Jenkins pipeline script to deploy infrastructure using Terraform

Last Updated on October 6, 2023 by cscontents

Table of Contents

Introduction

Automation is very important nowadays. Infrastructure as a code has already automated the manual deployment of infrastructure. But if we want to achieve further automation, we can think of a pipeline. We need to just trigger the pipeline and this pipeline will take care of the various steps and execute them in the proper sequence as we intend. We are going to use Jenkins as a pipeline tool in this tutorial.

We will be creating a pipeline using Jenkins. The pipeline will be declarative type. If you want to get a high-level understanding of Jenkins pipeline as a code (declarative & scripted), then please head over to the article below.

Jenkins Pipeline as code – High-level information

In this article, we will see a Jenkins pipeline to deploy infrastructure on Azure using Terraform. In this tutorial, we will try to deploy a VM using the pipeline just for example purposes. Once you understand the process you can apply it to any such use case.

Prerequisite Setup

To complete this tutorial, you need the below setup –

Jenkins should be up & running. Jenkins URL should be accessible from a browser.
You should have a cloud account. We will be using Microsoft Azure in this tutorial.

Brief introduction about Terraform

Terraform is one of the most popular tools which help us to write infrastructure as code. Using terraform we can automate the infrastructure deployment. Once we write the terraform code, we can just trigger it and it will do the job. If you want to get a quick high-level understanding of terraform then head over to the article below.

Introduction to terraform – high-level information

Manual trigger of Terraform code

Once we have the terraform code, we can trigger it manually, but this is not the goal of this tutorial. Below is the sequence of commands which need to run sequentially.

terraform init
terraform plan
terraform apply

Why do we need a pipeline?

Though terraform automates the infrastructure deployment on the cloud using ‘infrastructure as code’, but still we need to run the terraform commands one by one sequentially. To avoid this manual running of terraform commands we need a pipeline so that we can just trigger the pipeline and it can take care of all the steps.

A high-level view of the Pipeline Stages

Below is a simple diagrammatical representation of the pipeline.

Required Jenkins configuration

#1 Configure Git

We need to install Git in the Jenkins machine and then configure it in the Jenkins dashboard under ‘Manage Jenkins-> Global Tool Configuration’.

#2 Install Terraform in the Jenkins machine

Since we will be using terraform as infrastructure as a code tool, we need to install terraform. And in our automation setup, Jenkins will trigger the terraform code so we need to install terraform on the Jenkins machine. To install terraform you can follow the official documentation https://developer.hashicorp.com/terraform/tutorials/azure-get-started/install-cli

Once we are done with the above installation, we need to configure it in the Jenkins dashboard under ‘Manage Jenkins -> Global Tool Configuration’.

#3 Authenticate terraform with Azure

Since we will be deploying infrastructure in Microsoft Azure, we need to authenticate terraform with Microsoft Azure. For this, there is two way –

Create a service principal in the Azure portal and then use it.
Run ‘az login’ from the CLI of the Jenkins machine where terraform is installed. In this case, we need to run the ‘az login’ command with the same Linux user with which Jenkins is running. For example, in my case, Jenkins is running with jenkins Linux user. So, I need to switch to the Jenkins user and then execute the command.

In this tutorial, we will go with the az login or az login --use-device-code command.

Now, to run this az login command we need to install “Azure CLI”.

To install Azure CLI, you can follow this document https://learn.microsoft.com/en-us/cli/azure/install-azure-cli-linux?pivots=apt

Once we are done with the installation, run the below command.

jenkins@Jenkins:~$ az login

The above command will give the below output.

Output

<code>To sign in, use a web browser to open the page

https://microsoft.com/devicelogin and enter the code ********* to authenticate.

So, we need to visit https://microsoft.com/devicelogin and enter the code. Once we authenticate it from a browser (by entering the code), it will print the below in CLI.

[
  {
    "cloudName": "AzureCloud",
    "homeTenantId": "*****************************",
    "id": "*******************************",
    "isDefault": true,
    "managedByTenants": [],
    "name": "**************************",
    "state": "Enabled",
    "tenantId": "**************************",
    "user": {
      "name": "************",
      "type": "user"
    }
  }
]

#4 GitHub Credential

If the GitHub repository is a private repository, then we need to provide the credential. You can add a GitHub credential in Manage Jenkins -> Manage Credential.

For public repository, credential is not required.

Terraform Codebase

In this tutorial, we will be deploying the below component using terraform –

Resource Group
VNET
Subnet
NIC card
Public IP
Network Security Group and security rule
VM
Disk

We have placed the terraform code in GitHub. And we will this GitHub repository link in the pipeline so that it can fetch the terraform code & execute it.

GitHub repository link: https://github.com/sk617/azure_infra_tf_01

Jenkins Pipeline Code/Script

We will use Jenkins declarative pipeline code. Below is the pipeline code.

pipeline {
  agent any
  stages {
        stage('Checkout') {
            steps {
               withCredentials([string(credentialsId: 'GitHub_Token', variable: 'github_token')]) {

                checkout([$class: 'GitSCM',
                          branches: [[name: '*/main']],
                                extensions: [[$class: 'CleanCheckout']],
                                userRemoteConfigs: [[url: 'https://' + env.github_token + '@' + 'github.com/sk617/azure_infra_tf_01.git']]
                       ])
               }
            }
        }

stage('Initialize Terraform Working Directory') {
    steps{
        script{
          sh 'terraform init'
          }
      }
  }
stage('Terraform Plan') {
    steps{
        script{
          sh 'terraform plan'
          }
     }
  }
stage('Terraform Apply') {
    steps{
       script{
          sh 'terraform apply --auto-approve'
          }
       }
    }
  }        
}

Explanation of the stages in the above pipeline

Checkout stage: In this stage, we are pulling the terraform code from the GitHub repository.
Initialize Terraform Working Directory stage: In this stage, we are initializing terraform working directory by running the ‘terraform init’ command.
Terraform Plan stage: In this stage, we are running the ‘terraform plan’ command and we can see the plan which terraform will implement.
Terraform Apply stage: In this stage, we are running the ‘terraform apply’ command with the auto-approve option. We can run without auto-approve in that case we need to approve it from the Jenkins dashboard.

That’s all for now.

Thank you.

If you are interested in learning DevOps, please have a look at the below articles, which will help you greatly.