Skip to content

Run Pipeline & Approve Plan

Run IaC Deployment Pipeline

Before we begin deploying our Terraform with our pipeline, since you will be deploying to more than 1 environment for this lab, you will need to make some changes to the terraform state configuration that we created earlier in the main.tf.

Instead of using the name field for workspaces, we will be using the prefix field. The rest of the workspace name will be determined by what branch we are on, so if we are on the dev branch, the workspace is dojo-terraform-workshop-dev.

Note: Your TFE Workspace name will differ depending on what group you are in. For example, if you are group 1, you will use workspace dojo-terraform-workshop-1-dev, group 2 will use dojo-terraform-workshop-2-dev, etc.

Your configuration should look like the following:

terraform {
  backend "remote" {
    workspaces {
      prefix = "dojo-terraform-workshop-"
    }
    hostname     = "tfe.com"
    organization = "Corporate-Functions"
  }
}

Now we can run our Terraform code in a pipeline!

Creating infrastructure should be only done on a protected branch, this way you are intentional with your changes made to a specific environment. Each protected environment branch will be named after the environment, but for this lab we will just be doing the environments dev and model. In order to commit to a protected branch, we first need a feature branch, and then we can make a pull request from the feature branch to dev, and then once we've confirmed your changes work on the lower environment, promote it to a higher one.

Let's Create a new branch called feature-1 and commit all the code we wrote up to the branch.

Note: When you ran Terraform locally, it created a folder called .terraform/. Do NOT push this up to your repository, this is a local folder used to store the plugins, modules, etc. when actually executing Terraform.

Now that your pipeline YAML is pushed up to source control, let's create a pipeline in Azure Pipelines.

You will also need to validate your pipeline to allow it to access a repo from the pipeline scripts.

Head over to ADO to watch your pipeline execute and examine what is happening in every stage.

This pipeline run will only run the validate pipeline template on both the dev and model environments so after the first stage is finished, your pipeline is done executing. If everything looks good, make a PR against dev to run your Terraform on your pipeline.

Once the pull request is merged in, it will kick off a pipeline execution for the dev branch.

Eventually, the pipeline will reach a point in the Terraform Apply where you will need to manually approve the pipeline to allow the creation of infrastructure in TFE.

You can find a link to the execution in TFE inside the pipeline logs of the Terraform Apply.

Validate Pipeline

Finally, after confirming that the dev environment applied successfully, do the same process for the model branch and model TFE workspace.