Azure
/
AzOps-Accelerator
зеркало из https://github.com/Azure/AzOps-Accelerator.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Use templates for pipelines (#103) 

* Use templates for pipelines

Closing Azure/AzOps#459

* Rename deploy.yml
This commit is contained in:
Simon Wåhlin 2022-01-03 10:27:44 +01:00 коммит произвёл GitHub
Родитель 914c929153
Коммит eee9161f1d
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4AEE18F83AFDEB23
6 изменённых файлов: 252 добавлений и 373 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

100
.pipelines/.templates/sharedSteps.yml Normal file
Просмотреть файл

@ -0,0 +1,100 @@
parameters:
- name: AZOPS_MODULE_VERSION
type: string
default: ''
- name: modulesFolder
type: string
default: '$(System.DefaultWorkingDirectory)/Modules'
- name: ARM_CLIENT_ID
type: string
- name: ARM_CLIENT_SECRET
type: string
- name: ARM_SUBSCRIPTION_ID
type: string
- name: ARM_TENANT_ID
type: string
steps:
#
# Checkout
# Checks-out the repository
#
- checkout: self
fetchDepth: 0
persistCredentials: true
#
# Get Latest AzOps version
# Query PowerShell Gallery for the latest AzOps version
# to be used as cache key if no version is specified
#
- task: PowerShell@2
displayName: "Get Latest AzOps version"
condition: eq(variables['AZOPS_MODULE_VERSION'], '')
inputs:
targetType: "inline"
script: |
$latestVersionUri = "https://www.powershellgallery.com/api/v2/FindPackagesById()?id='AzOps'&`$filter=IsLatestVersion"
$latestVersionId = (Invoke-RestMethod $latestVersionUri).properties.NormalizedVersion
Write-Host "##vso[task.setvariable variable=AZOPS_MODULE_VERSION;]$latestVersionId"
#
# Cache Dependencies
# Cache dependencies if version has not changed
#
- task: Cache@2
displayName: Cache AzOps module
condition: ne(variables['AZOPS_MODULE_VERSION'], '')
# This task will restore modules from cache if key is found.
inputs:
key: '"AzOpsModule" | "$(AZOPS_MODULE_VERSION)"'
path: $(modulesFolder)
cacheHitVar: AzOpsModule_IsCached
#
# Dependencies
# Install required runtime modules
#
- task: PowerShell@2
displayName: "Dependencies"
condition: or(eq(variables['AZOPS_MODULE_VERSION'], ''), ne(variables['AzOpsModule_IsCached'], 'true'))
inputs:
targetType: "inline"
script: |
if(-not (Test-Path -Path '$(modulesFolder)')) {
mkdir '$(modulesFolder)'
}
$params = @{
Name = 'AzOps'
Path = '$(modulesFolder)'
Force = $true
}
if('$(AZOPS_MODULE_VERSION)') {
$params.RequiredVersion = '$(AZOPS_MODULE_VERSION)'
}
Save-Module @params
#
# Connect
# Authenticate Azure context
#
- task: PowerShell@2
displayName: "Connect"
inputs:
targetType: "inline"
script: |
$Env:PSModulePath = $Env:PSModulePath, '$(modulesFolder)' -join [IO.Path]::PathSeparator
$credential = New-Object PSCredential -ArgumentList $(ARM_CLIENT_ID), (ConvertTo-SecureString -String $(ARM_CLIENT_SECRET) -AsPlainText -Force)
Connect-AzAccount -TenantId $(ARM_TENANT_ID) -ServicePrincipal -Credential $credential -SubscriptionId $(ARM_SUBSCRIPTION_ID)

