{"id":20727113,"url":"https://github.com/hmcts/cnp-azuredevops-libraries","last_synced_at":"2025-04-23T18:49:32.830Z","repository":{"id":37445020,"uuid":"152786181","full_name":"hmcts/cnp-azuredevops-libraries","owner":"hmcts","description":"Reusable pipeline components for CNP Azure DevOps pipelines","archived":false,"fork":false,"pushed_at":"2025-04-22T15:54:36.000Z","size":778,"stargazers_count":9,"open_issues_count":8,"forks_count":5,"subscribers_count":22,"default_branch":"master","last_synced_at":"2025-04-22T16:48:10.603Z","etag":null,"topics":["azure-devops"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/hmcts.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2018-10-12T17:32:58.000Z","updated_at":"2025-03-06T11:38:34.000Z","dependencies_parsed_at":"2024-01-01T03:22:45.762Z","dependency_job_id":"d443358e-2f36-4011-8286-47d779567cb1","html_url":"https://github.com/hmcts/cnp-azuredevops-libraries","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hmcts%2Fcnp-azuredevops-libraries","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hmcts%2Fcnp-azuredevops-libraries/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hmcts%2Fcnp-azuredevops-libraries/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hmcts%2Fcnp-azuredevops-libraries/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/hmcts","download_url":"https://codeload.github.com/hmcts/cnp-azuredevops-libraries/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250496194,"owners_count":21440225,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["azure-devops"],"created_at":"2024-11-17T04:29:16.172Z","updated_at":"2025-04-23T18:49:32.811Z","avatar_url":"https://github.com/hmcts.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# cnp-azuredevops-libraries\nReusable pipeline components for CNP Azure DevOps pipelines\n\n## Terraform workflow templates\n\nThe template files below contain steps to add Terraform Init/Plan/Apply/Destroy tasks to a pipeline.\n\n ├── scripts\n ├── steps\n │   └── terraform-precheck.yaml # Precheck stage tasks\n │   └── terraform.yaml # Terraform plan and apply stage tasks\n ├── tasks\n ├── vars\n\n### Reusing templates:\n1. Create the [required folder structure](#required-terraform-folder-structure) in your repository\n2. Add the cnp-azure-devops-libraries repository resource as below\n\n ```yaml\n\n resources:\n repositories:\n - repository: cnp-azuredevops-libraries\n type: github\n ref: refs/heads/master\n name: hmcts/cnp-azuredevops-libraries\n endpoint: 'hmcts (1)'\n\n ```\n3. Use the vars/input-variables.yaml template to add the common variables to your pipeline.\n\n Make sure you use the correct syntax when declaring a mixture of regular variables and templates, like below.\n\n Syntax example\n ```yaml\n variables:\n # a regular variable\n - name: myvariable\n value: myvalue\n # a variable group\n - group: myvariablegroup\n # a reference to a variable template\n - template: myvariabletemplate.yml\n ```\n Full example\n ```yaml\n variables:\n - name: timeoutInMinutes\n value: 60\n - name: agentPool\n value: ubuntu-latest\n - name: build\n value: $(Build.BuildNumber)\n - name: product\n value: cft-platform\n - name: terraformInitSubscription\n value: b8d29n39-8007-49m0-95b8-3c8691e90kb\n - template: vars/input-variables.yaml@cnp-azuredevops-libraries\n ```\n\n [More information on the correct syntax when using regular variables, variables groups and templates.](https://docs.microsoft.com/en-us/azure/devops/pipelines/process/variables?view=azure-devops\u0026tabs=yaml%2Cbatch#specify-variables)\n\n4. Add the terraform-precheck.yaml template to a `Precheck` stage\n5. Add the terraform.yaml template to a `TerraformPlanApply` stage\n \u003e see [Example refactored pipeline](https://github.com/hmcts/azure-platform-terraform/blob/master/azure_pipeline.yaml)\n6. First time pipeline run:\n * Run build with the Terraform plan option. State file will be created in new location\n * Copy state file from old location to overwrite new state file\n * Run build with Terraform plan to confirm plan reflects migrated state file\n7. Run pipeline with plan/apply option as required\n\n### State file:\n* In storage accounts in the `HMCTS-CONTROL` subscription\n* Storage account name derived from the resources subscription id as below:\n \u003e'c' + '1st-8th character of subscription id' + '25th-36th character of subscription id' + 'sa'\n _e.g. 