Add Azure DevOps ADO as build and repository option #399

obriensystems · 2024-04-23T15:29:31Z

Work Items

DockerFile for ADO
build.sh to build above terraform docker file (off gcloud slim)
terraform for azure container registry build/storage of docker images
az cli to create the plan and apply yml pipelines
add storage admin service account key to the pipelines
ado pipeline yaml(s) for (docker init, validate, plan, apply) - off build folder with trigger/pool/script sections to start
readme documentation to switch from CB to ADO
variables/outputs/versions.tf adjustments for ado and azuredevops provider

20240502: note CB/CSR option details in https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding/wiki#20240502-repo-state

DockerHub terraform 1.3.10 image in #409
https://hub.docker.com/r/obrienlabs/terraform-example-foundation-ado/tags
https://hub.docker.com/repository/docker/obrienlabs/terraform-example-foundation-ado/general

The default is Cloud Build and Cloud Source Repositories.
We will also support alternatives like Github and ADO

Documentation on
https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding/wiki/DevOps#azure-devops

add readme docs starting with the changes in Adjust readme.md for local PR changes specific to ongoing ADO ci/cd option #404

Branch / Issues

Test accounts

olxyz ado - https://dev.azure.com/obrienlabsxyz/pbmm-on-gcp-onboarding
azure - https://portal.azure.com/#home
olapp - local /Users/michaelobrien/wse_github/GoogleCloudPlatform/olapp/_deploy_test_399_from_ado

Terminals

besides GCP Cloud Shell - use a VM or AVD

Documentation

Artifacts to migrate from CB to ADO

Azure Container Registry repository and pipeline - https://azure.microsoft.com/en-ca/products/container-registry
- (Optional default is a DockerHub prebuilt image under https://hub.docker.com/repository/docker/obrienlabs/terraform-example-foundation-ado/tags )
pipeline yamls
https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding/blob/main/build/cloudbuild-tf-apply.yaml
https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding/blob/main/build/cloudbuild-tf-plan.yaml
ado agent in terraform like
https://github.com/terraform-google-modules/terraform-example-foundation/tree/master/0-bootstrap/modules/jenkins-agent

ADO Setup

Get a Microsoft account
Get an Azure account
Get an ADO account
- https://learn.microsoft.com/en-us/azure/devops/organizations/billing/overview?view=azure-devops

Create new ADO org

select private project

Usage

https://[email protected]/obrienlabsxyz/tef-gcp-pbmm-lz/_git/tef-gcp-pbmm-lz

git remote add origin https://[email protected]/obrienlabsxyz/tef-gcp-pbmm-lz/_git/tef-gcp-pbmm-lz
git push -u origin --all

The text was updated successfully, but these errors were encountered:

fmichaelobrien · 2024-04-23T16:44:21Z

Procedure to create a service account, key and provision a container based ADO pipeline to do canary operations on the GCP account

following Microsoft official docs to start
https://learn.microsoft.com/en-us/answers/questions/1439554/can-i-use-ado-to-provision-resources-in-gcp

On the GCP account

Create service account in bootstrap project (out of band of terraform for now)

michael@cloudshell:~/tef-olxyz/github/pbmm-on-gcp-onboarding (tef-olxyz)$ gcloud iam service-accounts create ado-manual-tef-olxyz-remote-sa --display-name "ADO Manual TEF olxyz remote SA"
Created service account [ado-manual-tef-olxyz-remote-sa].

Test clone/pull/push On a local laptop (M1 mac in this case

generate credentials

michaelobrien@mbp7 olxyz % git clone https://[email protected]/obrienlabsxyz/tef-gcp-pbmm-lz/_git/tef-gcp-pbmm-lz
Cloning into 'tef-gcp-pbmm-lz'...
Password for 'https://[email protected]': 
warning: You appear to have cloned an empty repository.
michaelobrien@mbp7 olxyz % ls
azure		tef-gcp-pbmm-lz


michaelobrien@mbp7 olxyz % cd tef-gcp-pbmm-lz 
michaelobrien@mbp7 tef-gcp-pbmm-lz % ls
michaelobrien@mbp7 tef-gcp-pbmm-lz % vi README.md
michaelobrien@mbp7 tef-gcp-pbmm-lz % git status
On branch main

No commits yet

Untracked files:
  (use "git add <file>..." to include in what will be committed)
	README.md

nothing added to commit but untracked files present (use "git add" to track)
michaelobrien@mbp7 tef-gcp-pbmm-lz % git add README.md 
michaelobrien@mbp7 tef-gcp-pbmm-lz % git status
On branch main

No commits yet

Changes to be committed:
  (use "git rm --cached <file>..." to unstage)
	new file:   README.md

michaelobrien@mbp7 tef-gcp-pbmm-lz % git commit -m "#1 - test push"
[main (root-commit) a8de8ce] #1 - test push
 1 file changed, 2 insertions(+)
 create mode 100644 README.md
michaelobrien@mbp7 tef-gcp-pbmm-lz % git push origin main
Enumerating objects: 3, done.
Counting objects: 100% (3/3), done.
Writing objects: 100% (3/3), 238 bytes | 238.00 KiB/s, done.
Total 3 (delta 0), reused 0 (delta 0), pack-reused 0
remote: Analyzing objects... (3/3) (3 ms)
remote: Validating commits... (1/1) done (0 ms)
remote: Storing packfile... done (100 ms)
remote: Storing index... done (59 ms)
To https://dev.azure.com/obrienlabsxyz/tef-gcp-pbmm-lz/_git/tef-gcp-pbmm-lz
 * [new branch]      main -> main
michaelobrien@mbp7 tef-gcp-pbmm-lz %

obriensystems · 2024-04-23T21:06:57Z

Procedure: upstream github fork is pushed to ADO

https://learn.microsoft.com/en-us/azure/devops/repos/git/forks?view=azure-devops&tabs=visual-studio#create-a-fork

In ADO

create a new project

pbmm-on-gcp-onboarding-fork

Repos | import

use https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding.git

After import
https://dev.azure.com/obrienlabsxyz/pbmm-on-gcp-onboarding-fork/_git/pbmm-on-gcp-onboarding-fork

Generate Git Credentials

clone

michaelobrien@mbp7 azure % git clone https://[email protected]/obrienlabsxyz/pbmm-on-gcp-onboarding-fork/_git/pbmm-on-gcp-onboarding-fork
Cloning into 'pbmm-on-gcp-onboarding-fork'...
remote: Azure Repos
remote: Found 6394 objects to send. (14 ms)
Receiving objects: 100% (6394/6394), 31.89 MiB | 22.52 MiB/s, done.
Resolving deltas: 100% (3886/3886), done.
michaelobrien@mbp7 azure % cd pbmm-on-gcp-onboarding-fork 
ichaelobrien@mbp7 pbmm-on-gcp-onboarding-fork % git status
On branch 243-tef-retrofit
Your branch is up to date with 'origin/243-tef-retrofit'.

nothing to commit, working tree clean
michaelobrien@mbp7 pbmm-on-gcp-onboarding-fork % git checkout main
branch 'main' set up to track 'origin/main'.
Switched to a new branch 'main'
michaelobrien@mbp7 pbmm-on-gcp-onboarding-fork % ls        
0-bootstrap			4-projects			LICENSE				fix_tfvars_symlinks.py		test
1-org				5-app-infra			Makefile			go.work				z_2024_v020_pre_tef_v4
2-environments			CHANGELOG.md			README.md			helpers
3-networks-dual-svpc		CONTRIBUTING.MD			build				policy-library
3-networks-hub-and-spoke	ERRATA.md			docs				scripts

Procedure to pull from upstream origin

michaelobrien@mbp7 pbmm-on-gcp-onboarding-fork % git remote rm  github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding.git     
error: No such remote: 'github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding.git'
michaelobrien@mbp7 pbmm-on-gcp-onboarding-fork % git remote rm upstream                                                  
michaelobrien@mbp7 pbmm-on-gcp-onboarding-fork % git remote add upstream https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding.git
michaelobrien@mbp7 pbmm-on-gcp-onboarding-fork % git fetch upstream
From https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding
 * [new branch]      243-tef-retrofit                                                          -> upstream/243-tef-retrofit
 * [new branch]      318-log-sink-alerting                                                     -> upstream/318-log-sink-alerting
 * [new branch]      332-dev-prov-client-v20230917                                             -> upstream/332-dev-prov-client-v20230917
 * [new branch]      341-labels-off-332                                                        -> upstream/341-labels-off-332
 * [new branch]      341-tags-off-332                                                          -> upstream/341-tags-off-332
 * [new branch]      345-landing-zone-fortigate-light                                          -> upstream/345-landing-zone-fortigate-light
 * [new branch]      351-landing-zone-fortigate-cloud-setup                                    -> upstream/351-landing-zone-fortigate-cloud-setup
 * [new branch]      craigenator                                                               -> upstream/craigenator
 * [new branch]      craigenator-network                                                       -> upstream/craigenator-network
 * [new branch]      dan-fix-version-upgrade                                                   -> upstream/dan-fix-version-upgrade
 * [new branch]      dependabot/go_modules/helpers/foundation-deployer/golang.org/x/net-0.23.0 -> upstream/dependabot/go_modules/helpers/foundation-deployer/golang.org/x/net-0.23.0
 * [new branch]      dependabot/go_modules/helpers/foundation-deployer/google.golang.org/protobuf-1.33.0 -> upstream/dependabot/go_modules/helpers/foundation-deployer/google.golang.org/protobuf-1.33.0
 * [new branch]      dependabot/go_modules/test/integration/golang.org/x/net-0.23.0            -> upstream/dependabot/go_modules/test/integration/golang.org/x/net-0.23.0
 * [new branch]      example                                                                   -> upstream/example
 * [new branch]      fmichaelobrien                                                            -> upstream/fmichaelobrien
 * [new branch]      fmichaelobrien-example-nonprod                                            -> upstream/fmichaelobrien-example-nonprod
 * [new branch]      fmichaelobrien-example-prod                                               -> upstream/fmichaelobrien-example-prod
 * [new branch]      fmichaelobrien-pr-113                                                     -> upstream/fmichaelobrien-pr-113
 * [new branch]      fortigate-yopps                                                           -> upstream/fortigate-yopps
 * [new branch]      gh357-tef-v4-fork                                                         -> upstream/gh357-tef-v4-fork
 * [new branch]      gh360-day0-deploy-example                                                 -> upstream/gh360-day0-deploy-example
 * [new branch]      gh362-bootstrap-prereq                                                    -> upstream/gh362-bootstrap-prereq
 * [new branch]      gh377-architecture                                                        -> upstream/gh377-architecture
 * [new branch]      gh399-ado                                                                 -> upstream/gh399-ado
 * [new branch]      hotfix/cloudbuildjob                                                      -> upstream/hotfix/cloudbuildjob
 * [new branch]      hotfix/guardrailsiam                                                      -> upstream/hotfix/guardrailsiam
 * [new branch]      main                                                                      -> upstream/main
 * [new branch]      pr-mro-bootstrap-localization                                             -> upstream/pr-mro-bootstrap-localization
 * [new branch]      pr-mro-bootstrap-run-terraform-local-041524                               -> upstream/pr-mro-bootstrap-run-terraform-local-041524
 * [new branch]      pr-mro-tef-fix-bucket-name-length-041524                                  -> upstream/pr-mro-tef-fix-bucket-name-length-041524
 * [new branch]      pr-mro-tef-multi-instance-041524                                          -> upstream/pr-mro-tef-multi-instance-041524
 * [new branch]      tm-lz-org                                                                 -> upstream/tm-lz-org
 * [new branch]      v020                                                                      -> upstream/v020
 * [new branch]      v20240407                                                                 -> upstream/v20240407
michaelobrien@mbp7 pbmm-on-gcp-onboarding-fork % git merge upstream/main main
Already up to date.
michaelobrien@mbp7 pbmm-on-gcp-onboarding-fork % git status         
On branch main
Your branch is up to date with 'origin/main'.

nothing to commit, working tree clean

Pull changes from upstream to test - push to remote ado

#378

michaelobrien@mbp7 pbmm-on-gcp-onboarding-fork % git fetch upstream                                                                       
remote: Enumerating objects: 7, done.
remote: Counting objects: 100% (7/7), done.
remote: Compressing objects: 100% (6/6), done.
remote: Total 7 (delta 2), reused 1 (delta 1), pack-reused 0
Unpacking objects: 100% (7/7), 5.08 KiB | 1.02 MiB/s, done.
From https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding
   5a5c057..3d9f3e8  gh377-architecture -> upstream/gh377-architecture
   07100b1..b9fe8d3  main               -> upstream/main
michaelobrien@mbp7 pbmm-on-gcp-onboarding-fork % git merge upstream/main main
Updating 07100b1..b9fe8d3
Fast-forward
 docs/architecture.md | 138 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 138 insertions(+)
 create mode 100644 docs/architecture.md
michaelobrien@mbp7 pbmm-on-gcp-onboarding-fork %