62
.pipelines/.templates/validate-deploy.yml Normal file
Просмотреть файл

@ -0,0 +1,62 @@
parameters:
- name: deploy
type: boolean
default: false
- name: modulesFolder
type: string
default: '$(System.DefaultWorkingDirectory)/Modules'
steps:
#
# Diff
# List index changes
#
- task: Bash@3
displayName: "Diff"
inputs:
targetType: "inline"
script: |
if [ ! -z "$(git diff --name-status HEAD^ HEAD)" ]; then
echo $(git diff --name-status HEAD^ HEAD)
git diff --name-status HEAD^ HEAD > /tmp/diff.txt
if [ ! -z "$(git diff --diff-filter=D HEAD^ HEAD)" ]; then
echo $(git diff --diff-filter=D HEAD^ HEAD --no-prefix | grep ^- | sed -r "s/^([^-+ ]*)[-+ ]/\\1/" | less -r)
git diff --diff-filter=D HEAD^ HEAD --no-prefix | grep ^- | sed -r "s/^([^-+ ]*)[-+ ]/\\1/" | less -r > /tmp/diffdeletedfiles.txt
fi
else
echo "The validation pipeline failed because there is currently no change to be processed"
exit 1
fi
#
# Validate or Deploy
# If parameter "deploy" is set to true, then deploy the changes,
# otherwise validate the changes.
#
- task: PowerShell@2
${{ if not(eq(parameters.deploy, 'true')) }}:
displayName: "Validate"
${{ else }}:
displayName: "Deploy"
inputs:
targetType: "inline"
script: |
$Env:PSModulePath = $Env:PSModulePath, '$(modulesFolder)' -join [IO.Path]::PathSeparator
$RunWhatIf = -not ('${{parameters.deploy}}' -eq 'true')
Import-PSFConfig -Path settings.json -Schema MetaJson -EnableException
Initialize-AzOpsEnvironment
$diff = Get-Content -Path /tmp/diff.txt
$module = Get-Module -Name AzOps
if(Test-Path -Path "/tmp/diffdeletedfiles.txt")
{
$diffdeletedfiles = Get-Content -Path /tmp/diffdeletedfiles.txt
$module.Invoke({ Invoke-AzOpsPush -ChangeSet $diff -DeleteSetContents $diffdeletedfiles -WhatIf:$RunWhatIf })
}
else{
$module.Invoke({ Invoke-AzOpsPush -ChangeSet $diff -WhatIf:$RunWhatIf })
}
Get-Job | Remove-Job -Force

27
.pipelines/.templates/vars.yml Normal file
Просмотреть файл

@ -0,0 +1,27 @@
variables:
#
# Credentials
# This reference is to the Variable Group which needs
# to be created which will contain the following values.
# Set AZOPS_MODULE_VERSION to the desired version of the
# AzOps Module to enable version pinning and caching.
#
# - ARM_TENANT_ID
# - ARM_SUBSCRIPTION_ID
# - ARM_CLIENT_ID
# - ARM_CLIENT_SECRET
# - AZOPS_MODULE_VERSION
#
- group: credentials
#
# modulesFolder
# To enable caching of PowerShell modules between
# runs, the modules are stored in a modules folder
# that can be cached.
#
- name: modulesFolder
value: '$(System.DefaultWorkingDirectory)/Modules'

