一,引言
之前我講過的所有的案例中,都是將整個Azure Resource 部署到同一個訂閱下,沒有做到靈活的在 Azure Pipeline 在執行前選擇需要部署的環境。在實際的專案開發中,我們也會遇到將這些基礎設施資源驗證完成後,分別部署到 DEV,UAT,PRD 等多個環境 。那麼我們就帶著個整個問題開始今天的分析。
-------------------- 我是分割線 --------------------
--------------------Azure Terraform 系列--------------------
1,Azure Terraform(一)入門簡介
2,Azure Terraform(二)語法詳解
3,Azure Terraform(三)部署 Web 應用程式
4,Azure Terraform(四)狀態檔案儲存
5,Azure Terraform(五)利用Azure DevOps 實現自動化部署基礎資源
6,Azure Terraform(六)Common Module
7,Azure Terraform(七)利用Azure DevOps 實現自動化部署基礎資源(補充)
8,Azure Terraform(八)利用Azure DevOps 實現Infra資源和.NET CORE Web 應用程式的持續整合、持續部署
9,Azure Terraform(九)利用 Azure DevOps Pipeline 的審批來控制流程釋出
10,Azure Terraform(十)利用 Azure DevOps 的條件語句選擇釋出環境
二,正文
1,Azure DevOps Pipeline 中的條件語句
首先我們需要先定義引數,以便在 Pipeline 執行的時候進行選擇哪個環境
parameters:
- name: deployEnv
displayName: Select a Deployment Environment???
type: string
default: 'dev'
values:
- dev
- uat
- prd
接下來設定條件語句的變數的值可以根據 “deployEnv” 的值變化
variables:
- name: tf_version
value: 'latest'
- name: env_name
${{ if eq(parameters['deployEnv'],'dev') }}:
value: 'dev'
${{elseif eq(parameters['DeployEnv'],'uat') }}:
value: 'uat'
${{elseif eq(parameters['DeployEnv'],'prd') }}:
value: 'prd'
以上兩段程式碼我們不難看出,veriables.env_name 的值取決於 parameters.deployEnv 的值,再經過條件語句的過濾,重新賦值
複製以上兩段程式碼到 azure-pipelines.yml 中
azure-pipeline.yml 完整程式碼
1 # Starter pipeline 2 # Start with a minimal pipeline that you can customize to build and deploy your code. 3 # Add steps that build, run tests, deploy, and more: 4 # https://aka.ms/yaml 5 6 trigger: 7 - remote_stats 8 9 pool: 10 vmImage: ubuntu-latest 11 12 parameters: 13 - name: deployEnv 14 displayName: Selecting a Deployment Environment??? 15 type: string 16 default: 'dev' 17 values: 18 - dev 19 - uat 20 - prd 21 22 variables: 23 - name: tf_version 24 value: 'latest' 25 - name: env_name 26 ${{ if eq(parameters['deployEnv'],'dev') }}: 27 value: 'dev' 28 ${{elseif eq(parameters['DeployEnv'],'uat') }}: 29 value: 'uat' 30 ${{elseif eq(parameters['DeployEnv'],'prd') }}: 31 value: 'prd' 32 33 stages: 34 - stage: script 35 jobs: 36 - job: azure_cli_script 37 steps: 38 - task: AzureCLI@2 39 displayName: 'Azure CLI :Create Storage Account,Key Vault And Set KeyVault Secret' 40 inputs: 41 azureSubscription: 'Microsoft Azure Subscription(xxxx-xxx-xxx-xxxx)' 42 scriptType: 'bash' 43 scriptLocation: 'inlineScript' 44 inlineScript: | 45 # create azure resource group 46 az group create --location eastasia --name $(terraform_rg) 47 48 # create azure storage account 49 az storage account create --name $(storage_account) --resource-group $(terraform_rg) --location eastasia --sku Standard_LRS 50 51 # create storage account container for tf state 52 az storage container create --name $(storage_account_container) --account-name $(storage_account) 53 54 # query storage key and set variable 55 ACCOUNT_KEY=$(az storage account keys list --resource-group $(terraform_rg) --account-name $(storage_account) --query "[?keyName == 'key1'][value]" --output tsv) 56 57 # create azure keyvault 58 az keyvault create --name $(keyvault) --resource-group $(terraform_rg) --location eastasia --enable-soft-delete false 59 60 # set keyvault secret,secret value is ACCOUNT_KEY 61 az keyvault secret set --name $(keyvault_sc) --vault-name $(keyvault) --value $ACCOUNT_KEY 62 63 - task: AzureKeyVault@2 64 displayName: 'Azure Key Vault :Get Storage Access Secret' 65 inputs: 66 