Push upstream to main

michaelobrien@mbp7 pbmm-on-gcp-onboarding-fork % git push origin main
Enumerating objects: 12, done.
Counting objects: 100% (12/12), done.
Delta compression using up to 10 threads
Compressing objects: 100% (7/7), done.
Writing objects: 100% (7/7), 4.18 KiB | 4.18 MiB/s, done.
Total 7 (delta 4), reused 0 (delta 0), pack-reused 0
remote: Analyzing objects... (7/7) (5 ms)
remote: Validating commits... (3/3) done (1 ms)
remote: Storing packfile... done (57 ms)
remote: Storing index... done (102 ms)
To https://dev.azure.com/obrienlabsxyz/pbmm-on-gcp-onboarding-fork/_git/pbmm-on-gcp-onboarding-fork
   07100b1..b9fe8d3  main -> main

obriensystems · 2024-04-23T23:50:00Z

Setup ADO Billing or 30 day free trial

Test example pipeline and GCP access before 0-bootstrap run

get grant

skip
https://aka.ms/azpipelines-parallelism-request
go straight to paid account

post subscription conversion
https://learn.microsoft.com/en-us/answers/questions/477716/how-to-resolve-no-hosted-parallelism-has-been-purc

response to parallel jobs submitted 20240423:2255

self hosted agent as backup

project settings | agent pools | add self-hosted

new agent - osx - download

michaelobrien@mbp7 azure % mkdir ado-agent
michaelobrien@mbp7 azure % cp vsts-agent-osx-x64-3.238.0.tar.gz ado-agent 
michaelobrien@mbp7 ado-agent % tar -xvf vsts-agent-osx-x64-3.238.0.tar.gz 

haelobrien@mbp7 ado-agent % ./config.sh
./config.sh: line 93:  6035 Killed: 9               ./bin/Agent.Listener configure "$@"

switching to windows agent

obriensystems · 2024-04-24T03:52:26Z

windows local agent

PS C:\opt>  mkdir agent ; cd agent


    Directory: C:\opt


Mode                 LastWriteTime         Length Name
----                 -------------         ------ ----
d-----        2024-04-23  11:13 PM                agent


PS C:\opt\agent> Add-Type -AssemblyName System.IO.Compression.FileSystem ; [System.IO.Compression.ZipFile]::ExtractToDirectory("$HOME\Downloads\vsts-agent-win-x64-3.238.0.zip", "$PWD")
PS C:\opt\agent> ls


    Directory: C:\opt\agent


Mode                 LastWriteTime         Length Name
----                 -------------         ------ ----
d-----        2024-04-23  11:13 PM                bin
d-----        2024-04-23  11:13 PM                externals
-a----        2024-04-09   4:26 PM           2967 config.cmd
-a----        2024-04-09   4:26 PM           3190 run.cmd

use a PAT from user settings

getting
https://learn.microsoft.com/en-us/answers/questions/272411/vs30063-you-are-not-authorized-to-access-https-dev

need trailing slash

regenerated token with all-access - working


>> Connect:

Enter server URL > https://dev.azure.com/obrienlabsxyz/
Enter authentication type (press enter for PAT) >
Enter personal access token > ****************************************************
Connecting to server ...

>> Register Agent:

Enter agent pool (press enter for default) > olxyz-self
Enter agent name (press enter for 13900D) >
Scanning for tool capabilities.
Connecting to the server.
Successfully added the agent
Testing agent connection.
Enter work folder (press enter for _work) >
2024-04-24 03:34:21Z: Settings Saved.
Enter run agent as service? (Y/N) (press enter for N) > y
Enter enable SERVICE_SID_TYPE_UNRESTRICTED for agent service (Y/N) (press enter for N) > y
Enter User account to use for the service (press enter for NT AUTHORITY\NETWORK SERVICE) >
Granting file permissions to 'NT AUTHORITY\NETWORK SERVICE'.
Service vstsagent.obrienlabsxyz.olxyz-self.13900D successfully installed
Service vstsagent.obrienlabsxyz.olxyz-self.13900D successfully set recovery option
Service vstsagent.obrienlabsxyz.olxyz-self.13900D successfully set to delayed auto start
Service vstsagent.obrienlabsxyz.olxyz-self.13900D successfully set SID type
Service vstsagent.obrienlabsxyz.olxyz-self.13900D successfully configured
Enter whether to prevent service starting immediately after configuration is finished? (Y/N) (press enter for N) > y

wrong pool

turn off default agent

local agent was not running

# Starter pipeline
# Start with a minimal pipeline that you can customize to build and deploy your code.
# Add steps that build, run tests, deploy, and more:
# https://aka.ms/yaml

trigger:
- main

pool: olxyz-self
#  vmImage: ubuntu-latest
#  agent.name: 13900D

steps:
- script: echo Hello, world!
  displayName: 'Run a one-line script'

- script: |
    echo Add other tasks to build, test, and deploy your project.
    echo See https://aka.ms/yaml
  displayName: 'Run a multi-line script'


results
PS C:\opt\agent> .\run.cmd
Scanning for tool capabilities.
Connecting to the server.
2024-04-24 03:43:31Z: Listening for Jobs

force pool in yml

pool: olxyz-self
#  vmImage: ubuntu-latest
#  agent.name: 13900D

Pool: [olxyz-self](https://dev.azure.com/obrienlabsxyz/0aca6b19-a922-4889-8b48-d7d59ec5c4d9/_settings/agentqueues?poolId=&queueId=19)
Agent: 13900D
Started: Just now
Duration: 3s

Job preparation parameters
ContinueOnError: False
TimeoutInMinutes: 60
CancelTimeoutInMinutes: 5
Expand:
  MaxConcurrency: 0
  ########## System Pipeline Decorator(s) ##########

  Begin evaluating template 'system-pre-steps.yml'
Evaluating: eq('true', variables['system.debugContext'])
Expanded: eq('true', Null)
Result: False
Evaluating: resources['repositories']['self']
Expanded: Object
Result: True
Evaluating: not(containsValue(job['steps']['*']['task']['id'], '6d15af64-176c-496d-b583-fd2ae21d4df4'))
Expanded: not(containsValue(Object, '6d15af64-176c-496d-b583-fd2ae21d4df4'))
Result: True
Evaluating: resources['repositories']['self']['checkoutOptions']
Result: Object
Evaluating: pair['key']
Result: 'fetchDepth'
Evaluating: pair['value']
Result: '1'
Finished evaluating template 'system-pre-steps.yml'
********************************************************************************
Template and static variable resolution complete. Final runtime YAML document:
steps:
- task: 6d15af64-176c-496d-b583-fd2ae21d4df4@1
  inputs:
    repository: self
    fetchDepth: 1


  MaxConcurrency: 0

Windows local agent

obriensystems · 2024-04-24T16:26:52Z

Test 0-bootstrap ADO trigger from 2nd org olapp

michael@cloudshell:~/tef-olapp$ ls
github
michael@cloudshell:~/tef-olapp$ mkdir ado
michael@cloudshell:~/tef-olapp$ cd ado
michael@cloudshell:~/tef-olapp/ado$ mkdir _obrienlabsxyz
michael@cloudshell:~/tef-olapp/ado$ cd _obrienlabsxyz/
michael@cloudshell:~/tef-olapp/ado/_obrienlabsxyz$ ls
michael@cloudshell:~/tef-olapp/ado/_obrienlabsxyz$ git clone https://[email protected]/obrienlabsxyz/pbmm-on-gcp-onboarding-fork/_git/pbmm-on-gcp-onboarding-fork
Cloning into 'pbmm-on-gcp-onboarding-fork'...
^C
michael@cloudshell:~/tef-olapp/ado/_obrienlabsxyz$ gcloud config set project tef-olapp
Updated property [core/project].
michael@cloudshell:~/tef-olapp/ado/_obrienlabsxyz (tef-olapp)$ ls
michael@cloudshell:~/tef-olapp/ado/_obrienlabsxyz (tef-olapp)$ git clone https://[email protected]/obrienlabsxyz/pbmm-on-gcp-onboarding-fork/_git/pbmm-on-gcp-onboarding-fork
Cloning into 'pbmm-on-gcp-onboarding-fork'...
Password for 'https://[email protected]': 
remote: Azure Repos
remote: Found 6401 objects to send. (52 ms)
Receiving objects:   0% (11/6401), 67.98 KiB | 48.00 KiB/s

it takes a while 1229-1235

Cloning into 'pbmm-on-gcp-onboarding-fork'...
Password for 'https://[email protected]': 
remote: Azure Repos
remote: Found 6401 objects to send. (52 ms)
Receiving objects:   0% (11/6401), 67.98 KiB | 48.00 KiB/s
error: RPC failed; curl 56 GnuTLS recv error (-54): Error in the pull function.
fetch-pack: unexpected disconnect while reading sideband packet
fatal: early EOF
fatal: fetch-pack: invalid index-pack output
michael@cloudshell:~/tef-olapp/ado/_obrienlabsxyz (tef-olapp)$

Try empty repo with a single pipeline - worked

https://[email protected]/obrienlabsxyz/tef-gcp-pbmm-lz/_git/tef-gcp-pbmm-lz

michael@cloudshell:~/tef-olapp/ado/_obrienlabsxyz (tef-olapp)$ git clone https://[email protected]/obrienlabsxyz/tef-gcp-pbmm-lz/_git/tef-gcp-pbmm-lz
Cloning into 'tef-gcp-pbmm-lz'...
Password for 'https://[email protected]': 
remote: Azure Repos
remote: Found 15 objects to send. (135 ms)
Unpacking objects: 100% (15/15), 2.33 KiB | 477.00 KiB/s, done.
michael@cloudshell:~/tef-olapp/ado/_obrienlabsxyz (tef-olapp)$ ls
tef-gcp-pbmm-lz
michael@cloudshell:~/tef-olapp/ad

retry clone from ado on pbmm repo - issue is 48KB/s

michael@cloudshell:~/tef-olapp/ado/_obrienlabsxyz (tef-olapp)$ git clone https://[email protected]/obrienlabsxyz/pbmm-on-gcp-onboarding-fork/_git/pbmm-on-gcp-onboarding-fork
Cloning into 'pbmm-on-gcp-onboarding-fork'...

Password for 'https://[email protected]': 
remote: Azure Repos
remote: Found 6401 objects to send. (76 ms)
Receiving objects:   0% (11/6401), 67.98 KiB | 48.00 KiB/s
error: RPC failed; curl 56 GnuTLS recv error (-54): Error in the pull function.
fetch-pack: unexpected disconnect while reading sideband packet
fatal: early EOF
fatal: fetch-pack: invalid index-pack output

obriensystems · 2024-04-24T16:56:45Z

Test GCP operation from the agent to start

https://cloud.google.com/dotnet/docs/creating-a-cicd-pipeline-azure-pipelines-cloud-run

in cloud shell prepare the SA

michael@cloudshell:~/tef-olapp/ado/_obrienlabsxyz (tef-olapp)$ gcloud iam service-accounts create ado-sa --display-name="ado-sa" --project=tef-olapp
Created service account [ado-sa].
michael@cloudshell:~/tef-olapp/ado/_obrienlabsxyz (tef-olapp)$ export PROJECT_ID=tef-olapp
michael@cloudshell:~/tef-olapp/ado/_obrienlabsxyz (tef-olapp)$ export SA_EMAIL=ado-sa@$PROJECT_ID.iam.gserviceaccount.com
michael@cloudshell:~/tef-olapp/ado/_obrienlabsxyz (tef-olapp)$ echo $SA_EMAIL
[email protected]
michael@cloudshell:~/tef-olapp/ado/_obrienlabsxyz (tef-olapp)$ gcloud projects add-iam-policy-binding $PROJECT_ID --member serviceAccount:$SA_EMAIL --role roles/storage.admin --project=$PROJECT_ID
Updated IAM policy for project [tef-olapp].
bindings:
- members:
  - serviceAccount:[email protected]
  role: roles/cloudbuild.builds.builder
- members:
  - serviceAccount:[email protected]
  role: roles/cloudbuild.serviceAgent
- members:
  - serviceAccount:[email protected]
  role: roles/containerregistry.ServiceAgent
- members:
  - user:[email protected]
  role: roles/owner
- members:
  - serviceAccount:[email protected]
  role: roles/pubsub.serviceAgent
- members:
  - serviceAccount:[email protected]
  role: roles/storage.admin
etag: BwYW2urwbdQ=
version: 1

generate a SA key

gcloud iam service-accounts keys create ado-sa.json --iam-account $SA_EMAIL --project=$PROJECT_ID
tr -d '\n' < ado-sa.json > ado-sa-oneline.json

Download key from GCP - upload to ADO | pipelines | library | secure files

create service connection in project settings | pipelines | service connections

generic

no -

## Authorize the key for all pipelines - pipeline permissions tab

try https://dev.to/ib1/azure-devops-recipe-deploying-google-cloud-function-to-gcp-22l3

trigger:
- main

pool: olxyz-self
#  vmImage: ubuntu-latest
#  agent.name: 13900D

steps:
- task: DownloadSecureFile@1
  name: authkey
  displayName: 'Download Service Account Key'
  inputs:
    secureFile: 'ado-sa-oneline.json'
    retryCount: '2'
    
- script: echo Hello, world!
  displayName: 'Run a one-line script'

