diff --git a/.env.terraform b/.env.terraform index b72af534..3117bc41 100644 --- a/.env.terraform +++ b/.env.terraform @@ -1,3 +1,3 @@ -1.2.5 +1.2.9 1.1.9 -1.3.0-alpha20220706 +1.3.0-rc1 diff --git a/Dockerfile b/Dockerfile index f1a90b6f..5f2e1f83 100644 --- a/Dockerfile +++ b/Dockerfile @@ -214,6 +214,7 @@ RUN apt-get update && \ echo "Installing latest Azure CLI ..." && \ pip3 install azure-cli && \ az extension add --name ${extensionsAzureCli} --system && \ + az extension add --name containerapp --system && \ az config set extension.use_dynamic_install=yes_without_prompt && \ # # Install checkov diff --git a/agents/azure_devops/Dockerfile b/agents/azure_devops/Dockerfile index 2b069312..83f3978c 100644 --- a/agents/azure_devops/Dockerfile +++ b/agents/azure_devops/Dockerfile @@ -65,5 +65,11 @@ RUN echo "versionRover=${versionRover}" && \ rm -rf /home/vscode/agent/externals/node && \ rm -rf /home/vscode/agent/externals/node10 && \ rm -rf /tmp/* + # + # install node 16 + # + curl -sL https://deb.nodesource.com/setup_16.x | sudo -E bash - + sudo apt-get install -y nodejs + node --version CMD /bin/bash -c ./azdo.sh \ No newline at end of file diff --git a/agents/github/github.sh b/agents/github/github.sh index 06655564..05e8b730 100644 --- a/agents/github/github.sh +++ b/agents/github/github.sh @@ -1,43 +1,68 @@ #!/bin/bash -set -Ee +trap_with_arg() { + func="$1" ; shift + for sig; do + trap "$func $sig" "$sig" + done +} -function finally { +function finally() +{ echo "Trapped: $1" + trap - 0 echo "Un-register the runner" - ./config.sh remove --unattended + ./config.sh remove --token ${AGENT_TOKEN} } -trap finally EXIT SIGTERM SIGKILL TERM +trap_with_arg finally 0 1 2 3 4 5 6 7 8 9 15 -AGENT_NAME=${AGENT_NAME:="agent"} +AGENT_SUFFIX=$(cat /dev/urandom | tr -dc 'a-z0-9' | fold -w 5 | head -n 1) +AGENT_NAME=${AGENT_NAME:="agent-${AGENT_SUFFIX}"} if [ -n "${AGENT_TOKEN}" ]; then echo "Connect to GitHub using AGENT_TOKEN environment variable." -else +elif [ -n "${GH_TOKEN}" ]; then + echo "Connect to GitHub using GH_TOKEN environment variable to retrieve registration token." + AGENT_TOKEN=$(curl -sX POST -H "Accept: application/vnd.github.v3+json" -H "Authorization: token ${GH_TOKEN}" https://api.github.com/repos/${GH_OWNER}/${GH_REPOSITORY}/actions/runners/registration-token | jq -r .token) +elif [ -n "${KEYVAULT_NAME}" ]; then echo "Connect to Azure AD using MSI ${MSI_ID}" az login --identity -u ${MSI_ID} --allow-no-subscriptions # Get AGENT_TOKEN from KeyVault if not provided from the AGENT_TOKEN environment variable AGENT_TOKEN=$(az keyvault secret show -n ${KEYVAULT_SECRET} --vault-name ${KEYVAULT_NAME} -o json | jq -r .value) +else + echo "You need to provide either AGENT_TOKEN, GH_TOKEN or (MSI_ID, KEYVAULT_NAME and KEYVAULT_SECRET) to start the self-hosted agent." + exit 1 fi -LABELS+=",runner-version-$(./run.sh --version)," -LABELS+=$(cat /tf/rover/version.txt) +LABELS+=",$(cat /tf/rover/version.txt)" -# Grant access to the docker socket -sudo chmod 666 /var/run/docker.sock || true +if [ -d "/var/run/docker.sock" ]; then + # Grant access to the docker socket + sudo chmod 666 /var/run/docker.sock +fi echo "Configuring the agent with:" echo " - url: ${URL}" echo " - labels: ${LABELS}" echo " - name: ${AGENT_NAME}" -./config.sh \ +command="./config.sh \ --unattended \ + --disableupdate \ --replace \ - --url ${URL} \ + --url ${URL}/${GH_OWNER}/${GH_REPOSITORY} \ --token ${AGENT_TOKEN} \ --labels ${LABELS} \ - --name ${AGENT_NAME} \ + $(if [ "${EPHEMERAL}" = "true" ]; then + echo "--ephemeral --name ${AGENT_NAME}" + else + echo "--name ${AGENT_NAME}" + fi)" + +echo "running command:" && echo $command + + +eval $command ./run.sh \ No newline at end of file diff --git a/agents/github/testing/docker-compose.yml b/agents/github/testing/docker-compose.yml new file mode 100644 index 00000000..1ad60716 --- /dev/null +++ b/agents/github/testing/docker-compose.yml @@ -0,0 +1,10 @@ +--- +version: '3.8' + +services: + rover-agent: + image: rover-agent:1.2.7-2208.170552-local-github + build: + context: . + env_file: + - ./variables.env \ No newline at end of file diff --git a/agents/github/testing/readme.md b/agents/github/testing/readme.md new file mode 100644 index 00000000..23d79776 --- /dev/null +++ b/agents/github/testing/readme.md @@ -0,0 +1,177 @@ +# Building the rover agent for Github and testing locally + +## Clone + +Clone the rover repository + +## Create a local build + +``` +make local +``` + +## Docker images + +You can see the local images that have been created on your local machine + +``` +docker images +``` + +Example: + +``` +% docker images +REPOSITORY TAG IMAGE ID CREATED SIZE +rover-agent 1.3.0-alpha20220803-2208.170347-local-github 1e3d4de6a979 36 minutes ago 3.64GB +rover-agent 1.3.0-alpha20220803-2208.170347-local-gitlab 4669d7c61fdb 37 minutes ago 3.36GB +rover-agent 1.3.0-alpha20220803-2208.170347-local-tfc 9c4fe627e333 37 minutes ago 3.37GB +rover-agent 1.1.9-2208.170347-local-gitlab 83a90f49c291 38 minutes ago 3.37GB +rover-agent 1.1.9-2208.170347-local-github 494cf73b8e29 38 minutes ago 3.64GB +rover-agent 1.1.9-2208.170347-local-tfc 85c2971b0b03 38 minutes ago 3.37GB +rover-agent 1.2.7-2208.170347-local-github cbb98046d631 39 minutes ago 3.64GB +rover-agent 1.2.7-2208.170347-local-gitlab 281d9383a8b0 39 minutes ago 3.36GB +rover-agent 1.2.7-2208.170347-local-tfc 7c7a0887ba83 39 minutes ago 3.37GB +localhost:5000/rover-local 1.3.0-alpha20220803-2208.170347 7c24fb68d69b 39 minutes ago 3.31GB +localhost:5000/rover-local 1.1.9-2208.170347 01627897a3f2 39 minutes ago 3.32GB +localhost:5000/rover-local 1.2.7-2208.170347 d75861cef748 40 minutes ago 3.31GB +localhost:5000/rover-local 1.3.0-alpha20220803-2208.170329 d8a0a368d9e5 58 minutes ago 3.31GB +localhost:5000/rover-local 1.1.9-2208.170329 ba57a6d5fe51 58 minutes ago 3.32GB +localhost:5000/rover-local 1.2.7-2208.170329 6bc9c449f8bc 58 minutes ago 3.31GB +``` + +## Create a PAT token + +Under your Github profile, developer section, create a PAT token and give the following permissions: +- repo +- read:org + +## Update docker-compose image and variables.env + +docker-compose.yml +```yaml +--- +version: '3.8' + +services: + rover-agent: + image: rover-agent:1.2.7-2208.170347-local-github + build: + context: . + env_file: + - ./variables.env +``` + +variables.env +```yaml +GH_TOKEN=copy the value from the PAT token +GH_OWNER_REPOSITORY=owner/repo +URL=https://github.com/owner/repo +LABELS=platform +EPHEMERAL=true +``` + + +Adjust the other variables + +## Test the agent is working + +``` +cd agents/github/testing +docker-compose up +``` + +output: + +``` +% docker-compose up +[+] Running 1/0 + ⠿ Container testing-rover-agent-1 Recreated 0.1s +Attaching to testing-rover-agent-1 +testing-rover-agent-1 | Connect to GitHub using GH_TOKEN environment variable to retrieve registration token. +testing-rover-agent-1 | Configuring the agent with: +testing-rover-agent-1 | - url: https://github.com/LaurentLesle/a15 +testing-rover-agent-1 | - labels: test,runner-version-2.294.0 +testing-rover-agent-1 | Runner listener exit with 0 return code, stop the service, no retry needed. +testing-rover-agent-1 | Exiting runner...,localhost:5000/rover-local:1.2.7-2208.170442 +testing-rover-agent-1 | - name: agent-2kasm +testing-rover-agent-1 | +testing-rover-agent-1 | -------------------------------------------------------------------------------- +testing-rover-agent-1 | | ____ _ _ _ _ _ _ _ _ | +testing-rover-agent-1 | | / ___(_) |_| | | |_ _| |__ / \ ___| |_(_) ___ _ __ ___ | +testing-rover-agent-1 | | | | _| | __| |_| | | | | '_ \ / _ \ / __| __| |/ _ \| '_ \/ __| | +testing-rover-agent-1 | | | |_| | | |_| _ | |_| | |_) | / ___ \ (__| |_| | (_) | | | \__ \ | +testing-rover-agent-1 | | \____|_|\__|_| |_|\__,_|_.__/ /_/ \_\___|\__|_|\___/|_| |_|___/ | +testing-rover-agent-1 | | | +testing-rover-agent-1 | | Self-hosted runner registration | +testing-rover-agent-1 | | | +testing-rover-agent-1 | -------------------------------------------------------------------------------- +testing-rover-agent-1 | +testing-rover-agent-1 | # Authentication +testing-rover-agent-1 | +testing-rover-agent-1 | +testing-rover-agent-1 | √ Connected to GitHub +testing-rover-agent-1 | +testing-rover-agent-1 | # Runner Registration +testing-rover-agent-1 | +testing-rover-agent-1 | +testing-rover-agent-1 | +testing-rover-agent-1 | +testing-rover-agent-1 | √ Runner successfully added +testing-rover-agent-1 | √ Runner connection is good +testing-rover-agent-1 | +testing-rover-agent-1 | # Runner settings +testing-rover-agent-1 | +testing-rover-agent-1 | +testing-rover-agent-1 | √ Settings Saved. +testing-rover-agent-1 | +testing-rover-agent-1 | +testing-rover-agent-1 | √ Connected to GitHub +testing-rover-agent-1 | +testing-rover-agent-1 | Current runner version: '2.294.0' +testing-rover-agent-1 | 2022-08-16 20:55:23Z: Listening for Jobs +``` + +You can check the runner is running under the Github project runner section + +From another terminal **docker-compose down** to clean up and de-register the container + +``` +docker-compose down +``` + +## Test the agent is working in auto-scaling mode + + +``` +docker-compose up --scale rover-agent=3 -d +``` + +output: + +``` +% docker-compose up --scale rover-agent=3 -d +[+] Running 3/3 + ⠿ Container testing-rover-agent-3 Started 0.5s + ⠿ Container testing-rover-agent-1 Started 0.8s + ⠿ Container testing-rover-agent-2 Started 0.8s +``` + +You can adjust the number of runners + +``` +docker-compose up --scale rover-agent=1 -d +``` + +## Stop all agents + +``` +% docker-compose down +``` + +``` +% docker-compose down +[+] Running 2/2 + ⠿ Container testing-rover-agent-1 Removed 10.3s + ⠿ Network testing_default Removed 0.3s +``` \ No newline at end of file diff --git a/agents/github/testing/variables.env b/agents/github/testing/variables.env new file mode 100644 index 00000000..1fc64c16 --- /dev/null +++ b/agents/github/testing/variables.env @@ -0,0 +1,5 @@ +GH_TOKEN=replace PAT token +GH_OWNER_REPOSITORY=owner/repo +URL=https://github.com/owner/repo +LABELS=test +EPHEMERAL=true \ No newline at end of file diff --git a/docker-bake.override.hcl b/docker-bake.override.hcl index 9c22d98e..f5e4e32c 100644 --- a/docker-bake.override.hcl +++ b/docker-bake.override.hcl @@ -1,16 +1,16 @@ # Base image tools