Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Pull Request workflow for AzDO + Bicep #249

Open
wants to merge 36 commits into
base: main
Choose a base branch
from
Open

Pull Request workflow for AzDO + Bicep #249

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
36 commits
Select commit Hold shift + click to select a range
8631a7e
First attempt at AzDO bicep PR pipeline
PabloZaiden Nov 7, 2023
b695bff
better templates
PabloZaiden Nov 8, 2023
23ec264
remove pr stuff from pipeline
PabloZaiden Nov 9, 2023
42b9bb8
job display name variable
PabloZaiden Nov 13, 2023
fa54f4e
templated dependencies
PabloZaiden Nov 13, 2023
7a9f68f
several fixes
PabloZaiden Nov 14, 2023
c12d6cd
always
PabloZaiden Nov 14, 2023
dfd5b19
fix
PabloZaiden Nov 14, 2023
f7a7dc2
s
PabloZaiden Nov 14, 2023
9f08712
credentials
PabloZaiden Nov 14, 2023
164d4b4
deploying fine
PabloZaiden Nov 16, 2023
97cfad3
Update environment variable name in destroy
PabloZaiden Nov 16, 2023
939f3b6
condition
PabloZaiden Nov 18, 2023
b6111b4
Update environment creation comment
PabloZaiden Nov 27, 2023
59cc0fb
Commented out keyVaultArmSvcConnectionName and
PabloZaiden Nov 27, 2023
1f07142
Added queryevents
PabloZaiden Nov 27, 2023
c9b5f3c
destroy var names
PabloZaiden Nov 27, 2023
2d76aeb
cleanup pipeline
PabloZaiden Nov 28, 2023
b8688bc
Add pipeline cleanup configuration
PabloZaiden Dec 4, 2023
7ae03fa
Added missing parameter in cleanup pipeline
PabloZaiden Dec 5, 2023
6a7736c
use variables and not parameters in pipeline
PabloZaiden Dec 5, 2023
11394fe
Update pipeline.pr.bicep.yml to set environment
PabloZaiden Dec 5, 2023
15b2ef1
Update environment variable payload format with field type
PabloZaiden Dec 6, 2023
6a12494
Add pipeline to main branch policy
PabloZaiden Dec 7, 2023
270c746
Add StoreEvent dependency to PreviewDeployBaseBranch job
PabloZaiden Dec 8, 2023
2b918bf
Add instructions for allowing PR pipeline to add comments to PRs
PabloZaiden Dec 14, 2023
1c7a0ec
Merge branch 'main' into pzaidenvoren/pr-azdo-bicep
PabloZaiden Dec 14, 2023
2b91e95
Update Pull Request Workflow description
PabloZaiden Dec 14, 2023
b029fb0
Removed comments
PabloZaiden Dec 14, 2023
f1d3f6a
linter
PabloZaiden Jan 10, 2024
1cfb13f
linter
PabloZaiden Jan 10, 2024
ed0fad6
Merge branch 'main' into pzaidenvoren/pr-azdo-bicep
PabloZaiden Jan 23, 2024
50cdfd1
Merge branch 'main' into pzaidenvoren/pr-azdo-bicep
PabloZaiden May 13, 2024
ee67e41
Merge branch 'main' into pzaidenvoren/pr-azdo-bicep
PabloZaiden May 23, 2024
e18e8c7
Merge branch 'main' into pzaidenvoren/pr-azdo-bicep
HadwaAbdelhalem May 23, 2024
be7e35a
Merge branch 'main' into pzaidenvoren/pr-azdo-bicep
HadwaAbdelhalem Jul 8, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions .azure-pipelines/pipeline.ci.bicep.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,21 +37,26 @@ jobs:
- template: ./template.bicep.validate.yml
parameters:
environmentName: $(environmentName)
environmentDirectory: $(environmentName)
locationName: $(locationName)
keyVaultArmSvcConnectionName: $(keyVaultArmSvcConnectionName)
keyVaultName: $(keyVaultName)
excludedFolders: $(excludedFolders)

- template: ./template.bicep.previewdeploy.yml
parameters:
dependsOn: [Validate]
environmentName: $(environmentName)
environmentDirectory: $(environmentName)
locationName: $(locationName)
keyVaultArmSvcConnectionName: $(keyVaultArmSvcConnectionName)
keyVaultName: $(keyVaultName)
excludedFolders: $(excludedFolders)
branchName: $(Build.SourceBranchName)