- script: |
    echo Add other tasks to build, test, and deploy your project.
    echo See https://aka.ms/yaml
  displayName: 'Run a multi-line script'

on agent

2024-04-24 17:44:12Z: Running job: Job
2024-04-24 17:44:23Z: Job Job completed with result: Succeeded

task didnt run as it was not referenced in a step
2024-04-24T17:44:17.7234209Z ##[section]Finishing: Checkout tef-gcp-pbmm-lz@main to s
2024-04-24T17:44:17.7240632Z ##[section]Starting: Run a one-line script
2024-04-24T17:44:17.7242946Z ==============================================================================
2024-04-24T17:44:17.7242984Z Task         : Command line
2024-04-24T17:44:17.7243007Z Description  : Run a command line script using Bash on Linux and macOS and cmd.exe on Windows
2024-04-24T17:44:17.7243044Z Version      : 2.237.1
2024-04-24T17:44:17.7243064Z Author       : Microsoft Corporation
2024-04-24T17:44:17.7243088Z Help         : https://docs.microsoft.com/azure/devops/pipelines/tasks/utility/command-line
2024-04-24T17:44:17.7243309Z ==============================================================================
2024-04-24T17:44:18.5923224Z Generating script.
2024-04-24T17:44:18.5967591Z Script contents: shell
2024-04-24T17:44:18.5977126Z echo Hello, world!
2024-04-24T17:44:18.6100357Z ========================== Starting Command Output ===========================
2024-04-24T17:44:18.6221313Z ##[command]"C:\Windows\system32\cmd.exe" /D /E:ON /V:OFF /S /C "CALL "C:\opt\agent\_work\_temp\6730bfef-6b37-49d8-85eb-ddf07541d350.cmd""
2024-04-24T17:44:18.6408689Z Hello, world!
2024-04-24T17:44:18.6604951Z ##[section]Finishing: Run a one-line script
2024-04-24T17:44:18.6611479Z ##[section]Starting: Run a multi-line script
2024-04-24T17:44:18.6613943Z ==============================================================================
2024-04-24T17:44:18.6613981Z Task         : Command line
2024-04-24T17:44:18.6614003Z Description  : Run a command line script using Bash on Linux and macOS and cmd.exe on Windows
2024-04-24T17:44:18.6614038Z Version      : 2.237.1
2024-04-24T17:44:18.6614057Z Author       : Microsoft Corporation
2024-04-24T17:44:18.6614086Z Help         : https://docs.microsoft.com/azure/devops/pipelines/tasks/utility/command-line
2024-04-24T17:44:18.6614118Z ==============================================================================
2024-04-24T17:44:19.0442488Z Generating script.
2024-04-24T17:44:19.0580168Z ========================== Starting Command Output ===========================
2024-04-24T17:44:19.0691212Z ##[command]"C:\Windows\system32\cmd.exe" /D /E:ON /V:OFF /S /C "CALL "C:\opt\agent\_work\_temp\ce04b018-17b9-446c-a1e4-5d76bdd021b9.cmd""
2024-04-24T17:44:19.0828050Z Add other tasks to build, test, and deploy your project.
2024-04-24T17:44:19.0828659Z See https://aka.ms/yaml
2024-04-24T17:44:19.0968065Z ##[section]Finishing: Run a multi-line script
2024-04-24T17:44:19.0974600Z ##[section]Starting: Checkout tef-gcp-pbmm-lz@main to s
2024-04-24T17:44:19.0975994Z ==============================================================================
2024-04-24T17:44:19.0976032Z Task         : Get sources
2024-04-24T17:44:19.0976053Z Description  : Get sources from a repository. Supports Git, TfsVC, and SVN repositories.
2024-04-24T17:44:19.0976085Z Version      : 1.0.0
2024-04-24T17:44:19.0976109Z Author       : Microsoft
2024-04-24T17:44:19.0976130Z Help         : [More Information](https://go.microsoft.com/fwlink/?LinkId=798199)
2024-04-24T17:44:19.0976159Z ==============================================================================
2024-04-24T17:44:19.2871436Z Cleaning any cached credential from repository: tef-gcp-pbmm-lz (Git)
2024-04-24T17:44:19.2917545Z ##[section]Finishing: Checkout tef-gcp-pbmm-lz@main to s

Add gcloud install

- script: |
    wget https://dl.google.com/dl/cloudsdk/release/google-cloud-sdk.tar.gz
    tar zxvf google-cloud-sdk.tar.gz && ./google-cloud-sdk/install.sh --quiet --usage-reporting=false --path-update=true
    PATH="google-cloud-sdk/bin:${PATH}"
    gcloud --quiet components update
  displayName: 'install gcloud SDK'

we need a windows version
https://cloud.google.com/sdk/docs/install#windows

obriensystems · 2024-04-25T16:00:48Z

2 day turnaround on optional Azure based agents for form

obriensystems · 2024-04-25T19:18:07Z

ADO pipeline yams

ado pipeline yamls will go into the following directory

obriensystems · 2024-04-27T17:50:54Z

testing in obrienlabs.app - 2nd deployment

michael@cloudshell:~/tef-olapp/ado/github (tef-olapp)$ git clone https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding.git
Cloning into 'pbmm-on-gcp-onboarding'...
remote: Enumerating objects: 6405, done.
remote: Counting objects: 100% (2592/2592), done.
remote: Compressing objects: 100% (952/952), done.
remote: Total 6405 (delta 1706), reused 2333 (delta 1603), pack-reused 3813
Receiving objects: 100% (6405/6405), 31.81 MiB | 27.49 MiB/s, done.
Resolving deltas: 100% (3900/3900), done.

obriensystems · 2024-04-27T21:03:00Z

Dockerfile image in DockerHub iteration in #409

retest on terraform 1.3.10

CONTAINER_IMAGE=terraform-example-foundation-ado
RELEASE_ID=0.0.1
DOCKER_FILE=Dockerfile
DOCKERHUB_ORG=obrienlabs
BUILD_ID=10001
BUILD_DIR=builds
mkdir $BUILD_DIR
TARGET_DIR=$BUILD_DIR/$BUILD_ID
mkdir $TARGET_DIR

# DockerHub only
docker build --rm=true --no-cache --build-arg build-id=$BUILD_ID -t $DOCKERHUB_ORG/$CONTAINER_IMAGE -f $DOCKER_FILE .
docker tag $DOCKERHUB_ORG/$CONTAINER_IMAGE $DOCKERHUB_ORG/$CONTAINER_IMAGE:$RELEASE_ID
docker tag $DOCKERHUB_ORG/$CONTAINER_IMAGE $DOCKERHUB_ORG/$CONTAINER_IMAGE:latest
docker push obrienlabs/$CONTAINER_IMAGE:$RELEASE_ID
docker push obrienlabs/$CONTAINER_IMAGE:latest

docker run obrienlabs/terraform-example-foundation-ado --version

The push refers to repository [docker.io/obrienlabs/terraform-example-foundation-ado]
fe0fec718258: Layer already exists 
600d3bb9c25f: Layer already exists 
5a3af3daf7a4: Layer already exists 
3a53c526edc7: Layer already exists 
84ff92691f90: Layer already exists 
32bfd004bf31: Layer already exists 
404802fd10b7: Layer already exists 
latest: digest: sha256:51f797316b959bf66785a183f4fa752d1157dfe3329336fe4bdde53f1be15672 size: 1786
test a terraform exe run on ia64 only - not arm64
WARNING: The requested image's platform (linux/amd64) does not match the detected host platform (linux/arm64/v8) and no specific platform was requested
Terraform v1.3.10
on linux_amd64

retest remotely

michael@cloudshell:~ (tef-olxyz)$ docker image rm  obrienlabs/terraform-example-foundation-ado:latest -f
Untagged: obrienlabs/terraform-example-foundation-ado:latest
Untagged: obrienlabs/terraform-example-foundation-ado@sha256:f79fc4937575f143ddc29ca8958f0bf0dd67153587fbc6d05b5379cc16cb2205
Deleted: sha256:075b31b3e45cc809a55d9a753483febb99565ac12ef5bc020279a31e3ee74587
michael@cloudshell:~ (tef-olxyz)$ docker run --name tef-ado obrienlabs/terraform-example-foundation-ado:latest --version
Unable to find image 'obrienlabs/terraform-example-foundation-ado:latest' locally
latest: Pulling from obrienlabs/terraform-example-foundation-ado
d2aa1518a716: Already exists 
76ff73118202: Already exists 
3c2cba919283: Already exists 
b32fb4fcf463: Already exists 
af8c1adcdaeb: Already exists 
f31ad5bb9a07: Already exists 
9a6d62f9bf23: Pull complete 
Digest: sha256:c8a2438c1c6729cf1cd0ab5777bd537757655c6f209137af33b105c17721f369
Status: Downloaded newer image for obrienlabs/terraform-example-foundation-ado:latest
docker: Error response from daemon: Conflict. The container name "/tef-ado" is already in use by container "460dfe4001dd00d33ae6ccd3272adaf7779478dc1ee5f57359bc5ab41eab9830". You have to remove (or rename) that container to be able to reuse that name.
See 'docker run --help'.
michael@cloudshell:~ (tef-olxyz)$ docker ps -a
CONTAINER ID   IMAGE          COMMAND                 CREATED          STATUS                      PORTS     NAMES
460dfe4001dd   075b31b3e45c   "terraform --version"   15 minutes ago   Exited (0) 15 minutes ago             tef-ado
michael@cloudshell:~ (tef-olxyz)$ docker rm -v tef-ado
tef-ado
michael@cloudshell:~ (tef-olxyz)$ docker run --name tef-ado obrienlabs/terraform-example-foundation-ado:latest --version
Terraform v1.3.10
on linux_amd64

Your version of Terraform is out of date! The latest version
is 1.8.2. You can update by downloading from https://www.terraform.io/downloads.html
michael@cloudshell:~ (tef-olxyz)$

obriensystems · 2024-04-27T22:50:49Z

Test terraform 1.3.10 image in Azure Devops

via azure-pipeline.yml

trigger:
- main

pool:
  vmImage: ubuntu-latest
- script: |
    docker run obrienlabs/terraform-example-foundation-ado --version

replaces the artifact registry container build using tf-cloudbuilder

obriensystems · 2024-04-28T00:48:54Z

terraform output reference for 0-bootstrap - relevant to ADO

7 repos (including one to build the docker container)

bootstrap_step_terraform_service_account_email = "[email protected]"
organization_step_terraform_service_account_email = "[email protected]"
projects_step_terraform_service_account_email = "[email protected]"
environment_step_terraform_service_account_email = "[email protected]"

# not required except for local agents
cloud_build_peered_network_id = "projects/prj-b-cicd-82vv/global/networks/vpc-b-cbpools"
cloud_build_private_worker_pool_id = "projects/prj-b-cicd-82vv/locations/us-central1/workerPools/private-pool-yqvb"
cloud_build_worker_peered_ip_range = "192.168.0.0/24"
cloud_build_worker_range_id = "projects/prj-b-cicd-82vv/global/addresses/ga-b-cbpools-worker-pool-range"
cloud_builder_artifact_repo = "projects/prj-b-cicd-82vv/locations/us-central1/repositories/tf-runners"

cloudbuild_project_id = "prj-b-cicd-82vv"
seed_project_id = "prj-b-seed-8919"
# keep on GCP
gcs_bucket_tfstate = "bkt-prj-b-seed-tfstate-7120"
# keep on GCP
projects_gcs_bucket_tfstate = "bkt-prj-b-seed-8919-gcp-projects-tfstate"

# these repos will be on ADO - remove from GCP
csr_repos = {
  "gcp-bootstrap" = {
    "id" = "projects/prj-b-cicd-82vv/repos/gcp-bootstrap"
    "name" = "gcp-bootstrap"
    "project" = "prj-b-cicd-82vv"
    "url" = "https://source.developers.google.com/p/prj-b-cicd-82vv/r/gcp-bootstrap"
  }
  "gcp-environments" = {
    "id" = "projects/prj-b-cicd-82vv/repos/gcp-environments"
    "name" = "gcp-environments"
    "project" = "prj-b-cicd-82vv"
    "url" = "https://source.developers.google.com/p/prj-b-cicd-82vv/r/gcp-environments"
  }
  "gcp-networks" = {
    "id" = "projects/prj-b-cicd-82vv/repos/gcp-networks"
    "name" = "gcp-networks"
    "project" = "prj-b-cicd-82vv"
    "url" = "https://source.developers.google.com/p/prj-b-cicd-82vv/r/gcp-networks"
  }
  "gcp-org" = {
    "id" = "projects/prj-b-cicd-82vv/repos/gcp-org"
    "name" = "gcp-org"
    "project" = "prj-b-cicd-82vv"
    "url" = "https://source.developers.google.com/p/prj-b-cicd-82vv/r/gcp-org"
  }
  "gcp-policies" = {
    "id" = "projects/prj-b-cicd-82vv/repos/gcp-policies"
    "name" = "gcp-policies"
    "project" = "prj-b-cicd-82vv"
    "url" = "https://source.developers.google.com/p/prj-b-cicd-82vv/r/gcp-policies"
  }
  "gcp-projects" = {
    "id" = "projects/prj-b-cicd-82vv/repos/gcp-projects"
    "name" = "gcp-projects"
    "project" = "prj-b-cicd-82vv"
    "url" = "https://source.developers.google.com/p/prj-b-cicd-82vv/r/gcp-projects"
  }
  "tf-cloudbuilder" = {
    "id" = "projects/prj-b-cicd-82vv/repos/tf-cloudbuilder"
    "name" = "tf-cloudbuilder"
    "project" = "prj-b-cicd-82vv"
    "url" = "https://source.developers.google.com/p/prj-b-cicd-82vv/r/tf-cloudbuilder"
  }
}

# investigate
gcs_bucket_cloudbuild_artifacts = {
  "bootstrap" = "bkt-prj-b-cicd-82vv-gcp-bootstrap-build-artifacts"
  "env" = "bkt-prj-b-cicd-82vv-gcp-environments-build-artifacts"
  "net" = "bkt-prj-b-cicd-82vv-gcp-networks-build-artifacts"
  "org" = "bkt-prj-b-cicd-82vv-gcp-org-build-artifacts"
  "proj" = "bkt-prj-b-cicd-82vv-gcp-projects-build-artifacts"
}

# these will be on the ADO org - can be removed from GCP
gcs_bucket_cloudbuild_logs = {
  "bootstrap" = "bkt-prj-b-cicd-82vv-gcp-bootstrap-build-logs"
  "env" = "bkt-prj-b-cicd-82vv-gcp-environments-build-logs"
  "net" = "bkt-prj-b-cicd-82vv-gcp-networks-build-logs"
  "org" = "bkt-prj-b-cicd-82vv-gcp-org-build-logs"
  "proj" = "bkt-prj-b-cicd-82vv-gcp-projects-build-logs"
}

obriensystems · 2024-04-30T02:25:37Z

ADO 0-bootstrap continued

6 repo creation

see reference https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding/blob/main/0-bootstrap/scripts/git_create_branches_helper.sh

