How to consume or call terraform modules from one project in one organisation to another project from another organisation using azure devops
I would like to know the way to consume or call terraform modules from one project in one organisation to another project from another organisation using azure devops. I tried to explore ways but found one solution using the below but my IT team is not letting to use this method as this is braking the subsequent pipelines. Any suggestions please?
Also, requirement is I just need to refer the modules of terraform which are in another organization but as per my POC its downloading/checkout the code from that organization/project and then I am able to refer those modules. I would like to only refer those modules instead checkout the code from another organization and utilising/referencing.
Below is the reply from pipeline team:
Can you exclude this part as it is not ideal and you need to take a different approach?
echo "Git config update start"
MY_PAT=$(yourPAT)
B64_PAT=$(printf "%s"":$MY_PAT" | base64)
git config --global http.extraheader "Authorization: Basic ${B64_PAT}"
echo "Git config update end"
terraform init
terraform plan
you are introducing your cred in .gitconfig that's breaking all subsequent pipelines in the agent.
POC: The below code is cloning the entire modules code from another organization and we are referecing those modules but I just need to refer those modules directly instead of downloading and calling/referencing modules.
resources:
repositories:
- repository: Modules
type: git
name: 'Compute Platforms/CES-Terraform-Automation-Service'
endpoint: Repo-bp-digital # Azure DevOps service connection
ref: Modules
- repository: self
type: git
name: 'Cloud Onboarding/terraform-testing-by-vivek'
AFAIK, There’s only one option to connect to the project of another Azure DevOps organization that is by creating a Service Connection in the organization from where you want to run the pipeline and by creating a PAT token in the target organization and referencing it in the service connection,
I created 2 Organizations, 1) Organization alpha1 and 2) Organization beta2. I created 2 projects in both organizations with one YAML script and a task.
Created a PAT Token in Organization beta2.
Created service connection in the Alpha organization from where I am running the pipeline to beta org by referencing PAT token from beta org like below:-
trigger:
- master
variables:
pythonVersion: '3.8'
vmImageName: 'ubuntu-latest'
resources:
repositories:
- repository: remoteRepo
type: git
name: remote-access/shared-common-install
endpoint: remoteaccesstemp # Service connection name
ref: refs/heads/main
stages:
- stage: remote_git_test
jobs:
- job: git_test
steps:
# Running the template from the same repsitory
- template: templates/hello-alpha.yaml
# Checkout the remote repository
- checkout: remoteRepo
persistCredentials: true
# Call the template that is located in another repository in another organization
- template: templates/hello-beta.yaml@remoteRepo
Alternatively, you can create a terraform task in Azure DevOps and call your terraform module from another organization with the below script:-
terraform init -backend-config="repository=organization-beta2/project-beta2/_git/beta-2" -backend-config="token=Pat-token"
and
provider "azuredevops"{
org_service_url = var.org_service_url
personal_access_token = var.personal_access_token
}
You can add this code in your terraform init script in your Organization repo from where you’re running pipeline and reference the template in System.Artifacts.
Even Azure DevOps Rest API does not support connecting to different Azure DevOps organizations.
References:-
GitHub - Azure-Samples/azure-pipelines-remote-tasks
Azure DevOps Git: Fork into another Repo using Azure DevOps REST API - Stack Overflow By Andi Li-MSFT
- Pipeline Shows as Failed When Successful
- Yaml manual approval step in jobs.template
- Environment variables as parameter of type object in Azure DevOps pipelines
- Skip Azure Pipeline jobs (or the whole pipeline) if change is from a merge from a specific branch
- Visual Studio 2022 can't connect to a project due to bad filters
- Azure Data Factory CI npm validate step suddenly crashing
- Remove TFS Connection From Visual Studio 2019
- ADO - Granular Permission for Users on Team
- How to run an entire azure pipeline, start to finish, inside a Docker container?
- Dev env is skipping
- Must delete massive inadvertent checkin from remote git repo
- Access Denied using Azure App Configuration Task in DevOps Pipeline
- Passing output variable to a template in the same job in Azure devops
- Azure Pipeline: how to delete a variable inside Azure build pipeline
- How do I specify playwright chromium version in azure pipeline
- Azure Devops - YAML - not reading .net version from props file
- Azure yaml trigger pipeline every 14 days on a Saturday
- How can I give a containerRegistry to a DevcontainersCi task in an Azure DevOps YAML Pipeline?
- How to assign organization-level permissions to create repositories across all projects in organization in Azure DevOps?
- Updating Node js on internal windows ADO build agent
- Authenticating using the Azure CLI is only supported as a User (not a Service Principal)
- DotNetCLI@2 pack seems to be ignoring configuration inputs
- Build a pipeline in AzureDevOps for Sql Server on prem to run sql scripts
- Trying to get all PRs from "branch/*" using Rest API
- How to format Azure DevOps console Logs
- How to follow the entire wiki in Azure DevOps?
- Issue with Azure key vault and Azure storage account deployment
- Publishing external POM Package to Azure Artifacts Feed Error
- lionbridge-connector on Azure Artifacts gives Dependency Error
- How to allow an empty string for a runtime parameter?