Tips-Of-Mine/terraform
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Sets USE_MSI env var, get latest version of terraform, reflect changes in readme.

Browse Source
This commit is contained in:
Jeffrey Cline 2018-02-27 14:19:21 -08:00
parent 6b3815b7ce
commit 94e04a1d87
4 changed files with 25 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
solution_template/vm-linux-terraform/README.md
View File

@ -1,7 +1,7 @@
Azure Marketplace Terraform Solution Template
===
This template provisions a `Linux` Virtual Machine(VM) to `Azure` pre-configured with the `Terraform` v0.11.1 core runtime and the `Azure CLI` v2.0.
This template provisions a `Linux` Virtual Machine(VM) to `Azure` pre-configured with the latest `Terraform` core runtime and the `Azure CLI` v2.0.
Template Deployment Steps:
---
@ -11,7 +11,7 @@ Template Deployment Steps:
* Creates a `Terraform` template folder (tfTemplate)
* Pre-configures `Terraform` remote state with the `Azure` backend
Once all required resources have been provisioned to `Azure` the template will then execute a shell script on the VM using the custom script extension. The shell script will install `Terraform` v0.11.1 core runtime and the `Azure CLI` v2.0. It then creates a `Terraform` template folder that is pre-configured to use `Terraform Remote State` with the `Azure` backend. The `Azure CLI` will also create the storage container required by remote state.
Once all required resources have been provisioned to `Azure` the template will then execute a shell script on the VM using the custom script extension. The shell script will install latest `Terraform` core runtime and the `Azure CLI` v2.0. It then creates a `Terraform` template folder that is pre-configured to use `Terraform Remote State` with the `Azure` backend. The `Azure CLI` will also create the storage container required by remote state.
Post Deployment Configuration Steps
===

BIN
solution_template/vm-linux-terraform/Template.zip Normal file
View File

Binary file not shown.

21
solution_template/vm-linux-terraform/scripts/infra.sh
View File

@ -2,17 +2,24 @@
apt-get update
retry=0
while true;do
wget -O terraform.zip https://releases.hashicorp.com/terraform/0.11.1/terraform_0.11.1_linux_amd64.zip?_ga=2.228206621.1801000149.1512425211-1345627201.1504718143 && break || ((retry++))
((retry >= 10)) && break
done
apt-get install jq
apt-get install unzip
unzip terraform.zip
apt-get update
mv terraform /usr/local/bin
TF_VERSION=$(curl -s https://checkpoint-api.hashicorp.com/v1/check/terraform | jq -r -M ".current_version") \
&& wget -O terraform.zip https://releases.hashicorp.com/terraform/${TF_VERSION}/terraform_${TF_VERSION}_linux_amd64.zip \
&& wget -O terraform.sha256 https://releases.hashicorp.com/terraform/${TF_VERSION}/terraform_${TF_VERSION}_SHA256SUMS \
&& wget -O terraform.sha256.sig https://releases.hashicorp.com/terraform/${TF_VERSION}/terraform_${TF_VERSION}_SHA256SUMS.sig \
&& curl -s https://keybase.io/hashicorp/pgp_keys.asc | gpg --import \
&& gpg --verify terraform.sha256.sig terraform.sha256 \
&& echo $(grep -Po "[[:xdigit:]]{64}(?=\s+terraform_${TF_VERSION}_linux_amd64.zip)" terraform.sha256) terraform.zip | sha256sum -c \
&& unzip terraform.zip \
&& mkdir /usr/local/terraform \
&& mv terraform /usr/local/bin \
&& rm -f terraform terraform.zip terraform.sha256 terraform.sha256.sig \
&& unset TF_VERSION
echo "deb [arch=amd64] https://packages.microsoft.com/repos/azure-cli/ wheezy main" | sudo tee /etc/apt/sources.list.d/azure-cli.list

15
solution_template/vm-linux-terraform/scripts/install.sh
View File

@ -89,6 +89,7 @@ TEMPLATEFOLDER="/home/$USERNAME/tfTemplate"
REMOTESTATEFILE="$TEMPLATEFOLDER/remoteState.tf"
TFENVFILE="/home/$USERNAME/tfEnv.sh"
CREDSFILE="$TEMPLATEFOLDER/azureProviderAndCreds.tf"
PROFILEFILE="/home/$USERNAME/.profile"
mkdir $TEMPLATEFOLDER
@ -111,6 +112,14 @@ chown -R $USERNAME:$USERNAME /home/$USERNAME/tfTemplate
touch $TFENVFILE
echo "export ARM_SUBSCRIPTION_ID=\"$SUBSCRIPTION_ID\"" >> $TFENVFILE
echo "export ARM_CLIENT_ID=\"$MSI_PRINCIPAL_ID\"" >> $TFENVFILE
echo "export USE_MSI=true" >> $TFENVFILE
# Set these variables in the profile
echo "echo export ARM_SUBSCRIPTION_ID=\"$SUBSCRIPTION_ID\" >>$PROFILEFILE" >> $TFENVFILE
echo "echo export ARM_CLIENT_ID=\"$MSI_PRINCIPAL_ID\" >>$PROFILEFILE" >> $TFENVFILE
echo "echo export USE_MSI=true >>$PROFILEFILE" >> $TFENVFILE
# Add contributor permissions to the MSI for entire subscription
echo "az login" >> $TFENVFILE
echo "az role assignment create --assignee \"$MSI_PRINCIPAL_ID\" --role 'b24988ac-6180-42a0-ab88-20f7382dd24c' --scope /subscriptions/\"$SUBSCRIPTION_ID\"" >> $TFENVFILE
chmod 755 $TFENVFILE
@ -121,9 +130,3 @@ logger -t devvm "Creating the container for remote state"
az login --msi
az storage container create -n terraform-state --account-name $STORAGE_ACCOUNT_NAME --account-key $STORAGE_ACCOUNT_KEY
logger -t devvm "Container for remote state created: $?"
if [[ -v DESKTOPINSTALL ]]; then
echo "Installing Mate Desktop"
bash ./desktop.sh
echo "Desktop installed"
fi