Comment out sections in output.tf and variables.tf

comment jenkins, cloud build

uncomment sections in terraform.example.tfvars

uncomment sections in providers.tf - for any tf deploying ado infra

specifically for the ado terraform provider in https://github.com/microsoft/terraform-provider-azuredevops

obriensystems · 2024-04-30T15:22:53Z

ADO 0-bootstrap continued - local gcloud shell instructions working

see

michaelobrien@mbp7 pbmm-on-gcp-onboarding % gcloud config set project tef-olapp                        
Updated property [core/project].
michaelobrien@mbp7 pbmm-on-gcp-onboarding % pwd
/Users/michaelobrien/wse_github/GoogleCloudPlatform/olapp/_deploy_test_399_from_ado/pbmm-on-gcp-onboarding

at step https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding/blob/gh399-ado/0-bootstrap/README-Azure-DevOps.md#rename-terraformexampletfvars-to-terraformtfvars-and-update-the-file-with-values-from-your-environment

reference: https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding/blob/gh399-ado/0-bootstrap/README-GitHub.md

editing: https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding/edit/gh399-ado/0-bootstrap/README-Azure-DevOps.md

Clone the public ADO repository into your local environment

For local gcloud environment authentication setup - see https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding/wiki/DevOps#authenticate-a-local-cloud-shell

# replace YOUR-ORG with your ado organization
git clone https://[email protected]/YOUR-ORG/pbmm-on-gcp-onboarding/_git/pbmm-on-gcp-onboarding
cd pbmm-on-gcp-onboarding/0-bootstrap

Create 5 additional private GCP repos below

see Repos / Files / Dropdown

gcp-bootstrap, gcp-policies, gcp-organization, gcp-networks, gcp-projects

gcp-bootstrap

Clone the private gcp-bootstrap repository you created to host the 0-bootstrap terraform configuration at the same level of the pbmm-on-gcp-onboarding folder.

local gcloud example

michaelobrien@mbp7 _deploy_test_399_from_ado % git clone https://[email protected]/obrienlabsxyz/pbmm-on-gcp-onboarding/_git/gcp-bootstrap gcp-bootstrap
Cloning into 'gcp-bootstrap'...
remote: Azure Repos
remote: Found 3 objects to send. (23 ms)
Unpacking objects: 100% (3/3), 736 bytes | 368.00 KiB/s, done.
michaelobrien@mbp7 _deploy_test_399_from_ado % cd gcp-bootstrap 
michaelobrien@mbp7 gcp-bootstrap % ls
README.md
michaelobrien@mbp7 gcp-bootstrap % git status
On branch main
Your branch is up to date with 'origin/main'.

nothing to commit, working tree clean

obriensystems · 2024-05-01T12:34:45Z

ichaelobrien@mbp7 gcp-bootstrap % git checkout -b plan
Switched to a new branch 'plan'
michaelobrien@mbp7 gcp-bootstrap % mkdir -p envs/shared
michaelobrien@mbp7 gcp-bootstrap % cp -RT ../pbmm-on-gcp-onboarding/0-bootstrap/ ./envs/shared
cp: illegal option -- T
usage: cp [-R [-H | -L | -P]] [-fi | -n] [-aclpSsvXx] source_file target_file
       cp [-R [-H | -L | -P]] [-fi | -n] [-aclpSsvXx] source_file ... target_directory
michaelobrien@mbp7 gcp-bootstrap % cp -RT ../pbmm-on-gcp-onboarding/0-bootstrap/ ./envs/shared
cp: illegal option -- T
usage: cp [-R [-H | -L | -P]] [-fi | -n] [-aclpSsvXx] source_file target_file
       cp [-R [-H | -L | -P]] [-fi | -n] [-aclpSsvXx] source_file ... target_directory
michaelobrien@mbp7 gcp-bootstrap % cp -R ../pbmm-on-gcp-onboarding/0-bootstrap/ ./envs/shared 
michaelobrien@mbp7 gcp-bootstrap % ls envs/shared 
Dockerfile			ado.tf.example			gitlab.tf.example		outputs.tf.local		terraform_cloud.tf.example
README-Azure-DevOps.md		backend.tf.cloud.example	groups.tf			provider.tf			variables.tf
README-GitHub.md		backend.tf.example		jenkins.tf.example		sa.tf				versions.tf
README-GitLab.md		backend.tf.local		main.tf				scripts
README-Jenkins.md		cb.tf.dont_use			modules				terraform-local.tf
README-Terraform-Cloud.md	files				onprem.md			terraform.example.tfvars
README.md			github.tf.example		outputs.tf.dont_use		terraform.mod.tfvars
michaelobrien@mbp7 gcp-bootstrap % cp -R ../pbmm-on-gcp-onboarding/policy-library/ ./policy-library
michaelobrien@mbp7 gcp-bootstrap % mkdir -p .github/workflows
michaelobrien@mbp7 gcp-bootstrap % cp ../pbmm-on-gcp-onboarding/build/github-tf-* ./.github/workflows/
michaelobrien@mbp7 gcp-bootstrap % cp ../pbmm-on-gcp-onboarding/build/tf-wrapper.sh .
michaelobrien@mbp7 gcp-bootstrap % chmod 755 ./tf-wrapper.sh
michaelobrien@mbp7 gcp-bootstrap % cd ./envs/shared

obriensystems · 2024-05-01T12:34:57Z

0-bootstrap ado continued

create 4 more repos via console
gcp-policies, gcp-organization, gcp-networks, gcp-projects

need to create an ADO version of the helper

./terraform-example-foundation/0-bootstrap/scripts/git_create_branches_helper.sh GITLAB

step 5
Seed the repository if it has not been initialized yet.

michaelobrien@mbp7 gcp-bootstrap % git commit --allow-empty -m 'repository seed'
[main 12cf71b] repository seed
michaelobrien@mbp7 gcp-bootstrap % git push --set-upstream origin main
Enumerating objects: 1, done.
Counting objects: 100% (1/1), done.
Writing objects: 100% (1/1), 195 bytes | 195.00 KiB/s, done.
Total 1 (delta 0), reused 0 (delta 0), pack-reused 0
remote: Analyzing objects... (1/1) (21 ms)
remote: Validating commits... (1/1) done (8 ms)
remote: Storing packfile... done (62 ms)
remote: Storing index... done (59 ms)
To https://dev.azure.com/obrienlabsxyz/pbmm-on-gcp-onboarding/_git/gcp-bootstrap
   f15ef31..12cf71b  main -> main
branch 'main' set up to track 'origin/main'.
michaelobrien@mbp7 gcp-bootstrap % git checkout -b production
Switched to a new branch 'production'
michaelobrien@mbp7 gcp-bootstrap % git push --set-upstream origin production
Total 0 (delta 0), reused 0 (delta 0), pack-reused 0
To https://dev.azure.com/obrienlabsxyz/pbmm-on-gcp-onboarding/_git/gcp-bootstrap
 * [new branch]      production -> production
branch 'production' set up to track 'origin/production'.


ichaelobrien@mbp7 gcp-bootstrap % git checkout -b plan
Switched to a new branch 'plan'
michaelobrien@mbp7 gcp-bootstrap % mkdir -p envs/shared
michaelobrien@mbp7 gcp-bootstrap % cp -RT ../pbmm-on-gcp-onboarding/0-bootstrap/ ./envs/shared
cp: illegal option -- T
usage: cp [-R [-H | -L | -P]] [-fi | -n] [-aclpSsvXx] source_file target_file
       cp [-R [-H | -L | -P]] [-fi | -n] [-aclpSsvXx] source_file ... target_directory
michaelobrien@mbp7 gcp-bootstrap % cp -RT ../pbmm-on-gcp-onboarding/0-bootstrap/ ./envs/shared
cp: illegal option -- T
usage: cp [-R [-H | -L | -P]] [-fi | -n] [-aclpSsvXx] source_file target_file
       cp [-R [-H | -L | -P]] [-fi | -n] [-aclpSsvXx] source_file ... target_directory
michaelobrien@mbp7 gcp-bootstrap % cp -R ../pbmm-on-gcp-onboarding/0-bootstrap/ ./envs/shared 
michaelobrien@mbp7 gcp-bootstrap % ls envs/shared 
Dockerfile			ado.tf.example			gitlab.tf.example		outputs.tf.local		terraform_cloud.tf.example
README-Azure-DevOps.md		backend.tf.cloud.example	groups.tf			provider.tf			variables.tf
README-GitHub.md		backend.tf.example		jenkins.tf.example		sa.tf				versions.tf
README-GitLab.md		backend.tf.local		main.tf				scripts
README-Jenkins.md		cb.tf.dont_use			modules				terraform-local.tf
README-Terraform-Cloud.md	files				onprem.md			terraform.example.tfvars
README.md			github.tf.example		outputs.tf.dont_use		terraform.mod.tfvars
michaelobrien@mbp7 gcp-bootstrap % cp -R ../pbmm-on-gcp-onboarding/policy-library/ ./policy-library
michaelobrien@mbp7 gcp-bootstrap % mkdir -p .github/workflows
michaelobrien@mbp7 gcp-bootstrap % cp ../pbmm-on-gcp-onboarding/build/github-tf-* ./.github/workflows/
michaelobrien@mbp7 gcp-bootstrap % cp ../pbmm-on-gcp-onboarding/build/tf-wrapper.sh .
michaelobrien@mbp7 gcp-bootstrap % chmod 755 ./tf-wrapper.sh
michaelobrien@mbp7 gcp-bootstrap % cd ./envs/shared

obriensystems · 2024-05-04T22:22:59Z

See latest 3rd org testing 50 min for #421 in #421 (comment)

obriensystems · 2024-05-05T16:22:07Z

merge main into gh399-ado

ichaelobrien@mbp7 gh399-ado % git clone [email protected]:GoogleCloudPlatform/pbmm-on-gcp-onboarding.git
Cloning into 'pbmm-on-gcp-onboarding'...
remote: Enumerating objects: 6563, done.
remote: Counting objects: 100% (2307/2307), done.
remote: Compressing objects: 100% (804/804), done.
remote: Total 6563 (delta 1599), reused 2004 (delta 1471), pack-reused 4256
Receiving objects: 100% (6563/6563), 31.81 MiB | 11.61 MiB/s, done.
Resolving deltas: 100% (4021/4021), done.
michaelobrien@mbp7 gh399-ado % git checkout gh399-ado
fatal: not a git repository (or any of the parent directories): .git
michaelobrien@mbp7 gh399-ado % cd pbmm-on-gcp-onboarding 
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git checkout gh399-ado   
branch 'gh399-ado' set up to track 'origin/gh399-ado'.
Switched to a new branch 'gh399-ado'
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git merge main
Auto-merging 0-bootstrap/README.md
Auto-merging 0-bootstrap/terraform.example.tfvars
Merge made by the 'ort' strategy.
 0-bootstrap/README.md                                          | 38 ++++++++++++++++++++++++++++++++++++--
 0-bootstrap/{cb.tf.dont_use => cb.tf}                          |  0
 0-bootstrap/{outputs.tf.dont_use => outputs.tf}                |  8 ++++++++
 0-bootstrap/{terraform-local.tf => terraform-local.tf.example} | 16 ++++++++++++++++
 0-bootstrap/terraform.example.tfvars                           | 35 ++++++++++++++++++-----------------
 0-bootstrap/terraform.mod.tfvars                               | 63 ---------------------------------------------------------------
 1-org/envs/shared/terraform.example.tfvars                     | 15 ++++++---------
 1-org/envs/shared/terraform.mod.tfvars                         | 37 -------------------------------------
 2-environments/terraform.example.tfvars                        |  2 +-
 2-environments/terraform.mod.tfvars                            | 18 ------------------
 3-networks-dual-svpc/access_context.auto.mod.tfvars            | 17 -----------------
 3-networks-dual-svpc/common.auto.example.tfvars                | 11 +++++++----
 3-networks-dual-svpc/common.auto.mod.tfvars                    | 28 ----------------------------
 3-networks-dual-svpc/shared.auto.mod.tfvars                    | 28 ----------------------------
 3-networks-hub-and-spoke/access_context.auto.mod.tfvars        | 17 -----------------
 3-networks-hub-and-spoke/common.auto.example.tfvars            |  5 +++--
 3-networks-hub-and-spoke/common.auto.mod.tfvars                | 28 ----------------------------
 3-networks-hub-and-spoke/shared.auto.mod.tfvars                | 28 ----------------------------
 4-projects/common.auto.mod.tfvars                              | 17 -----------------
 4-projects/development.auto.example.tfvars                     |  6 ++++++
 4-projects/development.auto.mod.tfvars                         | 18 ------------------
 4-projects/non-production.auto.example.tfvars                  |  6 ++++++
 4-projects/non-production.auto.mod.tfvars                      | 18 ------------------
 4-projects/production.auto.example.tfvars                      |  6 ++++++
 4-projects/production.auto.mod.tfvars                          | 18 ------------------
 4-projects/shared.auto.example.tfvars                          |  3 ++-
 4-projects/shared.auto.mod.tfvars                              | 18 ------------------
 README.md                                                      | 16 ++++++++++++++++
 helpers/foundation-deployer/go.mod                             |  2 +-
 helpers/foundation-deployer/go.sum                             |  8 ++++----
 30 files changed, 136 insertions(+), 394 deletions(-)
 rename 0-bootstrap/{cb.tf.dont_use => cb.tf} (100%)
 rename 0-bootstrap/{outputs.tf.dont_use => outputs.tf} (96%)
 rename 0-bootstrap/{terraform-local.tf => terraform-local.tf.example} (54%)
 delete mode 100644 0-bootstrap/terraform.mod.tfvars
 delete mode 100644 1-org/envs/shared/terraform.mod.tfvars
 delete mode 100644 2-environments/terraform.mod.tfvars
 delete mode 100644 3-networks-dual-svpc/access_context.auto.mod.tfvars
 delete mode 100644 3-networks-dual-svpc/common.auto.mod.tfvars
 delete mode 100644 3-networks-dual-svpc/shared.auto.mod.tfvars
 delete mode 100644 3-networks-hub-and-spoke/access_context.auto.mod.tfvars
 delete mode 100644 3-networks-hub-and-spoke/common.auto.mod.tfvars
 delete mode 100644 3-networks-hub-and-spoke/shared.auto.mod.tfvars
 delete mode 100644 4-projects/common.auto.mod.tfvars
 delete mode 100644 4-projects/development.auto.mod.tfvars
 delete mode 100644 4-projects/non-production.auto.mod.tfvars
 delete mode 100644 4-projects/production.auto.mod.tfvars
 delete mode 100644 4-projects/shared.auto.mod.tfvars

obriensystems · 2024-05-05T16:34:43Z

rebase ADO from github

michaelobrien@mbp7 pbmm-on-gcp-onboarding % git status
On branch gh399-ado
Your branch is up to date with 'origin/gh399-ado'.