azureSubscription: 'Microsoft Azure Subscription(xxxx-xxx-xxx-xxxx)' 67 KeyVaultName: '$(keyvault)' 68 SecretsFilter: 'terraform-stste-storage-key' 69 RunAsPreJob: false 70 71 - stage: terraform_validate 72 jobs: 73 - job: terraform_validate 74 steps: 75 - task: TerraformInstaller@0 76 inputs: 77 terraformVersion: ${{variables.tf_version}} 78 - task: TerraformTaskV2@2 79 displayName: 'terraform init' 80 inputs: 81 provider: 'azurerm' 82 command: 'init' 83 # commandOptions: '-backend-config="access_key=$(terraform-stste-storage-key)"' 84 backendServiceArm: 'Microsoft Azure Subscription(xxxx-xxx-xxx-xxxx)' 85 backendAzureRmResourceGroupName: $(terraform_rg) 86 backendAzureRmStorageAccountName: $(storage_account) 87 backendAzureRmContainerName: $(storage_account_container) 88 backendAzureRmKey: $(container_key) 89 workingDirectory: '$(System.DefaultWorkingDirectory)/src/model/' 90 - task: TerraformTaskV2@2 91 inputs: 92 provider: 'azurerm' 93 command: 'validate' 94 workingDirectory: '$(System.DefaultWorkingDirectory)/src/model/' 95 96 - stage: terraform_plan 97 dependsOn: [terraform_validate] 98 condition: succeeded('terraform_validate') 99 jobs: 100 - job: terraform_plan 101 steps: 102 - task: TerraformInstaller@0 103 inputs: 104 terraformVersion: ${{ variables.tf_version }} 105 - task: TerraformTaskV2@2 106 displayName: 'terraform init' 107 inputs: 108 provider: 'azurerm' 109 command: 'init' 110 # commandOptions: '-backend-config="access_key=$(terraform-stste-storage-key)"' 111 backendServiceArm: 'Microsoft Azure Subscription(xxxx-xxx-xxx-xxxx)' 112 backendAzureRmResourceGroupName: $(terraform_rg) 113 backendAzureRmStorageAccountName: $(storage_account) 114 backendAzureRmContainerName: $(storage_account_container) 115 backendAzureRmKey: $(container_key) 116 workingDirectory: '$(System.DefaultWorkingDirectory)/src/model/' 117 - task: TerraformTaskV2@2 118 inputs: 119 provider: 'azurerm' 120 command: 'plan' 121 environmentServiceNameAzureRM: 'Microsoft Azure Subscription(xxxx-xxx-xxx-xxxx)' 122 workingDirectory: '$(System.DefaultWorkingDirectory)/src/model/' 123 124 - stage: terraform_apply 125 dependsOn: [terraform_plan] 126 condition: succeeded('terraform_plan') 127 jobs: 128 - deployment: terraform_apply 129 continueOnError: false 130 environment: 'Approve_Production' 131 timeoutInMinutes: 120 132 strategy: 133 runOnce: 134 deploy: 135 steps: 136 - checkout: self 137 - task: TerraformInstaller@0 138 inputs: 139 terraformVersion: ${{ variables.tf_version }} 140 - task: TerraformTaskV2@2 141 displayName: 'terraform init' 142 inputs: 143 provider: 'azurerm' 144 command: 'init' 145 # commandOptions: '-backend-config="access_key=$(terraform-stste-storage-key)"' 146 backendServiceArm: 'Microsoft Azure Subscription(xxxx-xxx-xxx-xxxx)' 147 backendAzureRmResourceGroupName: $(terraform_rg) 148 backendAzureRmStorageAccountName: $(storage_account) 149 backendAzureRmContainerName: $(storage_account_container) 150 backendAzureRmKey: $(container_key) 151 workingDirectory: '$(System.DefaultWorkingDirectory)/src/model/' 152 - task: TerraformTaskV2@2 153 inputs: 154 provider: 'azurerm' 155 command: 'plan' 156 environmentServiceNameAzureRM: 'Microsoft Azure Subscription(xxxx-xxx-xxx-xxxx)' 157 workingDirectory: '$(System.DefaultWorkingDirectory)/src/model/' 158 - task: TerraformTaskV2@2 159 inputs: 160 provider: 'azurerm' 161 command: 'apply' 162 