How to auto deploy in azure with git using terraform

Question

I am trying to write terraform script for auto deployment in azure with git. Which means if I make any changes in Git it should auto deploy in azure. I am writing the terraform code for the same. I tried below code

provider "azurerm" {
  features {}
}

resource "azurerm_resource_group" "gitex" {
  name     = "Git-source"
  location = "East US"
}

resource "azurerm_app_service_plan" "gitplan" {
  name                = "Git-appservice-plan"
  location            = azurerm_resource_group.gitex.location
  resource_group_name = azurerm_resource_group.gitex.name
  kind                = "Linux"
  reserved            = true

  sku {
    tier = "Standard"
    size = "B1"
  }
}

resource "azurerm_app_service" "gitapp" {
  name                = "Git-appservice"
  location            = azurerm_resource_group.gitex.location
  resource_group_name = azurerm_resource_group.gitex.name
  app_service_plan_id = azurerm_app_service_plan.gitplan.id

  site_config {
    always_on = true
  }

  app_settings = {
    "WEBSITE_RUN_FROM_PACKAGE" = "1"
  }

  identity {
    type = "SystemAssigned"
  }
}

resource "azurerm_virtual_network" "gitvnet" {
  name                = "Git-vnet1"
  address_space       = ["10.0.0.0/16"]
  location            = azurerm_resource_group.gitex.location
  resource_group_name = azurerm_resource_group.gitex.name
}

resource "azurerm_subnet" "gitsnet" {
  name                 = "Git-snet1"
  resource_group_name  = azurerm_resource_group.gitex.name
  virtual_network_name = azurerm_virtual_network.gitvnet.name
  address_prefixes     = ["10.0.1.0/24"]
  delegation {
    name = "delegationapp2"

    service_delegation {
      name    = "Microsoft.Web/serverFarms"
      actions = ["Microsoft.Network/virtualNetworks/subnets/action"]
    }
  }
}

resource "azurerm_service_plan" "gitappplan" {
  name                = "Git-linux-plan"
  resource_group_name = azurerm_resource_group.gitex.name
  location            = azurerm_resource_group.gitex.location
  os_type             = "Linux"
  sku_name            = "P1v2"
}
resource "azurerm_linux_web_app" "linapp" {
  name                = "Git-linapp"
  resource_group_name = azurerm_resource_group.gitex.name
  location            = azurerm_service_plan.gitappplan.location
  service_plan_id     = azurerm_service_plan.gitappplan.id

  site_config {

  }
}

resource "azurerm_app_service_virtual_network_swift_connection" "gitswift" {
  app_service_id = azurerm_app_service.gitapp.id
  subnet_id      = azurerm_subnet.gitsnet.id
}

resource "azurerm_app_service_source_control" "gitsrcctrl" {
  app_id   = azurerm_linux_web_app.linapp.id
  repo_url = "https://github.com/username/repo"
  branch   = "master"
}

I got the following error

Error: creating Source Control configuration for Web App: (Site Name "Git-linapp" / Resource Group "Git-source"): web.AppsClient#UpdateSourceControl: Failure responding to request: StatusCode=404 -- Original Error: autorest/azure: Service returned an error. Status=404 Code="NotFound" Message="Cannot find SourceControlToken with name GitHub." Details=[{"Message":"Cannot find SourceControlToken with name GitHub."},{"Code":"NotFound"},{"ErrorEntity":{"Code":"NotFound","ExtendedCode":"51004","Message":"Cannot find SourceControlToken with name GitHub.","MessageTemplate":"Cannot find {0} with name {1}.","Parameters":["SourceControlToken","GitHub"]}}]

I need help with the code and also any changes to be doe on Git? Like adding Oauth authorized apps. Would be helpful If I get the step by step process and the code. Thanks in advance.

Answer 1

I am trying to write terraform script for auto deployment in azure with git. Which means if I make any changes in Git it should auto deploy in azure. I am writing the terraform code for the same.

If you want to automatically deploy/update Azure resources whenever you make changes to the code, you can use GitHub Actions for deployment.

