我试图为下面所示的输出创建变量,以便我可以在builddefinition yml中使用它。
我可以手动获得SPN appID和存储访问键,但我想自动获得它作为地形设置的一部分。
使用这样的变量是行不通的,因为它不能硬编码默认定义中的值。还有别的办法吗?
variable "client_id" {
type = string
default = ""
description = "description"
}
任何帮助将不胜感激!
output "appid_tfazsp" {
value = data.azurerm_client_config.current.client_id
sensitive = true
}
output "pass_tfazsp" {
value = azuread_service_principal_password.tfazsp.value
sensitive = true
}
data "azurerm_storage_account" "SASPass" {
name = var.storageAccount_name
resource_group_name = azurerm_resource_group.rg_name.name
}
output "storage_account_SASPass" {
value = data.azurerm_storage_account.stg.primary_access_key
sensitive = true
}
BuildDefinition
trigger:
branches:
include:
- main
paths:
include:
- /Azure-Terraform/variables.tf
- /Azure-Terraform/main.tf
/Azure-Terraform/ado_variables.tf
pool:
vmImage: "ubuntu-latest"
variables:
- group: hawaVB
- name: state_file
value: tf-statefile.state
steps:
- task: ms-devlabs.custom-terraform-tasks.custom-terraform-installer-task.TerraformInstaller@0
displayName: 'Install Terraform'
- script: terraform version
displayName: Terraform Version
- script: az login --service-principal -u $(application_id) -p $(SPNPass) --tenant $(tenant_id)
displayName: 'Log Into Azure'
- script: terraform init -backend-config=resource_group_name=$(rg_name) -backend-config="storage_account_name=$(storageAccount_name)" -backend-config="container_name=$(cont_name)" -backend-config="access_key=$(SASPass)" -backend-config="key=$(state_file)"
displayName: "Terraform Init"
workingDirectory: $(System.DefaultWorkingDirectory)/Azure-Terraform
- script: terraform plan -var="client_id=$(application_id)" -var="SPNPass=$(SPNPass)" -var="tenant_id=$(tenant_id)" -var="subscription_id=$(subscription_id)" -var="VmAdminPass=$(VmAdminPass)" -out="out.plan"
displayName: Terraform Plan
workingDirectory: $(System.DefaultWorkingDirectory)/Azure-Terraform
- script: terraform apply out.plan
displayName: 'Terraform Apply'
workingDirectory: $(System.DefaultWorkingDirectory)/Azure-Terraform
尝试了各种方法将代码设置为将其用作变量,但没有go
更新管道:
trigger:
branches:
include:
- main
paths:
include:
- /TFAZ/variables.tf
- /TFAZ/main.tf
pool:
vmImage: "windows-latest"
variables:
- group: hawaVB
steps:
- task: ms-devlabs.custom-terraform-tasks.custom-terraform-installer-task.TerraformInstaller@0
displayName: 'Install Terraform'
- script: terraform version
displayName: Terraform Version
- task: PowerShell@1
inputs:
targetType: 'inline'
script: |
Write-Host "##vso[task.setvariable variable=storage_account_SASPass;isOutput=true]$(terraform output -raw outputvar)"
Write-Host "##vso[task.setvariable variable=pass_tfazsp;isOutput=true]$(terraform output -raw outputvar)"
Write-Host "##vso[task.setvariable variable=appid_tfazsp;isOutput=true]$(terraform output -raw outputvar)"
workingDirectory: $(System.DefaultWorkingDirectory)/TFAZ
- script: az login --service-principal -u $(appid_tfazsp) -p $(pass_tfazsp) --tenant $(tenant_id)
displayName: 'Log Into Azure'
- script: terraform init -backend-config=resource_group_name=$(rg_name) -backend-config="storage_account_name=$(storageAccount_name)" -backend-config="container_name=$(cont_name)" -backend-config="access_key=$(storage_account_SASPass)" -backend-config="key=$(state_file)"
displayName: "Terraform Init"
workingDirectory: $(System.DefaultWorkingDirectory)/TFAZ
- script: terraform plan -var=$(appid_tfazsp) -var="$(pass_tfazsp)" -var="tenant_id=$(tenant_id)" -var="subscription_id=$(subscription_id)" -var=$(VMAdminPass) -out="out.plan"
displayName: Terraform Plan
workingDirectory: $(System.DefaultWorkingDirectory)/TFAZ
- script: terraform apply out.plan
displayName: 'Terraform Apply'
workingDirectory: $(System.DefaultWorkingDirectory)/TFAZ
如果我正确理解了你的问题,我相信这里的文档可能对你有一些用处。您可以使用task.setvariable在管道执行期间分配变量,这些变量可以在以后的步骤、作业或阶段中访问,这取决于您选择的级别。