Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

terratest in container #546

Closed
tenderitaf opened this issue Jun 4, 2020 · 6 comments
Closed

terratest in container #546

tenderitaf opened this issue Jun 4, 2020 · 6 comments
Labels
Azure question

Comments

@tenderitaf
Copy link

terratest for azure example fail while running in a container vs natively.

is azure cli mandatory in order to run the tests ?
@tsalright
Copy link

tsalright commented Jun 5, 2020
edited
Loading

How are you authenticating to Azure? Running locally Terraform defaults to Azure CLI authentication. As a dev, we are usually always signed into it. But Terraform recommends using Azure's Managed Service Identity (MSI) or a Service Principal when connecting outside of your local development environment. I ran into this when trying to automate my own Terratests against Azure modules I am building. Here is the security I had to setup. https://www.terraform.io/docs/providers/azurerm/guides/service_principal_client_secret.html

I was running my CI on hosted Azure DevOps agents and they all have Azure CLI on them, but I don't think it is required. I would try setting up the environment variables the link above suggests with a service principal that has access to provision resources in your subscription.

@tenderitaf
Copy link
Author

Hi,
the problem is fixed, azure go sdk actually needs azure cli.
authentication are done via service principals and and expect specific env var to be set (was not documented)

AZURE_SUBSCRIPTION_ID
AZURE_CLIENT_SECRET
AZURE_TENANT_ID
AZURE_CLIENT_ID

@tsalright
Copy link

Good to know. I am just starting to explore azure go sdk. I had to set those environment variables up in my CI pipeline in order to work with Terraform too.

@tsalright
Copy link

So I have more details for anyone trying to automate tests against Azure with Terratest
You need an SPN that can do the provisioning and you need to setup two sets of environment variables.

These are the environment variables that Terraform is looking for:
ARM_SUBSCRIPTION_ID
ARM_CLIENT_SECRET
ARM_TENANT_ID
ARM_CLIENT_ID
See https://www.terraform.io/docs/providers/azurerm/guides/service_principal_client_secret.html for details on authenticating with Terraform.

For the Azure SDK for Go, you need to configure a different set of environment variables.
AZURE_SUBSCRIPTION_ID
AZURE_CLIENT_SECRET
AZURE_TENANT_ID
AZURE_CLIENT_ID
See https://docs.microsoft.com/en-us/azure/developer/go/azure-sdk-authorization for details on authenticating with Azure SDK for Go.

@brikis98 brikis98 added the Azure label Jun 26, 2020
@brikis98
Copy link
Member

Please see #89 for the status on Terratest with Azure. In particular, we're starting some work around it, and when that work is done, we'll be able to come back to this question!

@yorinasub17
Copy link
Contributor

Closing as the original issue was solved.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Azure question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@yorinasub17 @brikis98 @tsalright @tenderitaf