provider/azurerm: Azurerm example ci updates (#15310)

* initial commit - 101-vm-from-user-image

* changed branch name

* not deploying - storage problems

* provisions vm but image not properly prepared

* storage not correct

* provisions properly

* changed main.tf to azuredeploy.tf

* added tfvars and info for README

* tfvars ignored and corrected file ext

* added CI config; added sane defaults for variables; updated deployment script, added mac specific deployment for local testing

* deploy.sh to be executable

* executable deploy files

* added CI files; changed vars

* prep for PR

* removal of old folder

* prep for PR

* wrong args for travis

* more PR prep

* updated README

* commented out variables in terraform.tfvars

* Topic 101 vm from user image (#2)

* initial commit - 101-vm-from-user-image
* added tfvars and info for README
* added CI config; added sane defaults for variables; updated deployment script, added mac specific deployment for local testing
* prep for PR

* added new template

* oops, left off master

* prep for PR

* correct repository for destination

* renamed scripts to be more intuitive; added check for docker

* merge vm simple; vm from image

* initial commit

* deploys locally

* updated deploy

* consolidated deploy and after_deploy into a single script; simplified ci process; added os_profile_linux_config

* added terraform show

* changed to allow http & https (like ARM tmplt)

* changed host_name & host_name variable desc

* added az cli check

* on this branch, only build test_dir; master will aggregate all the examples

* merge master

* added new constructs/naming for deploy scripts, etc.

* suppress az login output

* suppress az login output

* forgot about line breaks

* breaking build as an example

* fixing broken build example

* merge of CI config

* fixed grammar in readme

* prep for PR

* took out armviz button and minor README changes

* changed host_name

* fixed merge conflicts

* changed host_name variable

* updating Hashicorp's changes to merged simple linux branch

* updating files to merge w/master and prep for Hashicorp pr

* Revert "updating files to merge w/master and prep for Hashicorp pr"

This reverts commit b850cd5d2a858eff073fc5a1097a6813d0f8b362.

* Revert "updating Hashicorp's changes to merged simple linux branch"

This reverts commit dbaf8d14a9cdfcef0281919671357f6171ebd4e6.

* removing vm from user image example from this branch

* removed old branch

* azure-2-vms-loadbalancer-lbrules (#13)

* initial commit

* need to change lb_rule & nic

* deploys locally

* updated README

* updated travis and deploy scripts for Hari's repo

* renamed deploy script

* clean up

* prep for PR

* updated readme

* fixing conflict in .travis.yml

* initial commit; in progress

* in progress

* in progress; encryption fails

* in progress

* deploys successfully locally

* clean up; deploy typo fixed

* merging hashi master into this branch

* troubleshooting deploy

* added missing vars to deploy script

* updated README, outputs, and added graph

* simplified outputs

* provisions locally

* cleaned up vars

* fixed chart on README

* prepping for pr

* fixed merge conflict

* initial commit

* provisions locally; but azuremysql.sh script fails

* commented out provider

* commenting out provider vars

* tf fmt / uncommented Ext - will fail

* testing other examples

* changed os version for script compatability; changed command

* removed ssh from output (no nsg)

* changed travis to test only this topic's dir

* added nsg

* testing encrypt-running-linux

* fixed IPs and validation

* cleanup merge conflicts

* updated validation cmd; reverted non-topic ci changes

* in progress; new branch for updating CI's permanent resources

* updated travis.yml branch

* pinned version 0.2.10 azuresdk/azure-cli-python

* testing vm-specialized-vhd

* added subnet var

* testing 2 lb template

* testing encrypt-running-linux

* changed disk size

* testing all examples; new var names

* testing vm-from-user-image

* testing vm-specialized-vhd

* testing vm-custom-image WindowsImage

* test all examples

* changed storage account for vm-custom-image

* changed existing_subnet_id variable

* correcting env var for disk name

* testing all examples

* testing all examples; commenting out last two unmerged examples

* added graph to cdn readme

* merged hashi master into this branch

* testing all examples

* delete os disk

* cleanup fixes for deleting CI resources

* manually deleting resources w/azure cli

* reverted to hashicorp's .travis.yml

examples/azure-2-vms-loadbalancer-lbrules/deploy.ci.sh

@@ -18,7 +18,7 @@ docker run --rm -it \
 
 # cleanup deployed azure resources via azure-cli
 docker run --rm -it \
-  azuresdk/azure-cli-python \
+  azuresdk/azure-cli-python:0.2.10 \
   sh -c "az login --service-principal -u $ARM_CLIENT_ID -p $ARM_CLIENT_SECRET --tenant $ARM_TENANT_ID > /dev/null; \
          az network lb show -g $KEY -n rglb; \
          az network lb rule list -g $KEY --lb-name rglb;"

