Skip to content

DTSPO-30612 - Update to v5 of terraform task #255

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
endakelly merged 14 commits into from
Mar 6, 2026
Merged

DTSPO-30612 - Update to v5 of terraform task #255

Changes from all commits
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
54b81cf
switch to serviceConnection
endakelly Mar 6, 2026
8e6ccab
upgrade to v5
endakelly Mar 6, 2026
c964288
fix name
endakelly Mar 6, 2026
51b805f
fix name
endakelly Mar 6, 2026
1870efc
add sub override
endakelly Mar 6, 2026
2786c14
add cli flags
endakelly Mar 6, 2026
6d5a193
set entraid to false
endakelly Mar 6, 2026
5a1ba20
revert to azure control rg
endakelly Mar 6, 2026
789d456
pass resourceGroupName
endakelly Mar 6, 2026
73f37fb
undo
endakelly Mar 6, 2026
4cd4dea
change order
endakelly Mar 6, 2026
0585555
add parameter for entra id
endakelly Mar 6, 2026
0d0e66f
rename parameter
endakelly Mar 6, 2026
3f6cb31
rename parameter
endakelly Mar 6, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 13 additions & 6 deletions steps/terraform.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,10 @@ parameters:
- name: backendKey
default: ''

- name: backendAzureRmUseEntraIdForAuthentication
displayName: Use Entra ID for authentication in Terraform init
default: false

- name: terraformInitSubscription
default: ''

Expand Down Expand Up @@ -141,7 +145,7 @@ steps:
filePath: $(System.DefaultWorkingDirectory)/cnp-azuredevops-libraries/scripts/build-resource-values.sh
workingDirectory: $(System.DefaultWorkingDirectory)/$(buildRepoSuffix)

- task: ms-devlabs.custom-terraform-tasks.custom-terraform-release-task.TerraformTaskV4@4
- task: ms-devlabs.custom-terraform-tasks.custom-terraform-release-task.TerraformTask@5
displayName: Terraform init ${{ parameters.component }}
inputs:
provider: 'azurerm'
Expand All @@ -150,17 +154,20 @@ steps:
workingDirectory: '$(System.DefaultWorkingDirectory)/$(buildRepoSuffix)/components/${{ parameters.component }}'
${{ else }}:
workingDirectory: '$(System.DefaultWorkingDirectory)/$(buildRepoSuffix)/${{ parameters.baseDirectory }}/${{ parameters.component }}'
backendServiceArm: ${{ coalesce(parameters.backendServiceConnection, 'HMCTS-CONTROL') }}
backendServiceArm: ${{ parameters.serviceConnection }}
backendAzureRmOverrideSubscriptionID: ${{ parameters.terraformInitSubscription }}
backendAzureRmResourceGroupName: ${{ coalesce(parameters.backendResourceGroupName, format('azure-control-{0}-rg', parameters.environment)) }}
backendAzureRmStorageAccountName: ${{ coalesce(parameters.backendStorageAccountName, '$(controlStorageAccount)') }}
backendAzureRmContainerName: ${{ coalesce(parameters.backendContainerName, 'subscription-tfstate') }}
${{ if parameters.backendKey }}:
backendAzureRmKey: ${{ parameters.backendKey }}
${{ else }}:
backendAzureRmKey: ${{ parameters.location }}/${{ parameters.product }}/$(buildRepoSuffix)/${{ parameters.environment }}/${{ parameters.component }}/terraform.tfstate
backendAzureRmUseCliFlagsForAuthentication: '-backend-config=subscription_id=${{ parameters.terraformInitSubscription }}'
backendAzureRmUseEntraIdForAuthentication: '${{ parameters.backendAzureRmUseEntraIdForAuthentication }}'
commandOptions: '${{ parameters.initCommandOptions }}'

- task: ms-devlabs.custom-terraform-tasks.custom-terraform-release-task.TerraformTaskV4@4
- task: ms-devlabs.custom-terraform-tasks.custom-terraform-release-task.TerraformTask@5
displayName: Terraform validate
inputs:
provider: 'azurerm'
Expand All @@ -170,7 +177,7 @@ steps:
${{ else }}:
workingDirectory: '$(System.DefaultWorkingDirectory)/$(buildRepoSuffix)/${{ parameters.baseDirectory }}/${{ parameters.component }}'

- task: ms-devlabs.custom-terraform-tasks.custom-terraform-release-task.TerraformTaskV4@4
- task: ms-devlabs.custom-terraform-tasks.custom-terraform-release-task.TerraformTask@5
# retryCountOnFailure: 2
displayName: Terraform plan ${{ parameters.component }}
condition: and(succeeded(), in('${{ parameters.overrideAction }}', 'plan', 'apply'))
Expand Down Expand Up @@ -262,7 +269,7 @@ steps:
az storage azcopy blob upload -c plan-json --account-name tfplanviewersa -s $(System.DefaultWorkingDirectory)/$(buildRepoSuffix)/components/${{ parameters.component }}/tfplan-$(tfPlanName).json -d "$(Build.Repository.Name)/$(System.PullRequest.PullRequestNumber)/tfplan-$(tfPlanName).json" --subscription ${{ parameters.savePlanResultsServiceConnection }} --account-key $(storage-account-primary-key)
azureSubscription: ${{ parameters.serviceConnection }}

- task: ms-devlabs.custom-terraform-tasks.custom-terraform-release-task.TerraformTaskV4@4
- task: ms-devlabs.custom-terraform-tasks.custom-terraform-release-task.TerraformTask@5
displayName: Terraform apply ${{ parameters.component }}
${{ if parameters.terraformEnvironmentVariables }}:
env: ${{ parameters.terraformEnvironmentVariables }}
Expand All @@ -283,7 +290,7 @@ steps:
retryCountOnTaskFailure: 3 # This is at the correct level, aligned with 'displayName' and 'inputs'

- ${{ if eq(parameters.overrideAction, 'destroy') }}:
- task: ms-devlabs.custom-terraform-tasks.custom-terraform-release-task.TerraformTaskV4@4
- task: ms-devlabs.custom-terraform-tasks.custom-terraform-release-task.TerraformTask@5
displayName: Terraform destroy ${{ parameters.component }}
${{ if parameters.terraformEnvironmentVariables }}:
env: ${{ parameters.terraformEnvironmentVariables }}
Expand Down