Terraform / Azure VM

Setting Up the DevOps Environment

Terraform and Ansible are both command line tools which need to be present on the DevOps build agent.

We are using Azure hosted build agents generally and I could have installed both tools as a part of the pipeline. Rather than doing that though, I decided to build a docker container and run that as an Azure Container instance. The container contains…

• Ubuntu
• Openssh tools
• Terraform
• Ansible
• Packer ( I don’t need this yet but may do in the future )

Obviously, I also want to deploy this using a pipeline but, it turns out, there is an issue with that, due to the way our DevOps has been configured.

Build Agent Container Pipeline

This pipeline uses AWS templates to create

• Create a container registry
• Build the Docker image for the Build Agent
• Create a container instance to run the docker image

Unfortunately, the DevOps Docker step requires a service connection to the container registry, there is no obvious way of creating service connections within a pipeline.

In addition to that our security team have configured our Azure subscriptions and DevOps accounts in such a way that I cannot create a service connection, even once the registry exists. So that’s annoying.

This means I actually need to build my docker image, upload it to the registry and create its instance manually.

Docker Build Agent

My build agent is based on this container from Microsoft. In addition I have added Terraform, Ansible and openssh tools, as it needs to have an ssh key installed on it by the pipeline in order to talk to the VM.

Desired Set Up

Once the above is done I have a DevOps build agent, which has registered its self in an Agent Pool in DevOps with which I can use Terraform and Ansible scripts.

The only reason to make changes to this, and re-run the pipeline, is if I want to create more build agents or add extra tooling to them.