examples/azure-cdn-with-storage-account/README.md

@@ -26,3 +26,5 @@ If you are committing this template to source control, please insure that you ad
 
 ## variables.tf
 The `variables.tf` file contains all of the input parameters that the user can specify when deploying this Terraform template.
+
+![graph](/examples/azure-cdn-with-storage-account/graph.png)

examples/azure-encrypt-running-linux-vm/deploy.ci.sh

@@ -7,8 +7,6 @@ docker run --rm -it \
   -e ARM_CLIENT_SECRET \
   -e ARM_SUBSCRIPTION_ID \
   -e ARM_TENANT_ID \
-  -e AAD_CLIENT_ID \
-  -e AAD_CLIENT_SECRET \
   -e KEY_ENCRYPTION_KEY_URL \
   -e KEY_VAULT_RESOURCE_ID \
   -v $(pwd):/data \
@@ -24,15 +22,15 @@ docker run --rm -it \
         -var admin_password=$PASSWORD \
         -var passphrase=$PASSWORD \
         -var key_vault_name=$KEY_VAULT_NAME \
-        -var aad_client_id=$AAD_CLIENT_ID \
-        -var aad_client_secret=$AAD_CLIENT_SECRET \
+        -var aad_client_id=$ARM_CLIENT_ID \
+        -var aad_client_secret=$ARM_CLIENT_SECRET \
         -var key_encryption_key_url=$KEY_ENCRYPTION_KEY_URL \
         -var key_vault_resource_id=$KEY_VAULT_RESOURCE_ID; \
       /bin/terraform apply out.tfplan"
 
 # cleanup deployed azure resources via azure-cli
 docker run --rm -it \
-  azuresdk/azure-cli-python \
+  azuresdk/azure-cli-python:0.2.10 \
   sh -c "az login --service-principal -u $ARM_CLIENT_ID -p $ARM_CLIENT_SECRET --tenant $ARM_TENANT_ID > /dev/null; \
          az vm show -g $KEY -n $KEY; \
          az vm encryption show -g $KEY -n $KEY"
@@ -43,6 +41,8 @@ docker run --rm -it \
   -e ARM_CLIENT_SECRET \
   -e ARM_SUBSCRIPTION_ID \
   -e ARM_TENANT_ID \
+  -e KEY_ENCRYPTION_KEY_URL \
+  -e KEY_VAULT_RESOURCE_ID \
   -v $(pwd):/data \
   --workdir=/data \
   --entrypoint "/bin/sh" \
@@ -54,7 +54,7 @@ docker run --rm -it \
     -var admin_password=$PASSWORD \
     -var passphrase=$PASSWORD \
     -var key_vault_name=$KEY_VAULT_NAME \
-    -var aad_client_id=$AAD_CLIENT_ID \
-    -var aad_client_secret=$AAD_CLIENT_SECRET \
+    -var aad_client_id=$ARM_CLIENT_ID \
+    -var aad_client_secret=$ARM_CLIENT_SECRET \
     -var key_encryption_key_url=$KEY_ENCRYPTION_KEY_URL \
     -var key_vault_resource_id=$KEY_VAULT_RESOURCE_ID;"

examples/azure-encrypt-running-linux-vm/main.tf

@@ -60,7 +60,7 @@ resource "azurerm_virtual_machine" "vm" {
   storage_os_disk {
     name          = "${var.hostname}osdisk"
     create_option = "FromImage"
-    disk_size_gb  = "15"
+    disk_size_gb  = "30"
   }
 