nothing to commit, working tree clean
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git checkout main
branch 'main' set up to track 'origin/main'.
Switched to a new branch 'main'
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git pull
Already up to date.
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git remote add upstream https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding.git 
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git fetch upstream
remote: Enumerating objects: 102, done.
remote: Counting objects: 100% (102/102), done.
remote: Compressing objects: 100% (56/56), done.
remote: Total 102 (delta 55), reused 87 (delta 44), pack-reused 0
Receiving objects: 100% (102/102), 88.98 KiB | 2.22 MiB/s, done.
Resolving deltas: 100% (55/55), completed with 2 local objects.
From https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding
 * [new branch]      20240504-main-cb-ready                                         -> upstream/20240504-main-cb-ready
 * [new branch]      243-tef-retrofit                                               -> upstream/243-tef-retrofit
 * [new branch]      318-log-sink-alerting                                          -> upstream/318-log-sink-alerting
 * [new branch]      332-dev-prov-client-v20230917                                  -> upstream/332-dev-prov-client-v20230917
 * [new branch]      341-labels-off-332                                             -> upstream/341-labels-off-332
 * [new branch]      341-tags-off-332                                               -> upstream/341-tags-off-332
 * [new branch]      345-landing-zone-fortigate-light                               -> upstream/345-landing-zone-fortigate-light
 * [new branch]      351-landing-zone-fortigate-cloud-setup                         -> upstream/351-landing-zone-fortigate-cloud-setup
 * [new branch]      craigenator                                                    -> upstream/craigenator
 * [new branch]      craigenator-network                                            -> upstream/craigenator-network
 * [new branch]      dan-fix-version-upgrade                                        -> upstream/dan-fix-version-upgrade
 * [new branch]      dependabot/go_modules/helpers/foundation-deployer/github.com/hashicorp/go-getter-1.7.4 -> upstream/dependabot/go_modules/helpers/foundation-deployer/github.com/hashicorp/go-getter-1.7.4
 * [new branch]      dependabot/go_modules/helpers/foundation-deployer/golang.org/x/net-0.23.0 -> upstream/dependabot/go_modules/helpers/foundation-deployer/golang.org/x/net-0.23.0
 * [new branch]      dependabot/go_modules/test/integration/github.com/hashicorp/go-getter-1.7.4 -> upstream/dependabot/go_modules/test/integration/github.com/hashicorp/go-getter-1.7.4
 * [new branch]      dependabot/go_modules/test/integration/golang.org/x/net-0.23.0 -> upstream/dependabot/go_modules/test/integration/golang.org/x/net-0.23.0
 * [new branch]      example                                                        -> upstream/example
 * [new branch]      fmichaelobrien                                                 -> upstream/fmichaelobrien
 * [new branch]      fmichaelobrien-example-nonprod                                 -> upstream/fmichaelobrien-example-nonprod
 * [new branch]      fmichaelobrien-example-prod                                    -> upstream/fmichaelobrien-example-prod
 * [new branch]      fmichaelobrien-pr-113                                          -> upstream/fmichaelobrien-pr-113
 * [new branch]      fortigate-yopps                                                -> upstream/fortigate-yopps
 * [new branch]      gh357-tef-v4-fork                                              -> upstream/gh357-tef-v4-fork
 * [new branch]      gh360-day0-deploy-example                                      -> upstream/gh360-day0-deploy-example
 * [new branch]      gh362-bootstrap-prereq                                         -> upstream/gh362-bootstrap-prereq
 * [new branch]      gh377-architecture                                             -> upstream/gh377-architecture
 * [new branch]      gh387-upstream-sync                                            -> upstream/gh387-upstream-sync
 * [new branch]      gh399-ado                                                      -> upstream/gh399-ado
 * [new branch]      hotfix/cloudbuildjob                                           -> upstream/hotfix/cloudbuildjob
 * [new branch]      hotfix/guardrailsiam                                           -> upstream/hotfix/guardrailsiam
 * [new branch]      main                                                           -> upstream/main
 * [new branch]      pr-mro-bootstrap-localization                                  -> upstream/pr-mro-bootstrap-localization
 * [new branch]      pr-mro-bootstrap-run-terraform-local-041524                    -> upstream/pr-mro-bootstrap-run-terraform-local-041524
 * [new branch]      pr-mro-tef-fix-bucket-name-length-041524                       -> upstream/pr-mro-tef-fix-bucket-name-length-041524
 * [new branch]      pr-mro-tef-multi-instance-041524                               -> upstream/pr-mro-tef-multi-instance-041524
 * [new branch]      tm-lz-org                                                      -> upstream/tm-lz-org
 * [new branch]      v020                                                           -> upstream/v020
 * [new branch]      v20240407                                                      -> upstream/v20240407
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git merge upstream/main main
Updating fc4b948..b209766
Fast-forward
 0-bootstrap/README.md                                          | 38 ++++++++++++++++++++++++++++++++++++--
 0-bootstrap/{cb.tf.dont_use => cb.tf}                          |  0
 0-bootstrap/{outputs.tf.dont_use => outputs.tf}                |  8 ++++++++
 0-bootstrap/{terraform-local.tf => terraform-local.tf.example} | 16 ++++++++++++++++
 0-bootstrap/terraform.example.tfvars                           | 35 ++++++++++++++++++-----------------
 0-bootstrap/terraform.mod.tfvars                               | 63 ---------------------------------------------------------------
 1-org/envs/shared/terraform.example.tfvars                     | 15 ++++++---------
 1-org/envs/shared/terraform.mod.tfvars                         | 37 -------------------------------------
 2-environments/terraform.example.tfvars                        |  2 +-
 2-environments/terraform.mod.tfvars                            | 18 ------------------
 3-networks-dual-svpc/access_context.auto.mod.tfvars            | 17 -----------------
 3-networks-dual-svpc/common.auto.example.tfvars                | 11 +++++++----
 3-networks-dual-svpc/common.auto.mod.tfvars                    | 28 ----------------------------
 3-networks-dual-svpc/shared.auto.mod.tfvars                    | 28 ----------------------------
 3-networks-hub-and-spoke/access_context.auto.mod.tfvars        | 17 -----------------
 3-networks-hub-and-spoke/common.auto.example.tfvars            |  5 +++--
 3-networks-hub-and-spoke/common.auto.mod.tfvars                | 28 ----------------------------
 3-networks-hub-and-spoke/shared.auto.mod.tfvars                | 28 ----------------------------
 4-projects/common.auto.mod.tfvars                              | 17 -----------------
 4-projects/development.auto.example.tfvars                     |  6 ++++++
 4-projects/development.auto.mod.tfvars                         | 18 ------------------
 4-projects/non-production.auto.example.tfvars                  |  6 ++++++
 4-projects/non-production.auto.mod.tfvars                      | 18 ------------------
 4-projects/production.auto.example.tfvars                      |  6 ++++++
 4-projects/production.auto.mod.tfvars                          | 18 ------------------
 4-projects/shared.auto.example.tfvars                          |  3 ++-
 4-projects/shared.auto.mod.tfvars                              | 18 ------------------
 README.md                                                      | 16 ++++++++++++++++
 helpers/foundation-deployer/go.mod                             |  2 +-
 helpers/foundation-deployer/go.sum                             |  8 ++++----
 30 files changed, 136 insertions(+), 394 deletions(-)
 rename 0-bootstrap/{cb.tf.dont_use => cb.tf} (100%)
 rename 0-bootstrap/{outputs.tf.dont_use => outputs.tf} (96%)
 rename 0-bootstrap/{terraform-local.tf => terraform-local.tf.example} (54%)
 delete mode 100644 0-bootstrap/terraform.mod.tfvars
 delete mode 100644 1-org/envs/shared/terraform.mod.tfvars
 delete mode 100644 2-environments/terraform.mod.tfvars
 delete mode 100644 3-networks-dual-svpc/access_context.auto.mod.tfvars
 delete mode 100644 3-networks-dual-svpc/common.auto.mod.tfvars
 delete mode 100644 3-networks-dual-svpc/shared.auto.mod.tfvars
 delete mode 100644 3-networks-hub-and-spoke/access_context.auto.mod.tfvars
 delete mode 100644 3-networks-hub-and-spoke/common.auto.mod.tfvars
 delete mode 100644 3-networks-hub-and-spoke/shared.auto.mod.tfvars
 delete mode 100644 4-projects/common.auto.mod.tfvars
 delete mode 100644 4-projects/development.auto.mod.tfvars
 delete mode 100644 4-projects/non-production.auto.mod.tfvars
 delete mode 100644 4-projects/production.auto.mod.tfvars
 delete mode 100644 4-projects/shared.auto.mod.tfvars

michaelobrien@mbp7 pbmm-on-gcp-onboarding % git push origin main
Enumerating objects: 75, done.
Counting objects: 100% (75/75), done.
Delta compression using up to 10 threads
Compressing objects: 100% (28/28), done.
Writing objects: 100% (51/51), 15.80 KiB | 15.80 MiB/s, done.
Total 51 (delta 34), reused 39 (delta 22), pack-reused 0
remote: Analyzing objects... (51/51) (11 ms)
remote: Validating commits... (14/14) done (4 ms)
remote: Storing packfile... done (88 ms)
remote: Storing index... done (54 ms)
To https://dev.azure.com/obrienlabsxyz/pbmm-on-gcp-onboarding/_git/pbmm-on-gcp-onboarding
   fc4b948..b209766  main -> main

michaelobrien@mbp7 pbmm-on-gcp-onboarding % git checkout gh399-ado      
Switched to branch 'gh399-ado'
Your branch is up to date with 'origin/gh399-ado'.
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git merge main
Auto-merging 0-bootstrap/README.md
Merge made by the 'ort' strategy.
 0-bootstrap/README.md                                          | 38 ++++++++++++++++++++++++++++++++++++--
 0-bootstrap/{cb.tf.dont_use => cb.tf}                          |  0
 0-bootstrap/{outputs.tf.dont_use => outputs.tf}                |  8 ++++++++
 0-bootstrap/{terraform-local.tf => terraform-local.tf.example} | 16 ++++++++++++++++
 0-bootstrap/terraform.example.tfvars                           | 35 ++++++++++++++++++-----------------
 0-bootstrap/terraform.mod.tfvars                               | 63 ---------------------------------------------------------------
 1-org/envs/shared/terraform.example.tfvars                     | 15 ++++++---------
 1-org/envs/shared/terraform.mod.tfvars                         | 37 -------------------------------------
 2-environments/terraform.example.tfvars                        |  2 +-
 2-environments/terraform.mod.tfvars                            | 18 ------------------
 3-networks-dual-svpc/access_context.auto.mod.tfvars            | 17 -----------------
 3-networks-dual-svpc/common.auto.example.tfvars                | 11 +++++++----
 3-networks-dual-svpc/common.auto.mod.tfvars                    | 28 ----------------------------
 3-networks-dual-svpc/shared.auto.mod.tfvars                    | 28 ----------------------------
 3-networks-hub-and-spoke/access_context.auto.mod.tfvars        | 17 -----------------
 3-networks-hub-and-spoke/common.auto.example.tfvars            |  5 +++--
 3-networks-hub-and-spoke/common.auto.mod.tfvars                | 28 ----------------------------
 3-networks-hub-and-spoke/shared.auto.mod.tfvars                | 28 ----------------------------
 4-projects/common.auto.mod.tfvars                              | 17 -----------------
 4-projects/development.auto.example.tfvars                     |  6 ++++++
 4-projects/development.auto.mod.tfvars                         | 18 ------------------
 4-projects/non-production.auto.example.tfvars                  |  6 ++++++
 4-projects/non-production.auto.mod.tfvars                      | 18 ------------------
 4-projects/production.auto.example.tfvars                      |  6 ++++++
 4-projects/production.auto.mod.tfvars                          | 18 ------------------
 4-projects/shared.auto.example.tfvars                          |  3 ++-
 4-projects/shared.auto.mod.tfvars                              | 18 ------------------
 README.md                                                      | 16 ++++++++++++++++
 helpers/foundation-deployer/go.mod                             |  2 +-
 helpers/foundation-deployer/go.sum                             |  8 ++++----
 30 files changed, 136 insertions(+), 394 deletions(-)
 rename 0-bootstrap/{cb.tf.dont_use => cb.tf} (100%)
 rename 0-bootstrap/{outputs.tf.dont_use => outputs.tf} (96%)
 rename 0-bootstrap/{terraform-local.tf => terraform-local.tf.example} (54%)
 delete mode 100644 0-bootstrap/terraform.mod.tfvars
 delete mode 100644 1-org/envs/shared/terraform.mod.tfvars
 delete mode 100644 2-environments/terraform.mod.tfvars
 delete mode 100644 3-networks-dual-svpc/access_context.auto.mod.tfvars
 delete mode 100644 3-networks-dual-svpc/common.auto.mod.tfvars
 delete mode 100644 3-networks-dual-svpc/shared.auto.mod.tfvars
 delete mode 100644 3-networks-hub-and-spoke/access_context.auto.mod.tfvars
 delete mode 100644 3-networks-hub-and-spoke/common.auto.mod.tfvars
 delete mode 100644 3-networks-hub-and-spoke/shared.auto.mod.tfvars
 delete mode 100644 4-projects/common.auto.mod.tfvars
 delete mode 100644 4-projects/development.auto.mod.tfvars
 delete mode 100644 4-projects/non-production.auto.mod.tfvars
 delete mode 100644 4-projects/production.auto.mod.tfvars
 delete mode 100644 4-projects/shared.auto.mod.tfvars
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git commit -m "#399 - upstream main merge"
On branch gh399-ado
Your branch is ahead of 'origin/gh399-ado' by 16 commits.
  (use "git push" to publish your local commits)