Follow the steps below to deploy resources to Azure using GitHub Actions.

1. Create a service principal in azure portal.

2. After creating a Service Principal, create a secret.

Note: Please make a note of the Client_ID, Tenant_ID, Client_Secret, and Subscription_ID.

4. Assign a role to the created Service Principal at the subscription level (e.g.Contributor)

5. Navigate to your Git repository or create a new repository.

6. Configure a sample workflow as shown below, save the file as Terraform.yaml, and then commit the file."

Add the below code in Terraform.yaml and commit the file.

name: 'Terraform'
on:
  push:
    branches:
    - main
  pull_request:
 
jobs:
  terraform:
    name: 'Terraform'
    env:
      ARM_CLIENT_ID: ${{ secrets.AZURE_AD_CLIENT_ID }}
      ARM_CLIENT_SECRET: ${{ secrets.AZURE_AD_CLIENT_SECRET }}
      ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
      ARM_TENANT_ID: ${{ secrets.AZURE_AD_TENANT_ID }}
    runs-on: ubuntu-latest
    environment: dev
 
    # Use the Bash shell regardless whether the GitHub Actions runner is ubuntu-latest, macos-latest, or windows-latest
    defaults:
      run:
        shell: bash
 
    steps:
    # Checkout the repository to the GitHub Actions runner
    - name: Checkout
      uses: actions/checkout@v2
 
    - name: 'Terraform Format'
      uses: hashicorp/terraform-github-actions@master
      with:
        tf_actions_version: 0.14.8
        tf_actions_subcommand: 'fmt'
        tf_actions_working_dir: "./terraform"
         
    - name: 'Terraform Init'
      uses: hashicorp/terraform-github-actions@master
      with:
        tf_actions_version: 0.14.8
        tf_actions_subcommand: 'init'
        tf_actions_working_dir: "./terraform"
 
    - name: 'Terraform Validate'
      uses: hashicorp/terraform-github-actions@master
      with:
        tf_actions_version: 0.14.8
        tf_actions_subcommand: 'validate'
        tf_actions_working_dir: "./terraform"
         
    - name: 'Terraform Plan'
      uses: hashicorp/terraform-github-actions@master
      with:
        tf_actions_version: 0.14.8
        tf_actions_subcommand: 'plan'
        tf_actions_working_dir: "./terraform"
 
    - name: Terraform Apply
      if: github.ref == 'refs/heads/main'
      uses: hashicorp/terraform-github-actions@master
      with:
        tf_actions_version: 0.14.8
        tf_actions_subcommand: 'apply'
        tf_actions_working_dir: "./terraform"

Terraform config file main. tf

Add the following backend configuration to your Terraform config file for storing the .tfstate file in a storage account

terraform {
  backend "azurerm" {
    resource_group_name = "Storage_Accounr_RG_name"
    storage_account_name = "storage_account-namr"
    container_name       = "container_name"
    key                  = "prod.tfstate" #the state file will be stored in Storage account.
    access_key = "Storage_accounr_Access_key"
    
  }
}
provider "azurerm" {
  features {}
}

Check the Terraform registry for storing the backend configurations in a storage account

7. Add README.md file in to same directory.
8. Add the Client_id, Tenant_Id, Secret_Id, and Subscription_ID to your Git repository by navigating to Git settings > Security > Secrets and variables > Actions

9. Clone the repository to local using git clone command

 Git clone "git reposotiroy url"

10. Once clone the repository then navigate to folder by using cmdlet cd GithubAction-Terraform-Azure

11. Create a folder with terraform name inside the GithubAction-Terraform-Azure folder

12. Save your terraform.tf file in terraform folder

13. Add the terraform folder to the Git repository using the following commands:

       git status  
        git add .

11. update the file using git commit command

     git commit -m "terraform"
     git push <git repository url>

12.Once push the code to the repository, the deployment will start automatically based on the actions, and the resources will be deployed in Azure.

Reference: Deploy Terraform using GitHub Actions to Azure