CloudSkew's infrastructure provisioning scripts are being migrated from terraform to pulumi.
🔨 The following resources still have to be migrated:
- Azure Function App
- Azure Service bus
- Azure Monitor (Action Group, Metric Alerts, App Insights)
🔧 In addition to this, we need automated provisioning for:
- Azure Container Registry's webhook (to notify App Service)
- Auth0 tenant
CloudSkew uses two separate Azure Subscriptions to isolate its testing and production environments.
CloudSkew's Pulumi Project also uses two separate Pulumi Stacks (testing
, production
) to isolate deployment configs for the above environments.
For automation, two service principals have been created in Azure Active Directory:
cloudskew-testing-service-principal
for the testing environment.cloudskew-production-service-principal
for the production environment.
Both service principals have been assigned the contributor
role in their respective Azure Subscriptions.
Ensure that you have Pulumi installed on your local machine and are logged in using the access token.
-
Open a terminal window
-
Clone this git repository locally:
git clone https://github.com/cloudskew/cloudskew-provisioning.git <local folder>
-
Navigate to the local repo
-
Install Pulumi:
curl -fsSL https://get.pulumi.com | sh
-
Run
npm install
-
Set the following environment variables (choose one of the service principals mentioned above according to the environment to be provisioned)
- export ARM_CLIENT_ID=REPLACE-WITH-SERVICE-PRINCIPAL-CLIENT-ID
- export ARM_CLIENT_SECRET=REPLACE-WITH-SERVICE-PRINCIPAL-CLIENT-SECRET
- export ARM_SUBSCRIPTION_ID=REPLACE-WITH-AZURE-SUBSCRIPTION-ID
- export ARM_TENANT_ID=REPLACE-WITH-AZURE-TENANT-ID
-
Choose an environment to target by running:
pulumi stack select testing
for testing environment ORpulumi stack select production
for production environment
-
run
pulumi up