diff --git a/bootstrap/azuredevops/main.tf b/bootstrap/azuredevops/main.tf index 297c5a94..6f1681e9 100644 --- a/bootstrap/azuredevops/main.tf +++ b/bootstrap/azuredevops/main.tf @@ -61,4 +61,5 @@ module "azure_devops" { backend_azure_storage_account_container_name = local.resource_names.storage_container approvers = var.apply_approvers group_name = local.resource_names.version_control_system_group + version_control_system_access_token = var.version_control_system_access_token } diff --git a/bootstrap/modules/azure_devops/extension-install.ps1 b/bootstrap/modules/azure_devops/extension-install.ps1 new file mode 100644 index 00000000..d120c3aa --- /dev/null +++ b/bootstrap/modules/azure_devops/extension-install.ps1 @@ -0,0 +1,41 @@ +param( + [string]$patToken, + [string]$organizationName +) + +# Install the Azure DevOps Terraform extension +Write-Host "Checking and Installing the Azure DevOps Microsoft DevLabs Terraform extension..." +$extensionName = "custom-terraform-tasks" +$extensionPublisher = "ms-devlabs" +$extensionInstallUrl = "https://extmgmt.dev.azure.com/${organizationName}/_apis/extensionmanagement/installedextensionsbyname/${extensionPublisher}/${extensionName}?api-version=7.0-preview.1" + +$base64PatToken = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes("`:$patToken")) + +$headers=@{ + "Authorization" = "Basic $base64PatToken" +} + +Invoke-RestMethod -Uri $extensionInstallUrl ` + -Method 'POST' ` + -ContentType 'application/json' ` + -Headers $headers ` + -StatusCodeVariable statusCode ` + -SkipHttpErrorCheck ` + | Set-Variable result + +if($statusCode -eq 409) +{ + Write-Host "Extension already installed" +} +elseif($statusCode -eq 200) +{ + Write-Host "Installed version $($result.version) of extension $($result.publisherName) $($result.extensionName)" +} +else +{ + Write-Host "Failed to install extension. Status code: $statusCode" + Write-Host "Response: $result" + exit 1 +} + +exit 0 diff --git a/bootstrap/modules/azure_devops/extension.tf b/bootstrap/modules/azure_devops/extension.tf new file mode 100644 index 00000000..44a7a283 --- /dev/null +++ b/bootstrap/modules/azure_devops/extension.tf @@ -0,0 +1,13 @@ +resource "terraform_data" "dev_labs_extension" { + triggers_replace = [var.organization_name] + + input = { + pat_token = var.version_control_system_access_token + organization_name = var.organization_name + } + + provisioner "local-exec" { + command = "${path.module}/extension-install.ps1 -patToken \"${self.input.pat_token}\" -organizationName \"${self.input.organization_name}\"" + interpreter = ["pwsh", "-Command"] + } +} diff --git a/bootstrap/modules/azure_devops/variables.tf b/bootstrap/modules/azure_devops/variables.tf index 44cf86ea..305e0ddb 100644 --- a/bootstrap/modules/azure_devops/variables.tf +++ b/bootstrap/modules/azure_devops/variables.tf @@ -1,3 +1,9 @@ +variable "version_control_system_access_token" { + description = "The personal access token for the version control system to use for the extension install" + type = string + sensitive = true +} + variable "authentication_scheme" { type = string validation { diff --git a/docs/wiki/[User-Guide]-Quick-Start-Phase-1.md b/docs/wiki/[User-Guide]-Quick-Start-Phase-1.md index c084e348..46e7bdb5 100644 --- a/docs/wiki/[User-Guide]-Quick-Start-Phase-1.md +++ b/docs/wiki/[User-Guide]-Quick-Start-Phase-1.md @@ -134,6 +134,7 @@ You'll need to decide whether you are using GitHub or Azure DevOps and follow th 1. `Build`: `Read & execute` 1. `Code`: `Full` 1. `Environment`: `Read & manage` + 1. `Extensions`: `Read & manage` 1. `Graph`: `Read & manage` 1. `Pipeline Resources`: `Use & manage` 1. `Project and Team`: `Read, write & manage`