115
.pipelines/pull.yml
Просмотреть файл

@ -42,32 +42,14 @@ resources:
- main
variables:
#
# Credentials
# This reference is to the Variable Group which needs
# to be created which will contain the following values.
# Set AZOPS_MODULE_VERSION to the desired version of the
# AzOps Module to enable version pinning and caching.
#
# - ARM_TENANT_ID
# - ARM_SUBSCRIPTION_ID
# - ARM_CLIENT_ID
# - ARM_CLIENT_SECRET
# - AZOPS_MODULE_VERSION
# Shared variables
# Include shared variables from the 'vars.yml' file
# to not have to repeat them in every pipeline.
#
- group: credentials
#
# modulesFolder
# To enable caching of PowerShell modules between
# runs, the modules are stored in a modules folder
# that can be cached.
#
- name: modulesFolder
value: '$(System.DefaultWorkingDirectory)/Modules'
- template: .templates/vars.yml
#
# Folder Name
@ -135,13 +117,19 @@ jobs:
steps:
#
# Checkout
# Checks-out the repository
# Shared steps
# Include shared steps from the 'shared.yml' file
# to not have to repeat them in every pipeline.
#
- checkout: self
fetchDepth: 0
persistCredentials: true
- template: .templates/sharedSteps.yml
parameters:
AZOPS_MODULE_VERSION: ${{ variables['AZOPS_MODULE_VERSION'] }}
modulesFolder: ${{ variables['modulesFolder'] }}
ARM_CLIENT_ID: ${{ variables['ARM_CLIENT_ID'] }}
ARM_CLIENT_SECRET: ${{ variables['ARM_CLIENT_SECRET'] }}
ARM_SUBSCRIPTION_ID: ${{ variables['ARM_SUBSCRIPTION_ID'] }}
ARM_TENANT_ID: ${{ variables['ARM_TENANT_ID'] }}
#
# Configure
@ -168,74 +156,6 @@ jobs:
script: |
git checkout -b $(branch)
#
# Get Latest AzOps version
# Query PowerShell Gallery for the latest AzOps version
# to be used as cache key if no version is specified
#
- task: PowerShell@2
displayName: "Get Latest AzOps version"
condition: eq(variables['AZOPS_MODULE_VERSION'], '')
inputs:
targetType: "inline"
script: |
$latestVersionUri = "https://www.powershellgallery.com/api/v2/FindPackagesById()?id='AzOps'&`$filter=IsLatestVersion"
$latestVersionId = (Invoke-RestMethod $latestVersionUri).properties.NormalizedVersion
Write-Host "##vso[task.setvariable variable=AZOPS_MODULE_VERSION;]$latestVersionId"
#
# Cache Dependencies
# Cache dependencies if version has not changed
#
- task: Cache@2
displayName: Cache AzOps module
condition: ne(variables['AZOPS_MODULE_VERSION'], '')
# This task will restore modules from cache if key is found.
inputs:
key: '"AzOpsModule" | "$(AZOPS_MODULE_VERSION)"'
path: $(modulesFolder)
cacheHitVar: AzOpsModule_IsCached
#
# Dependencies
# Install required runtime modules
#
- task: PowerShell@2
displayName: "Dependencies"
condition: or(eq(variables['AZOPS_MODULE_VERSION'], ''), ne(variables['AzOpsModule_IsCached'], 'true'))
inputs:
targetType: "inline"
script: |
if(-not (Test-Path -Path '$(modulesFolder)')) {
mkdir '$(modulesFolder)'
}
$params = @{
Name = 'AzOps'
Path = '$(modulesFolder)'
Force = $true
}
if('$(AZOPS_MODULE_VERSION)') {
$params.RequiredVersion = '$(AZOPS_MODULE_VERSION)'
}
Save-Module @params
#
# Connect
# Authenticate Azure context
#
- task: PowerShell@2
displayName: "Connect"
inputs:
targetType: "inline"
script: |
$Env:PSModulePath = $Env:PSModulePath, '$(modulesFolder)' -join [IO.Path]::PathSeparator
$credential = New-Object PSCredential -ArgumentList $(ARM_CLIENT_ID), (ConvertTo-SecureString -String $(ARM_CLIENT_SECRET) -AsPlainText -Force)
Connect-AzAccount -TenantId $(ARM_TENANT_ID) -ServicePrincipal -Credential $credential -SubscriptionId $(ARM_SUBSCRIPTION_ID)
#
# Initialize
# Generate new state data
@ -340,6 +260,7 @@ jobs:
# If PR is not completed, then complete it bypassing policy
if [ $PRStatus == "\"active\"" ]; then
echo "Completing PR bypassing branch policy"
az repos pr update --status completed --id $PRid --bypass-policy true --bypass-policy-reason "Automated pull request" > /dev/null 2>&1
fi;
env:

