https://github.com/data-platform-hq/terraform-azuredevops-project
Terraform module for creating Azure DevOps Project resouces
https://github.com/data-platform-hq/terraform-azuredevops-project
azure-devops terraform-module
Last synced: 2 months ago
JSON representation
Terraform module for creating Azure DevOps Project resouces
- Host: GitHub
- URL: https://github.com/data-platform-hq/terraform-azuredevops-project
- Owner: data-platform-hq
- License: other
- Created: 2023-03-10T13:24:26.000Z (about 2 years ago)
- Default Branch: main
- Last Pushed: 2024-07-29T09:02:07.000Z (9 months ago)
- Last Synced: 2024-07-29T12:16:12.355Z (9 months ago)
- Topics: azure-devops, terraform-module
- Language: HCL
- Homepage: https://registry.terraform.io/modules/data-platform-hq/project/azuredevops/latest
- Size: 62.5 KB
- Stars: 0
- Watchers: 3
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE
Awesome Lists containing this project
README
# TODO - Update Documentation
# Azure DevOps project Terraform module
Terraform module for creation Azure DevOps project service endpoint and variable group in existing Azure DevOps organisation. After variable group creation in ADO, any changes to it are ignored by terraform.
## Usage
This module is creating ADO project, service endpoint and variable group or creates service endpoint and variable group in existing project. Below is an example that provisions project variable group and service connection.
```hcl
data "azurerm_client_config" "current" {}
module "ado_project" {
source = "data-platform-hq/project/azuredevops"
project = "my_project"
env = "dev"
location = "westeurope"
features = {
boards = "disabled"
testplans = "disabled"
}
# var1 has value and is not a secret, var2 has value and is a secret,
# var3 is empty and is not a secret, var4 is empty and is a secret
variables_set = [
{
name = "var1"
value = "value1"
is_secret = false
},
{
name = "var2"
secret_value = "value2"
},
{
name = "var3"
is_secret = false
},
{
name = "var4"
}
]
# var.infra-arm-client-id, var.infra-arm-tenant-id, var.infra-arm-subscription-id are empty by default.
# Client configuration values will be used instead.
service_endpoint_args = [
{
service_principal_key = "some_service_principal_key"
service_principal_id = coalesce(var.infra_arm_client_id, data.azurerm_client_config.current.client_id)
spn_tenant_id = coalesce(var.infra_arm_tenant_id, data.azurerm_client_config.current.tenant_id)
subscription_id = coalesce(var.infra_arm_subscription_id, data.azurerm_client_config.current.subscription_id)
subscription_name = "some_subscription_name"
custom_service_endpoint_name = "service-principal-dev"
}
]
# project will have name "some_project_name" instead of "my_project-dev-westeurope".
custom_ado_project_name = "some_project_name"
# Variable group will have name "our_default_pipeline_var_group" instead of "var-group-my_project-dev-westeurope".
custom_var_group_name = "our_default_pipeline_var_group"
}
```
## Requirements
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0.0 |
| [azuredevops](#requirement\_azuredevops) | >= 1.1.1 |
## Providers
| Name | Version |
|------|---------|
| [azuredevops](#provider\_azuredevops) | >= 1.1.1 |
## Modules
No modules.