version extensionsAzureCli="resource-graph" -versionDockerCompose="2.6.1" +versionDockerCompose="2.9.0" versionGolang="1.18.4" versionKubectl="1.24.3" -versionPacker="1.8.2" +versionPacker="1.8.3" versionPowershell="7.2.5" versionTerraformDocs="0.16.0" versionVault="1.11.1" # Agents versions USERNAME="vscode" -versionAzdo="2.204.0" -versionGithubRunner="2.294.0" +versionAzdo="2.206.1" +versionGithubRunner="2.295.0" versionGitlab="15.2.1" -versionTfc="1.2.6" \ No newline at end of file +versionTfc="1.3.0" \ No newline at end of file diff --git a/scripts/lib/bootstrap.sh b/scripts/lib/bootstrap.sh index 933c43a7..9860ce7e 100644 --- a/scripts/lib/bootstrap.sh +++ b/scripts/lib/bootstrap.sh @@ -27,7 +27,7 @@ bootstrap() { if [ ! -z ${bootstrap_script} ]; then register_rover_context - ${bootstrap_script} "topology_file=${caf_ignite_playbook}" "GITOPS_SERVER_URL=${GITOPS_SERVER_URL}" "RUNNER_NUMBERS=${gitops_number_runners}" "AGENT_TOKEN=${AGENT_TOKEN}" "gitops_agent=${gitops_agent_pool_type}" "ROVER_AGENT_DOCKER_IMAGE=${ROVER_AGENT_DOCKER_IMAGE}" "subscription_deployment_mode=${subscription_deployment_mode}" "sub_management=${sub_management}" "sub_connectivity=${sub_connectivity}" "sub_identity=${sub_identity}" "sub_security=${sub_security}" "gitops_pipelines=${gitops_pipelines}" "TF_VAR_environment=${TF_VAR_environment}" "bootstrap_sp_object_id=${sp_object_id}" + ${bootstrap_script} "topology_file=${caf_ignite_playbook}" "GITOPS_SERVER_URL=${GITOPS_SERVER_URL}" "RUNNER_NUMBERS=${gitops_number_runners}" "gitops_agent=${gitops_agent_pool_type}" "ROVER_AGENT_DOCKER_IMAGE=${ROVER_AGENT_DOCKER_IMAGE}" "subscription_deployment_mode=${subscription_deployment_mode}" "sub_management=${sub_management}" "sub_connectivity=${sub_connectivity}" "sub_identity=${sub_identity}" "sub_security=${sub_security}" "gitops_pipelines=${gitops_pipelines}" "TF_VAR_environment=${TF_VAR_environment}" "bootstrap_sp_object_id=${sp_object_id}" fi information "Done." @@ -56,7 +56,6 @@ assert_gitops_session() { case "${1}" in "github") check_github_session - AGENT_TOKEN=$(gh api --method POST -H "Accept: application/vnd.github.v3+json" /repos/${git_org_project}/actions/runners/registration-token | jq -r .token) ;; "tfcloud") GITOPS_SERVER_URL="https://${TF_VAR_tf_cloud_hostname}" @@ -102,32 +101,34 @@ process_gitops_agent_pool() { register_rover_context() { information "@call register_rover_context" - ROVER_AGENT_DOCKER_IMAGE=$(curl -s https://hub.docker.com/v2/repositories/aztfmod/rover-agent/tags | jq -r ".results | map(select(.name | contains(\"${docker_hub_suffix}\") ) | select(.name | contains(\"1.2\") ) ) | .[0].name") + ROVER_AGENT_TAG=${ROVER_AGENT_VERSION:="1.2"} + ROVER_AGENT_DOCKER_IMAGE=$(curl -s https://hub.docker.com/v2/repositories/aztfmod/rover-agent/tags | jq -r ".results | sort_by(.tag_last_pushed) | reverse | map(select(.name | contains(\"${docker_hub_suffix}\") ) | select(.name | contains(\"${ROVER_AGENT_TAG}\") ) ) | .