To avoid a configuration file for each environment, and the inevitable drift between those files, a single, tokenised definition is used.
variable "aks_work_space" { default = "%aks_work_space%" }
variable "name_space" { default = "%name_space%" }
variable "REGISTRY_KEY" { default = "@REGISTRY_KEY@" }
variable "REGISTRY_KEY_SHA { default = "@REGISTRY_KEY_SHA@" }
To De-tokenise this definition at deploy time, name/value pair files are used. This allows the settings to be decoupled from the complexity of configuration file format.
If these were to be stored as separate files in source control, they would suffer the same drift challenge, so in source control, the settings are stored in a tabular format, which is compiled into the name/value files during the Continuous Integration process.
target aks_work_space name_space REGISTRY_KEY REGISTRY_KEY_SHA
TEST aks_prep test $env:REGISTRY_KEY FD6346C8432462ED2DBA6...
PROD aks_prod prod $env:REGISTRY_KEY CA3CBB1998E86F3237CA1...
Note: environment variables can be used for dynamic value replacement, most commonly used for secrets.
These human readable configuration management tables are transformed to computer friendly format and included in the release package (release.ps1). The REGISTRY_KEY and REGISTRY_KEY_SHA are used for Variable Validation, creating a properties.varchk as following
env:REGISTRY_KEY=$env:REGISTRY_KEY_SHA
This is validated before any subsequent steps are attempted, see previous page Continuous Integration (CI)