nothing to commit, working tree clean
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git push origin gh399-ado                 
Enumerating objects: 10, done.
Counting objects: 100% (10/10), done.
Delta compression using up to 10 threads
Compressing objects: 100% (4/4), done.
Writing objects: 100% (4/4), 695 bytes | 695.00 KiB/s, done.
Total 4 (delta 3), reused 0 (delta 0), pack-reused 0
remote: Analyzing objects... (4/4) (171 ms)
remote: Validating commits... (1/1) done (1 ms)
remote: Storing packfile... done (61 ms)
remote: Storing index... done (74 ms)
To https://dev.azure.com/obrienlabsxyz/pbmm-on-gcp-onboarding/_git/pbmm-on-gcp-onboarding
   52b57c8..bb6d4e0  gh399-ado -> gh399-ado

obriensystems · 2024-05-05T16:36:59Z

restart 0-bootstrap ADO testing

Sync with main first on osx ado repo

ichaelobrien@mbp7 0-bootstrap % ls
Dockerfile			ado.tf.example			gitlab.tf.example		outputs.tf.local		terraform_cloud.tf.example
README-Azure-DevOps.md		backend.tf.cloud.example	groups.tf			provider.tf			variables.tf
README-GitHub.md		backend.tf.example		jenkins.tf.example		sa.tf				versions.tf
README-GitLab.md		backend.tf.local		main.tf				scripts
README-Jenkins.md		cb.tf.dont_use			modules				terraform-local.tf
README-Terraform-Cloud.md	files				onprem.md			terraform.example.tfvars
README.md			github.tf.example		outputs.tf.dont_use		terraform.mod.tfvars
michaelobrien@mbp7 0-bootstrap % git pull
remote: Azure Repos
remote: Found 61 objects to send. (2 ms)
Unpacking objects: 100% (61/61), 53.11 KiB | 1.47 MiB/s, done.
From https://dev.azure.com/obrienlabsxyz/pbmm-on-gcp-onboarding/_git/pbmm-on-gcp-onboarding
   52b57c8..bb6d4e0  gh399-ado  -> origin/gh399-ado
   fc4b948..b209766  main       -> origin/main
Updating 52b57c8..bb6d4e0
Fast-forward
 0-bootstrap/README.md                                          | 38 ++++++++++++++++++++++++++++++++++++--
 0-bootstrap/{cb.tf.dont_use => cb.tf}                          |  0
 0-bootstrap/{outputs.tf.dont_use => outputs.tf}                |  8 ++++++++
 0-bootstrap/{terraform-local.tf => terraform-local.tf.example} | 16 ++++++++++++++++
 0-bootstrap/terraform.example.tfvars                           | 35 ++++++++++++++++++-----------------
 0-bootstrap/terraform.mod.tfvars                               | 63 ---------------------------------------------------------------
 1-org/envs/shared/terraform.example.tfvars                     | 15 ++++++---------
 1-org/envs/shared/terraform.mod.tfvars                         | 37 -------------------------------------
 2-environments/terraform.example.tfvars                        |  2 +-
 2-environments/terraform.mod.tfvars                            | 18 ------------------
 3-networks-dual-svpc/access_context.auto.mod.tfvars            | 17 -----------------
 3-networks-dual-svpc/common.auto.example.tfvars                | 11 +++++++----
 3-networks-dual-svpc/common.auto.mod.tfvars                    | 28 ----------------------------
 3-networks-dual-svpc/shared.auto.mod.tfvars                    | 28 ----------------------------
 3-networks-hub-and-spoke/access_context.auto.mod.tfvars        | 17 -----------------
 3-networks-hub-and-spoke/common.auto.example.tfvars            |  5 +++--
 3-networks-hub-and-spoke/common.auto.mod.tfvars                | 28 ----------------------------
 3-networks-hub-and-spoke/shared.auto.mod.tfvars                | 28 ----------------------------
 4-projects/common.auto.mod.tfvars                              | 17 -----------------
 4-projects/development.auto.example.tfvars                     |  6 ++++++
 4-projects/development.auto.mod.tfvars                         | 18 ------------------
 4-projects/non-production.auto.example.tfvars                  |  6 ++++++
 4-projects/non-production.auto.mod.tfvars                      | 18 ------------------
 4-projects/production.auto.example.tfvars                      |  6 ++++++
 4-projects/production.auto.mod.tfvars                          | 18 ------------------
 4-projects/shared.auto.example.tfvars                          |  3 ++-
 4-projects/shared.auto.mod.tfvars                              | 18 ------------------
 README.md                                                      | 16 ++++++++++++++++
 helpers/foundation-deployer/go.mod                             |  2 +-
 helpers/foundation-deployer/go.sum                             |  8 ++++----
 30 files changed, 136 insertions(+), 394 deletions(-)
 rename 0-bootstrap/{cb.tf.dont_use => cb.tf} (100%)
 rename 0-bootstrap/{outputs.tf.dont_use => outputs.tf} (96%)
 rename 0-bootstrap/{terraform-local.tf => terraform-local.tf.example} (54%)
 delete mode 100644 0-bootstrap/terraform.mod.tfvars
 delete mode 100644 1-org/envs/shared/terraform.mod.tfvars
 delete mode 100644 2-environments/terraform.mod.tfvars
 delete mode 100644 3-networks-dual-svpc/access_context.auto.mod.tfvars
 delete mode 100644 3-networks-dual-svpc/common.auto.mod.tfvars
 delete mode 100644 3-networks-dual-svpc/shared.auto.mod.tfvars
 delete mode 100644 3-networks-hub-and-spoke/access_context.auto.mod.tfvars
 delete mode 100644 3-networks-hub-and-spoke/common.auto.mod.tfvars
 delete mode 100644 3-networks-hub-and-spoke/shared.auto.mod.tfvars
 delete mode 100644 4-projects/common.auto.mod.tfvars
 delete mode 100644 4-projects/development.auto.mod.tfvars
 delete mode 100644 4-projects/non-production.auto.mod.tfvars
 delete mode 100644 4-projects/production.auto.mod.tfvars
 delete mode 100644 4-projects/shared.auto.mod.tfvars

rebase from upstream specifically for gh399-ado not just a main merge into gh399-ado - missing changes in 399 for terraform.example.tf

https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding/wiki/DevOps#pbmm-upstream---to-ado-repo

still pushing to github not ado

michaelobrien@mbp7 ado_olxyz % mkdir upstream 
michaelobrien@mbp7 ado_olxyz %  git clone [email protected]:GoogleCloudPlatform/pbmm-on-gcp-onboarding.git
Cloning into 'pbmm-on-gcp-onboarding'...
remote: Enumerating objects: 6572, done.
remote: Counting objects: 100% (2316/2316), done.
remote: Compressing objects: 100% (809/809), done.
remote: Total 6572 (delta 1604), reused 2012 (delta 1475), pack-reused 4256
Receiving objects: 100% (6572/6572), 31.81 MiB | 27.06 MiB/s, done.
Resolving deltas: 100% (4026/4026), done.
michaelobrien@mbp7 ado_olxyz % ls                        
pbmm-on-gcp-onboarding	resync			upstream
michaelobrien@mbp7 ado_olxyz % cd pbmm-on-gcp-onboarding 
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git status
On branch main
Your branch is up to date with 'origin/main'.

nothing to commit, working tree clean
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git checkout gh399-ado
branch 'gh399-ado' set up to track 'origin/gh399-ado'.
Switched to a new branch 'gh399-ado'
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git remote add upstream https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding.git
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git fetch upstream                                                                       
From https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding
 * [new branch]      20240504-main-cb-ready                                         -> upstream/20240504-main-cb-ready
 * [new branch]      243-tef-retrofit                                               -> upstream/243-tef-retrofit
 * [new branch]      318-log-sink-alerting                                          -> upstream/318-log-sink-alerting
 * [new branch]      332-dev-prov-client-v20230917                                  -> upstream/332-dev-prov-client-v20230917
 * [new branch]      341-labels-off-332                                             -> upstream/341-labels-off-332
 * [new branch]      341-tags-off-332                                               -> upstream/341-tags-off-332
 * [new branch]      345-landing-zone-fortigate-light                               -> upstream/345-landing-zone-fortigate-light
 * [new branch]      351-landing-zone-fortigate-cloud-setup                         -> upstream/351-landing-zone-fortigate-cloud-setup
 * [new branch]      craigenator                                                    -> upstream/craigenator
 * [new branch]      craigenator-network                                            -> upstream/craigenator-network
 * [new branch]      dan-fix-version-upgrade                                        -> upstream/dan-fix-version-upgrade
 * [new branch]      dependabot/go_modules/helpers/foundation-deployer/github.com/hashicorp/go-getter-1.7.4 -> upstream/dependabot/go_modules/helpers/foundation-deployer/github.com/hashicorp/go-getter-1.7.4
 * [new branch]      dependabot/go_modules/helpers/foundation-deployer/golang.org/x/net-0.23.0 -> upstream/dependabot/go_modules/helpers/foundation-deployer/golang.org/x/net-0.23.0
 * [new branch]      dependabot/go_modules/test/integration/github.com/hashicorp/go-getter-1.7.4 -> upstream/dependabot/go_modules/test/integration/github.com/hashicorp/go-getter-1.7.4
 * [new branch]      dependabot/go_modules/test/integration/golang.org/x/net-0.23.0 -> upstream/dependabot/go_modules/test/integration/golang.org/x/net-0.23.0
 * [new branch]      example                                                        -> upstream/example
 * [new branch]      fmichaelobrien                                                 -> upstream/fmichaelobrien
 * [new branch]      fmichaelobrien-example-nonprod                                 -> upstream/fmichaelobrien-example-nonprod
 * [new branch]      fmichaelobrien-example-prod                                    -> upstream/fmichaelobrien-example-prod
 * [new branch]      fmichaelobrien-pr-113                                          -> upstream/fmichaelobrien-pr-113
 * [new branch]      fortigate-yopps                                                -> upstream/fortigate-yopps
 * [new branch]      gh357-tef-v4-fork                                              -> upstream/gh357-tef-v4-fork
 * [new branch]      gh360-day0-deploy-example                                      -> upstream/gh360-day0-deploy-example
 * [new branch]      gh362-bootstrap-prereq                                         -> upstream/gh362-bootstrap-prereq
 * [new branch]      gh377-architecture                                             -> upstream/gh377-architecture
 * [new branch]      gh387-upstream-sync                                            -> upstream/gh387-upstream-sync
 * [new branch]      gh399-ado                                                      -> upstream/gh399-ado
 * [new branch]      hotfix/cloudbuildjob                                           -> upstream/hotfix/cloudbuildjob
 * [new branch]      hotfix/guardrailsiam                                           -> upstream/hotfix/guardrailsiam
 * [new branch]      main                                                           -> upstream/main
 * [new branch]      pr-mro-bootstrap-localization                                  -> upstream/pr-mro-bootstrap-localization
 * [new branch]      pr-mro-bootstrap-run-terraform-local-041524                    -> upstream/pr-mro-bootstrap-run-terraform-local-041524
 * [new branch]      pr-mro-tef-fix-bucket-name-length-041524                       -> upstream/pr-mro-tef-fix-bucket-name-length-041524
 * [new branch]      pr-mro-tef-multi-instance-041524                               -> upstream/pr-mro-tef-multi-instance-041524
 * [new branch]      tm-lz-org                                                      -> upstream/tm-lz-org
 * [new branch]      v020                                                           -> upstream/v020
 * [new branch]      v20240407                                                      -> upstream/v20240407
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git merge upstream/gh399-ado gh399-ado                                                   
Already up to date.
michaelobrien@mbp7 pbmm-on-gcp-onboarding % vi 0-bootstrap/terraform.example.tfvars 
michaelobrien@mbp7 pbmm-on-gcp-onboarding % # ado code already there
zsh: command not found: #
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git status
On branch gh399-ado
Your branch is up to date with 'origin/gh399-ado'.

nothing to commit, working tree clean
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git push origin gh399-ado
Everything up-to-date
michaelobrien@mbp7 pbmm-on-gcp-onboarding % vi 0-bootstrap/terraform.example.tfvars
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git diff
diff --git a/0-bootstrap/terraform.example.tfvars b/0-bootstrap/terraform.example.tfvars
index 7112195..2bc82a1 100644
--- a/0-bootstrap/terraform.example.tfvars
+++ b/0-bootstrap/terraform.example.tfvars
@@ -1,5 +1,5 @@
 /**
- * Copyright 2023 Google LLC
+ * Copyright 2024 Google LLC
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git add 0-bootstrap/terraform.example.tfvars 
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git status
On branch gh399-ado
Your branch is up to date with 'origin/gh399-ado'.

