 # Start with a minimal pipeline that you can customize to build and deploy your code.
  3 # Add steps that build, run tests, deploy, and more:
  4 # https://aka.ms/yaml
  5 
  6 trigger:
  7 - remote_stats
  8 
  9 pool:
 10   vmImage: ubuntu-latest
 11 
 12 parameters:
 13   - name: deployEnv
 14     displayName: Selecting a Deployment Environment???
 15     type: string
 16     default: 'dev'
 17     values:
 18     - dev
 19     - uat
 20     - prd
 21   
 22 variables:
 23   - name: tf_version
 24     value: 'latest'
 25   - name: env_name
 26     ${{ if eq(parameters['deployEnv'],'dev') }}:
 27       value: 'dev'
 28     ${{elseif eq(parameters['DeployEnv'],'uat') }}:
 29       value: 'uat'
 30     ${{elseif eq(parameters['DeployEnv'],'prd') }}:
 31       value: 'prd'
 32 
 33 stages:
 34 - stage: script
 35   jobs:
 36    - job: azure_cli_script
 37      steps: 
 38       - task: AzureCLI@2
 39         displayName: 'Azure CLI :Create Storage Account,Key Vault And Set KeyVault Secret'
 40         inputs:
 41           azureSubscription: 'Microsoft Azure Subscription(xxxx-xxx-xxx-xxxx)'
 42           scriptType: 'bash'
 43           scriptLocation: 'inlineScript'
 44           inlineScript: |
 45               # create azure resource group
 46               az group create --location eastasia --name $(terraform_rg)
 47       
 48               # create azure storage account
 49               az storage account create --name $(storage_account) --resource-group $(terraform_rg) --location eastasia --sku Standard_LRS
 50       
 51               # create storage account container for tf state 
 52               az storage container create --name $(storage_account_container) --account-name $(storage_account)
 53       
 54               # query storage key and set variable
 55               ACCOUNT_KEY=$(az storage account keys list --resource-group $(terraform_rg) --account-name $(storage_account) --query "[?keyName == 'key1'][value]" --output tsv)
 56       
 57               # create azure keyvault
 58               az keyvault create --name $(keyvault) --resource-group $(terraform_rg) --location eastasia --enable-soft-delete false
 59       
 60               # set keyvault secret,secret value is ACCOUNT_KEY
 61               az keyvault secret set --name $(keyvault_sc) --vault-name $(keyvault)  --value $ACCOUNT_KEY
 62        
 63       - task: AzureKeyVault@2
 64         displayName: 'Azure Key Vault :Get Storage Access Secret'
 65         inputs:
 66           azureSubscription: 'Microsoft Azure Subscription(xxxx-xxx-xxx-xxxx)'
 67           KeyVaultName: '$(keyvault)'
 68           SecretsFilter: 'terraform-stste-storage-key'
 69           RunAsPreJob: false
 70 
 71 - stage: terraform_validate
 72   jobs:
 73   - job: terraform_validate
 74     steps:
 75     - task: TerraformInstaller@0
 76       inputs:
 77         terraformVersion: ${{variables.tf_version}}
 78     - task: TerraformTaskV2@2
 79       displayName: 'terraform init'
 80       inputs:
 81         provider: 'azurerm'
 82         command: 'init'
 83         # commandOptions: '-backend-config="access_key=$(terraform-stste-storage-key)"'
 84         backendServiceArm: 'Microsoft Azure Subscription(xxxx-xxx-xxx-xxxx)'
 85         backendAzureRmResourceGroupName: $(terraform_rg)
 86         backendAzureRmStorageAccountName: $(storage_account)
 87         backendAzureRmContainerName: $(storage_account_container)
 88         backendAzureRmKey: $(container_key)
 89         workingDirectory: '$(System.DefaultWorkingDirectory)/src/model/'
 90     - task: TerraformTaskV2@2
 91       inputs:
 92         provider: 'azurerm'