   os_profile {

examples/azure-search-create/deploy.ci.sh

@@ -19,7 +19,7 @@ docker run --rm -it \
 
 # cleanup deployed azure resources via azure-cli
 docker run --rm -it \
-  azuresdk/azure-cli-python \
+  azuresdk/azure-cli-python:0.2.10 \
   sh -c "az login --service-principal -u $ARM_CLIENT_ID -p $ARM_CLIENT_SECRET --tenant $ARM_TENANT_ID > /dev/null; \
          az resource list --name $KEY"
 

examples/azure-spark-and-cassandra-on-centos/deploy.ci.sh

@@ -22,7 +22,7 @@ docker run --rm -it \
 
 # cleanup deployed azure resources via azure-cli
 docker run --rm -it \
-  azuresdk/azure-cli-python \
+  azuresdk/azure-cli-python:0.2.10 \
   sh -c "az login --service-principal -u $ARM_CLIENT_ID -p $ARM_CLIENT_SECRET --tenant $ARM_TENANT_ID > /dev/null; \
          az vm list -g $KEY"
 

examples/azure-sql-database/deploy.ci.sh

@@ -19,7 +19,7 @@ docker run --rm -it \
 
 # check that resources exist via azure cli
 docker run --rm -it \
-  azuresdk/azure-cli-python \
+  azuresdk/azure-cli-python:0.2.10 \
   sh -c "az login --service-principal -u $ARM_CLIENT_ID -p $ARM_CLIENT_SECRET --tenant $ARM_TENANT_ID > /dev/null; \
          az sql db show -g $KEY -n MySQLDatabase -s $KEY-sqlsvr; \
          az sql server show -g $KEY -n $KEY-sqlsvr;"

examples/azure-traffic-manager-vm/deploy.ci.sh

@@ -19,7 +19,7 @@ docker run --rm -it \
 
 # cleanup deployed azure resources via azure-cli
 docker run --rm -it \
-  azuresdk/azure-cli-python \
+  azuresdk/azure-cli-python:0.2.10 \
   sh -c "az login --service-principal -u $ARM_CLIENT_ID -p $ARM_CLIENT_SECRET --tenant $ARM_TENANT_ID > /dev/null; \
          az vm show -g $KEY -n rgvm"
 

examples/azure-vm-custom-image-new-storage-account/deploy.ci.sh

@@ -14,19 +14,19 @@ docker run --rm -it \
   -c "/bin/terraform get; \
       /bin/terraform validate; \
       /bin/terraform plan -out=out.tfplan \
-        -var source_img_uri=$EXISTING_IMAGE_URI \
+        -var source_img_uri=$EXISTING_WINDOWS_IMAGE_URI \
         -var hostname=$KEY \
         -var resource_group=$KEY \
         -var existing_resource_group=$EXISTING_RESOURCE_GROUP \
         -var admin_password=$PASSWORD \
         -var existing_storage_acct=$EXISTING_STORAGE_ACCOUNT_NAME \
-        -var custom_image_name=$CUSTOM_IMAGE_NAME; \
+        -var custom_image_name=$WINDOWS_DISK_NAME; \
       /bin/terraform apply out.tfplan; \
       /bin/terraform show;"
 
 # cleanup deployed azure resources via azure-cli
 docker run --rm -it \
-  azuresdk/azure-cli-python \
+  azuresdk/azure-cli-python:0.2.10 \
   sh -c "az login --service-principal -u $ARM_CLIENT_ID -p $ARM_CLIENT_SECRET --tenant $ARM_TENANT_ID > /dev/null; \
          az vm show -g $KEY -n myvm; \
          az storage account show -g $KEY -n $KEY;"
@@ -42,13 +42,13 @@ docker run --rm -it \
   --entrypoint "/bin/sh" \
   hashicorp/terraform:light \
   -c "/bin/terraform destroy -force \
-        -var source_img_uri=$EXISTING_IMAGE_URI \
+        -var source_img_uri=$EXISTING_WINDOWS_IMAGE_URI \
         -var hostname=$KEY \
         -var resource_group=$KEY \
         -var existing_resource_group=$EXISTING_RESOURCE_GROUP \
         -var admin_password=$PASSWORD \
         -var existing_storage_acct=$EXISTING_STORAGE_ACCOUNT_NAME \
-        -var custom_image_name=$CUSTOM_IMAGE_NAME \
+        -var custom_image_name=$WINDOWS_DISK_NAME \
         -target=azurerm_virtual_machine.myvm \
         -target=azurerm_virtual_machine.transfer \
         -target=azurerm_network_interface.transfernic \
@@ -56,4 +56,10 @@ docker run --rm -it \
         -target=azurerm_virtual_network.vnet \
         -target=azurerm_public_ip.mypip \
         -target=azurerm_public_ip.transferpip \
-        -target=azurerm_storage_account.stor;"
+        -target=azurerm_storage_account.stor;"
+
+# If you target the resource group to destroy with Terraform, it will destroy the existing storage account, so it must be deleted manually with the CLI.
+docker run --rm -it \
+  azuresdk/azure-cli-python:0.2.10 \
+  sh -c "az login --service-principal -u $ARM_CLIENT_ID -p $ARM_CLIENT_SECRET --tenant $ARM_TENANT_ID > /dev/null; \
+         az group delete -n $KEY -y"

