Commit 6c15a2ef authored by Daniel Scholl's avatar Daniel Scholl
Browse files

Customer docs

parent 21127be4
......@@ -3,6 +3,8 @@
##
## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore
k8-gitops-manifests/
.envrc*
*.output
......
This diff is collapsed.
# Copyright © Microsoft Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
parameters:
environment: ''
configuration: ''
forceRun: false
skipTests: false
aksAgentSshPublicKeyFilename: 'azure-aks-node-ssh-key.pub'
aksGitOpsSshPrivateKeyFilename: 'azure-aks-gitops-ssh-key'
jobs:
- job: Build_${{ parameters.configuration.jobName }}_${{ parameters.environment }}_ComputeWs
displayName: Initialize Build
pool: $(AGENT_POOL)
dependsOn: TemplateChangeDetection_${{ parameters.configuration.jobName }}_Build
condition: or(coalesce(variables.FORCE_RUN, ${{ parameters.forceRun }}), eq(dependencies.TemplateChangeDetection_${{ parameters.configuration.jobName }}_Build.outputs['${{ parameters.configuration.jobName }}.needs_cicd'], 'true'))
steps:
- template: tasks/tf-ws-compute.yml
parameters:
terraformWorkspacePrefix: ${{ parameters.configuration.terraformWorkspacePrefix }}
environmentName: ${{ parameters.environment }}
enablePrIsolation: ${{ parameters.enablePrIsolation }}
stepName: ComputeWs
- job: Build_${{ parameters.configuration.jobName }}_${{ parameters.environment }}
displayName: Execute Build
dependsOn: Build_${{ parameters.configuration.jobName }}_${{ parameters.environment }}_ComputeWs
pool: $(AGENT_POOL)
variables:
- group: 'Infrastructure Pipeline Variables'
- group: 'Infrastructure Pipeline Secrets - ${{ parameters.environment }}'
- group: 'Infrastructure Pipeline Variables - ${{ parameters.environment }}'
- name: TF_WORKSPACE_NAME
value: $[ dependencies.Build_${{ parameters.configuration.jobName }}_${{ parameters.environment }}_ComputeWs.outputs['ComputeWs.TF_WORKSPACE_NAME'] ]
- name: ARTIFACT_ROOT
value: '$(System.DefaultWorkingDirectory)/$(BUILD_ARTIFACT_NAME)'
- name: TERRAFORM_TEMPLATE_PATH
value: ${{ parameters.configuration.terraformTemplatePath }}
- name: TF_TEMPLATE_WORKING_DIR
value: '$(System.DefaultWorkingDirectory)/$(BUILD_ARTIFACT_NAME)/${{ parameters.configuration.terraformTemplatePath }}'
- name: TF_VAR_DATA_PARTITION_NAME
value: ${{ parameters.configuration.dataPartitionName }}
workspace:
clean: all
steps:
- task: DownloadBuildArtifacts@0
displayName: 'Pull Artifact'
inputs:
artifactName: $(BUILD_ARTIFACT_NAME)
downloadPath: '$(System.DefaultWorkingDirectory)'
- task: GoTool@0
displayName: 'Ensure Golang'
inputs:
version: '$(GO_VERSION)'
- template: tasks/tf-ws-create.yml
- template: tasks/tests-unit.yml
parameters:
skip: ${{ parameters.skipTests }}
- template: tasks/tf-plan.yml
parameters:
aksAgentSshPublicKeyFilename: ${{ parameters.aksAgentSshPublicKeyFilename }}
aksGitOpsSshPrivateKeyFilename: ${{ parameters.aksGitOpsSshPrivateKeyFilename }}
terraformWorkspacePrefix: ${{ parameters.configuration.terraformWorkspacePrefix }}
environmentName: ${{ parameters.environment }}
- task: CopyFiles@2
displayName: Copy TF state
inputs:
contents: '**'
sourceFolder: '$(System.DefaultWorkingDirectory)/$(BUILD_ARTIFACT_NAME)'
targetFolder: $(Build.ArtifactStagingDirectory)
- task: PublishBuildArtifacts@1
displayName: Push Artifact
inputs:
parallel: true
parallelCount: 8
artifactName: '$(BUILD_ARTIFACT_NAME)-$(TF_WORKSPACE_NAME)'
pathToPublish: $(Build.ArtifactStagingDirectory)
# Copyright © Microsoft Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
parameters:
environment: ''
configuration: ''
forceRun: false
skipTests: false
aksAgentSshPublicKeyFilename: 'azure-aks-node-ssh-key.pub'
aksGitOpsSshPrivateKeyFilename: 'azure-aks-gitops-ssh-key'
jobs:
- job: Provision_${{ parameters.configuration.jobName }}_${{ parameters.environment }}_ComputeWs
displayName: Initialize Deployment
pool: $(AGENT_POOL)
dependsOn: TemplateChangeDetection_${{ parameters.configuration.jobName }}_Deploy
condition: or(coalesce(variables.FORCE_RUN, ${{ parameters.forceRun }}), eq(dependencies.TemplateChangeDetection_${{ parameters.configuration.jobName }}_Deploy.outputs['${{ parameters.configuration.jobName }}.needs_cicd'], 'true'))
steps:
- template: tasks/tf-ws-compute.yml
parameters:
terraformWorkspacePrefix: ${{ parameters.configuration.terraformWorkspacePrefix }}
environmentName: ${{ parameters.environment }}
enablePrIsolation: ${{ parameters.enablePrIsolation }}
stepName: ComputeWs
- deployment: Provision_${{ parameters.configuration.jobName }}_${{ parameters.environment }}
displayName: Execute Deployment
pool: $(AGENT_POOL)
dependsOn: Provision_${{ parameters.configuration.jobName }}_${{ parameters.environment }}_ComputeWs
${{ if parameters.configuration.deploymentTimeoutInMinutes }}:
timeoutInMinutes: '${{ parameters.configuration.deploymentTimeoutInMinutes }}'
variables:
- group: 'Infrastructure Pipeline Variables - ${{ parameters.environment }}'
- name: TF_WORKSPACE_NAME
value: $[ dependencies.Provision_${{ parameters.configuration.jobName }}_${{ parameters.environment }}_ComputeWs.outputs['ComputeWs.TF_WORKSPACE_NAME'] ]
- name: RELEASE_ARTIFACT_NAME
value: $(BUILD_ARTIFACT_NAME)-$(TF_WORKSPACE_NAME)
- name: ARTIFACT_ROOT
value: '$(System.DefaultWorkingDirectory)/$(RELEASE_ARTIFACT_NAME)'
- name: TERRAFORM_TEMPLATE_PATH
value: ${{ parameters.configuration.terraformTemplatePath }}
- name: TF_TEMPLATE_WORKING_DIR
value: '$(System.DefaultWorkingDirectory)/$(RELEASE_ARTIFACT_NAME)/${{ parameters.configuration.terraformTemplatePath }}'
- name: TF_VAR_DATA_PARTITION_NAME
value: ${{ parameters.configuration.dataPartitionName }}
environment: ${{ parameters.environment }}
strategy:
runOnce:
deploy:
steps:
- download: none
- task: DownloadBuildArtifacts@0
displayName: 'Pull Artifact'
inputs:
artifactName: '$(RELEASE_ARTIFACT_NAME)'
downloadPath: '$(System.DefaultWorkingDirectory)'
- task: GoTool@0
displayName: 'Ensure Golang'
inputs:
version: '$(GO_VERSION)'
- template: tasks/tf-ws-create.yml
- template: tasks/tf-apply.yml
parameters:
aksAgentSshPublicKeyFilename: ${{ parameters.aksAgentSshPublicKeyFilename }}
aksGitOpsSshPrivateKeyFilename: ${{ parameters.aksGitOpsSshPrivateKeyFilename }}
terraformWorkspacePrefix: ${{ parameters.configuration.terraformWorkspacePrefix }}
- template: tasks/tests-int.yml
parameters:
skip: ${{ parameters.skipTests }}
- ${{ if containsValue(parameters.configuration.environmentsToTeardownAfterRelease, parameters.environment) }}:
- template: tasks/tf-destroy.yml
# Copyright © Microsoft Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
parameters:
environments: []
configurations: []
forceRun: false
aksAgentSshPublicKeyFilename: 'azure-aks-node-ssh-key.pub'
aksGitOpsSshPrivateKeyFilename: 'azure-aks-gitops-ssh-key'
stages:
- stage: PrepareStage
displayName: 'Prepare'
jobs:
- template: infra-validate-job.yml
- ${{ each environment in parameters.environments }}:
- stage: Environment_${{ environment.name }}
jobs:
# To avoid ADO rendering inconsistencies that seems to be caused by stages with empty jobs.
- job: Environment_${{ environment.name }}_Build
- ${{ each config in parameters.configurations }}:
- stage: ${{ config.jobName }}_${{ environment.name }}_Build
displayName: 'Build ${{ config.jobName }}-${{ environment.name }}'
dependsOn: Environment_${{ environment.name }}
jobs:
- job: TemplateChangeDetection_${{ config.jobName }}_Build
displayName: Analyze Changes
pool: $(AGENT_POOL)
steps:
- template: tasks/detect-cicd.yml
parameters:
terraformTemplatePath: ${{ config.terraformTemplatePath }}
jobName: ${{ config.jobName }}
- template: infra-build-stage.yml
parameters:
environment: ${{ environment.name }}
enablePrIsolation: ${{ environment.enablePrIsolation }}
resourceNameIsolationLevel: ${{ environment.resourceNameIsolationLevel }}
configuration: ${{ config }}
aksAgentSshPublicKeyFilename: ${{ parameters.aksAgentSshPublicKeyFilename }}
aksGitOpsSshPrivateKeyFilename: ${{ parameters.aksGitOpsSshPrivateKeyFilename }}
- stage: ${{ config.jobName }}_${{ environment.name }}_Deploy
dependsOn: ${{ config.jobName }}_${{ environment.name }}_Build
displayName: 'Deploy ${{ config.jobName }}-${{ environment.name }}'
jobs:
- job: TemplateChangeDetection_${{ config.jobName }}_Deploy
displayName: Analyze Changes
pool: $(AGENT_POOL)
steps:
- template: tasks/detect-cicd.yml
parameters:
terraformTemplatePath: ${{ config.terraformTemplatePath }}
jobName: ${{ config.jobName }}
- template: deploy-stage.yml
parameters:
environment: ${{ environment.name }}
enablePrIsolation: ${{ environment.enablePrIsolation }}
resourceNameIsolationLevel: ${{ environment.resourceNameIsolationLevel }}
configuration: ${{ config }}
aksAgentSshPublicKeyFilename: ${{ parameters.aksAgentSshPublicKeyFilename }}
aksGitOpsSshPrivateKeyFilename: ${{ parameters.aksGitOpsSshPrivateKeyFilename }}
# Copyright © Microsoft Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
jobs:
- job: validate_job
displayName: Code Validation
pool: $(AGENT_POOL)
workspace:
clean: all
steps:
- task: GoTool@0
displayName: 'Ensure Golang'
inputs:
version: '$(GO_VERSION)'
- template: tasks/lint-go.yml
- template: tasks/lint-tf.yml
- task: CopyFiles@2
displayName: Copy $(PIPELINE_ROOT_DIR)
inputs:
contents: $(PIPELINE_ROOT_DIR)/**/*
sourceFolder: $(Build.SourcesDirectory)
targetFolder: $(Build.ArtifactStagingDirectory)
- task: CopyFiles@2
displayName: Copy $(TF_ROOT_DIR)
inputs:
contents: $(TF_ROOT_DIR)/**/*
sourceFolder: $(Build.SourcesDirectory)
targetFolder: $(Build.ArtifactStagingDirectory)
- task: CopyFiles@2
displayName: Copy $(TEST_HARNESS_DIR)
inputs:
contents: $(TEST_HARNESS_DIR)/**/*
sourceFolder: $(Build.SourcesDirectory)
targetFolder: $(Build.ArtifactStagingDirectory)
- task: CopyFiles@2
displayName: Copy Go Files
inputs:
contents: go.*
sourceFolder: $(Build.SourcesDirectory)
targetFolder: $(Build.ArtifactStagingDirectory)
- task: PublishBuildArtifacts@1
displayName: Push Artifact
inputs:
parallel: true
parallelCount: 8
artifactName: '$(BUILD_ARTIFACT_NAME)'
pathToPublish: $(Build.ArtifactStagingDirectory)
# Copyright © Microsoft Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
parameters:
terraformTemplatePath: ''
jobName: ''
steps:
- task: Bash@3
name: ${{ parameters.jobName }}
displayName: Determine if ${{ parameters.jobName }} needs CI/CD
env:
TERRAFORM_TEMPLATE_PATH: ${{ parameters.terraformTemplatePath }}
inputs:
targetType: 'inline'