- template: ./template.bicep.test.yml
parameters:
dependsOn: [PreviewDeploy]
environmentName: $(environmentName)
locationName: $(locationName)
keyVaultArmSvcConnectionName: $(keyVaultArmSvcConnectionName)
Expand Down
120 changes: 120 additions & 0 deletions .azure-pipelines/pipeline.cleanup.bicep.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,120 @@
name: $(BuildDefinitionName).$(DayOfYear)$(Rev:.r)

Check warning on line 1 in .azure-pipelines/pipeline.cleanup.bicep.yml

View workflow job for this annotation

GitHub Actions / MegaLinter 

1:1 [document-start] missing document start "---"

trigger:
- none

pr:
- none

variables:
#=============================================================#
# The following Variables should be set on the pipeline level #
#=============================================================#

# Name of the Agent Pool to use
- name: agentImage
value: "ubuntu-latest"

- name: pullRequestNumber
value: 0

# Commented out to use the values from the Azdo pipeline variables

# ARM Service Connection Name used for environment Key Vault access
# - name: keyVaultArmSvcConnectionName
# value: "Symphony-KV"

# Environment Key Vault Name
# - name: keyVaultName
# value: "kv-symphony-environments"

pool:
vmImage: $(agentImage)

jobs:
- job: EventInfo
displayName: Generating event information
steps:
- task: Bash@3
name: Data
displayName: "Generate event information"
inputs:
workingDirectory: "$(System.DefaultWorkingDirectory)/scripts/orchestrators"
bashEnvValue: "~/.profile"
failOnStderr: true
targetType: "inline"
script: |
echo "##vso[task.setvariable variable=groupId;isOutput=true]PR-$(pullRequestNumber)-$(Build.Repository.Id)"

- template: ./template.queryevents.yml
parameters:
jobName: GetEnvironments
dependsOn: [EventInfo]
pipelineName: PR
eventName: NewEnvironment
eventGroupId: $[ dependencies.EventInfo.outputs['Data.groupId'] ]
keyVaultArmSvcConnectionName: $(keyVaultArmSvcConnectionName)
keyVaultName: $(keyVaultName)

- job: Destroy
displayName: "Destroy"
dependsOn: [GetEnvironments]
workspace:
clean: resources

variables:
newEnvironmentEventsJson: $[ dependencies.GetEnvironments.outputs['QueryEvents.events'] ]

steps:
- checkout: self
fetchDepth: 0
fetchTags: true
persistCredentials: true

- task: Bash@3
displayName: "Install Azure CLI"
inputs:
filePath: "scripts/orchestrators/setup-azcli.sh"
workingDirectory: "$(System.DefaultWorkingDirectory)/scripts/orchestrators"
bashEnvValue: "~/.profile"
failOnStderr: true

- task: AzureKeyVault@2
inputs:
azureSubscription: $(keyVaultArmSvcConnectionName)
keyVaultName: $(keyVaultName)
secretsFilter: "*"
runAsPreJob: true

- task: Bash@3
displayName: "Destroy environments"
env:
WORKSPACE_PATH: $(System.DefaultWorkingDirectory)
RUN_ID: $(Build.BuildId)
NEW_ENVIRONMENT_EVENTS_JSON: $(newEnvironmentEventsJson)
ARM_SUBSCRIPTION_ID: $(subscriptionId)
ARM_TENANT_ID: $(tenantId)
ARM_CLIENT_ID: $(clientId)
ARM_CLIENT_SECRET: $(clientSecret)
inputs:
workingDirectory: "$(System.DefaultWorkingDirectory)/scripts/orchestrators"
targetType: "inline"
failOnStderr: false
script: |
# NEW_ENVIRONMENT_EVENTS_JSON is an array of events.
# Each event has a Name, SHA and Location properties.
# For each event, we want to checkout the .SHA commit, get the .Name environment name
# and the Location of the environment, and pass it to the destroy script.