157
.pipelines/push.yml
Просмотреть файл

@ -19,30 +19,12 @@ trigger:
variables:
#
# Credentials
# This reference is to the Variable Group which needs
# to be created which will contain the following values.
# Set AZOPS_MODULE_VERSION to the desired version of the
# AzOps Module to enable version pinning and caching.
#
# - ARM_TENANT_ID
# - ARM_SUBSCRIPTION_ID
# - ARM_CLIENT_ID
# - ARM_CLIENT_SECRET
# - AZOPS_MODULE_VERSION
# Shared variables
# Include shared variables from the 'vars.yml' file
# to not have to repeat them in every pipeline.
#
- group: credentials
#
# modulesFolder
# To enable caching of PowerShell modules between
# runs, the modules are stored in a modules folder
# that can be cached.
#
- name: modulesFolder
value: '$(System.DefaultWorkingDirectory)/Modules'
- template: .templates/vars.yml
jobs:
@ -62,125 +44,26 @@ jobs:
steps:
#
# Checkout
# Checks-out the repository
# Shared steps
# Include shared steps from the 'shared.yml' file
# to not have to repeat them in every pipeline.
#
- checkout: self
fetchDepth: 0
persistCredentials: true
#
# Get Latest AzOps version
# Query PowerShell Gallery for the latest AzOps version
# to be used as cache key if no version is specified
#
- task: PowerShell@2
displayName: "Get Latest AzOps version"
condition: eq(variables['AZOPS_MODULE_VERSION'], '')
inputs:
targetType: "inline"
script: |
$latestVersionUri = "https://www.powershellgallery.com/api/v2/FindPackagesById()?id='AzOps'&`$filter=IsLatestVersion"
$latestVersionId = (Invoke-RestMethod $latestVersionUri).properties.NormalizedVersion
Write-Host "##vso[task.setvariable variable=AZOPS_MODULE_VERSION;]$latestVersionId"
#
# Cache Dependencies
# Cache dependencies if version has not changed
#
- task: Cache@2
displayName: Cache AzOps module
condition: ne(variables['AZOPS_MODULE_VERSION'], '')
# This task will restore modules from cache if key is found.
inputs:
key: '"AzOpsModule" | "$(AZOPS_MODULE_VERSION)"'
path: $(modulesFolder)
cacheHitVar: AzOpsModule_IsCached
#
# Dependencies
# Install required runtime modules
#
- task: PowerShell@2
displayName: "Dependencies"
condition: or(eq(variables['AZOPS_MODULE_VERSION'], ''), ne(variables['AzOpsModule_IsCached'], 'true'))
inputs:
targetType: "inline"
script: |
if(-not (Test-Path -Path '$(modulesFolder)')) {
mkdir '$(modulesFolder)'
}
$params = @{
Name = 'AzOps'
Path = '$(modulesFolder)'
Force = $true
}
if('$(AZOPS_MODULE_VERSION)') {
$params.RequiredVersion = '$(AZOPS_MODULE_VERSION)'
}
Save-Module @params
#
# Connect
# Authenticate Azure context
#
- task: PowerShell@2
displayName: "Connect"
inputs:
targetType: "inline"
script: |
$Env:PSModulePath = $Env:PSModulePath, '$(modulesFolder)' -join [IO.Path]::PathSeparator
$credential = New-Object PSCredential -ArgumentList $(ARM_CLIENT_ID), (ConvertTo-SecureString -String $(ARM_CLIENT_SECRET) -AsPlainText -Force)
Connect-AzAccount -TenantId $(ARM_TENANT_ID) -ServicePrincipal -Credential $credential -SubscriptionId $(ARM_SUBSCRIPTION_ID)
#
# Diff
# List index changes
#
- task: Bash@3
displayName: "Diff"
inputs:
targetType: "inline"
script: |
if [ ! -z "$(git diff --name-status HEAD^ HEAD)" ]; then
echo $(git diff --name-status HEAD^ HEAD)
git diff --name-status HEAD^ HEAD > /tmp/diff.txt
if [ ! -z "$(git diff --diff-filter=D HEAD^ HEAD)" ]; then
echo $(git diff --diff-filter=D HEAD^ HEAD --no-prefix | grep ^- | sed -r "s/^([^-+ ]*)[-+ ]/\\1/" | less -r)
git diff --diff-filter=D HEAD^ HEAD --no-prefix | grep ^- | sed -r "s/^([^-+ ]*)[-+ ]/\\1/" | less -r > /tmp/diffdeletedfiles.txt
fi
else
echo "The validation pipeline failed because there is currently no change to be processed"
exit 1
fi
- template: .templates/sharedSteps.yml
parameters:
AZOPS_MODULE_VERSION: ${{ variables['AZOPS_MODULE_VERSION'] }}
modulesFolder: ${{ variables['modulesFolder'] }}
ARM_CLIENT_ID: ${{ variables['ARM_CLIENT_ID'] }}
ARM_CLIENT_SECRET: ${{ variables['ARM_CLIENT_SECRET'] }}
ARM_SUBSCRIPTION_ID: ${{ variables['ARM_SUBSCRIPTION_ID'] }}
ARM_TENANT_ID: ${{ variables['ARM_TENANT_ID'] }}
#
# Deploy
# Initial deployment of any index changes
# Deploy any templates changed in the last commit
#
- task: PowerShell@2
displayName: "Deploy"
inputs:
targetType: "inline"
script: |
$Env:PSModulePath = $Env:PSModulePath, '$(modulesFolder)' -join [IO.Path]::PathSeparator
Import-PSFConfig -Path settings.json -Schema MetaJson -EnableException
Initialize-AzOpsEnvironment
$diff = Get-Content -Path /tmp/diff.txt
$module = Get-Module -Name AzOps
if(Test-Path -Path "/tmp/diffdeletedfiles.txt")
{
$diffdeletedfiles = Get-Content -Path /tmp/diffdeletedfiles.txt
$module.Invoke({ Invoke-AzOpsPush -ChangeSet $diff -DeleteSetContents $diffdeletedfiles })
}
else{
$module.Invoke({ Invoke-AzOpsPush -ChangeSet $diff })
}
Get-Job | Remove-Job -Force
- template: .templates/validate-deploy.yml
parameters:
deploy: true
modulesFolder: ${{ variables['modulesFolder'] }}

