Thomas Thornton – Microsoft Azure MVP – HashiCorp Ambassador

Microsoft Azure Blog – Microsoft MVP

Creating Terraform Variables from Azure DevOps Pipeline Variables

on by 2 Comments

Deploying Terraform using an Azure DevOps pipeline, you can use pipeline variables as part of your Terraform variables, in this blog post I will show you how.

With Terraform, you are probably using .tfvars if deploying the multiple environments – awesome! There may be a time that you want to change a variable or have a static variable that can be changed on a pipeline run, potentially on a trigger or templating pipelines.

Lets have a look at how this can be achieved

The initial pipeline setup

Before we look at creating Terraform variables from Azure DevOps pipeline variables, lets look at the initial pipeline that can be found here

In this example, I will focus primarily on the plan for now – it gives a quick feedback to show in my demo. Looking at this initial task, notice the command options is referencing a .tfvars file?

      - task: TerraformTaskV2@2
        displayName: 'plan'
        inputs:
          provider: 'azurerm'
          command: 'plan'
          commandOptions: '-input=false -var-file="../terraform/environments/$(Environment)/$(Environment).tfvars"'
          environmentServiceNameAzureRM: 'thomasthorntoncloud'
          workingDirectory: '$(System.DefaultWorkingDirectory)/terraform/'

.tfvars consists of 3 variables found here: 

name        = "tamops"
location    = "uksouth"
environment = "production"

With a successful terraform plan in Azure DevOps we can see:

  + resource "azurerm_resource_group" "acr_resource_group" {
      + id       = (known after apply)
      + location = "uksouth"
      + name     = "tamops-rg"
      + tags     = {
          + "Environment" = "production"
        }
    }

Pipeline with Azure DevOps Variables to Terraform Variables

A simple addition, looking at the variables within the pipeline – as an example, I want to Terraform to use the var.name & var.environment that has been declared from the Azure DevOps pipeline.

Reviewing the variables created in the pipeline, notice environment & name is the same values from the previous .tfvars? (these two variables have been removed from .tfvars):

variables:
  - name: backendServiceArm
    value: 'thomasthorntoncloud'
  - name: backendAzureRmResourceGroupName
    value: 'thomasthorntoncloud'
  - name: backendAzureRmStorageAccountName
    value: 'thomasthorntontfstate'
  - name: backendAzureRmContainerName
    value: 'adovariableottf'
  - name: backendAzureRmKey
    value: 'terraform.tfstate'
  - name: environment
    value: 'production'
  - name: name
    value: 'tamops'

Now, looking at the terraform plan task:

      - task: TerraformTaskV2@2
        displayName: 'plan'
        inputs:
          provider: 'azurerm'
          command: 'plan'
          commandOptions: '-input=false -var name=$(name) -var environment=$(Environment) -var-file="../terraform/environments/$(Environment)/$(Environment)-ado-variables.tfvars"'
          environmentServiceNameAzureRM: 'thomasthorntoncloud'
          workingDirectory: '$(System.DefaultWorkingDirectory)/terraform/'

Notice commandOptions now includes both -var & -var-file? The pipeline variables have been passed into the Terraform configuration using -var

Reviewing another terraform plan, we can see the exact same plan as previously shown:

  # azurerm_resource_group.acr_resource_group will be created
  + resource "azurerm_resource_group" "acr_resource_group" {
      + id       = (known after apply)
      + location = "uksouth"
      + name     = "tamops-rg"
      + tags     = {
          + "Environment" = "production"
        }
    }

Awesome! A simple but very useful tip to assist you in your Azure DevOps & Terraform journey 🙂

Initial Pipeline here

Pipeline using Azure DevOps variables with Terraform

Full code used in this blog post

As always, thanks for viewing – check out my other content!

2 comments

  1. Hi Thomas, I very much like yur content! One question. If I run terraform locally and have a .tfvars in the directory from where I execute terraform commands, it just works. Looking at your first code snippet one line 6 your providing explicitly the path to the .tfvars with -var-file. Why? I mean, I don’t fully understand why I have to tell explicitly where it is located. Can’t this work just as with running terraform locally ?

    Reply

    1. Hi Adam,

      I specify the -var-file as quite often, you would have your var files in specific folders or location(s) for specific environments..
      Such as production, AAT, test, ITHC, dev etc!

      Its to cater for an avenue like that, when you develop from this blog. Hope that answers your question

      Thanks

      Thomas

      Reply

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s