我正在尝试为下面显示的输出创建变量,以便我可以在 buildefinition yml 中使用它。
我可以手动获取 SPN appID 和存储访问密钥,但我想将其作为 Terraform 设置的一部分自动获取。
像这样使用变量是行不通的,因为我无法在默认定义中对值进行硬编码。还有其他方法吗?
variable "client_id" {
type = string
default = ""
description = "description"
}
任何帮助将不胜感激!
输出
output "application_id" {
value = data.azurerm_client_config.current.client_id
sensitive = true
}
data "azurerm_storage_account" "SASPass" {
name = var.storageAccount_name
resource_group_name = azurerm_resource_group.rg_name.name
}
output "storage_account_SASPass" {
value = data.azurerm_storage_account.stg.primary_access_key
sensitive = true
}
构建定义
YAML
trigger:
branches:
include:
- main
paths:
include:
- /Azure-Terraform/variables.tf
- /Azure-Terraform/main.tf
/Azure-Terraform/ado_variables.tf
pool:
vmImage: "ubuntu-latest"
variables:
- group: hawaVB
- name: state_file
value: tf-statefile.state
steps:
- task: ms-devlabs.custom-terraform-tasks.custom-terraform-installer-task.TerraformInstaller@0
displayName: 'Install Terraform'
- script: terraform version
displayName: Terraform Version
- script: az login --service-principal -u $(application_id) -p $(SPNPass) --tenant $(tenant_id)
displayName: 'Log Into Azure'
- script: terraform init -backend-config=resource_group_name=$(rg_name) -backend-config="storage_account_name=$(storageAccount_name)" -backend-config="container_name=$(cont_name)" -backend-config="access_key=$(SASPass)" -backend-config="key=$(state_file)"
displayName: "Terraform Init"
workingDirectory: $(System.DefaultWorkingDirectory)/Azure-Terraform
- script: terraform plan -var="client_id=$(application_id)" -var="SPNPass=$(SPNPass)" -var="tenant_id=$(tenant_id)" -var="subscription_id=$(subscription_id)" -var="VmAdminPass=$(VmAdminPass)" -out="out.plan"
displayName: Terraform Plan
workingDirectory: $(System.DefaultWorkingDirectory)/Azure-Terraform
- script: terraform apply out.plan
displayName: 'Terraform Apply'
workingDirectory: $(System.DefaultWorkingDirectory)/Azure-Terraform
尝试了各种设置代码的方法以将其用作变量但没有成功