One-Click Azure DevOps CI/CD Pipeline for Azure Container Web Apps with Terraform Integration

This document explains how to set up a CI/CD pipeline using Azure DevOps, Terraform, and Azure Container Web App to deploy a Python-based web application. The deployment is automated and can be started with just one click.

Prerequisites

Before diving into this project, here are some skills and tools you should be familiar with:

Need to create a PAT Access Token-

• [x] Clone repository for terraform code
  Note: Replace resource names and variables as per your requirement in terraform code

  • Update terraform.tfvars

• [x] App Repo

• [x] Azure Account: You’ll need an Azure account to create resources like virtual Machine, AKS cluster, and manage pipelines.

• [x] Terraform Knowledge: Familiarity with Terraform to provision, manage, and clean up infrastructure.

• [x] GitHub: Experience with GitHub for version control and managing repositories.

• [x] Command-Line Tools: Basic comfort with using the command line for managing infrastructure and services.

• [x] Basic CI/CD Knowledge: Some understanding of Continuous Integration and Deployment is recommended.

• [x] Linux VM: Docker must be installed on a Linux virtual machine to run containers.

Key Points

1. Architecture Overview:

   • The architecture includes components such as Azure Repos, Azure Storage Account, Build Pipeline, and Release Pipeline.

   • Terraform is used for infrastructure as code, and the state file is stored securely in Azure Storage Account.

2. Build Pipeline:

   • The build pipeline includes tasks to build and push a Docker image to Azure Container Registry.

   • Terraform configuration files are published as pipeline artifacts for use in the release pipeline.

3. Release Pipeline:

   • The release pipeline is linked to the artifacts published by the build pipeline.

   • It includes stages for deploying resources to Dev and QA environments using Terraform.

   • Auto-scaling and alert configurations are set up for the web app.

4. Terraform Configuration:

   • Separate files for providers, variables, and main configuration.

   • Variables are stored securely and referenced in the configuration files.

   • The configuration includes creating an Azure App Service Plan, Web App, Auto Scale settings, and Alerts.

5. Service Connections:

   • Azure DevOps service connections are created for authentication with Azure and Docker Registry.

Setting Up the Infrastructure

I have created a Terraform code to set up the entire infrastructure, including the installation of required applications, tools, and storage automatically created.

• ⇒ Virtual machines will be created named as "devopsdemovm"

• ⇒ Docker Install

• ⇒ Azure Cli Install

• ⇒ Storage Setup

• ⇒ ACR Setup

Virtual Machine creation

First, we'll create the necessary virtual machines using terraform code.

Below is a terraform Code:

Once you clone repo and run the terraform command.

$ ls -l
Mode                 LastWriteTime         Length Name
----                 -------------         ------ ----
dar--l          26/12/24   7:16 PM                pipeline
dar--l          23/12/24   3:38 PM                scripts
-a---l          25/12/24   2:31 PM            600 .gitignore
-a---l          26/12/24   9:29 PM           6571 EC2.tf
-a---l          26/12/24   9:29 PM            892 main.tf
-a---l          26/12/24   9:29 PM            567 output.tf
-a---l          26/12/24   9:29 PM            269 provider.tf
-a---l          26/12/24   9:30 PM            223 terraform.tfvars
-a---l          26/12/24   9:30 PM            615 variable.tf

You need to run the following terraform command.

Now, run the following command.

terraform init
terraform fmt
terraform validate
terraform plan
terraform apply 
# Optional <terraform apply --auto-approve>

---

After running the Terraform command, we will check the following things to ensure everything is set up correctly with Terraform.

Inspect the Cloud-Init logs:

Once connected to VM then you can check the status of the user_data script by inspecting the log files

# Primary log file for cloud-init
sudo tail -f /var/log/cloud-init-output.log
                    or 
sudo cat /var/log/cloud-init-output.log | more

• If the user_data script runs successfully, you will see output logs and any errors encountered during execution.

• If there’s an error, this log will provide clues about what failed.

Verify the Installation

• [x] Docker version

ubuntu@ip-172-31-95-197:~$ docker --version
Docker version 24.0.7, build 24.0.7-0ubuntu4.1


docker ps -a
ubuntu@ip-172-31-94-25:~$ docker ps

• [x] kubectl version

ubuntu@ip-172-31-89-97:~$ kubectl version
Client Version: v1.31.1
Kustomize Version: v5.4.2

• [x] Azure CLI version

azureuser@devopsdemovm:~$ az version
{
  "azure-cli": "2.67.0",
  "azure-cli-core": "2.67.0",
  "azure-cli-telemetry": "1.1.0",
  "extensions": {}
}

Detailed Steps

1. Setting Up the Architecture:

   • Azure Repos: Store the source code and Terraform configuration files.