164
.pipelines/validate.yml
Просмотреть файл

@ -11,32 +11,14 @@ name: "AzOps - Validate"
trigger: none
variables:
#
# Credentials
# This reference is to the Variable Group which needs
# to be created which will contain the following values.
# Set AZOPS_MODULE_VERSION to the desired version of the
# AzOps Module to enable version pinning and caching.
#
# - ARM_TENANT_ID
# - ARM_SUBSCRIPTION_ID
# - ARM_CLIENT_ID
# - ARM_CLIENT_SECRET
# - AZOPS_MODULE_VERSION
# Shared variables
# Include shared variables from the 'vars.yml' file
# to not have to repeat them in every pipeline.
#
- group: credentials
#
# modulesFolder
# To enable caching of PowerShell modules between
# runs, the modules are stored in a modules folder
# that can be cached.
#
- name: modulesFolder
value: '$(System.DefaultWorkingDirectory)/Modules'
- template: .templates/vars.yml
jobs:
@ -51,132 +33,36 @@ jobs:
vmImage: "ubuntu-20.04"
steps:
#
# Checkout
# Checks-out the repository
# Shared steps
# Include shared steps from the 'shared.yml' file
# to not have to repeat them in every pipeline.
#
- checkout: self
fetchDepth: 0
persistCredentials: true
#
# Get Latest AzOps version
# Query PowerShell Gallery for the latest AzOps version
# to be used as cache key if no version is specified
#
- task: PowerShell@2
displayName: "Get Latest AzOps version"
condition: eq(variables['AZOPS_MODULE_VERSION'], '')
inputs:
targetType: "inline"
script: |
$latestVersionUri = "https://www.powershellgallery.com/api/v2/FindPackagesById()?id='AzOps'&`$filter=IsLatestVersion"
$latestVersionId = (Invoke-RestMethod $latestVersionUri).properties.NormalizedVersion
Write-Host "##vso[task.setvariable variable=AZOPS_MODULE_VERSION;]$latestVersionId"
#
# Cache Dependencies
# Cache dependencies if version has not changed
#
- task: Cache@2
displayName: Cache AzOps module
condition: ne(variables['AZOPS_MODULE_VERSION'], '')
# This task will restore modules from cache if key is found.
inputs:
key: '"AzOpsModule" | "$(AZOPS_MODULE_VERSION)"'
path: $(modulesFolder)
cacheHitVar: AzOpsModule_IsCached
#
# Dependencies
# Install required runtime modules
#
- task: PowerShell@2
displayName: "Dependencies"
condition: or(eq(variables['AZOPS_MODULE_VERSION'], ''), ne(variables['AzOpsModule_IsCached'], 'true'))
inputs:
targetType: "inline"
script: |
if(-not (Test-Path -Path '$(modulesFolder)')) {
mkdir '$(modulesFolder)'
}
$params = @{
Name = 'AzOps'
Path = '$(modulesFolder)'
Force = $true
}
if('$(AZOPS_MODULE_VERSION)') {
$params.RequiredVersion = '$(AZOPS_MODULE_VERSION)'