for event in $(echo "${NEW_ENVIRONMENT_EVENTS_JSON}" | jq -c '.[]'); do
sha=$(echo "${event}" | jq -r '.SHA')
name=$(echo "${event}" | jq -r '.Name')
location=$(echo "${event}" | jq -r '.Location')

git checkout "${sha}"
echo "Destroying environment: $name"
export ENVIRONMENT_NAME=$name
export LOCATION_NAME=$location

./iac.bicep.destroy.sh
done
9 changes: 5 additions & 4 deletions .azure-pipelines/pipeline.destroy.bicep.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,12 +25,12 @@ variables:
# value: "westus"

# ARM Service Connection Name used for environment Key Vault access
- name: keyVaultArmSvcConnectionName
value: "Symphony-KV"
# - name: keyVaultArmSvcConnectionName
# value: "Symphony-KV"

# Environment Key Vault Name
- name: keyVaultName
value: "kv-symphony-environments"
# - name: keyVaultName
# value: "kv-symphony-environments"

pool:
vmImage: $(agentImage)
Expand All @@ -42,3 +42,4 @@ jobs:
locationName: $(locationName)
keyVaultArmSvcConnectionName: $(keyVaultArmSvcConnectionName)
keyVaultName: $(keyVaultName)
branchName: $(Build.SourceBranchName)
174 changes: 174 additions & 0 deletions .azure-pipelines/pipeline.pr.bicep.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,174 @@
name: $(BuildDefinitionName).$(DayOfYear)$(Rev:.r)

Check warning on line 1 in .azure-pipelines/pipeline.pr.bicep.yml

View workflow job for this annotation

GitHub Actions / MegaLinter 

1:1 [document-start] missing document start "---"

trigger:
- none

pr:
- none

variables:
#=============================================================#
# The following Variables should be set on the pipeline level #
#=============================================================#

- name: agentImage
value: "ubuntu-latest"
# Commented out to use the values from the Azdo pipeline variables
# - name: prEnvironmentDirectory
# value: "pr"

# - name: locationName
# value: "westus"

# - name: keyVaultArmSvcConnectionName
# value: "Symphony-KV"

# - name: keyVaultName
# value: "kv-symphony-environments"

- name: excludedFolders
value: ","

pool:
vmImage: $(agentImage)

jobs:
- job: Setup
displayName: Setup
steps:
- task: Bash@3
name: GenerateEnvironmentName
displayName: "Generate environment name"
inputs:
workingDirectory: "$(System.DefaultWorkingDirectory)/scripts/orchestrators"
bashEnvValue: "~/.profile"
failOnStderr: true
targetType: "inline"
script: |
suffix=$(uuidgen)

# create a 6 character hash of the suffix
suffixHash=$(echo -n "$suffix" | md5sum | cut -c1-6)

echo "##vso[task.setvariable variable=environmentName;isOutput=true]$suffixHash"
- task: Bash@3
name: Labels
displayName: "Check labels"
env:
System.AccessToken: $(System.AccessToken)
inputs:
workingDirectory: "$(System.DefaultWorkingDirectory)/scripts/orchestrators"
bashEnvValue: "~/.profile"
failOnStderr: false
targetType: "inline"
script: |
prId=$(System.PullRequest.PullRequestId)
repoId=$(Build.Repository.Id)
uri="$(System.TeamFoundationCollectionUri)_apis/git/repositories/$repoId/pullRequests/$prId/labels?api-version=6.0"
labelName="preserve-pr-environment"

echo "Checking if the \"$labelName\" label is present on the PR..."
echo "URI: $uri"

labelsJson=$(curl -u :$(System.AccessToken) $uri)
labelContent=$(echo $labelsJson | jq -e ".value[] | select(.name==\"$labelName\")")

if [ -z "$labelContent" ]; then
hasLabel=false
else
hasLabel=true
fi

preservePrEnvironment=$hasLabel
echo "preservePrEnvironment: $preservePrEnvironment"

echo "##vso[task.setvariable variable=preservePrEnvironment;isOutput=true]$preservePrEnvironment"

- template: ./template.bicep.validate.yml
parameters:
dependsOn: [Setup]
environmentName: $[ dependencies.Setup.outputs['GenerateEnvironmentName.environmentName'] ]
environmentDirectory: $(prEnvironmentDirectory)
locationName: $(locationName)
keyVaultArmSvcConnectionName: $(keyVaultArmSvcConnectionName)
keyVaultName: $(keyVaultName)
excludedFolders: $(excludedFolders)