Changes to be committed:
  (use "git restore --staged <file>..." to unstage)
	modified:   0-bootstrap/terraform.example.tfvars

michaelobrien@mbp7 pbmm-on-gcp-onboarding % git commit -m "#399 - force tf.ex.tfvars sync2"
[gh399-ado 2a81519] #399 - force tf.ex.tfvars sync2
 1 file changed, 1 insertion(+), 1 deletion(-)
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git push origin gh399-ado                      
Enumerating objects: 7, done.
Counting objects: 100% (7/7), done.
Delta compression using up to 10 threads
Compressing objects: 100% (4/4), done.
Writing objects: 100% (4/4), 376 bytes | 376.00 KiB/s, done.
Total 4 (delta 3), reused 0 (delta 0), pack-reused 0
remote: Resolving deltas: 100% (3/3), completed with 3 local objects.
remote: 
remote: GitHub found 4 vulnerabilities on GoogleCloudPlatform/pbmm-on-gcp-onboarding's default branch (2 critical, 2 moderate). To find out more, visit:
remote:      https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding/security/dependabot
remote: 
To github.com:GoogleCloudPlatform/pbmm-on-gcp-onboarding.git
   c7e50e9..2a81519  gh399-ado -> gh399-ado


michaelobrien@mbp7 pbmm-on-gcp-onboarding % git remote -v
origin	[email protected]:GoogleCloudPlatform/pbmm-on-gcp-onboarding.git (fetch)
origin	[email protected]:GoogleCloudPlatform/pbmm-on-gcp-onboarding.git (push)
upstream	https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding.git (fetch)
upstream	https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding.git (push)

issue is origin and upstream are now the same

Fixed upstream ADO merge - verify repo and branch

michaelobrien@mbp7 pbmm-on-gcp-onboarding % git remote -v
origin	[email protected]:GoogleCloudPlatform/pbmm-on-gcp-onboarding.git (fetch)
origin	[email protected]:GoogleCloudPlatform/pbmm-on-gcp-onboarding.git (push)
upstream	https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding.git (fetch)
upstream	https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding.git (push)
michaelobrien@mbp7 pbmm-on-gcp-onboarding % cd ..
michaelobrien@mbp7 ado_olxyz % rm -rf pbmm-on-gcp-onboarding 
michaelobrien@mbp7 ado_olxyz % git clone https://[email protected]/obrienlabsxyz/pbmm-on-gcp-onboarding/_git/pbmm-on-gcp-onboarding
Cloning into 'pbmm-on-gcp-onboarding'...
remote: Azure Repos
remote: Found 6527 objects to send. (34 ms)
Receiving objects: 100% (6527/6527), 31.94 MiB | 28.94 MiB/s, done.
Resolving deltas: 100% (3971/3971), done.
michaelobrien@mbp7 ado_olxyz % cd pbmm-on-gcp-onboarding 
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git remote -v                                                                                                 
origin	https://[email protected]/obrienlabsxyz/pbmm-on-gcp-onboarding/_git/pbmm-on-gcp-onboarding (fetch)
origin	https://[email protected]/obrienlabsxyz/pbmm-on-gcp-onboarding/_git/pbmm-on-gcp-onboarding (push)
michaelobrien@mbp7 pbmm-on-gcp-onboarding % vi 0-bootstrap/terraform.example.tfvars                                                                       
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git checkout main
branch 'main' set up to track 'origin/main'.
Switched to a new branch 'main'
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git remote add upstream https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding.git                     
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git remote -v                                                                            
origin	https://[email protected]/obrienlabsxyz/pbmm-on-gcp-onboarding/_git/pbmm-on-gcp-onboarding (fetch)
origin	https://[email protected]/obrienlabsxyz/pbmm-on-gcp-onboarding/_git/pbmm-on-gcp-onboarding (push)
upstream	https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding.git (fetch)
upstream	https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding.git (push)
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git fetch upstream                                                                                            
remote: Enumerating objects: 53, done.
remote: Counting objects: 100% (53/53), done.
remote: Compressing objects: 100% (22/22), done.
remote: Total 53 (delta 34), reused 49 (delta 31), pack-reused 0
Unpacking objects: 100% (53/53), 25.34 KiB | 741.00 KiB/s, done.
From https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding
 * [new branch]      20240504-main-cb-ready                                         -> upstream/20240504-main-cb-ready
 * [new branch]      243-tef-retrofit                                               -> upstream/243-tef-retrofit
 * [new branch]      318-log-sink-alerting                                          -> upstream/318-log-sink-alerting
 * [new branch]      332-dev-prov-client-v20230917                                  -> upstream/332-dev-prov-client-v20230917
 * [new branch]      341-labels-off-332                                             -> upstream/341-labels-off-332
 * [new branch]      341-tags-off-332                                               -> upstream/341-tags-off-332
 * [new branch]      345-landing-zone-fortigate-light                               -> upstream/345-landing-zone-fortigate-light
 * [new branch]      351-landing-zone-fortigate-cloud-setup                         -> upstream/351-landing-zone-fortigate-cloud-setup
 * [new branch]      craigenator                                                    -> upstream/craigenator
 * [new branch]      craigenator-network                                            -> upstream/craigenator-network
 * [new branch]      dan-fix-version-upgrade                                        -> upstream/dan-fix-version-upgrade
 * [new branch]      dependabot/go_modules/helpers/foundation-deployer/github.com/hashicorp/go-getter-1.7.4 -> upstream/dependabot/go_modules/helpers/foundation-deployer/github.com/hashicorp/go-getter-1.7.4
 * [new branch]      dependabot/go_modules/helpers/foundation-deployer/golang.org/x/net-0.23.0 -> upstream/dependabot/go_modules/helpers/foundation-deployer/golang.org/x/net-0.23.0
 * [new branch]      dependabot/go_modules/test/integration/github.com/hashicorp/go-getter-1.7.4 -> upstream/dependabot/go_modules/test/integration/github.com/hashicorp/go-getter-1.7.4
 * [new branch]      dependabot/go_modules/test/integration/golang.org/x/net-0.23.0 -> upstream/dependabot/go_modules/test/integration/golang.org/x/net-0.23.0
 * [new branch]      example                                                        -> upstream/example
 * [new branch]      fmichaelobrien                                                 -> upstream/fmichaelobrien
 * [new branch]      fmichaelobrien-example-nonprod                                 -> upstream/fmichaelobrien-example-nonprod
 * [new branch]      fmichaelobrien-example-prod                                    -> upstream/fmichaelobrien-example-prod
 * [new branch]      fmichaelobrien-pr-113                                          -> upstream/fmichaelobrien-pr-113
 * [new branch]      fortigate-yopps                                                -> upstream/fortigate-yopps
 * [new branch]      gh357-tef-v4-fork                                              -> upstream/gh357-tef-v4-fork
 * [new branch]      gh360-day0-deploy-example                                      -> upstream/gh360-day0-deploy-example
 * [new branch]      gh362-bootstrap-prereq                                         -> upstream/gh362-bootstrap-prereq
 * [new branch]      gh377-architecture                                             -> upstream/gh377-architecture
 * [new branch]      gh387-upstream-sync                                            -> upstream/gh387-upstream-sync
 * [new branch]      gh399-ado                                                      -> upstream/gh399-ado
 * [new branch]      hotfix/cloudbuildjob                                           -> upstream/hotfix/cloudbuildjob
 * [new branch]      hotfix/guardrailsiam                                           -> upstream/hotfix/guardrailsiam
 * [new branch]      main                                                           -> upstream/main
 * [new branch]      pr-mro-bootstrap-localization                                  -> upstream/pr-mro-bootstrap-localization
 * [new branch]      pr-mro-bootstrap-run-terraform-local-041524                    -> upstream/pr-mro-bootstrap-run-terraform-local-041524
 * [new branch]      pr-mro-tef-fix-bucket-name-length-041524                       -> upstream/pr-mro-tef-fix-bucket-name-length-041524
 * [new branch]      pr-mro-tef-multi-instance-041524                               -> upstream/pr-mro-tef-multi-instance-041524
 * [new branch]      tm-lz-org                                                      -> upstream/tm-lz-org
 * [new branch]      v020                                                           -> upstream/v020
 * [new branch]      v20240407                                                      -> upstream/v20240407
michaelobrien@mbp7 pbmm-on-gcp-onboarding % 
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git merge upstream/main main                                                                                  
Already up to date.

michaelobrien@mbp7 pbmm-on-gcp-onboarding % git remote -v                
origin	https://[email protected]/obrienlabsxyz/pbmm-on-gcp-onboarding/_git/pbmm-on-gcp-onboarding (fetch)
origin	https://[email protected]/obrienlabsxyz/pbmm-on-gcp-onboarding/_git/pbmm-on-gcp-onboarding (push)
upstream	https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding.git (fetch)
upstream	https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding.git (push)
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git status
On branch main
Your branch is up to date with 'origin/main'.

nothing to commit, working tree clean
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git checkout gh399-ado
hint: If you meant to check out a remote tracking branch on, e.g. 'origin',
hint: you can do so by fully qualifying the name with the --track option:
hint: 
hint:     git checkout --track origin/<name>
hint: 
hint: If you'd like to always have checkouts of an ambiguous <name> prefer
hint: one remote, e.g. the 'origin' remote, consider setting
hint: checkout.defaultRemote=origin in your config.
fatal: 'gh399-ado' matched multiple (2) remote tracking branches
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git checkout --track origin/gh399-ado
branch 'gh399-ado' set up to track 'origin/gh399-ado'.
Switched to a new branch 'gh399-ado'

michaelobrien@mbp7 pbmm-on-gcp-onboarding % vi 0-bootstrap/terraform.example.tfvars                                                  
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git merge upstream/gh399-ado gh399-ado                                                                        
Merge made by the 'ort' strategy.
 0-bootstrap/README-Azure-DevOps.md   | 115 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-----
 0-bootstrap/README.md                |  19 +++++++++++++++++++
 0-bootstrap/terraform.example.tfvars |  18 +++++++++++++++++-
 0-bootstrap/variables.tf             |   7 +++++++
 0-bootstrap/versions.tf              |   7 +++++++
 5 files changed, 160 insertions(+), 6 deletions(-)
 
 michaelobrien@mbp7 pbmm-on-gcp-onboarding % git status
On branch gh399-ado
Your branch is ahead of 'origin/gh399-ado' by 14 commits.
  (use "git push" to publish your local commits)

nothing to commit, working tree clean
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git commit -m "#399 - github to ado upstream merge"
On branch gh399-ado
Your branch is ahead of 'origin/gh399-ado' by 14 commits.
  (use "git push" to publish your local commits)

nothing to commit, working tree clean
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git push origin gh399-ado                                                                                     
Enumerating objects: 74, done.
Counting objects: 100% (68/68), done.
Delta compression using up to 10 threads
Compressing objects: 100% (54/54), done.
Writing objects: 100% (54/54), 14.85 KiB | 14.85 MiB/s, done.
Total 54 (delta 40), reused 0 (delta 0), pack-reused 0
remote: Analyzing objects... (54/54) (10 ms)
remote: Validating commits... (14/14) done (1 ms)
remote: Storing packfile... done (89 ms)
remote: Storing index... done (63 ms)
To https://dev.azure.com/obrienlabsxyz/pbmm-on-gcp-onboarding/_git/pbmm-on-gcp-onboarding
   bb6d4e0..bc6bc4c  gh399-ado -> gh399-ado

obriensystems · 2024-05-06T17:51:58Z

revisit 0-bootstrap

just after the step to cd ./envs/shared
step 7 of github and 6.1.8 of ado

delete and recreate gcp_bootstrap - as the repo was refactored for dual CB and ADO capability in Replace/revert-back CB/CSR options as we add local terraform and ado (399) options - to be able to use CB/CSR as a current option while we retrofit #421

michaelobrien@mbp7 _deploy_test_399_from_ado % rm -rf gcp-bootstrap 
michaelobrien@mbp7 _deploy_test_399_from_ado % git clone https://[email protected]/obrienlabsxyz/pbmm-on-gcp-onboarding/_git/gcp-bootstrap gcp-bootstrap
Cloning into 'gcp-bootstrap'...
remote: Azure Repos
remote: Found 4 objects to send. (44 ms)
Unpacking objects: 100% (4/4), 899 bytes | 224.00 KiB/s, done.
michaelobrien@mbp7 _deploy_test_399_from_ado % cd gcp-bootstrap 
michaelobrien@mbp7 gcp-bootstrap % git status
On branch main
Your branch is up to date with 'origin/main'.

nothing to commit, working tree clean
michaelobrien@mbp7 gcp-bootstrap % ls
README.md
michaelobrien@mbp7 gcp-bootstrap % git checkout -b production
Switched to a new branch 'production'
michaelobrien@mbp7 gcp-bootstrap % ls
README.md
michaelobrien@mbp7 gcp-bootstrap % git checkout -b plan      
Switched to a new branch 'plan'
michaelobrien@mbp7 gcp-bootstrap % git status
On branch plan
nothing to commit, working tree clean
michaelobrien@mbp7 gcp-bootstrap % mkdir -p envs/shared
michaelobrien@mbp7 gcp-bootstrap % cp -R ../pbmm-on-gcp-onboarding/0-bootstrap/ ./envs/shared
michaelobrien@mbp7 gcp-bootstrap % cp -R ../pbmm-on-gcp-onboarding/policy-library/ ./policy-library
michaelobrien@mbp7 gcp-bootstrap % mkdir -p .github/workflows
michaelobrien@mbp7 gcp-bootstrap % cp ../pbmm-on-gcp-onboarding/build/github-tf-* ./.github/workflows/
michaelobrien@mbp7 gcp-bootstrap % cp ../pbmm-on-gcp-onboarding/build/tf-wrapper.sh .
michaelobrien@mbp7 gcp-bootstrap % chmod 755 ./tf-wrapper.sh
michaelobrien@mbp7 gcp-bootstrap % cd ./envs/shared
michaelobrien@mbp7 shared %  mv ./cb.tf ./cb.tf.example
michaelobrien@mbp7 shared % mv ./ado.tf.example ./ado.tf

obriensystems · 2024-05-27T16:16:24Z

restart ADO work 20240527

michaelobrien@mbp7 _deploy_test_399_from_ado % cd pbmm-on-gcp-onboarding 
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git status
On branch gh399-ado
Your branch is up to date with 'origin/gh399-ado'.

