Tidy up configuration for acceptance-test server.

Relates to #3.
terra-farm · Jun 25, 2017 · 1cfc90c · 1cfc90c
1 parent 8d6f6d4
commit 1cfc90c
Show file tree

Hide file tree

Showing 5 changed files with 91 additions and 45 deletions.
diff --git a/.gitignore b/.gitignore
@@ -26,3 +26,9 @@ _testmain.go
 
 # Mac
 .DS_Store
+
+# Terraform local state and variables
+.terraform/
+.terraform.tfstate*
+terraform.tfstate*
+terraform.tfvars
diff --git a/acc-test-environment/main.tf b/acc-test-environment/main.tf
@@ -1,33 +1,39 @@
 ## Provider configuration
 
 # The Id of the target Azure subscription.
-variable "azure_subscription_id"    { sensitive = true }
+variable "azure_subscription_id"    { }
 
 # The client Id used to authenticate to Azure.
-variable "azure_client_id"          { sensitive = true }
+variable "azure_client_id"          { }
 
 # The client secret used to authenticate to Azure.
-variable "azure_client_secret"      { sensitive = true }
+variable "azure_client_secret"      { }
 
 # The Id of target Azure AD tenant.
-variable "azure_tenant_id"          { sensitive = true }
+variable "azure_tenant_id"          { }
 
 provider "azurerm" {
-  subscription_id = "${azure_subscription_id}"
-  client_id       = "${azure_client_id}"
-  client_secret   = "${azure_client_secret}"
-  tenant_id       = "${azure_tenant_id}"
+  subscription_id = "${var.azure_subscription_id}"
+  client_id       = "${var.azure_client_id}"
+  client_secret   = "${var.azure_client_secret}"
+  tenant_id       = "${var.azure_tenant_id}"
 }
 
 ## Common configuration
 
 # The name of the target Azure region (i.e. datacenter).
-variable "region_name"              { default = "West Central US" }
+variable "region_name"              { default = "West US" }
 
 # The name of the resource group that holds the Octopus server used by acceptance tests.
 variable "resource_group_name"      { default = "terraform-provider-octopus-acctest" }
 
+# The name of the storage account where VM disks (etc) are located.
+variable "storage_account_name"     { default = "tfprovideroctopusacctest" }
+
 # Used to prevent naming clashes between multiple concurrent deployments.
-variable "uniqueness_key" { default = "acctest" }
+variable "uniqueness_key"           { default = "acctest" }
+
+# The instance type for the Octopus Server VM.
+variable "octo_vm_instance_type"    { default = "Standard_A3" }
 
-# TODO: Define other variables
+variable "initial_admin_password"   { }
diff --git a/acc-test-environment/network.tf b/acc-test-environment/network.tf
@@ -1,41 +1,73 @@
 # Public IP address for access to the target VM.
 resource "azurerm_public_ip" "primary" {
-	name 					= "tf-octo-acc-test-${var.uniqueness_key}-pip"
-	location 				= "${var.region_name}"
-	resource_group_name 	= "${var.resource_group_name}"
+	name 				= "tf-octo-acc-test-${var.uniqueness_key}-pip"
+	location 			= "${var.region_name}"
+	resource_group_name = "${var.resource_group_name}"
 
 	public_ip_address_allocation = "static"
 }
 
 # The primary network for the target VM.
 resource "azurerm_virtual_network" "primary" {
-	name 						= "tf-octo-acc-test-${var.uniqueness_key}-network"
-	address_space 				= ["10.7.0.0/16"]
-	location 					= "${var.region_name}"
-	resource_group_name			= "${var.resource_group_name}"
+	name 				= "tf-octo-acc-test-${var.uniqueness_key}-network"
+	address_space 		= ["10.7.0.0/16"]
+	location 			= "${var.region_name}"
+	resource_group_name = "${var.resource_group_name}"
 }
 
 # The primary subnet for the target VM.
 resource "azurerm_subnet" "primary" {
-	name 						= "tf-octo-acc-test-${var.uniqueness_key}-subnet"
-	resource_group_name			= "${var.resource_group_name}"
-	virtual_network_name 		= "${azurerm_virtual_network.primary.name}"
-	address_prefix 				= "10.7.1.0/24"
+	name 					= "tf-octo-acc-test-${var.uniqueness_key}-subnet"
+	resource_group_name		= "${var.resource_group_name}"
+	virtual_network_name    = "${azurerm_virtual_network.primary.name}"
+	address_prefix 			= "10.7.1.0/24"
 }
 
