CI CD Azure DevOps
August 31, 2022
When you're working with the CloudTruth CLI, you'll most likely want a way to automate the process unless you're testing something specific on your local terminal. To create repeatable processes with the CloudTruth CLI, you can combine it with any CICD platform.
This blog post will teach you how to use CloudTruth to inject config into Azure DevOps pipelines.
Before getting started, ensure that you have the following:
You can generate the CloudTruth API key under Organization —> Access Control —> API Tokens.
If you don't already have an Azure DevOps organization to use, you can go to https://dev.azure.com/your_organization_name and create a new project from the home screen.
Let's dive into configuring a pipeline and utilizing CloudTruth.
First, log into Azure DevOps and go to your Project.
Under the Pipelines category, click on Pipelines.
Click the blue New pipeline button.
Choose where you want your repository to come from. Regardless of which option you choose, the steps in this blog post stay the same. If you aren't already authenticated to one of the source control options, you'll have to authenticate.
For the pipeline option, choose Starter pipeline.
You'll now see sample code on your YAML pipeline that echos a "Hello World.
Replace the sample code with the following pipeline, which does the following:
ubuntu-latest container image to run the pipeline (managed by Azure DevOps).Uses two steps which:
- Installs the CloudTruth CLI.
- Uses the CloudTruth CLI to get a list of projects.
trigger:
- main
pool:
vmImage: ubuntu-latest
steps:
- script: |
CLOUDTRUTH_CLI_VERSION=$(curl --silent "https://api.github.com/repos/cloudtruth/cloudtruth-cli/releases/latest" | grep "tag_name" | sed -E 's/.*"([^"]+)".*/\1/')
curl -sLOJ https://github.com/cloudtruth/cloudtruth-cli/releases/download/${CLOUDTRUTH_CLI_VERSION}/cloudtruth_${CLOUDTRUTH_CLI_VERSION}_amd64.deb
sudo dpkg -i cloudtruth_${CLOUDTRUTH_CLI_VERSION}_amd64.deb
displayName: 'Install CloudTruth CLI'
- script: |
cloudtruth --api-key $(CTAPI) projects list
displayName: 'Get a list of projects'
On line 15 of the code above, you'll see two things:
projects list command itself, which you can change to any CloudTruth CLI command as long as the API key you're using has access.$(CTAPI).To use that variable, you'll have to create it in the pipeline. Click the Variables button as shown in the screenshot below.
Click the blue New variable button.
Give your variable a name, which can be any name, but ensure that you use the proper environment variable name in your pipeline. Also, make sure that the variable is a secret so it's encrypted.
Once complete, click the blue OK button.
Click the blue Save button to save the variable.
With the pipeline YAML created and the secret variable created, you're now ready to run the pipeline.
Click the blue Save and run button.
You should now see the pipeline queued up.
Click the Job and once complete, you'll see output containing the list of the CloudTruth projects in your CloudTruth org.
Congrats! You have successfully configured CloudTruth and Azure DevOps.
Here's a screencast
Our bite-sized newsletter with DevSecOps industry tips and security alerts to increase pipeline velocity and system security.