Skip to content
This repository has been archived by the owner on Feb 1, 2024. It is now read-only.

Commit

Permalink
Merge pull request #86 from pmatthews05/pipelineInstructions
Browse files Browse the repository at this point in the history 
Pipeline instructions
  • Loading branch information
@arnaudlh
arnaudlh authored Oct 28, 2021
2 parents 8ce1597 + 2e57d6b commit c2f4250
Show file tree
Hide file tree
Showing 4 changed files with 336 additions and 63 deletions.
36 changes: 18 additions & 18 deletions configuration/sandpit/level1/gitops/azure_devops/azure_devops.tfvars
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
azure_devops = {

url = "https://dev.azure.com/update_with_your_org/"
project = "contoso_demo"
project = "caf-configuration"

# PAT Token should be updated manually to the keyvault after running launchpad
pats = {
Expand Down Expand Up @@ -54,7 +54,7 @@ azure_devops = {
}
}

service_endpoints = {
service_endpoints = {
contoso_demo = {
endpoint_name = "Replace with your subscription name"
subscription_name = "Replace with your subscription name"
Expand All @@ -77,7 +77,7 @@ azure_devops = {
TF_CLI_ARGS_plan = "'-input=false'"
TF_VAR_ARGS_destroy = "'-auto-approve -refresh=false'"
ENVIRONMENT = "sandpit"
LANDINGZONE_BRANCH = "2104.3"
LANDINGZONE_BRANCH = "2107.1"
}
}

Expand Down Expand Up @@ -448,8 +448,8 @@ azure_devops = {
landingZoneName = "caf_foundations",
terraformAction = "plan",
tfstateName = "caf_foundations.tfstate"
configPath = "/configuration/sandpit/level1/caf_foundations"
landingZonePath = "/public/landingzones/caf_foundations"
configPath = "/configuration/sandpit/level1/foundations"
landingZonePath = "/public/caf_solution"
level = "level1"
}
variable_group_keys = ["global", "level1", "level1_kv"]
Expand All @@ -465,8 +465,8 @@ azure_devops = {
landingZoneName = "caf_foundations",
terraformAction = "apply",
tfstateName = "caf_foundations.tfstate"
configPath = "/configuration/sandpit/level1/caf_foundations"
landingZonePath = "/public/landingzones/caf_foundations"
configPath = "/configuration/sandpit/level1/foundations"
landingZonePath = "/public/caf_solution"
level = "level1"
}
variable_group_keys = ["global", "level1", "level1_kv"]
Expand All @@ -481,8 +481,8 @@ azure_devops = {
landingZoneName = "caf_foundations",
terraformAction = "destroy",
tfstateName = "caf_foundations.tfstate"
configPath = "/configuration/sandpit/level1/caf_foundations"
landingZonePath = "/public/landingzones/caf_foundations"
configPath = "/configuration/sandpit/level1/foundations"
landingZonePath = "/public/caf_solution"
level = "level1"
}
variable_group_keys = ["global", "level1", "level1_kv"]
Expand All @@ -504,7 +504,7 @@ azure_devops = {
terraformAction = "plan",
tfstateName = "caf_shared_services.tfstate"
configPath = "/configuration/sandpit/level2/shared_services"
landingZonePath = "/public/landingzones/caf_shared_services"
landingZonePath = "/public/caf_solution"
level = "level2"
}
variable_group_keys = ["global", "level2", "level2_kv"]
Expand All @@ -520,7 +520,7 @@ azure_devops = {
terraformAction = "apply",
tfstateName = "caf_shared_services.tfstate"
configPath = "/configuration/sandpit/level2/shared_services"
landingZonePath = "/public/landingzones/caf_shared_services"
landingZonePath = "/public/caf_solution"
level = "level2"
}
variable_group_keys = ["global", "level2", "level2_kv"]
Expand All @@ -536,7 +536,7 @@ azure_devops = {
terraformAction = "destroy",
tfstateName = "caf_shared_services.tfstate"
configPath = "/configuration/sandpit/level2/shared_services"
landingZonePath = "/public/landingzones/caf_shared_services"
landingZonePath = "/public/caf_solution"
level = "level2"
}
variable_group_keys = ["global", "level2", "level2_kv"]
Expand All @@ -554,7 +554,7 @@ azure_devops = {
terraformAction = "plan",
tfstateName = "networking_hub.tfstate"
configPath = "/configuration/sandpit/level2/networking/hub"
landingZonePath = "/public/landingzones/caf_networking"
landingZonePath = "/public/caf_solution"
level = "level2"
}
variable_group_keys = ["global", "level2", "level2_kv"]
Expand All @@ -570,7 +570,7 @@ azure_devops = {
terraformAction = "apply",
tfstateName = "networking_hub.tfstate"
configPath = "/configuration/sandpit/level2/networking/hub"
landingZonePath = "/public/landingzones/caf_networking"
landingZonePath = "/public/caf_solution"
level = "level2"
}
variable_group_keys = ["global", "level2", "level2_kv"]
Expand All @@ -586,7 +586,7 @@ azure_devops = {
terraformAction = "destroy",
tfstateName = "networking_hub.tfstate"
configPath = "/configuration/sandpit/level2/networking/hub"
landingZonePath = "/public/landingzones/caf_networking"
landingZonePath = "/public/caf_solution"
level = "level2"
}
variable_group_keys = ["global", "level2", "level2_kv"]
Expand All @@ -608,7 +608,7 @@ azure_devops = {
terraformAction = "plan",
tfstateName = "landing_zone_aks.tfstate"
configPath = "/configuration/sandpit/level3/aks"
landingZonePath = "/public/landingzones/caf_solutions"
landingZonePath = "/public/caf_solution"
level = "level3"
}
variable_group_keys = ["global", "level3", "level3_kv"]
Expand All @@ -624,7 +624,7 @@ azure_devops = {
terraformAction = "apply",
tfstateName = "landing_zone_aks.tfstate"
configPath = "/configuration/sandpit/level3/aks"
landingZonePath = "/public/landingzones/caf_solutions"
landingZonePath = "/public/caf_solution"
level = "level3"
}
variable_group_keys = ["global", "level3", "level3_kv"]
Expand All @@ -640,7 +640,7 @@ azure_devops = {
terraformAction = "destroy",
tfstateName = "landing_zone_aks.tfstate"
configPath = "/configuration/sandpit/level3/aks"
landingZonePath = "/public/landingzones/caf_solutions"
landingZonePath = "/public/caf_solution"
level = "level3"
}
variable_group_keys = ["global", "level3", "level3_kv"]
Expand Down
10 changes: 5 additions & 5 deletions configuration/sandpit/level1/gitops/azure_devops_agents_vm/landingzone.tfvars
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ azure_devops = {
level0 = {
# Rover version to apply to the devops self-hosted agents during the setup.
rover_version = "aztfmod/rover:0.14.11-2104.2711"
url = "https://dev.azure.com/azure-terraform/"
url = "https://dev.azure.com/update_with_your_org/"

