Terraform local_file missing when running code using Azure Devops pipeline

Question

When I create a "local_file" resource in the Outputs.tf using terraform:

### The hosts file
resource "local_file" "AnsibleHosts" {
 content = templatefile("${path.module}/hosts.tmpl",
   {
     vm-names                   = [for k, p in azurerm_virtual_machine.vm: p.name],
     private-ip                 = [for k, p in azurerm_network_interface.nic: p.private_ip_address],
     publicvm-names             = [for k, p in azurerm_virtual_machine.publicvm: p.name],
     publicvm-private-ip        = [for k, p in azurerm_network_interface.publicnic: p.private_ip_address],
     public-ip                  = [for k, p in azurerm_public_ip.publicip: p.ip_address],
     public-dns                 = [for k, p in azurerm_public_ip.publicip: p.fqdn],
     }
 )
 filename = "hosts.j2"
}

If i run this directly via VS Code, I see the hosts.j2 file created.

When I deploy this using Azure DevOps pipelines, the Plan and Apply stage show that the files are created.

When I check my DevOps repository, the files are not there.

I am assuming (I can be wrong) this is because the files are created on the build agent. Does anyone know how I can get the file created/copied back to the Azure DevOps Repo.

Answer 1

You are right. The files are created on the build agent. That is the reason you cannot see them in your Devops Repository. You need to commit the changes back to the Azure devops repo in your pipeline.

You can run the git commands in a script task in the pipeline to push the changes to devops repo.

If you are using yaml pipeline. You can check out below script:

steps:
- checkout: self
  persistCredentials: true  #Allow scripts to access the system token

- powershell: |
       
      git config --global user.email "you@example.com"
      git config --global user.name "username"

      git add .
      git commit -m "add hosts.j2"
      git push origin HEAD:$(Build.SourceBranchName) 

Note: Allow scripts to access the system token by adding a checkout section with persistCredentials set to true

If you are using Classic pipeline. You can check out below scripts:

First, you need to allow scripts to access the system token by enabling the below option:

In pipeline edit page-->Agent job-->Additional options

You can add below inline scripts in the script task:

git config --global user.email "you@example.com"
git config --global user.name "username"

git add .
git commit -m "add hosts.j2"
git push https://$(System.AccessToken)@dev.azure.com/yourOrg/yourProj/_git/repoName HEAD:$(Build.SourceBranchName) 

If you encounter permission issue when running above scripts to push to azure repo. You need to go the Repositories under project settings . Click Git Repositories , in the security page, click plus(+) and search for group {your project name} build service({your org name}) and click to add it, and In the access control summary page, grant contribute and read permission

Please check out this thread .