'cb72ab7b703b0f2c6a1bbsa'_\n* Stored in the 'subscription-tfstate' storage container in the folder path derived as below:\n \u003e'location/product/build repo name/environment/component name/terraform.tfstate'\n _e.g. 'UK South/cft-platform/azure-platform-terraform/sbox/shutter/terraform.tfstate'_\n\n### Required terraform folder structure:\nTemplate requires the below folder structure for the build repository.\n\n Repo\n ├── components\n │   └── \u003ca\u003e (e.g. network) # group of .tf files\n │   │    └── .terraform-version (symlink) # link to .terraform-version at root level (for local testing)\n │   │    │ command: ln -s ../../.terraform-version .terraform-version\n │   │    └── *.tf\n │   └── \u003cn\u003e\n ├── environments # Environment specific .tfvars files\n │   └── \u003cenv\u003e\n │   │ └── *.tfvars\n ├── azure_pipeline.yaml\n ├── .terraform-version # terraform version (read by tfenv)\n\n### Multiple regions\n\nSome repositories have separate `tfvars` files based on region i.e. `UK South` or `UK West` and having all enviroment\nvariables in a single `tfvars` file may not meet the requirement.\nIf you need to use a different set of variables for your build then you can pass the `multiRegion` parameter and\nset this as `true`, the default is `false`.\n\nUsing multiple region support requires the below environments folder structure for the build repository.\n\n Repo\n ├── environments # Environment specific .tfvars files\n │   └── \u003cenv\u003e\n │   │ └── \u003clocation\u003e.tfvars # Region specific tfvars file without spaces e.g. prod-ukwest.tfvars\n\nWith this a different variable file will be used. An example can be found in the [hub-panorama repo](https://github.com/hmcts/hub-panorama-terraform).\n\n### tfvars file location\n\nSome repositories do not have the `tfvars` file in the standard location, or do not need `tfvars` file at all. In such cases, the `tfVarsFile` option can be used to specify this\n\n#### a) Custom location of `tfvars` file\nIf `tfvars` file is in a non-standard location, the `tfVarsFile` option can be used to specify the full path of the `tfvars` file, as shown below\n```yaml\ntfVarsFile: \"$(System.DefaultWorkingDirectory)/$(buildRepoSuffix)/environments/network/${{ parameters.env }}.tfvars\"\n```\n\u003e see [example in aks-cft-deploy repo](https://github.com/hmcts/aks-cft-deploy/blob/main/azure-pipelines.yml)\n\n#### b) No `tfvars` file\nIf the component does not need a `tfvars` file, then a special `NULL` string (all caps) can be specified for `tfVarsFile`, as shown below.\n```yaml\ntfVarsFile: NULL\n```\nNote: This is different from the terraform reserved word `null` and is essentially a special string to indicate that no `tfvars` file is needed.\n\n\u003e see [example in aks-cft-deploy repo](https://github.com/hmcts/aks-cft-deploy/blob/main/azure-pipelines.yml)\n\n### Override components directory\n\nIn a monorepo, it may be needed to override the components folder if there's multiple applications that are built from the same repository. You can pass the `baseDirectory` option to specify the location of the components folder.\n```yaml\nbaseDirectory: \"terraform/network/components\"\n```\n\n### Passing environment variables to terraform template:\n\nYou can pass environment variables directly to terraform tasks (plan, apply, destroy)\nWhich then can be used as variable within terraform code as shown in below example:\n\n```yaml\n- template: steps/terraform.yaml@cnp-azuredevops-libraries\n parameters:\n overrideAction: ${{ parameters.overrideAction }}\n environment: ${{ deployment.environment }}\n component: ${{ deployment.component }}\n serviceConnection: ${{ deployment.service_connection }}\n terraformInitSubscription: ${{ variables.terraformInitSubscription }}\n product: ${{ variables.product }}\n terraformEnvironmentVariables:\n TF_VAR_foo: $(bar)\n```\nIn terraform you can then reference this variable as `var.foo`\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhmcts%2Fcnp-azuredevops-libraries","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhmcts%2Fcnp-azuredevops-libraries","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhmcts%2Fcnp-azuredevops-libraries/lists"}