 # The primary network adapter for the target VM.
 resource "azurerm_network_interface" "primary" {
-	name 						= "octo-${var.uniqueness_key}-ni"
-	location 					= "${var.region_name}"
-	resource_group_name 		= "${var.resource_group_name}"
+	name 				= "octo-${var.uniqueness_key}-ni"
+	location 			= "${var.region_name}"
+	resource_group_name = "${var.resource_group_name}"
 
 	ip_configuration {
-		name 					= "octo-${var.uniqueness_key}-ni-config"
-		subnet_id 				= "${azurerm_subnet.primary.id}"
+		name 		= "octo-${var.uniqueness_key}-ni-config"
+		subnet_id   = "${azurerm_subnet.primary.id}"
 
 		# Hook up public IP to private IP.
-		public_ip_address_id	= "${azurerm_public_ip.primary.id}"
-
-		private_ip_address_allocation = "dynamic"
+		public_ip_address_id            = "${azurerm_public_ip.primary.id}"
+		private_ip_address_allocation   = "dynamic"
 	}
 }
+
+# The default network security group.
+resource "azurerm_network_security_group" "default" {
+    name                = "octo-${var.uniqueness_key}-default-nsg"
+    location            = "${var.region_name}"
+    resource_group_name = "${var.resource_group_name}"
+
+    # Remote Desktop
+    security_rule {
+        name                        = "rdp"
+        priority                    = 100
+        direction                   = "Inbound"
+        access                      = "Allow"
+        protocol                    = "Tcp"
+        source_port_range           = "*"
+        destination_port_range      = "3389"
+        source_address_prefix       = "*"
+        destination_address_prefix  = "*"
+    }
+
+    # WinRM
+    security_rule {
+        name                        = "winrm"
+        priority                    = 101
+        direction                   = "Inbound"
+        access                      = "Allow"
+        protocol                    = "Tcp"
+        source_port_range           = "*"
+        destination_port_range      = "5985"
+        source_address_prefix       = "*"
+        destination_address_prefix  = "*"
+    }
+}
diff --git a/acc-test-environment/storage.tf b/acc-test-environment/storage.tf
@@ -3,6 +3,6 @@
 resource "azurerm_storage_container" "primary" {
 	name 					= "tf-octo-acc-test-${var.uniqueness_key}"
 	resource_group_name 	= "${var.resource_group_name}"
-	storage_account_name 	= "${var.storage_acct_name}"
+	storage_account_name 	= "${var.storage_account_name}"
 	container_access_type 	= "private"
 }
diff --git a/acc-test-environment/vm.tf b/acc-test-environment/vm.tf
@@ -5,18 +5,18 @@ resource "azurerm_virtual_machine" "octo" {
 	resource_group_name 	= "${var.resource_group_name}"
 	network_interface_ids 	= [ "${azurerm_network_interface.primary.id}" ]
 
-	vm_size 				= "${var.instance_type}"
+	vm_size 				= "${var.octo_vm_instance_type}"
 
 	storage_image_reference {
-		publisher 			= "Canonical"
-		offer 				= "UbuntuServer"
-		sku 				= "14.04.2-LTS"
-		version 			= "latest"
+		publisher = "MicrosoftWindowsServer"
+		offer     = "WindowsServer"
+		sku       = "2012-R2-Datacenter"
+		version   = "latest"
 	}
 
 	storage_os_disk {
 		name 				= "octo-${var.uniqueness_key}-osdisk1"
-		vhd_uri 			= "https://${var.storage_acct_name}.blob.core.windows.net/${azurerm_storage_container.primary.name}/octo-${var.uniqueness_key}-osdisk1.vhd"
+		vhd_uri 			= "https://${var.storage_account_name}.blob.core.windows.net/${azurerm_storage_container.primary.name}/octo-${var.uniqueness_key}-osdisk1.vhd"
 		caching 			= "ReadWrite"
 		create_option 		= "FromImage"
 	}
@@ -27,15 +27,17 @@ resource "azurerm_virtual_machine" "octo" {
 		admin_password		= "${var.initial_admin_password}"
 	}
 
-	# os_profile_linux_config {
-	# 	disable_password_authentication = true
-	# 	ssh_keys {
-	#       path 				= "/home/ubuntu/.ssh/authorized_keys"
-	#       key_data 			= "${var.ssh_key}"
-	#     }
-	# }
+	os_profile_windows_config {
+		provision_vm_agent			= true
+		enable_automatic_upgrades	= true
+
+		winrm {
+			protocol = "http"
+		}
+	}
 
 	tags {
 		public_ip			= "${azurerm_public_ip.primary.ip_address}"
 		private_ip			= "${azurerm_network_interface.primary.private_ip_address}"
-	}
+	}
+}