examples/azure-vm-custom-image-new-storage-account/deploy.mac.sh

@@ -8,9 +8,10 @@ if docker -v; then
   export KEY=$(cat /dev/urandom | env LC_CTYPE=C tr -cd 'a-z' | head -c 12)
   export PASSWORD=$KEY$(cat /dev/urandom | env LC_CTYPE=C tr -cd 'A-Z' | head -c 2)$(cat /dev/urandom | env LC_CTYPE=C tr -cd '0-9' | head -c 2)
   export EXISTING_RESOURCE_GROUP=donotdelete
-  export EXISTING_IMAGE_URI=https://donotdeletedisks636.blob.core.windows.net/vhds/mywindowsimage20170510184809.vhd
+  export EXISTING_WINDOWS_IMAGE_URI=https://tfpermstor.blob.core.windows.net/vhds/osdisk_alBZrO4OlX.vhd
   export EXISTING_STORAGE_ACCOUNT_NAME=donotdeletedisks636
-  export CUSTOM_IMAGE_NAME=mywindowsimage20170510184809
+  export CUSTOM_WINDOWS_IMAGE_NAME=WindowsImage
+  export WINDOWS_DISK_NAME=osdisk_alBZrO4OlX
 
   /bin/sh ./deploy.ci.sh
 

examples/azure-vm-custom-image-new-storage-account/variables.tf

@@ -22,7 +22,7 @@ variable "existing_storage_acct" {
 
 variable "existing_storage_acct_type" {
   description = "The type of the storage account in which your existing VHD and image reside"
-  default     = "Premium_LRS"
+  default     = "Standard_LRS"
 }
 
 variable "existing_resource_group" {

examples/azure-vm-from-user-image/deploy.ci.sh

@@ -13,12 +13,12 @@ docker run --rm -it \
   hashicorp/terraform:light \
   -c "/bin/terraform get; \
       /bin/terraform validate; \
-      /bin/terraform plan -out=out.tfplan -var hostname=$KEY -var resource_group=$EXISTING_RESOURCE_GROUP -var admin_username=$KEY -var admin_password=$PASSWORD -var image_uri=$EXISTING_IMAGE_URI -var storage_account_name=$EXISTING_STORAGE_ACCOUNT_NAME; \
+      /bin/terraform plan -out=out.tfplan -var hostname=$KEY -var resource_group=$EXISTING_RESOURCE_GROUP -var admin_username=$KEY -var admin_password=$PASSWORD -var image_uri=$EXISTING_LINUX_IMAGE_URI -var storage_account_name=$EXISTING_STORAGE_ACCOUNT_NAME; \
       /bin/terraform apply out.tfplan; \
       /bin/terraform show;"
 
 docker run --rm -it \
-  azuresdk/azure-cli-python \
+  azuresdk/azure-cli-python:0.2.10 \
   sh -c "az login --service-principal -u $ARM_CLIENT_ID -p $ARM_CLIENT_SECRET --tenant $ARM_TENANT_ID > /dev/null; \
          az vm show --name $KEY --resource-group permanent"
 