   • Azure Storage Account: Store the Terraform state file securely.

   • Build Pipeline: Configure tasks to build and push Docker images.

   • Release Pipeline: Configure tasks to deploy resources using Terraform.

2. Configuring the Build Pipeline:

   • Build and Push Docker Image: Use Docker to build the application image and push it to Azure Container Registry.

   • Publish Terraform Files: Publish Terraform configuration files as pipeline artifacts.

3. Configuring the Release Pipeline:

   • Initialize Terraform: Initialize the Terraform working directory and download necessary plugins.

   • Apply Terraform Configuration: Apply the Terraform configuration to create resources in Azure.

   • Deploy Web App: Deploy the Docker image to Azure Web App.

   • Configure Auto-Scaling and Alerts: Set up auto-scaling rules and alert notifications.

4. Terraform Configuration Files:

   • Provider Configuration: Define the Azure provider and authentication details.

   • Variable Definitions: Define variables for resource names, locations, and other configurations.

   • Main Configuration: Define the resources to be created, including App Service Plan, Web App, Auto Scale settings, and Alerts.

5. Creating Service Connections:

   • Azure Service Connection: Authenticate with Azure for deploying resources.

   • Docker Registry Service Connection: Authenticate with Azure Container Registry for pushing Docker images.

Step-by-Step Process:

• Add the Agent:

• Create Service Connection:

  • For Azure

  • Azure Container registry

• Update variables for the pipeline.

  • for ACR

  • Create a pipeline.

• Here is the 👉updated pipeline👈
  Note: you have to adjust the connection name and acr name.

• Verify variable group in the Library

• add pipeline in dev-var variable Group.

• Build Release pipeline.

• Create Empty pipeline

  • add artifact.

    

    

• add stages (Extract files, Terraform and Apps)

• Add stage- Install Terraform latest

• Add stage- Extract Files

    Extract files
  
    Archive file patterns *
    $(System.DefaultWorkingDirectory)/**/*.zip
  
    Destination folder *
    $(agent.builddirectory)
  

  

• Add stage- Terraform Init

    # Configuration Directory
    $(agent.builddirectory)/Terraform
  

• Add stage- Terraform fmt

    # Configuration Directory
    $(agent.builddirectory)/Terraform
  

  

• Add stage- Terraform validate

    # Configuration Directory
    $(agent.builddirectory)/Terraform
  

  

• Add stage- Terraform Plan

    # Configuration Directory
    $(agent.builddirectory)/Terraform
  

  

• Add stage- Terraform Apply

    # Configuration Directory
    $(agent.builddirectory)/Terraform
  

  

• Add stage- Application Deployment

    Display name: Azure App Service Deploy: $(TF_VAR_WEBAPPNAME)
    App Service type:Web App for Containers (Linux)
    App Service name: $(TF_VAR_WEBAPPNAME)
    Registry or Namespace: $(TF_VAR_DOCKER_REGISTRY_SERVER_URL)
    Image: pythonappdocker (it can be found from ACR in Repositories name)
    tags: $(Build.BuildId)
    Startup command : python main.py
  

  

• Add stage- Application Restart

  save the pipeline

• Now, we will add varialbe in pipeline.

• run the release pipeline.

• Pipeline was executed successfully.

• Application is accessible now.

• Add stage for QA

Clone the Dev Pipeline and adjust the variable below.

#Configuration directory
$(Build.SourcesDirectory)/Terraform

Pipeline State:

• Add stage for Destroy both environments.

clone the Dev and QA stage for destroy and modify the apply to Destroy. Rest of things will remain same.

Pipeline view.

• add approval in the stage if you wish to.

  

Advantages

• Automation: The entire deployment process is automated, reducing manual intervention and errors.

• Scalability: Auto-scaling ensures that the application can handle varying loads efficiently.

• Security: Storing Terraform state files in Azure Storage Account ensures the security and integrity of the infrastructure state.

• Flexibility: The use of variables and separate configuration files allows for easy customization and scalability of the infrastructure.

Conclusion

This project showcases a strong CI/CD pipeline setup using Azure DevOps, Terraform, and Azure Container Web App. By automating the deployment process, it ensures the efficient, scalable, and secure deployment of a Python-based web application. Using Terraform for infrastructure as code offers flexibility and easy management, making it a valuable approach for modern cloud-based applications.

Ref Link:

• Youtube Link

• Azure-Devops_Pipeline_Variable-01

• Azure-Devops_Pipeline_Variable-02

---