diff --git a/.gitignore b/.gitignore index 0629b7f..9baa396 100644 --- a/.gitignore +++ b/.gitignore @@ -26,3 +26,9 @@ _testmain.go # Mac .DS_Store + +# Terraform local state and variables +.terraform/ +.terraform.tfstate* +terraform.tfstate* +terraform.tfvars diff --git a/acc-test-environment/main.tf b/acc-test-environment/main.tf index 0f5d0c3..fa656be 100644 --- a/acc-test-environment/main.tf +++ b/acc-test-environment/main.tf @@ -1,33 +1,39 @@ ## Provider configuration # The Id of the target Azure subscription. -variable "azure_subscription_id" { sensitive = true } +variable "azure_subscription_id" { } # The client Id used to authenticate to Azure. -variable "azure_client_id" { sensitive = true } +variable "azure_client_id" { } # The client secret used to authenticate to Azure. -variable "azure_client_secret" { sensitive = true } +variable "azure_client_secret" { } # The Id of target Azure AD tenant. -variable "azure_tenant_id" { sensitive = true } +variable "azure_tenant_id" { } provider "azurerm" { - subscription_id = "${azure_subscription_id}" - client_id = "${azure_client_id}" - client_secret = "${azure_client_secret}" - tenant_id = "${azure_tenant_id}" + subscription_id = "${var.azure_subscription_id}" + client_id = "${var.azure_client_id}" + client_secret = "${var.azure_client_secret}" + tenant_id = "${var.azure_tenant_id}" } ## Common configuration # The name of the target Azure region (i.e. datacenter). -variable "region_name" { default = "West Central US" } +variable "region_name" { default = "West US" } # The name of the resource group that holds the Octopus server used by acceptance tests. variable "resource_group_name" { default = "terraform-provider-octopus-acctest" } +# The name of the storage account where VM disks (etc) are located. +variable "storage_account_name" { default = "tfprovideroctopusacctest" } + # Used to prevent naming clashes between multiple concurrent deployments. -variable "uniqueness_key" { default = "acctest" } +variable "uniqueness_key" { default = "acctest" } + +# The instance type for the Octopus Server VM. +variable "octo_vm_instance_type" { default = "Standard_A3" } -# TODO: Define other variables +variable "initial_admin_password" { } diff --git a/acc-test-environment/network.tf b/acc-test-environment/network.tf index ad5b613..a58e86d 100644 --- a/acc-test-environment/network.tf +++ b/acc-test-environment/network.tf @@ -1,41 +1,73 @@ # Public IP address for access to the target VM. resource "azurerm_public_ip" "primary" { - name = "tf-octo-acc-test-${var.uniqueness_key}-pip" - location = "${var.region_name}" - resource_group_name = "${var.resource_group_name}" + name = "tf-octo-acc-test-${var.uniqueness_key}-pip" + location = "${var.region_name}" + resource_group_name = "${var.resource_group_name}" public_ip_address_allocation = "static" } # The primary network for the target VM. resource "azurerm_virtual_network" "primary" { - name = "tf-octo-acc-test-${var.uniqueness_key}-network" - address_space = ["10.7.0.0/16"] - location = "${var.region_name}" - resource_group_name = "${var.resource_group_name}" + name = "tf-octo-acc-test-${var.uniqueness_key}-network" + address_space = ["10.7.0.0/16"] + location = "${var.region_name}" + resource_group_name = "${var.resource_group_name}" } # The primary subnet for the target VM. resource "azurerm_subnet" "primary" { - name = "tf-octo-acc-test-${var.uniqueness_key}-subnet" - resource_group_name = "${var.resource_group_name}" - virtual_network_name = "${azurerm_virtual_network.primary.name}" - address_prefix = "10.7.1.0/24" + name = "tf-octo-acc-test-${var.uniqueness_key}-subnet" + resource_group_name = "${var.resource_group_name}" + virtual_network_name = "${azurerm_virtual_network.primary.name}" + address_prefix = "10.7.1.0/24" } # The primary network adapter for the target VM. resource "azurerm_network_interface" "primary" { - name = "octo-${var.uniqueness_key}-ni" - location = "${var.region_name}" - resource_group_name = "${var.resource_group_name}" + name = "octo-${var.uniqueness_key}-ni" + location = "${var.region_name}" + resource_group_name = "${var.resource_group_name}" ip_configuration { - name = "octo-${var.uniqueness_key}-ni-config" - subnet_id = "${azurerm_subnet.primary.id}" + name = "octo-${var.uniqueness_key}-ni-config" + subnet_id = "${azurerm_subnet.primary.id}" # Hook up public IP to private IP. - public_ip_address_id = "${azurerm_public_ip.primary.id}" - - private_ip_address_allocation = "dynamic" + public_ip_address_id = "${azurerm_public_ip.primary.id}" + private_ip_address_allocation = "dynamic" } } + +# The default network security group. +resource "azurerm_network_security_group" "default" { + name = "octo-${var.uniqueness_key}-default-nsg" + location = "${var.region_name}" + resource_group_name = "${var.resource_group_name}" + + # Remote Desktop + security_rule { + name = "rdp" + priority = 100 + direction = "Inbound" + access = "Allow" + protocol = "Tcp" + source_port_range = "*" + destination_port_range = "3389" + source_address_prefix = "*" + destination_address_prefix = "*" + } + + # WinRM + security_rule { + name = "winrm" + priority = 101 + direction = "Inbound" + access = "Allow" + protocol = "Tcp" + source_port_range = "*" + destination_port_range = "5985" + source_address_prefix = "*" + destination_address_prefix = "*" + } +} diff --git a/acc-test-environment/storage.tf b/acc-test-environment/storage.tf index 8c643d7..a6a4ed1 100644 --- a/acc-test-environment/storage.tf +++ b/acc-test-environment/storage.tf @@ -3,6 +3,6 @@ resource "azurerm_storage_container" "primary" { name = "tf-octo-acc-test-${var.uniqueness_key}" resource_group_name = "${var.resource_group_name}" - storage_account_name = "${var.storage_acct_name}" + storage_account_name = "${var.storage_account_name}" container_access_type = "private" } diff --git a/acc-test-environment/vm.tf b/acc-test-environment/vm.tf index 8fc53a4..aa3c527 100644 --- a/acc-test-environment/vm.tf +++ b/acc-test-environment/vm.tf @@ -5,18 +5,18 @@ resource "azurerm_virtual_machine" "octo" { resource_group_name = "${var.resource_group_name}" network_interface_ids = [ "${azurerm_network_interface.primary.id}" ] - vm_size = "${var.instance_type}" + vm_size = "${var.octo_vm_instance_type}" storage_image_reference { - publisher = "Canonical" - offer = "UbuntuServer" - sku = "14.04.2-LTS" - version = "latest" + publisher = "MicrosoftWindowsServer" + offer = "WindowsServer" + sku = "2012-R2-Datacenter" + version = "latest" } storage_os_disk { name = "octo-${var.uniqueness_key}-osdisk1" - vhd_uri = "https://${var.storage_acct_name}.blob.core.windows.net/${azurerm_storage_container.primary.name}/octo-${var.uniqueness_key}-osdisk1.vhd" + vhd_uri = "https://${var.storage_account_name}.blob.core.windows.net/${azurerm_storage_container.primary.name}/octo-${var.uniqueness_key}-osdisk1.vhd" caching = "ReadWrite" create_option = "FromImage" } @@ -27,15 +27,17 @@ resource "azurerm_virtual_machine" "octo" { admin_password = "${var.initial_admin_password}" } - # os_profile_linux_config { - # disable_password_authentication = true - # ssh_keys { - # path = "/home/ubuntu/.ssh/authorized_keys" - # key_data = "${var.ssh_key}" - # } - # } + os_profile_windows_config { + provision_vm_agent = true + enable_automatic_upgrades = true + + winrm { + protocol = "http" + } + } tags { public_ip = "${azurerm_public_ip.primary.ip_address}" private_ip = "${azurerm_network_interface.primary.private_ip_address}" - } \ No newline at end of file + } +}