@@ -37,9 +37,15 @@ docker run --rm -it \
         -var resource_group=$EXISTING_RESOURCE_GROUP \
         -var admin_username=$KEY \
         -var admin_password=$PASSWORD \
-        -var image_uri=$EXISTING_IMAGE_URI \
+        -var image_uri=$EXISTING_LINUX_IMAGE_URI \
         -var storage_account_name=$EXISTING_STORAGE_ACCOUNT_NAME \
         -target=azurerm_virtual_machine.vm \
         -target=azurerm_network_interface.nic \
         -target=azurerm_virtual_network.vnet \
         -target=azurerm_public_ip.pip;"
+
+# The os disks must be deleted manually from the permanent resource group as this group is not under Terraform's state.
+docker run --rm -it \
+  azuresdk/azure-cli-python:0.2.10 \
+  sh -c "az login --service-principal -u $ARM_CLIENT_ID -p $ARM_CLIENT_SECRET --tenant $ARM_TENANT_ID > /dev/null; \
+         az disk delete --name $KEY-osdisk --resource-group permanent -y"

examples/azure-vm-from-user-image/deploy.mac.sh

@@ -7,8 +7,8 @@ if docker -v; then
   # generate a unique string for CI deployment
   export KEY=$(cat /dev/urandom | env LC_CTYPE=C tr -cd 'a-z' | head -c 12)
   export PASSWORD=$KEY$(cat /dev/urandom | env LC_CTYPE=C tr -cd 'A-Z' | head -c 2)$(cat /dev/urandom | env LC_CTYPE=C tr -cd '0-9' | head -c 2)
-  export EXISTING_IMAGE_URI=https://permanentstor.blob.core.windows.net/permanent-vhds/permanent-osdisk1.vhd
-  export EXISTING_STORAGE_ACCOUNT_NAME=permanentstor
+  export EXISTING_LINUX_IMAGE_URI=https://tfpermstor.blob.core.windows.net/vhds/osdisk_fmF5O5MxlR.vhd
+  export EXISTING_STORAGE_ACCOUNT_NAME=tfpermstor
   export EXISTING_RESOURCE_GROUP=permanent
 
   /bin/sh ./deploy.ci.sh

examples/azure-vm-from-user-image/main.tf

@@ -55,7 +55,7 @@ resource "azurerm_virtual_machine" "vm" {
   storage_os_disk {
     name          = "${var.hostname}-osdisk1"
     image_uri     = "${var.image_uri}"
-    vhd_uri       = "https://${var.storage_account_name}.blob.core.windows.net/vhds/${var.hostname}osdisk.vhd"
+    vhd_uri       = "https://${var.storage_account_name}.blob.core.windows.net/vhds/${var.hostname}-osdisk.vhd"
     os_type       = "${var.os_type}"
     caching       = "ReadWrite"
     create_option = "FromImage"

examples/azure-vm-simple-linux-managed-disk/deploy.ci.sh

@@ -19,7 +19,7 @@ docker run --rm -it \
 
 # cleanup deployed azure resources via azure-cli
 docker run --rm -it \
-  azuresdk/azure-cli-python \
+  azuresdk/azure-cli-python:0.2.10 \
   sh -c "az login --service-principal -u $ARM_CLIENT_ID -p $ARM_CLIENT_SECRET --tenant $ARM_TENANT_ID > /dev/null; \
          az vm show -g $KEY -n rgvm"
 

examples/azure-vm-specialized-vhd-existing-vnet/deploy.ci.sh

@@ -14,7 +14,7 @@ docker run --rm -it \
   -c "/bin/terraform get; \
       /bin/terraform validate; \
       /bin/terraform plan -out=out.tfplan \
-        -var os_disk_vhd_uri=$EXISTING_IMAGE_URI \
+        -var os_disk_vhd_uri=$EXISTING_LINUX_IMAGE_URI \
         -var hostname=$KEY \
         -var resource_group=$KEY \
         -var existing_vnet_resource_group=$EXISTING_RESOURCE_GROUP \
@@ -28,7 +28,7 @@ docker run --rm -it \
 
 # cleanup deployed azure resources via azure-cli
 docker run --rm -it \
-  azuresdk/azure-cli-python \
+  azuresdk/azure-cli-python:0.2.10 \
   sh -c "az login --service-principal -u $ARM_CLIENT_ID -p $ARM_CLIENT_SECRET --tenant $ARM_TENANT_ID > /dev/null; \
          az vm show -g $KEY -n $KEY"
 
