Learn CDAF > Release Train > Terraform Kubernetes > Continuous Integration (CI)

Continuous Integration (CI)

Build and Package

Terraform is interpretive and doesn’t need to be compiled, so why have a build process?

Validation

While Terraform does not have a compiler, it does have the option to validate the syntax of a plan, so this is used as the CI process to “fail fast”, to find syntax errors before attempting to execute against an environment. Add these steps in your build.tsk file.

terraform init -upgrade -input=false
terraform validate

Decouple for Source Control

The output of the CI process is a portable, re-usable, release package (release.ps1). This can be used to perform Terraform application from the users desktop against their Visual Studio Pro or Test subscription in azure, using the same mechanism the pipeline will use.

To further verify the release package, it is executed in PLAN mode, which ensures the plan can be executed and provides a what-if analysis. The most important outcome is what will happen in production, so add the following to your CDAF.solution.

defaultEnvironment=PROD Release plan

If you prefer condition plan execution, i.e. against different targets, the Feature Branch Execution capability can be used, create feature-branch.properties.

feature=TEST Release plan
hot-fix=PROD Release plan

Define a configuration trigger, e.g. properties.cm

context  target  deployTaskOverride  publisher_email  azure_credentials   azure_groups
local    TEST    terraform.tsk       me@example.com   Non-prod-Account    AZT_TEST
local    PROD    terraform.tsk       me@example.com   Production-Account  AZT_PROD

Create the terraform.tsk

VARCHK

terraform $OPT_ARG

echo "[$TASK_NAME] Do not proceed if action is plan only."
if ( $OPT_ARG -ne 'apply --auto-approve' ) { exit 0 }

echo "[$TASK_NAME] Only list details if action was apply"
terraform state list

VARCHK is covered in the next page, Configuration Management.

an example output of a plan execution.

terraform plan   
Running plan in the remote backend. Output will stream here. Pressing Ctrl-C
will stop streaming the logs, but will not stop the plan running remotely.

Preparing the remote plan...

To view this run in a browser, visit:
https://app.terraform.io/app/example/prod/runs/run-5fsY2cdKsqVfBVXX

Waiting for the plan to start...

Plan: 3 to add, 0 to change, 0 to destroy.