 93         command: 'validate'
 94         workingDirectory: '$(System.DefaultWorkingDirectory)/src/model/'
 95 
 96 - stage: terraform_plan
 97   dependsOn: [terraform_validate]
 98   condition: succeeded('terraform_validate')
 99   jobs:
100     - job: terraform_plan
101       steps:
102         - task: TerraformInstaller@0
103           inputs:
104             terraformVersion: ${{ variables.tf_version }}
105         - task: TerraformTaskV2@2
106           displayName: 'terraform init'
107           inputs:
108             provider: 'azurerm'
109             command: 'init'
110             # commandOptions: '-backend-config="access_key=$(terraform-stste-storage-key)"'
111             backendServiceArm: 'Microsoft Azure Subscription(xxxx-xxx-xxx-xxxx)'
112             backendAzureRmResourceGroupName: $(terraform_rg)
113             backendAzureRmStorageAccountName: $(storage_account)
114             backendAzureRmContainerName: $(storage_account_container)
115             backendAzureRmKey: $(container_key)
116             workingDirectory: '$(System.DefaultWorkingDirectory)/src/model/'
117         - task: TerraformTaskV2@2
118           inputs:
119             provider: 'azurerm'
120             command: 'plan'
121             environmentServiceNameAzureRM: 'Microsoft Azure Subscription(xxxx-xxx-xxx-xxxx)'
122             workingDirectory: '$(System.DefaultWorkingDirectory)/src/model/'
123 
124 - stage: terraform_apply
125   dependsOn: [terraform_plan]
126   condition: succeeded('terraform_plan')
127   jobs:
128     - deployment: terraform_apply
129       continueOnError: false
130       environment: 'Approve_Production'
131       timeoutInMinutes: 120
132       strategy:
133        runOnce:
134         deploy:
135           steps:
136             - checkout: self
137             - task: TerraformInstaller@0
138               inputs:
139                 terraformVersion: ${{ variables.tf_version }}
140             - task: TerraformTaskV2@2
141               displayName: 'terraform init'
142               inputs:
143                 provider: 'azurerm'
144                 command: 'init'
145                 # commandOptions: '-backend-config="access_key=$(terraform-stste-storage-key)"'
146                 backendServiceArm: 'Microsoft Azure Subscription(xxxx-xxx-xxx-xxxx)'
147                 backendAzureRmResourceGroupName: $(terraform_rg)
148                 backendAzureRmStorageAccountName: $(storage_account)
149                 backendAzureRmContainerName: $(storage_account_container)
150                 backendAzureRmKey: $(container_key)
151                 workingDirectory: '$(System.DefaultWorkingDirectory)/src/model/'
152             - task: TerraformTaskV2@2
153               inputs:
154                 provider: 'azurerm'
155                 command: 'plan'
156                 environmentServiceNameAzureRM: 'Microsoft Azure Subscription(xxxx-xxx-xxx-xxxx)'
157                 workingDirectory: '$(System.DefaultWorkingDirectory)/src/model/'
158             - task: TerraformTaskV2@2
159               inputs:
160                 provider: 'azurerm'
161                 command: 'apply'
162                 commandOptions: '-auto-approve'
163                 environmentServiceNameAzureRM: 'Microsoft Azure Subscription(xxxx-xxx-xxx-xxxx)'
164                 workingDirectory: '$(System.DefaultWorkingDirectory)/src/model/'
165 
166 # - stage: terraform_apply
167 #   dependsOn: [terraform_plan]
168 #   condition: succeeded('terraform_plan')
169 #   jobs:
170 #     - job: terraform_apply
171 #       steps:
172 #         - task: TerraformInstaller@0
173 #           inputs:
174 #             terraformVersion: ${{ variables.tf_version }}
175 #         - task: TerraformTaskV2@2
176 #           displayName: 'terraform init'
177 #           inputs:
178 #             provider: 'azurerm'
179 #             command: 'init'
180 #             # commandOptions: '-backend-config="access_key=$(terraform-stste-storage-key)"'
181 #             backendServiceArm: 'Microsoft Azure Subscription(xxxx-xxx-xxx-xxxx)'
182 #             backendAzureRmResourceGroupName: $(terraform_rg)
183 #             backendAzureRmStorageAccountName: $(storage_account)
184 #             backendAzureRmContainerName: $(storage_account_container)
185 #             backendAzureRmKey: $(container_key)
186 #             workingDirectory: '$(System.DefaultWorkingDirectory)/src/model/'
187 #         - task: TerraformTaskV2@2
188 #           inputs:
189 #             provider: 'azurerm'
190 #             command: 'plan'
191 #             environmentServiceNameAzureRM: 'Microsoft Azure Subscription(xxxx-xxx-xxx-xxxx)'
192 #             workingDirectory: '$(System.DefaultWorkingDirectory)/src/model/'
193 #         - task: TerraformTaskV2@2
194 #           inputs:
195 #             provider: 'azurerm'
196 #             command: 'apply'
197 #             commandOptions: '-auto-approve'
198 #             environmentServiceNameAzureRM: 'Microsoft Azure Subscription(xxxx-xxx-xxx-xxxx)'
199 #             workingDirectory: '$(System.DefaultWorkingDirectory)/src/model/'
200 
201 - stage: terraform_destroy
202   dependsOn: [terraform_apply]
203   condition: succeeded('terraform_apply')
204   jobs:
205     - job: terraform_destroy
206       steps:
207         - task: TerraformInstaller@0
208           inputs:
209             terraformVersion: ${{ variables.tf_version }}
210         - task: TerraformTaskV2@2
211           displayName: 'terraform init'
212           inputs:
213             provider: 'azurerm'
214             command: 'init'
215             # commandOptions: '-backend-config="access_key=$(terraform-stste-storage-key)"'
216             backendServiceArm: 'Microsoft Azure Subscription(xxxx-xxx-xxx-xxxx)'
217             backendAzureRmResourceGroupName: $(terraform_rg)
218             backendAzureRmStorageAccountName: $(storage_account)
219             backendAzureRmContainerName: $(storage_account_container)
220             backendAzureRmKey: $(container_key)
221             workingDirectory: '$(System.DefaultWorkingDirectory)/src/model/'
222         - task: TerraformTaskV2@2
223           inputs:
224             provider: 'azurerm'
225             command: 'plan'
226             environmentServiceNameAzureRM: 'Microsoft Azure Subscription(xxxx-xxx-xxx-xxxx)'
227             workingDirectory: '$(System.DefaultWorkingDirectory)/src/model/'
228         - task: TerraformTaskV2@2
229           inputs:
230             provider: 'azurerm'
231             command: 'destroy'
232             commandOptions: '-auto-approve'
233             environmentServiceNameAzureRM: 'Microsoft Azure Subscription(xxxx-xxx-xxx-xxxx)'
234             workingDirectory: '$(System.DefaultWorkingDirectory)/src/model/'

2,Azure Pipeline 條件語句運行效果

保存完 yml 文件後,點擊 ”Run“,手動觸發 Pipeline 管道

可以看到除了默認 Run pipeline 的默認分支,還需要選擇我們自定義的 Parameters-----"deployEnv"

bingo !!  我們的目的已經達到了。通過這種條件語句的判定,我們就可以做一些部署變量的替換,從而達到部署不同環境的目的了。

三,結尾

  以上內容,大家多做做練習。下一篇,我們繼續介紹多環境部署Azure Pipeline

參考資料:Terraform 官方Azure Pipeline 文檔

Terraform_Cnbate_Traffic_Manager github Address:https://github.com/yunqian44/Terraform_Cnbate_Traffic_Manager

歡迎大家關注博主的博客:https://allenmasters.com/

作者:Allen 

版權:轉載請在文章明顯位置註明作者及出處。如發現錯誤,歡迎批評指正。

發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章