@@ -43,12 +43,12 @@ docker run --rm -it \
   --entrypoint "/bin/sh" \
   hashicorp/terraform:light \
   -c "/bin/terraform destroy -force \
-        -var os_disk_vhd_uri=$EXISTING_IMAGE_URI \
+        -var os_disk_vhd_uri=$EXISTING_LINUX_IMAGE_URI \
         -var hostname=$KEY \
         -var resource_group=$KEY \
         -var existing_vnet_resource_group=$EXISTING_RESOURCE_GROUP \
         -var admin_password=$PASSWORD \
-        -var existing_subnet_id=$EXISTING_SUBNET_ID \
+        -var existing_subnet_id=/subscriptions/$ARM_SUBSCRIPTION_ID/resourceGroups/permanent/providers/Microsoft.Network/virtualNetworks/$EXISTING_VIRTUAL_NETWORK_NAME/subnets/$EXISTING_SUBNET_NAME \
         -var existing_subnet_name=$EXISTING_SUBNET_NAME \
         -var existing_virtual_network_name=$EXISTING_VIRTUAL_NETWORK_NAME \
         -var existing_storage_acct=$EXISTING_STORAGE_ACCOUNT_NAME \

examples/azure-vm-specialized-vhd-existing-vnet/deploy.mac.sh

@@ -8,10 +8,10 @@ if docker -v; then
   export KEY=$(cat /dev/urandom | env LC_CTYPE=C tr -cd 'a-z' | head -c 12)
   export PASSWORD=$KEY$(cat /dev/urandom | env LC_CTYPE=C tr -cd 'A-Z' | head -c 2)$(cat /dev/urandom | env LC_CTYPE=C tr -cd '0-9' | head -c 2)
   export EXISTING_RESOURCE_GROUP=permanent
-  export EXISTING_IMAGE_URI=https://permanentstor.blob.core.windows.net/permanent-vhds/permanent-osdisk1.vhd
-  export EXISTING_STORAGE_ACCOUNT_NAME=permanentstor
-  export EXISTING_VIRTUAL_NETWORK_NAME=vqeeopeictwmvnet
-  export EXISTING_SUBNET_NAME=vqeeopeictwmsubnet
+  export EXISTING_LINUX_IMAGE_URI=https://tfpermstor.blob.core.windows.net/vhds/osdisk_fmF5O5MxlR.vhd
+  export EXISTING_STORAGE_ACCOUNT_NAME=tfpermstor
+  export EXISTING_VIRTUAL_NETWORK_NAME=permanent-vnet
+  export EXISTING_SUBNET_NAME=permanent-subnet
 
   /bin/sh ./deploy.ci.sh
 

examples/azure-vnet-to-vnet-peering/deploy.ci.sh

@@ -19,7 +19,7 @@ docker run --rm -it \
 
 # cleanup deployed azure resources via azure-cli
 docker run --rm -it \
-  azuresdk/azure-cli-python \
+  azuresdk/azure-cli-python:0.2.10 \
   sh -c "az login --service-principal -u $ARM_CLIENT_ID -p $ARM_CLIENT_SECRET --tenant $ARM_TENANT_ID > /dev/null; \
          az network vnet peering show -g $KEY --vnet-name $KEY'-vnet1' -n vNet1-to-vNet2;
          az network vnet peering show -g $KEY --vnet-name $KEY'-vnet2' -n vNet2-to-vNet1;"

examples/azure-vnet-two-subnets/deploy.ci.sh

@@ -23,7 +23,7 @@ docker run --rm -it \
 
 # check that resources exist via azure cli
 docker run --rm -it \
-  azuresdk/azure-cli-python \
+  azuresdk/azure-cli-python:0.2.10 \
   sh -c "az login --service-principal -u $ARM_CLIENT_ID -p $ARM_CLIENT_SECRET --tenant $ARM_TENANT_ID > /dev/null; \
          az network vnet subnet show -n subnet1 -g $KEY --vnet-name '$KEY'vnet; \
          az network vnet subnet show -n subnet2 -g $KEY --vnet-name '$KEY'vnet;"