Terraform: Modify Repo Structure

2 minute read

Description:

Continuing from my previous post, I then wanted to format my repo in a way that will be scalable going forward.

Note: You can see the code for this post on my Github repo

To Resolve:

  1. So the first thing I wanted to do was to reference the Terraform Repo Guide which basically says to put your code in root of repo and then make module calls to a Modules folder.

  2. After doing that, I then decided that I will stick with 3 standard files for all terraform code: variables.tf for input variables, main.tf for building resources, and outputs.tf if it is some kind of module that will be returning values.

  3. In addition, my main.tf will always include a providers section at the top, a locals section second for any repeated code, and finally a resources section for all module calls and resources. I’m currently debating if I want a data section before or after the resources section, we will see. Reference for what I’m saying here.

  4. The cool thing about going this route is I can now remove the following from my build.yaml:

    1
2
3
4
5
6

    - task: CopyFiles@2
   displayName: 'Copy Deploy Folder'
   inputs:
      SourceFolder: $(Build.SourcesDirectory)/Deploy
      Contents: "*"
      TargetFolder: $(Build.SourcesDirectory)
    • Since the files are now at the root of the repo, you don’t have to copy them up on the build agent anymore.

  5. In addition, I have taken to explicitly declaring required versions of things (see providers section of main.tf) so that I can move in a model to where you upgrade your deployments by testing against new versions of releases.

  6. Lastly, after pushing changes to my repo in Azure Devops, the next step was to run a build and release pipeline to ensure it says the following in the terraform plan stage of the pipeline:

    1
2
3
4
5
6
7
8

    module.azure_learning_rg.azurerm_resource_group.rg: Refreshing state... [id=/subscriptions/***/resourceGroups/aa-dev-tx-test]
azurerm_management_lock.resource-group-level: Refreshing state... [id=/subscriptions/***/resourceGroups/aa-dev-tx-test/providers/Microsoft.Authorization/locks/BlockDelete]

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.
Finishing: terraform plan
    • And this in the terraform apply stage of the pipeline
    1
2
3
4
5
6
7
8

    ╷
│ Warning: "use_microsoft_graph": [DEPRECATED] This field now defaults to `true` and will be removed in v1.3 of Terraform Core due to the deprecation of ADAL by Microsoft.
│ 
│ 
╵

Apply complete! Resources: 0 added, 0 changed, 0 destroyed.
Finishing: terraform apply

Comments

You May Also Enjoy