}
Save-Module @params
#
# Connect
# Authenticate Azure context
#
- task: PowerShell@2
displayName: "Connect"
inputs:
targetType: "inline"
script: |
$Env:PSModulePath = $Env:PSModulePath, '$(modulesFolder)' -join [IO.Path]::PathSeparator
$credential = New-Object PSCredential -ArgumentList $(ARM_CLIENT_ID), (ConvertTo-SecureString -String $(ARM_CLIENT_SECRET) -AsPlainText -Force)
Connect-AzAccount -TenantId $(ARM_TENANT_ID) -ServicePrincipal -Credential $credential -SubscriptionId $(ARM_SUBSCRIPTION_ID)
#
# Diff
# List index changes
#
- task: Bash@3
displayName: "Diff"
inputs:
targetType: "inline"
script: |
if [ ! -z "$(git diff --name-status HEAD^ HEAD)" ]; then
echo $(git diff --name-status HEAD^ HEAD)
git diff --name-status HEAD^ HEAD > /tmp/diff.txt
if [ ! -z "$(git diff --diff-filter=D HEAD^ HEAD)" ]; then
echo $(git diff --diff-filter=D HEAD^ HEAD --no-prefix | grep ^- | sed -r "s/^([^-+ ]*)[-+ ]/\\1/" | less -r)
git diff --diff-filter=D HEAD^ HEAD --no-prefix | grep ^- | sed -r "s/^([^-+ ]*)[-+ ]/\\1/" | less -r > /tmp/diffdeletedfiles.txt
fi
else
echo "The validation pipeline failed because there is currently no change to be processed"
exit 1
fi
- template: .templates/sharedSteps.yml
parameters:
AZOPS_MODULE_VERSION: ${{ variables['AZOPS_MODULE_VERSION'] }}
modulesFolder: ${{ variables['modulesFolder'] }}
ARM_CLIENT_ID: ${{ variables['ARM_CLIENT_ID'] }}
ARM_CLIENT_SECRET: ${{ variables['ARM_CLIENT_SECRET'] }}
ARM_SUBSCRIPTION_ID: ${{ variables['ARM_SUBSCRIPTION_ID'] }}
ARM_TENANT_ID: ${{ variables['ARM_TENANT_ID'] }}
#
# Validate
# Run what-if deployment on any templates changed
# in the last commit
#
- task: PowerShell@2
displayName: "Validate"
inputs:
targetType: "inline"
script: |
$Env:PSModulePath = $Env:PSModulePath, '$(modulesFolder)' -join [IO.Path]::PathSeparator
Import-PSFConfig -Path settings.json -Schema MetaJson -EnableException
Initialize-AzOpsEnvironment
$diff = Get-Content -Path /tmp/diff.txt
$module = Get-Module -Name AzOps
if(Test-Path -Path "/tmp/diffdeletedfiles.txt")
{
$diffdeletedfiles = Get-Content -Path /tmp/diffdeletedfiles.txt
$module.Invoke({ Invoke-AzOpsPush -ChangeSet $diff -DeleteSetContents $diffdeletedfiles -WhatIf })
}
else{
$module.Invoke({ Invoke-AzOpsPush -ChangeSet $diff -WhatIf })
}
Get-Job | Remove-Job -Force
- template: .templates/validate-deploy.yml
parameters:
deploy: false
modulesFolder: ${{ variables['modulesFolder'] }}
#
# Results
# Post results as a comment to the pull request.
#
- task: PowerShell@2