script: |
#!/usr/bin/env bash
# Note: Omitting `set -euo pipefail` as it makes using grep to filter for changes a nightmare!
declare readonly GIT_DIFF_EXTENSION_WHITE_LIST="*.go|*.tf|*.sh|Dockerfile*|*.tfvars|*.yaml|*.yml"
function setCICDFlag() {
echo "Template $TERRAFORM_TEMPLATE_PATH needs CI/CD"
echo "##vso[task.setvariable variable=needs_cicd;isOutput=true]true"
}
MASTER="remotes/origin/master"
GIT_DIFF_SOURCEBRANCH="HEAD"
# we should always use master as a comparison, except in the case that this is
# a build for master. In this case we can use HEAD~ (1 commit behind master)
# because all merges will be squash merges
if [[ $(git diff "$MASTER") ]]; then
GIT_DIFF_UPSTREAMBRANCH="$MASTER"
else
GIT_DIFF_UPSTREAMBRANCH="$MASTER~"
fi
echo "GIT_DIFF_UPSTREAMBRANCH: $GIT_DIFF_UPSTREAMBRANCH"
echo "GIT_DIFF_SOURCEBRANCH: $GIT_DIFF_SOURCEBRANCH"
FILE_CHANGE_SET=$(git diff "$GIT_DIFF_SOURCEBRANCH" "$GIT_DIFF_UPSTREAMBRANCH" --name-only)
echo "Files changed since last commit..."
echo "$FILE_CHANGE_SET"
FILTERED_FILE_CHANGE_SET=$(grep -E "$GIT_DIFF_EXTENSION_WHITE_LIST" <<< "$FILE_CHANGE_SET" || true)
echo "Files changed since last commit, filtered for build-relevant files..."
echo "$FILTERED_FILE_CHANGE_SET"
TEST_HARNESS_CHANGES=$(grep "$TEST_HARNESS_DIR" <<< "$FILTERED_FILE_CHANGE_SET" || true)
TEMPLATE_CHANGES=$(grep "$TERRAFORM_TEMPLATE_PATH" <<< "$FILTERED_FILE_CHANGE_SET" || true)
PIPELINE_CHANGES=$(grep "$PIPELINE_ROOT_DIR" <<< "$FILTERED_FILE_CHANGE_SET" || true)
MODULE_CHANGES=$(grep "$TF_ROOT_DIR/modules" <<< "$FILTERED_FILE_CHANGE_SET" || true)
# if relevant files have been changed, CICD for this template needs to run
[ ! -z "${TEST_HARNESS_CHANGES}" ] && setCICDFlag
[ ! -z "${TEMPLATE_CHANGES}" ] && setCICDFlag
[ ! -z "${PIPELINE_CHANGES}" ] && setCICDFlag
[ ! -z "${MODULE_CHANGES}" ] && setCICDFlag
exit 0
# Copyright © Microsoft Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
steps:
- task: Bash@3
name: LintCheckGo
displayName: Lint Go
inputs:
targetType: 'inline'
script: |
#!/usr/bin/env bash
set -euo pipefail
cd "$BUILD_SOURCESDIRECTORY"
echo "Linting Go Files... If this fails, run 'go fmt ./...' to fix"
# This runs a go fmt on each file without using the 'go fmt ./...' syntax.
# This is advantageous because it avoids having to download all of the go
# dependencies that would have been triggered by using the './...' syntax.
FILES_WITH_FMT_ISSUES=$(find . -name "*.go" | grep -v '.terraform' | xargs gofmt -l | wc -l)