- job: EventInfo
dependsOn: [Setup, Validate]
displayName: Generating event information
variables:
environmentName: $[ dependencies.Setup.outputs['GenerateEnvironmentName.environmentName'] ]
steps:
- task: Bash@3
name: Data
displayName: "Generate event information"
inputs:
workingDirectory: "$(System.DefaultWorkingDirectory)/scripts/orchestrators"
bashEnvValue: "~/.profile"
failOnStderr: true
targetType: "inline"
script: |
environmentName="$(environmentName)"
comment="Creating environment with name: '$environmentName' using commit: '$(System.PullRequest.SourceCommitId)'. The environment will be destroyed after the pipeline completes, unless the PR has the 'preserve-pr-environment' label. In that case, the environment will not be destroyed automatically. To delete the environment manually, use the Destroy pipeline on the current branch with '$environmentName' as the environment name."

echo "##vso[task.setvariable variable=groupId;isOutput=true]PR-$(System.PullRequest.PullRequestId)-$(Build.Repository.Id)"
echo "##vso[task.setvariable variable=payload;isOutput=true]Name=$environmentName SHA=$(System.PullRequest.SourceCommitId) Location=$(locationName) [email protected]=Edm.String"
echo "##vso[task.setvariable variable=comment;isOutput=true]$comment"

- template: ./template.storeevent.yml
parameters:
dependsOn: [Setup, EventInfo]
pipelineName: PR
eventName: NewEnvironment
eventGroupId: $[ dependencies.EventInfo.outputs['Data.groupId'] ]
data: $[ dependencies.EventInfo.outputs['Data.payload'] ]
keyVaultArmSvcConnectionName: $(keyVaultArmSvcConnectionName)
keyVaultName: $(keyVaultName)
comment: $[ dependencies.EventInfo.outputs['Data.comment'] ]

- template: ./template.bicep.previewdeploy.yml
parameters:
dependsOn: [Setup, Validate, StoreEvent]
jobName: PreviewDeployBaseBranch
environmentName: $[ dependencies.Setup.outputs['GenerateEnvironmentName.environmentName'] ]
environmentDirectory: $(prEnvironmentDirectory)
locationName: $(locationName)
keyVaultArmSvcConnectionName: $(keyVaultArmSvcConnectionName)
keyVaultName: $(keyVaultName)
excludedFolders: $(excludedFolders)
branchName: $(System.PullRequest.TargetBranch)
displayNameSuffix: "Base Branch"

- template: ./template.bicep.previewdeploy.yml
parameters:
dependsOn: [Setup, PreviewDeployBaseBranch]
jobName: PreviewDeployPRBranch
environmentName: $[ dependencies.Setup.outputs['GenerateEnvironmentName.environmentName'] ]
environmentDirectory: $(prEnvironmentDirectory)
locationName: $(locationName)
keyVaultArmSvcConnectionName: $(keyVaultArmSvcConnectionName)
keyVaultName: $(keyVaultName)
excludedFolders: $(excludedFolders)
branchName: $(System.PullRequest.SourceCommitId)
displayNameSuffix: "PR Branch"

- template: ./template.bicep.test.yml
parameters:
dependsOn: [Setup, PreviewDeployPRBranch]
previewDeployStageToTest: PreviewDeployPRBranch
environmentName: $[ dependencies.Setup.outputs['GenerateEnvironmentName.environmentName'] ]
locationName: $(locationName)
keyVaultArmSvcConnectionName: $(keyVaultArmSvcConnectionName)
keyVaultName: $(keyVaultName)
excludedFolders: $(excludedFolders)

- template: ./template.bicep.destroy.yml
parameters:
dependsOn: [Setup, Test]
condition: and(eq(dependencies.Setup.outputs['Labels.preservePrEnvironment'],'false'), always())
environmentName: $[ dependencies.Setup.outputs['GenerateEnvironmentName.environmentName'] ]
locationName: $(locationName)
keyVaultArmSvcConnectionName: $(keyVaultArmSvcConnectionName)
keyVaultName: $(keyVaultName)
branchName: $(System.PullRequest.SourceCommitId)
Loading
Loading