-
Azure Storage Account for Remote backend
- Create Storage Account in azure by CLI
Create variables
RG_NAME=RG_NAME
SA_NAME=SA_NAME
CONTAINER_NAME=CONTAINER_NAME
Create Storage Account
az storage account create --resource-group $RG_NAME --name $SA_NAME --sku Standard_LRS --encryption-services blob
Create BLOB Container
az storage container create --name $CONTAINER_NAME --account-name $SA_NAME
Get key
ACCOUNT_KEY=$(az storage account keys list --resource-group $RG_NAME --account-name $SA_NAME --query '[0].value' -o tsv)
- Service Principal with Contributor RBAC on Subscription
- In Azure Portal CLI create Service Principal for Jenkins:
Create variables
SP_NAME=SERVICE_PRINCIPAL_NAME
Create service principal
az ad sp create-for-rbac --name $SP_NAME
The command will output the credentials of the service principal. Make note of the appId and password
Get Subscription an Service Principal ID
SUB_ID=$(az account show --query id --output tsv)
SP_ID=$(az ad app list --display-name $SP_NAME | grep appId | cut -c 15-50)
Assignment Contributor RBAC to Service Principal
az role assignment create --assignee $SP_ID --role Contributor --scope /subscriptions/$SUB_ID
- Git repositories to use in Pipeline
-
Go to Jenkins portal and install "Terraform Plugin" and "Azure Credentials"
-
After installation, Go to Manage Jenkins → Global Tool Configuration → Click on Terraform Installations → Enable the Install automatically checkbox
-
Add Service Principal values in a credential
Jenkins portal
-
Go to "Manage Credential" --> "Add credentials"
-
Chose "Azure Service Principal" Subscription ID="Subscription ID"
Client ID="Application ID"
Tenant ID=AZ "AD ID"
Client Secret="Secret" -
Name it SA_TF and add Description
- Create a new Pipeline Project and configure the pipeline section
- Add "GitHub project"
- Build Triggers - GitHub hook trigger for GITScm polling
- Pipeline - Pipeline script from SCM
- SCM - Git
- Provide GitHub repository link