[0].name") cd /tf/caf/landingzones GIT_REFS=$(git show-ref | grep $(git rev-parse HEAD) | awk '{print $2}' | head -n 1) GIT_URL=$(git remote get-url origin) - register_gitops_secret ${gitops_pipelines} "ROVER_AGENT_DOCKER_IMAGE" ${ROVER_AGENT_DOCKER_IMAGE} - register_gitops_secret ${gitops_pipelines} "CAF_GITOPS_TERRAFORM_BACKEND_TYPE" ${gitops_terraform_backend_type} - register_gitops_secret ${gitops_pipelines} "CAF_BACKEND_TYPE_HYBRID" ${backend_type_hybrid} - register_gitops_secret ${gitops_pipelines} "RUNNER_REGISTRATION_TOKEN" ${AGENT_TOKEN} - register_gitops_secret ${gitops_pipelines} "RUNNER_NUMBERS" ${gitops_number_runners} - if [ ! -z ${ARM_USE_OIDC} ]; then - register_gitops_secret ${gitops_pipelines} "ARM_USE_OIDC" ${ARM_USE_OIDC} - fi - - if [ "${subscription_deployment_mode}" = "multi_subscriptions" ]; then - register_gitops_secret ${gitops_pipelines} "AZURE_MANAGEMENT_SUBSCRIPTION_ID" ${sub_management} - register_gitops_secret ${gitops_pipelines} "AZURE_CONNECTIVITY_SUBSCRIPTION_ID" ${sub_connectivity} - register_gitops_secret ${gitops_pipelines} "AZURE_IDENTITY_SUBSCRIPTION_ID" ${sub_identity} - register_gitops_secret ${gitops_pipelines} "AZURE_SECURITY_SUBSCRIPTION_ID" ${sub_security} - else - register_gitops_secret ${gitops_pipelines} "AZURE_MANAGEMENT_SUBSCRIPTION_ID" ${sub_management} - register_gitops_secret ${gitops_pipelines} "AZURE_CONNECTIVITY_SUBSCRIPTION_ID" ${sub_management} - register_gitops_secret ${gitops_pipelines} "AZURE_IDENTITY_SUBSCRIPTION_ID" ${sub_management} - register_gitops_secret ${gitops_pipelines} "AZURE_SECURITY_SUBSCRIPTION_ID" ${sub_management} + if [ "${gitops_agent_pool_type}" != "local" ];then + register_gitops_secret ${gitops_pipelines} "ROVER_AGENT_DOCKER_IMAGE" ${ROVER_AGENT_DOCKER_IMAGE} + register_gitops_secret ${gitops_pipelines} "CAF_GITOPS_TERRAFORM_BACKEND_TYPE" ${gitops_terraform_backend_type} + register_gitops_secret ${gitops_pipelines} "CAF_BACKEND_TYPE_HYBRID" ${backend_type_hybrid} + + if [ ! -z ${ARM_USE_OIDC} ]; then + register_gitops_secret ${gitops_pipelines} "ARM_USE_OIDC" ${ARM_USE_OIDC} + fi + + if [ "${subscription_deployment_mode}" = "multi_subscriptions" ]; then + register_gitops_secret ${gitops_pipelines} "AZURE_MANAGEMENT_SUBSCRIPTION_ID" ${sub_management} + register_gitops_secret ${gitops_pipelines} "AZURE_CONNECTIVITY_SUBSCRIPTION_ID" ${sub_connectivity} + register_gitops_secret ${gitops_pipelines} "AZURE_IDENTITY_SUBSCRIPTION_ID" ${sub_identity} + register_gitops_secret ${gitops_pipelines} "AZURE_SECURITY_SUBSCRIPTION_ID" ${sub_security} + else + register_gitops_secret ${gitops_pipelines} "AZURE_MANAGEMENT_SUBSCRIPTION_ID" ${sub_management} + register_gitops_secret ${gitops_pipelines} "AZURE_CONNECTIVITY_SUBSCRIPTION_ID" ${sub_management} + register_gitops_secret ${gitops_pipelines} "AZURE_IDENTITY_SUBSCRIPTION_ID" ${sub_management} + register_gitops_secret ${gitops_pipelines} "AZURE_SECURITY_SUBSCRIPTION_ID" ${sub_management} + fi fi } diff --git a/scripts/lib/github.com.sh b/scripts/lib/github.com.sh index 4fcb62e9..6f03d68c 100644 --- a/scripts/lib/github.com.sh +++ b/scripts/lib/github.com.sh @@ -14,9 +14,6 @@ check_github_session() { verify_github_secret "codespaces" "GH_TOKEN" fi - verify_git_settings "git config --global user.name" - verify_git_settings "git config --global user.email" - /usr/bin/gh auth status } diff --git a/scripts/lib/tfcloud.sh b/scripts/lib/tfcloud.sh index 52db8501..f73db843 100644 --- a/scripts/lib/tfcloud.sh +++ b/scripts/lib/tfcloud.sh @@ -184,7 +184,6 @@ process_terraform_cloud_agent_pool() { fi create_agent_token ${TF_CLOUD_AGENT_POOL_ID} ${agent_pool} "Cloud Adoption Framework - Rover" - register_gitops_secret ${gitops_pipelines} "${TF_VAR_level}_RUNNER_NUMBERS" ${gitops_number_runners} } create_agent_token() { diff --git a/scripts/rover.sh b/scripts/rover.sh index 6c18be74..6a1b90ab 100755 --- a/scripts/rover.sh +++ b/scripts/rover.sh @@ -45,10 +45,10 @@ export