fix(script): terraform commands pipeline job

* Update pipeline-validation.yml * Update pipeline-validation.yml * Update pipeline-validation.yml for Azure Pipelines * Update pipeline-validation.yml for Azure Pipelines * Update pipeline-validation.yml for Azure Pipelines * Update pipeline-validation.yml for Azure Pipelines * Update pipeline-validation.yml for Azure Pipelines * Update pipeline-validation.yml for Azure Pipelines * asfasd * sdfsd * asdfsd * add container * asdf * setup log messaging * ssdfs * sdfsd * components * 3 * asfasd * terraform files * asfdas * setup * dgdfs * comment * test * host * terraform * terraform * tfplan * tenant * convert files * asdf * remove parameter pwsh: true * azdopowershell * final * test * validation script * Update pipeline-validation.yml for Azure Pipelines * Update pipeline-validation.yml for Azure Pipelines * Update pipeline-validation.yml for Azure Pipelines * test * add target publish --------- Co-authored-by: curlybytes <>
CurlyBytes · Jun 16, 2024 · 7ebb60b · 7ebb60b
1 parent 8117f8f
commit 7ebb60b
Show file tree

Hide file tree

Showing 10 changed files with 869 additions and 278 deletions.
diff --git a/.gitignore b/.gitignore
@@ -30,6 +30,4 @@ override.tf.json
 *tfplan*
 
 # Ignore CLI configuration files
-.terraformrc
-terraform.rc
 .terraform.lock.hcl
diff --git a/.scripts/pipeline-validation.yml b/.scripts/pipeline-validation.yml
diff --git a/docs/setup.md b/docs/setup.md
@@ -0,0 +1,102 @@
+FROM ubuntu:20.04
+
+RUN DEBIAN_FRONTEND=noninteractive apt-get update
+RUN DEBIAN_FRONTEND=noninteractive apt-get upgrade -y && useradd -m agentuser
+
+RUN DEBIAN_FRONTEND=noninteractive apt-get install -y -qq --no-install-recommends \
+    apt-transport-https \
+    apt-utils \
+    gcc \
+    libffi-dev \
+    musl-dev \
+    openssl-dev \
+    python3-dev \
+    pipx \
+    gnupg \
+    iputils-ping \
+    libcurl4 \
+    libicu60 \
+    libunwind8 \
+    netcat \
+    libssl1.0 \
+    make \
+    bash \
+    sudo \
+    shadow \
+    curl \
+    py3-pip \
+    graphviz \
+    ca-certificates \
+    less \
+    ncurses-terminfo-base \
+    krb5-libs \
+    libgcc \
+    libintl \
+    libssl \
+    libssl3 \
+    libstdc++ \
+    tzdata \
+    userspace-rcu \
+    zlib \
+    icu-libs \
+    ca-certificates \
+    azure-cli \
+    git \
+    iputils-ping \
+    jq \
+    lsb-release \
+    wget \
+    software-properties-common
+
+RUN curl -sL https://aka.ms/InstallAzureCLIDeb | bash
+
+RUN curl -fsSL https://deb.nodesource.com/setup_20.x | bash \
+&& apt-get install -y nodejs
+RUN npm install concurrently
+RUN wget -q https://github.com/PowerShell/PowerShell/releases/download/v7.2.6/powershell-lts_7.2.6-1.deb_amd64.deb \
+            && dpkg -i powershell-lts_7.2.6-1.deb_amd64.deb
+
+RUN pwsh -Command Install-Module -Name Az -AllowClobber -Repository PSGallery -Force
+
+RUN pwsh -Command Install-Module -Name AzTable -AllowClobber -Force
+
+RUN pwsh -Command Install-Module -Name SqlServer -AllowClobber -Force
+RUN wget -q https://download.docker.com/linux/ubuntu/dists/bionic/pool/stable/amd64/docker-ce-cli_20.10.18~3-0~ubuntu-bionic_amd64.deb \
+            && dpkg -i docker-ce-cli_20.10.18~3-0~ubuntu-bionic_amd64.deb
+RUN docker buildx install
+RUN curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg \
+            && echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | tee /etc/apt/sources.list.d/kubernetes.list \
+            && apt-get update && apt-get install -y --no-install-recommends \
+            kubectl
+
+# Install Terraform
+ENV TF_VERSION=1.5.7
+RUN wget -qO- https://releases.hashicorp.com/terraform/${TF_VERSION}/terraform_${TF_VERSION}_linux_amd64.zip | zcat > /usr/local/bin/terraform && chmod +x /usr/local/bin/terraform
+
+
+# Can be 'linux-x64', 'linux-arm64', 'linux-arm', 'rhel.6-x64'.
+ENV TARGETARCH=linux-x64
+ENV AGENT_VERSION=2.209.0
+
+RUN if [ "$TARGETARCH" = "amd64" ]; then \
+    AZP_AGENTPACKAGE_URL=https://vstsagentpackage.azureedge.net/agent/${AGENT_VERSION}/vsts-agent-linux-x64-${AGENT_VERSION}.tar.gz; \
+else \
+    AZP_AGENTPACKAGE_URL=https://vstsagentpackage.azureedge.net/agent/${AGENT_VERSION}/vsts-agent-linux-${TARGETARCH}-${AGENT_VERSION}.tar.gz; \
+fi; \
+curl -LsS "$AZP_AGENTPACKAGE_URL" | tar -xz
+
+
+RUN mkdir terraform
+RUN mkdir code
+COPY . terraform
+
+WORKDIR /azp
+RUN chown -R agentuser:agentuser /azp
+RUN chmod 755 /azp
+
+COPY ./start.sh .
+RUN chmod +x start.sh
+# All subsequent commands run under this user
+USER agentuser
+
+ENTRYPOINT [ "./start.sh", "--once" ]
diff --git a/src/infrastructure-as-code/terraform/Dockerfile b/src/infrastructure-as-code/terraform/Dockerfile
@@ -72,31 +72,53 @@ RUN ln -s /opt/microsoft/powershell/7/pwsh /usr/bin/pwsh
 COPY --from=node_base ["${NODE_HOME}", "${NODE_HOME}"]
 
