There are times when you need to manage cloud resources in your Oracle Visual Builder Studio CICD pipeline. Maybe you need a new Autonomous Database or a Compute instance to run tests on or an Object Storage Bucket to store logs and other artifacts.
Terraform is a popular orchestration tool used to quickly configure an environment just the way you want it.
In this post, we'll walk through the steps to create a VBS build job configured to execute a Terraform script. You'll use some of the code from this example script to create two Object Storage Buckets.
Before you start there is a little bit of configuration you'll need to do on your cloud account.
User API key
In order to run Terrafom commands on your OCI account, you will need to have an API key setup.
If you already have an API key setup, skip to the last step of this section and copy the OCID for your tenancy's root compartment.
To upload or create a new key:
- Log into your cloud account and open your User Settings.
- Under Resources, click on "API Keys".
- If you don't have an existing API Key that you would like to use, click the "Add API Key" button.
If you have an API Key Pair that is not setup on this cloud account, select "Choose Public Key File" to upload it or select "Paste Public Key" to copy and paste it.
Important: You are only adding the public key here. Do not upload or paste your private key.
If you need a new key, select "Generate API Key Pair" and download the Private Key. The public key for this new pair will be saved in your API Keys. You can also download the public key if you'd like, but you won't need it for this example.
Save the Private Key in a secure location, this key can be used to access your account.
- Open the menu to the right of your key and click "View Configuration File".
- Copy the API Key Fingerprint and Configuration File Preview information, you'll need this later.
- For this example I will be using the Compute Instances API which requires a Compartment OCID.
In the cloud console menu, open Identity & Security / Compartments.
- For the example below you'll need to locate the root compartment for your tenancy and copy it's OCID.
Save this and the above information, you will need it later.
Visual Builder Studio
A build executor is an instance that is pre-built with all of the software you need to execute your build job. You will need an executor that includes Terraform. If your organization doesn't already have one, follow these steps to create one. (If you don't have access, ask your administrator to create the executor.)
Terraform is not included in the library of software available for Build Executor Templates, so you will need to create a build executor from a Docker image.
Create a Dockerfile
The RHEL Linux install instructions for Terraform are found here.
sudo yum install -y yum-utils sudo yum-config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo sudo yum -y install terraform
Convert those commands into a new Dockerfile
FROM oraclelinux:8.6 RUN dnf install -y dnf-plugins-core RUN dnf config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo RUN dnf -y install terraform java-17-openjdk git
- The "FROM" statement starts us off with an installation of Oracle Linux 8.6
- Since we're using Oracle Linux 8, the commands have been converted from yum to dnf
- You don't need to use sudo in the Dockerfile
- Add Java 17 so VBS can communicate with the executor at runtime and git so you can work with git repositories
(If you need any other software installed in your executor, add it to the Dockerfile)
Build your image and push it to your preferred docker repository.
docker build . -t docker.io/<yourDockerAccount>/vbs_terraform_executor:latest docker login docker.io docker push docker.io/<yourDockerAccount>/vbs_terraform_executor:latest
Open Visual Builder Studio.
Create a Build Executor
- In the Organization section, switch to the Build Executors tab
- Click "Create Image"
- Choose "Create Image from Registry"
- Enter a Name
- If you're using dockerhub you can leave the Registry Host blank
- If you're using any other docker registry, enter the Registry Host, Username and Password
- Enter the Image Name
- Enter the Version Tag
- Press the "Add" button
- Your image will start to build
- Wait for your executor to be in the "Ready" status
Git repository
If you already have a repository containing the Terraform scripts you'd like to use, you can skip to the "Build Job" section.
- Switch to the "Project Home" section
- Press the "Create Repository" button
- Enter a name
- Press the "Create" button
- For the example below you will need some Terraform files to create a couple of Object Storage Buckets
Press the "+ File" button
- In the "File path/name" field enter "bucket.tf". This will create a new file in the root directory
- In the source area enter the following. These are the Terraform commands used to create two Object Storage Buckets
locals {
compartment_id = "<ocid of the compartment where you want to create your buckets>"
namespace = "<Your namespace>"
}
resource "oci_objectstorage_bucket" "bucket1" {
compartment_id = local.compartment_id
namespace = local.namespace
name = "tf-example-bucket"
access_type = "NoPublicAccess"
auto_tiering = "Disabled"
}
resource "oci_objectstorage_bucket" "bucket_with_versioning" {
compartment_id = local.compartment_id
namespace = local.namespace
name = "bucket-with-versioning"
access_type = "NoPublicAccess"
versioning = "Enabled"
}
- Press the "Commit" button
- Enter a commit summary and details
- Press the "Commit" button to create the file
- Press the Git icon to return to the repository root
- In order for Terraform to connect to OCI, you must define an OCI Provider
Press the "+ File" button
- In the "File path/name" field enter "provider.tf". This will create a new file in the root directory
- In the source area enter the following. (Replace the "<…>" entries with the values you saved above)
provider "oci" {
tenancy_ocid = "<ocid1 of your ROOT compartment>"
user_ocid = "<ocid1 for the user that owns the private key>"
private_key_path = "/home/builder/.ssh/id_rsa"
fingerprint = "<fingerprint of your private key>"
region = "<your region. For example: us-ashburn-1>"
}
- Press the "Commit" button
- Enter a Commit summary and Details
- Press the "Commit" button to create the file
Create a Build Job
- Switch to the Builds section
- Press the "Create Job" button
- Enter a name for your job
- In the "Template" list, choose the executor you created above
- Press the "Create" button
- Open the Git tab
- Press "Add Git" and select "Git"
- Select the repository that contains your Terraform files
- Open the Before Build tab
- In the "Add Before Build Action" drop down, select "SSH Configuration"
- Paste the your Private Key from above in the the Private Key box
- Switch to the Steps tab
- In the "Add Step" drop down, select "Common Build Tools / Unix Shell"
- Enter your Terraform commands
For Example:
terraform --version terraform init terraform plan terraform apply -auto-approve
- Press the "Save" button
- Press the "Build Now" button
- Once the build completes successfully, open your Oracle Cloud Console Object Storage and verify that both Buckets have been created.
More Information
If you're new to Terraform check out these links for more information on the Oracle Cloud Infrastructure Provider.