pats = {
agent = {
Expand All @@ -59,7 +59,7 @@ azure_devops = {
}
}
level1 = {
url = "https://dev.azure.com/azure-terraform/"
url = "https://dev.azure.com/update_with_your_org/"
rover_version = "aztfmod/rover:0.14.11-2104.2711"

pats = {
Expand All @@ -78,7 +78,7 @@ azure_devops = {
}
}
level2 = {
url = "https://dev.azure.com/azure-terraform/"
url = "https://dev.azure.com/update_with_your_org/"
rover_version = "aztfmod/rover:0.14.11-2104.2711"

pats = {
Expand All @@ -97,7 +97,7 @@ azure_devops = {
}
}
level3 = {
url = "https://dev.azure.com/azure-terraform/"
url = "https://dev.azure.com/update_with_your_org/"
rover_version = "aztfmod/rover:0.14.11-2104.2711"

pats = {
Expand All @@ -116,7 +116,7 @@ azure_devops = {
}
}
level4 = {
url = "https://dev.azure.com/azure-terraform/"
url = "https://dev.azure.com/update_with_your_org/"
rover_version = "aztfmod/rover:0.14.11-2104.2711"

pats = {
Expand Down
15 changes: 13 additions & 2 deletions configuration/sandpit/level1/gitops/gitops_connectivity/bastion.tfvars
View file
Original file line number Diff line number Diff line change
Expand Up @@ -114,7 +114,7 @@ virtual_machines = {

keyvaults = {
vmsecrets = {
name = "bastionsecrets"
name = "bast-secret"
resource_group_key = "bastion_launchpad"
sku_name = "standard"
soft_delete_enabled = true
Expand All @@ -124,6 +124,17 @@ keyvaults = {
}

creation_policies = {
keyvault_level1_rw = {
# Reference a key to an azure ad group
lz_key = "launchpad"
azuread_group_key = "keyvault_level1_rw"
secret_permissions = ["Set", "Get", "List", "Delete", "Purge", "Recover"]
}
msi_level1 = {
lz_key = "launchpad"
managed_identity_key = "level1"
secret_permissions = ["Set", "Get", "List", "Delete", "Purge", "Recover"]
}
logged_in_user = {
# if the key is set to "logged_in_user" add the user running terraform in the keyvault policy
# More examples in /examples/keyvault
Expand All @@ -146,4 +157,4 @@ keyvaults = {
}

}
}
}
Loading

0 comments on commit c2f4250

Please sign in to comment.