# convert to integer...
FILES_WITH_FMT_ISSUES=$(($FILES_WITH_FMT_ISSUES + 0))
exit $FILES_WITH_FMT_ISSUES
# Copyright © Microsoft Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
steps:
- task: Bash@3
name: LintCheckTerraform
displayName: Lint Terraform
inputs:
targetType: 'inline'
script: |
#!/usr/bin/env bash
set -euo pipefail
function terraformVersionCheck() {
if [[ $(which terraform) && $(terraform --version | head -n1 | cut -d" " -f2 | cut -c 2\-) == $TF_VERSION ]]; then
echo "Terraform version check completed"
else
TF_ZIP_TARGET="https://releases.hashicorp.com/terraform/$TF_VERSION/terraform_${TF_VERSION}_linux_amd64.zip"
echo "Info: installing $TF_VERSION, target: $TF_ZIP_TARGET"
wget $TF_ZIP_TARGET -q
unzip -q "terraform_${TF_VERSION}_linux_amd64.zip"
sudo mv terraform /usr/local/bin
rm *.zip
fi
terraform -version
# Assert that jq is available, and install if it's not
command -v jq >/dev/null 2>&1 || { echo >&2 "Installing jq"; sudo apt install -y jq; }
}
terraformVersionCheck
cd "$BUILD_SOURCESDIRECTORY"
echo "Linting Terraform Files... If this fails, run 'terraform fmt -recursive' to fix"
terraform fmt -recursive -check
# Copyright © Microsoft Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
parameters:
skip: false
steps:
- task: AzureCLI@1
displayName: 'Run Integration Tests'
env:
TF_VAR_remote_state_container: $(TF_VAR_remote_state_container)
TF_VAR_remote_state_account: $(TF_VAR_remote_state_account)
TF_VAR_elasticsearch_version: $(TF_VAR_elasticsearch_version)
condition: not(coalesce(variables.SKIP_TESTS, ${{ parameters.skip }}))
inputs:
azureSubscription: '$(SERVICE_CONNECTION_NAME)'
addSpnToEnvironment: true
scriptLocation: inlineScript
inlineScript: |
#!/usr/bin/env bash
set -euo pipefail
export ARM_TENANT_ID=$tenantId
export ARM_CLIENT_SECRET=$servicePrincipalKey
export ARM_CLIENT_ID=$servicePrincipalId
export ARM_ACCESS_KEY=$(az storage account keys list --subscription "$ARM_SUBSCRIPTION_ID" --account-name "$(TF_VAR_remote_state_account)" --query "[0].value" --output tsv)
cd "$ARTIFACT_ROOT"/"$TERRAFORM_TEMPLATE_PATH"
# Setting the scripts to be run as executable
chmod -fR 755 *.sh || true
echo "TF_WORKSPACE_NAME: ${TF_WORKSPACE_NAME}"
go test -v $(go list ./... | grep "$TERRAFORM_TEMPLATE_PATH" | grep "integration")
# Copyright © Microsoft Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
parameters:
skip: false
steps:
- task: AzureCLI@1
displayName: 'Run Unit Tests'
env:
TF_VAR_remote_state_container: $(TF_VAR_remote_state_container)
TF_VAR_remote_state_account: $(TF_VAR_remote_state_account)
TF_VAR_resource_group_location: $(TF_VAR_resource_group_location)
TF_VAR_cosmosdb_replica_location: $(TF_VAR_cosmosdb_replica_location)
TF_VAR_elasticsearch_username: $(elastic-username-${{ parameters.terraformWorkspacePrefix }}-${{ parameters.environmentName }})
TF_VAR_elasticsearch_password: $(elastic-password-${{ parameters.terraformWorkspacePrefix }}-${{ parameters.environmentName }})
TF_VAR_elasticsearch_endpoint: $(elastic-endpoint-${{ parameters.terraformWorkspacePrefix }}-${{ parameters.environmentName }})
TF_VAR_common_resources_workspace_name: $(TF_VAR_common_resources_workspace_name)
TF_VAR_central_resources_workspace_name: $(TF_VAR_central_resources_workspace_name)
TF_VAR_data_resources_workspace_name: $(TF_VAR_data_resources_workspace_name)
TF_VAR_data_partition_name: $(TF_VAR_data_partition_name)
TF_VAR_ssh_public_key_file: $(aksPublicAgentKeySecureDownload.secureFilePath)
TF_VAR_gitops_ssh_key_file: $(aksPrivateGitopsKeySecureDownload.secureFilePath)
TF_VAR_gitops_ssh_url: $(TF_VAR_gitops_ssh_url)
TF_VAR_principal_appId: $(TF_VAR_principal_appId)
TF_VAR_principal_name: $(TF_VAR_principal_name)
TF_VAR_principal_password: $(TF_VAR_principal_password)
TF_VAR_principal_objectId: $(TF_VAR_principal_objectId)
TF_VAR_gitops_path: $(TF_VAR_gitops_path)
condition: not(coalesce(variables.SKIP_TESTS, ${{ parameters.skip }}))
inputs:
azureSubscription: '$(SERVICE_CONNECTION_NAME)'
addSpnToEnvironment: true
scriptLocation: inlineScript
inlineScript: |
#!/usr/bin/env bash
set -euo pipefail