 # Copy over src(all terraform components/modules)
-RUN mkdir terraform
+RUN mkdir terraform_files
 RUN mkdir code
-COPY . terraform
+COPY . terraform_files
 
 ENV APK_DEV "gcc libffi-dev musl-dev openssl-dev python3-dev pipx make"
 ENV APK_ADD "bash sudo shadow curl py3-pip graphviz git jq"
 #error ibssl3 https://askubuntu.com/questions/1408000/unable-to-locate-package-libssl1-1
-ENV APK_POWERSHELL="ca-certificates less ncurses-terminfo-base krb5-libs libgcc libintl libssl3 libstdc++ tzdata userspace-rcu zlib icu-libs"
+ENV APK_POWERSHELL="ca-certificates less ncurses-terminfo-base krb5-libs libgcc libintl  libssl3 libstdc++ tzdata userspace-rcu zlib icu-libs"
 
 #resolve error in pipx due to conflict package manager (EXTERNAL-MANAGE-BY)
 #https://stackoverflow.com/questions/75608323/how-do-i-solve-error-externally-managed-environment-every-time-i-use-pip-3
 #https://askubuntu.com/questions/1465218/pip-error-on-ubuntu-externally-managed-environment-%C3%97-this-environment-is-extern
 RUN apk upgrade --update && \
-    apk add --no-cache --virtual .pipeline-deps readline linux-pam && \
-    apk add --no-cache --virtual .build ${APK_DEV} && \
+    apk add --no-cache  readline linux-pam && \
+    apk add --no-cache ${APK_DEV} && \
     apk add --no-cache ${APK_ADD} ${APK_POWERSHELL} && \
+    # # Install Azure CLI
+    # pipx ensurepath && \
+    # pipx install wheel && \
+    # pipx inject wheel wheel==0.42.0 && \ 
+    # pipx install azure-cli && \
+    # pipx inject azure-cli azure-cli==2.56.0 
     # Install Azure CLI
     pipx ensurepath && \
     pipx install wheel && \
-    pipx inject wheel wheel==0.42.0 && \ 
-    pipx install azure-cli && \
-    pipx inject azure-cli azure-cli==2.56.0 && \ 
-    apk del .build && \
-    apk del .pipeline-deps 
-
+    pipx install azure-cli
+
+# RUN pwsh -Command Install-Module -Name Az -AllowClobber -Repository PSGallery -Force
+# RUN pwsh -Command Install-Module -Name AzTable -AllowClobber -Force
+# RUN pwsh -Command Install-Module -Name SqlServer -AllowClobber -Force
+# Install Docker CLI
+# RUN wget -q https://download.docker.com/linux/ubuntu/dists/bionic/pool/stable/amd64/docker-ce-cli_20.10.18~3-0~ubuntu-bionic_amd64.deb \
+#     && dpkg -i docker-ce-cli_20.10.18~3-0~ubuntu-bionic_amd64.deb \
+#     && rm docker-ce-cli_20.10.18~3-0~ubuntu-bionic_amd64.deb
+
+# # Install Docker Buildx
+# RUN mkdir -p ~/.docker/cli-plugins \
+#     && wget -qO ~/.docker/cli-plugins/docker-buildx https://github.com/docker/buildx/releases/latest/download/buildx-linux.amd64 \
+#     && chmod +x ~/.docker/cli-plugins/docker-buildx
+
+# # Install Node.js from NodeSource
+# RUN curl -fsSL https://deb.nodesource.com/setup_20.x | bash - \
+#     && apt-get install -y nodejs
+
+# # Clean up
+# RUN apt-get clean && rm -rf /var/lib/apt/lists/*
+
 RUN echo "PS1='\n\[\033[01;35m\][\[\033[0m\]Terraform\[\033[01;35m\]]\[\033[0m\]\n\[\033[01;35m\][\[\033[0m\]\[\033[01;32m\]\w\[\033[0m\]\[\033[01;35m\]]\[\033[0m\]\n \[\033[01;33m\]->\[\033[0m\] '" >> ~/.bashrc 
 
 CMD tail -f /dev/null

diff --git a/src/infrastructure-as-code/terraform/components/azure-resource-group/providers.tf b/src/infrastructure-as-code/terraform/components/azure-resource-group/providers.tf
@@ -6,7 +6,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "3.108.0"
+      version = "3.104.0"
     }
   }
 }
diff --git a/src/infrastructure-as-code/terraform/samples/az-standard-rg/main.tf b/src/infrastructure-as-code/terraform/samples/az-standard-rg/main.tf
@@ -7,7 +7,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "3.108.0"
+      version = "3.104.0"
     }
   }
 }
@@ -18,7 +18,8 @@ provider "azurerm" {
 }
 
 module "aztf_rnd_rg" {
-  source                   = "../../../terraform/components/azure-resource-group"
+  # source                   = "../../components/azure-resource-group" #direct directory
+  source                   = "../../../terraform_files/components/azure-resource-group" #terrafomr image
   PROJECT_NAME             = "devsecops-utility"
   PROJECT_ENVIRONMENT_NAME = "Sandbox"