TF_VAR_tf_cloud_organization=${TF_CLOUD_ORGANIZATION} export TF_VAR_tf_cloud_hostname=${TF_CLOUD_HOSTNAME:="app.terraform.io"} export REMOTE_credential_path_json=${REMOTE_credential_path_json:="$(echo ~)/.terraform.d/credentials.tfrc.json"} export gitops_terraform_backend_type=${TF_VAR_backend_type:="azurerm"} -export gitops_agent_pool_type=${GITOPS_AGENT_POOL_TYPE:="github"} +export gitops_agent_pool_type=${GITOPS_AGENT_POOL_TYPE:="local"} export gitops_agent_pool_name=${GITOPS_AGENT_POOL_NAME} export gitops_execution_mode="local" -export gitops_number_runners=1 +export gitops_number_runners=0 # 0 - auto-scale , or set the number of minimum runners export backend_type_hybrid=${BACKEND_type_hybrid:=true} export gitops_agent_pool_execution_mode=local diff --git a/scripts/tfstate.sh b/scripts/tfstate.sh index c04e3453..8b971ef2 100644 --- a/scripts/tfstate.sh +++ b/scripts/tfstate.sh @@ -3,8 +3,8 @@ source ${script_path}/lib/terraform.sh function tfstate_cleanup { find /tf/caf -name "backend.*.tf" -not -path '*/rover/scripts/*' -delete || true - sudo rm -rf -- "${landingzone_name}/backend.hcl.tf" || true - sudo rm -rf -- "${landingzone_name}/backend.hcl" || true + rm -rf -- "${landingzone_name}/backend.hcl.tf" || true + rm -rf -- "${landingzone_name}/backend.hcl" || true rm -rf -- "${landingzone_name}/caf.auto.tfvars" || true rm -rf -- "${TF_DATA_DIR}/terraform.tfstate" || true @@ -16,30 +16,30 @@ function tfstate_configure { case "${1}" in azurerm) echo "@calling tfstate_configure -- azurerm" - sudo rm -f -- ${landingzone_name}/backend.hcl.tf - sudo cp -f ${script_path}/backend.azurerm.tf ${landingzone_name}/backend.azurerm.tf + rm -f -- ${landingzone_name}/backend.hcl.tf + cp -f ${script_path}/backend.azurerm.tf ${landingzone_name}/backend.azurerm.tf ;; remote) echo "@calling tfstate_configure -- remote" - sudo rm -f -- ${landingzone_name}/backend.azurerm.tf - sudo cp -f ${script_path}/backend.hcl.tf ${landingzone_name}/backend.hcl.tf + rm -f -- ${landingzone_name}/backend.azurerm.tf + cp -f ${script_path}/backend.hcl.tf ${landingzone_name}/backend.hcl.tf if [ ! -z ${TF_var_folder} ]; then - sudo rm -rf -- "${landingzone_name}/caf.auto.tfvars" || true + rm -rf -- "${landingzone_name}/caf.auto.tfvars" || true for filename in ${TF_var_folder}/*.tfvars; do command="cat ${filename} >> ${landingzone_name}/caf.auto.tfvars && printf '\n' >> ${landingzone_name}/caf.auto.tfvars" debug ${command} - sudo bash -c "${command}" + eval ${command} done - sudo terraform fmt ${landingzone_name}/caf.auto.tfvars + terraform fmt ${landingzone_name}/caf.auto.tfvars fi export TF_VAR_workspace="${TF_VAR_environment}_${TF_VAR_level}_$(echo ${TF_VAR_tf_name} | cut -f 1 -d '.')" export TF_VAR_tfstate_organization=${TF_VAR_tf_cloud_organization} export TF_VAR_tfstate_hostname=${TF_VAR_tf_cloud_hostname} - sudo cat << EOF > ${landingzone_name}/backend.hcl + cat << EOF > ${landingzone_name}/backend.hcl workspaces { name = "${TF_VAR_workspace}" } hostname = "${TF_VAR_tf_cloud_hostname}" organization = "${TF_VAR_tf_cloud_organization}" @@ -276,8 +276,8 @@ function destroy_from_remote_state { function terraform_init_azurerm { - sudo rm -f -- ${landingzone_name}/backend.hcl.tf - sudo cp -f /tf/rover/backend.azurerm.tf ${landingzone_name}/backend.azurerm.tf + rm -f -- ${landingzone_name}/backend.hcl.tf + cp -f /tf/rover/backend.azurerm.tf ${landingzone_name}/backend.azurerm.tf case ${terraform_version} in *"15"* | *"1."*)