commandOptions: '-auto-approve' 163 environmentServiceNameAzureRM: 'Microsoft Azure Subscription(xxxx-xxx-xxx-xxxx)' 164 workingDirectory: '$(System.DefaultWorkingDirectory)/src/model/' 165 166 # - stage: terraform_apply 167 # dependsOn: [terraform_plan] 168 # condition: succeeded('terraform_plan') 169 # jobs: 170 # - job: terraform_apply 171 # steps: 172 # - task: TerraformInstaller@0 173 # inputs: 174 # terraformVersion: ${{ variables.tf_version }} 175 # - task: TerraformTaskV2@2 176 # displayName: 'terraform init' 177 # inputs: 178 # provider: 'azurerm' 179 # command: 'init' 180 # # commandOptions: '-backend-config="access_key=$(terraform-stste-storage-key)"' 181 # backendServiceArm: 'Microsoft Azure Subscription(xxxx-xxx-xxx-xxxx)' 182 # backendAzureRmResourceGroupName: $(terraform_rg) 183 # backendAzureRmStorageAccountName: $(storage_account) 184 # backendAzureRmContainerName: $(storage_account_container) 185 # backendAzureRmKey: $(container_key) 186 # workingDirectory: '$(System.DefaultWorkingDirectory)/src/model/' 187 # - task: TerraformTaskV2@2 188 # inputs: 189 # provider: 'azurerm' 190 # command: 'plan' 191 # environmentServiceNameAzureRM: 'Microsoft Azure Subscription(xxxx-xxx-xxx-xxxx)' 192 # workingDirectory: '$(System.DefaultWorkingDirectory)/src/model/' 193 # - task: TerraformTaskV2@2 194 # inputs: 195 # provider: 'azurerm' 196 # command: 'apply' 197 # commandOptions: '-auto-approve' 198 # environmentServiceNameAzureRM: 'Microsoft Azure Subscription(xxxx-xxx-xxx-xxxx)' 199 # workingDirectory: '$(System.DefaultWorkingDirectory)/src/model/' 200 201 - stage: terraform_destroy 202 dependsOn: [terraform_apply] 203 condition: succeeded('terraform_apply') 204 jobs: 205 - job: terraform_destroy 206 steps: 207 - task: TerraformInstaller@0 208 inputs: 209 terraformVersion: ${{ variables.tf_version }} 210 - task: TerraformTaskV2@2 211 displayName: 'terraform init' 212 inputs: 213 provider: 'azurerm' 214 command: 'init' 215 # commandOptions: '-backend-config="access_key=$(terraform-stste-storage-key)"' 216 backendServiceArm: 'Microsoft Azure Subscription(xxxx-xxx-xxx-xxxx)' 217 backendAzureRmResourceGroupName: $(terraform_rg) 218 backendAzureRmStorageAccountName: $(storage_account) 219 backendAzureRmContainerName: $(storage_account_container) 220 backendAzureRmKey: $(container_key) 221 workingDirectory: '$(System.DefaultWorkingDirectory)/src/model/' 222 - task: TerraformTaskV2@2 223 inputs: 224 provider: 'azurerm' 225 command: 'plan' 226 environmentServiceNameAzureRM: 'Microsoft Azure Subscription(xxxx-xxx-xxx-xxxx)' 227 workingDirectory: '$(System.DefaultWorkingDirectory)/src/model/' 228 - task: TerraformTaskV2@2 229 inputs: 230 provider: 'azurerm' 231 command: 'destroy' 232 commandOptions: '-auto-approve' 233 environmentServiceNameAzureRM: 'Microsoft Azure Subscription(xxxx-xxx-xxx-xxxx)' 234 workingDirectory: '$(System.DefaultWorkingDirectory)/src/model/'
2,Azure Pipeline 條件語句執行效果
儲存完 yml 檔案後,點選 ”Run“,手動觸發 Pipeline 管道
可以看到除了預設 Run pipeline 的預設分支,還需要選擇我們自定義的 Parameters-----"deployEnv"
bingo !! 我們的目的已經達到了。通過這種條件語句的判定,我們就可以做一些部署變數的替換,從而達到部署不同環境的目的了。
三,結尾
以上內容,大家多做做練習。下一篇,我們繼續介紹多環境部署Azure Pipeline
參考資料:Terraform 官方,Azure Pipeline 文件
Terraform_Cnbate_Traffic_Manager github Address:https://github.com/yunqian44/Terraform_Cnbate_Traffic_Manager
歡迎大家關注博主的部落格:https://allenmasters.com/
作者:Allen
版權:轉載請在文章明顯位置註明作者及出處。如發現錯誤,歡迎批評指正。