Accessing source files in triggered deployment build

  • How come my deployment pipeline cannot see the terraform files in my respository?

    In Azure Devops I have a single repo for a small app, with a simple folder structure

    ├── pipelines
        build.yaml, deploy.yaml, etc
    ├── terraform, etc.
    ├── src
    ├── test

    The Build pipeline builds the app, runs unit tests, and publishes the build as a pipeline artifact:

    - task: PublishPipelineArtifact@1
        targetPath: '$(Build.ArtifactStagingDirectory)'
        artifact: 'drop'
        publishLocation: 'pipeline'

    The Deploy pipeline can be run manually for any environment, but when a build is successful on the main branch, the Deploy pipeline is automatically triggered to deploy the app to our CI environment:

    trigger: none
        - pipeline: buildPipeline
          source: 'Build-MyApp'
            - main
    - name: environment
      type: string
      default: dev 

    But when the Deploy pipeline attempts to run terraform it cannot access the TF files from the repo. This is the output of tree $(Pipeline.Workspace) /F :

    ├── TestResults
    ├── a
    ├── b
    ├── buildPipeline
    │   └── drop
    │       └──
    └── s

    Should I configure the Deploy pipeline with access to the triggering build's repo and if so, how? Or should I publish the terraform files (and any other IAC resources) as artifacts of the build?

  • I resolved the problem by publishing the terraform files from the Build pipeline:

    - publish: $(Build.SourcesDirectory)/terraform
      artifact: Terraform

    I also realised that I could run terraform validate and other static analysis in the Build pipeline, and failing the build if this does not pass. So the Deploy pipeline has less validation to do and is just concerned with deployment.

Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2