## Resources
| Name | Type |
|------|------|
| [azuredevops_agent_pool.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/agent_pool) | resource |
| [azuredevops_agent_queue.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/agent_queue) | resource |
| [azuredevops_build_definition.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/build_definition) | resource |
| [azuredevops_check_approval.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/check_approval) | resource |
| [azuredevops_environment.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/environment) | resource |
| [azuredevops_feed.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/feed) | resource |
| [azuredevops_feed_permission.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/feed_permission) | resource |
| [azuredevops_git_repository.import](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/git_repository) | resource |
| [azuredevops_group_membership.example](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/group_membership) | resource |
| [azuredevops_pipeline_authorization.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/pipeline_authorization) | resource |
| [azuredevops_resource_authorization.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/resource_authorization) | resource |
| [azuredevops_serviceendpoint_azurerm.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/serviceendpoint_azurerm) | resource |
| [azuredevops_serviceendpoint_generic_git.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/serviceendpoint_generic_git) | resource |
| [azuredevops_variable_group.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/variable_group) | resource |
| [azuredevops_git_repository.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/data-sources/git_repository) | data source |
| [azuredevops_group.build](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/data-sources/group) | data source |
| [azuredevops_group.feed](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/data-sources/group) | data source |
| [azuredevops_group.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/data-sources/group) | data source |
| [azuredevops_project.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/data-sources/project) | data source |
| [azuredevops_users.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/data-sources/users) | data source |
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [ado\_feed](#input\_ado\_feed) | Set of objects with parameters to configure feed and assign permissions |
set(object({
feed_name = string
permanent_feed_delete = optional(bool, true)
feed_permission_group_role = optional(string, "contributor")
feed_scope_organization_enable = optional(bool, false)
feed_permission_group_name = string
})) | `[]` | no |
| [builder\_service\_principal\_name](#input\_builder\_service\_principal\_name) | Default project's Service Builder name | `string` | `null` | no |
| [builder\_service\_role\_assigned](#input\_builder\_service\_role\_assigned) | Boolean flag that determines whether to assign permission to a default project's Service Builder | `bool` | `false` | no |
| [environments\_approvers](#input\_environments\_approvers) | Default Azure DevOps Group that is allowed to approve deployments on Environments | `string` | `"Contributors"` | no |
| [imported\_repositories](#input\_imported\_repositories) | Configuration options for External Repositories. | list(object({
given_name = string
repository_url = string
password = string
})) | `[]` | no |
| [pipeline\_configs](#input\_pipeline\_configs) | Configuration options for Pipeline yml definition files | list(object({
name = string
folder = optional(string, null)
environments = optional(list(string), [])
pipeline_source_config = object({
repository_name = string
branch_name = optional(string, "refs/heads/main")
yml_path = string
})
variables = optional(list(object({
name = string
value = string
allow_override = optional(bool, true)
})), [])
})) | `[]` | no |
| [pool\_authorization](#input\_pool\_authorization) | Object with parameters to configure authorization of self-hosted agent pool | object({
type = string
authorized = bool
}) | {
"authorized": true,
"type": "queue"
} | no |
| [pool\_configuration](#input\_pool\_configuration) | Object with parameters to configure self-hosted agent pool | object({
name = string # The name of the agent pool.
auto_provision = optional(bool, false) # Specifies whether a queue should be automatically provisioned for each project collection.
auto_update = optional(bool, true) # Specifies whether or not agents within the pool should be automatically updated
}) | {
"name": "self_hosted_agent_pool"
} | no |
| [project\_name](#input\_project\_name) | The name of Azure DevOps Project where infrastructure would be provisioned | `string` | n/a | yes |
| [self\_hosted\_linux\_agent\_enable](#input\_self\_hosted\_linux\_agent\_enable) | Boolean flag to determine whether to create resources required for Self Hosted Agent | `bool` | `false` | no |
| [service\_endpoint\_azurerm](#input\_service\_endpoint\_azurerm) | Configuration options for AzureRM Service Endpoint | list(object({
name = string
service_principal_id = string
service_principal_key = string
spn_tenant_id = string
subscription_id = string
subscription_name = string
description = optional(string)
environment = optional(string, "AzureCloud")
})) | `[]` | no |
| [variables\_groups](#input\_variables\_groups) | Configuration options for Variable group | list(object({
name = string
description = optional(string)
allow_access = optional(bool, true)
variables = list(object({
name = string
value = optional(string)
secret_value = optional(string)
is_secret = optional(bool, false)
}))
})) | `[]` | no |
## Outputs
| Name | Description |
|------|-------------|
| [id](#output\_id) | The ID of the agent pool. |
| [name](#output\_name) | The Name of the agent pool. |
| [service\_connection\_name](#output\_service\_connection\_name) | Service Endpoints AzureRM names list |
## License
Apache 2 Licensed. For more information please see [LICENSE](https://github.com/data-platform-hq/terraform-azuredevops-project/blob/main/LICENSE)