nothing to commit, working tree clean
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git pull
fatal: Authentication failed for 'https://dev.azure.com/obrienlabsxyz/pbmm-on-gcp-onboarding/_git/pbmm-on-gcp-onboarding/'
michaelobrien@mbp7 pbmm-on-gcp-onboarding % pwd        
/Users/michaelobrien/wse_github/GoogleCloudPlatform/olapp/_deploy_test_399_from_ado/pbmm-on-gcp-onboarding

see
https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding/wiki/DevOps#ado-ssh-key

ADO SSH key

https://learn.microsoft.com/en-us/azure/devops/repos/git/use-ssh-keys-to-authenticate?view=azure-devops

# on mac
ssh-keygen -t rsa -b 4096 -C "mic..yz" 
michaelobrien@mbp7 pbmm-on-gcp-onboarding % cp ado_olxyz.* ~/keys 
michaelobrien@mbp7 pbmm-on-gcp-onboarding % cp ado_olxyz ~/keys       
michaelobrien@mbp7 pbmm-on-gcp-onboarding % chmod 400 ~/keys/ado_olxyz
michaelobrien@mbp7 pbmm-on-gcp-onboarding % ssh-add ~/keys/ado_olxyz
Identity added: /Users/michaelobrien/keys/ado_olxyz ([email protected])
michaelobrien@mbp7 pbmm-on-gcp-onboarding % cat ~/keys/ado_olxyz.pub 

paste to https://dev.azure.com/obrienlabsxyz/_usersSettings/keys

use token

nel...koq
michaelobrien@mbp7 1 % git clone https://[email protected]/obrienlabsxyz/pbmm-on-gcp-onboarding/_git/gcp-bootstrap gcp-bootstrap
Cloning into 'gcp-bootstrap'...
Password for 'https://[email protected]': 
remote: Azure Repos
remote: Found 4 objects to send. (56 ms)
Unpacking objects: 100% (4/4), 899 bytes | 299.00 KiB/s, done.
michaelobrien@mbp7 1 % pwd
/Users/michaelobrien/wse_github/GoogleCloudPlatform/olapp/_deploy_test_399_from_ado/1


clone repo
michaelobrien@mbp7 _deploy_test_399_from_ado % rm -rf 1 
michaelobrien@mbp7 _deploy_test_399_from_ado % git clone https://[email protected]/obrienlabsxyz/pbmm-on-gcp-onboarding/_git/pbmm-on-gcp-onboarding       
Cloning into 'pbmm-on-gcp-onboarding'...
remote: Azure Repos
remote: Found 6581 objects to send. (28 ms)
Receiving objects: 100% (6581/6581), 31.96 MiB | 18.00 MiB/s, done.
Resolving deltas: 100% (4011/4011), done.
michaelobrien@mbp7 _deploy_test_399_from_ado % ls
gcp-bootstrap		pbmm-on-gcp-onboarding	terraform
michaelobrien@mbp7 _deploy_test_399_from_ado % cd pbmm-on-gcp-onboarding 
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git status
On branch 243-tef-retrofit
Your branch is up to date with 'origin/243-tef-retrofit'.

nothing to commit, working tree clean
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git checkout main
branch 'main' set up to track 'origin/main'.
Switched to a new branch 'main'
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git status
On branch main
Your branch is up to date with 'origin/main'.

nothing to commit, working tree clean
michaelobrien@mbp7 pbmm-on-gcp-onboarding % git checkout gh399-ado
branch 'gh399-ado' set up to track 'origin/gh399-ado'.
Switched to a new branch 'gh399-ado'

setup new build from branch with existing yml

working with

# Starter pipeline
# Start with a minimal pipeline that you can customize to build and deploy your code.
# Add steps that build, run tests, deploy, and more:
# https://aka.ms/yaml

trigger:
- gh399-ado

pool:
  vmImage: ubuntu-latest

steps:
- script: echo Hello, world!
  displayName: 'Run a one-line script'
  
- script: |
    docker run obrienlabs/terraform-example-foundation-ado:0.0.2 --version

fmichaelobrien · 2024-05-28T16:48:28Z

Billing setup after 30 day

https://learn.microsoft.com/en-us/azure/devops/organizations/billing/set-up-billing-for-your-organization-vs?view=azure-devops

Need to add test plans to users

https://learn.microsoft.com/en-us/azure/devops/organizations/billing/buy-basic-access-add-users?view=azure-devops

still working

github-actions · 2024-08-13T23:02:53Z

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

obriensystems added tef ado labels Apr 23, 2024

obriensystems self-assigned this Apr 23, 2024

obriensystems mentioned this issue Apr 23, 2024

Architecture documentation - ongoing #378

Merged

obriensystems changed the title ~~Add Azure DevOps as build and repository option~~ Add Azure DevOps ADO as build and repository option Apr 24, 2024

obriensystems mentioned this issue Apr 24, 2024

TEF upstream git resync and terraform provider updates cadence #387

Closed

obriensystems added a commit that referenced this issue Apr 27, 2024

#399 - Create initial README-Azure-DevOps.md

90bb694

obriensystems mentioned this issue Apr 27, 2024

#399 - add Azure DevOps CI/CD support #408

Closed

obriensystems mentioned this issue Apr 27, 2024

DockerHub development version of the TEF Dockerfile terraform.exe image for ADO iteration based off the gcloud image in https://hub.docker.com/r/google/cloud-sdk/ #409

Closed

obriensystems added a commit that referenced this issue Apr 28, 2024

#399 - ado readme instructions

d5ea9c3

obriensystems added a commit that referenced this issue Apr 28, 2024

#399 - add ADO reference in 0-bootstrap readme

82696cd

obriensystems added a commit that referenced this issue Apr 28, 2024

#399 - Update root README.md for ADO

fc4b948

obriensystems added a commit that referenced this issue Apr 28, 2024

#399 - initial ado-tf-plan.yaml

55237ec

obriensystems added a commit that referenced this issue Apr 28, 2024

#399 - ado readme instructions

1f4c721

obriensystems added a commit that referenced this issue Apr 29, 2024

#399 - pipeliens

b389d90

obriensystems added a commit that referenced this issue Apr 29, 2024

#399 - ado readme ongoing to ado.tf.example

0c1631d

obriensystems added a commit that referenced this issue Apr 30, 2024

#399 - ado stub in terraform.example.tfvars

88f2a57

fmichaelobrien added a commit that referenced this issue Apr 30, 2024

#399 - update docker image url

04f0807

obriensystems added a commit that referenced this issue Apr 30, 2024

#399 - local gcloud auth config

382f369

obriensystems added a commit that referenced this issue Apr 30, 2024

#399 - config options list

71dad90

obriensystems added a commit that referenced this issue Apr 30, 2024

#399 - ado gcp-bootstrap instructions

2260714

obriensystems added a commit that referenced this issue Apr 30, 2024

#399 - Update README-Azure-DevOps.md

769f1e9

obriensystems added a commit that referenced this issue May 1, 2024

#399 - gcp-bootstrap repo update

d465a8e

fmichaelobrien mentioned this issue May 3, 2024

Replace/revert-back CB/CSR options as we add local terraform and ado (399) options - to be able to use CB/CSR as a current option while we retrofit #421

Closed

obriensystems mentioned this issue May 3, 2024

#421 - prepare main for dual CB/CSR and terraform local deployment modes #423

Merged

obriensystems added a commit that referenced this issue May 5, 2024

#399 - upstream sync - forc tf.ex.tfvars

c7e50e9

obriensystems added a commit that referenced this issue May 5, 2024

#399 - force tf.ex.tfvars sync2

2a81519

obriensystems added a commit that referenced this issue May 6, 2024

#399 - ado steps 6-1 0-bootstrap for ado

51c9af4

obriensystems added a commit that referenced this issue May 6, 2024

#399 - Update outputs.tf for ado

6b10c1e

obriensystems added a commit that referenced this issue May 6, 2024

#399 - ado readme adjust

7553023

fmichaelobrien mentioned this issue May 15, 2024

Migration: CSR (Cloud Source Repositories) EOL June 2024 - move to SSM (Secure Source Manager) as default CICD repository #439

Closed

obriensystems added a commit that referenced this issue May 27, 2024

#399 - Update ado-tf-plan.yaml for 20240527 testing

86f7468

github-actions bot added the Stale label Aug 13, 2024

github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Aug 24, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add Azure DevOps ADO as build and repository option #399

Add Azure DevOps ADO as build and repository option #399

obriensystems commented Apr 23, 2024 •

edited

Loading

fmichaelobrien commented Apr 23, 2024 •

edited by obriensystems

Loading

obriensystems commented Apr 23, 2024 •

edited

Loading

obriensystems commented Apr 23, 2024 •

edited

Loading

obriensystems commented Apr 24, 2024 •

edited

Loading

obriensystems commented Apr 24, 2024 •

edited

Loading

obriensystems commented Apr 24, 2024 •

edited

Loading

obriensystems commented Apr 25, 2024

obriensystems commented Apr 25, 2024

obriensystems commented Apr 27, 2024

obriensystems commented Apr 27, 2024 •

edited

Loading

obriensystems commented Apr 27, 2024 •

edited

Loading

obriensystems commented Apr 28, 2024

obriensystems commented Apr 30, 2024

obriensystems commented Apr 30, 2024 •

edited

Loading

obriensystems commented May 1, 2024

obriensystems commented May 1, 2024

obriensystems commented May 4, 2024

obriensystems commented May 5, 2024

obriensystems commented May 5, 2024

obriensystems commented May 5, 2024 •

edited

Loading

obriensystems commented May 6, 2024 •

edited

Loading

obriensystems commented May 27, 2024 •

edited

Loading

fmichaelobrien commented May 28, 2024

github-actions bot commented Aug 13, 2024

Add Azure DevOps ADO as build and repository option #399

Add Azure DevOps ADO as build and repository option #399

Comments

obriensystems commented Apr 23, 2024 • edited Loading

Work Items

Branch / Issues

Test accounts

Terminals

Documentation

Artifacts to migrate from CB to ADO

ADO Setup

Usage

fmichaelobrien commented Apr 23, 2024 • edited by obriensystems Loading

Procedure to create a service account, key and provision a container based ADO pipeline to do canary operations on the GCP account

On the GCP account

Create service account in bootstrap project (out of band of terraform for now)

Test clone/pull/push On a local laptop (M1 mac in this case

obriensystems commented Apr 23, 2024 • edited Loading

Procedure: upstream github fork is pushed to ADO

In ADO

create a new project

Repos | import

Generate Git Credentials

clone

Procedure to pull from upstream origin

Pull changes from upstream to test - push to remote ado

Push upstream to main

obriensystems commented Apr 23, 2024 • edited Loading

Setup ADO Billing or 30 day free trial

Test example pipeline and GCP access before 0-bootstrap run

self hosted agent as backup

obriensystems commented Apr 24, 2024 • edited Loading

windows local agent

Windows local agent

obriensystems commented Apr 24, 2024 • edited Loading

Test 0-bootstrap ADO trigger from 2nd org olapp

Try empty repo with a single pipeline - worked

retry clone from ado on pbmm repo - issue is 48KB/s

obriensystems commented Apr 24, 2024 • edited Loading

Test GCP operation from the agent to start

create service connection in project settings | pipelines | service connections

## Authorize the key for all pipelines - pipeline permissions tab

obriensystems commented Apr 25, 2024

obriensystems commented Apr 25, 2024

ADO pipeline yams

obriensystems commented Apr 27, 2024

testing in obrienlabs.app - 2nd deployment

obriensystems commented Apr 27, 2024 • edited Loading

obriensystems commented Apr 27, 2024 • edited Loading

obriensystems commented Apr 28, 2024

terraform output reference for 0-bootstrap - relevant to ADO

obriensystems commented Apr 30, 2024

ADO 0-bootstrap continued

6 repo creation

Comment out sections in output.tf and variables.tf

uncomment sections in terraform.example.tfvars

uncomment sections in providers.tf - for any tf deploying ado infra

obriensystems commented Apr 30, 2024 • edited Loading

ADO 0-bootstrap continued - local gcloud shell instructions working

Clone the public ADO repository into your local environment

Create 5 additional private GCP repos below

gcp-bootstrap

obriensystems commented May 1, 2024

obriensystems commented May 1, 2024

0-bootstrap ado continued

obriensystems commented May 4, 2024

obriensystems commented May 5, 2024

obriensystems commented May 5, 2024

rebase ADO from github

obriensystems commented May 5, 2024 • edited Loading

restart 0-bootstrap ADO testing

Sync with main first on osx ado repo

Fixed upstream ADO merge - verify repo and branch

obriensystems commented May 6, 2024 • edited Loading

revisit 0-bootstrap

obriensystems commented May 27, 2024 • edited Loading

ADO SSH key

setup new build from branch with existing yml

working with

fmichaelobrien commented May 28, 2024

obriensystems commented Apr 23, 2024 •

edited

Loading

fmichaelobrien commented Apr 23, 2024 •

edited by obriensystems

Loading

obriensystems commented Apr 23, 2024 •

edited

Loading

obriensystems commented Apr 23, 2024 •

edited

Loading

obriensystems commented Apr 24, 2024 •

edited

Loading

obriensystems commented Apr 24, 2024 •

edited

Loading

obriensystems commented Apr 24, 2024 •

edited

Loading

obriensystems commented Apr 27, 2024 •

edited

Loading

obriensystems commented Apr 27, 2024 •

edited

Loading

obriensystems commented Apr 30, 2024 •

edited

Loading

obriensystems commented May 5, 2024 •

edited

Loading

obriensystems commented May 6, 2024 •

edited

Loading

obriensystems commented May 27, 2024 •

edited

Loading