github.com/paybyphone/terraform@v0.9.5-0.20170613192930-9706042ddd51/examples/azure-encrypt-running-linux-vm/deploy.ci.sh (about) 1 #!/bin/bash 2 3 set -o errexit -o nounset 4 5 docker run --rm -it \ 6 -e ARM_CLIENT_ID \ 7 -e ARM_CLIENT_SECRET \ 8 -e ARM_SUBSCRIPTION_ID \ 9 -e ARM_TENANT_ID \ 10 -e AAD_CLIENT_ID \ 11 -e AAD_CLIENT_SECRET \ 12 -e KEY_ENCRYPTION_KEY_URL \ 13 -e KEY_VAULT_RESOURCE_ID \ 14 -v $(pwd):/data \ 15 --workdir=/data \ 16 --entrypoint "/bin/sh" \ 17 hashicorp/terraform:light \ 18 -c "/bin/terraform get; \ 19 /bin/terraform validate; \ 20 /bin/terraform plan -out=out.tfplan \ 21 -var resource_group=$KEY \ 22 -var hostname=$KEY \ 23 -var admin_username=$KEY \ 24 -var admin_password=$PASSWORD \ 25 -var passphrase=$PASSWORD \ 26 -var key_vault_name=$KEY_VAULT_NAME \ 27 -var aad_client_id=$AAD_CLIENT_ID \ 28 -var aad_client_secret=$AAD_CLIENT_SECRET \ 29 -var key_encryption_key_url=$KEY_ENCRYPTION_KEY_URL \ 30 -var key_vault_resource_id=$KEY_VAULT_RESOURCE_ID; \ 31 /bin/terraform apply out.tfplan" 32 33 # cleanup deployed azure resources via azure-cli 34 docker run --rm -it \ 35 azuresdk/azure-cli-python \ 36 sh -c "az login --service-principal -u $ARM_CLIENT_ID -p $ARM_CLIENT_SECRET --tenant $ARM_TENANT_ID > /dev/null; \ 37 az vm show -g $KEY -n $KEY; \ 38 az vm encryption show -g $KEY -n $KEY" 39 40 # cleanup deployed azure resources via terraform 41 docker run --rm -it \ 42 -e ARM_CLIENT_ID \ 43 -e ARM_CLIENT_SECRET \ 44 -e ARM_SUBSCRIPTION_ID \ 45 -e ARM_TENANT_ID \ 46 -v $(pwd):/data \ 47 --workdir=/data \ 48 --entrypoint "/bin/sh" \ 49 hashicorp/terraform:light \ 50 -c "/bin/terraform destroy -force \ 51 -var resource_group=$KEY \ 52 -var hostname=$KEY \ 53 -var admin_username=$KEY \ 54 -var admin_password=$PASSWORD \ 55 -var passphrase=$PASSWORD \ 56 -var key_vault_name=$KEY_VAULT_NAME \ 57 -var aad_client_id=$AAD_CLIENT_ID \ 58 -var aad_client_secret=$AAD_CLIENT_SECRET \ 59 -var key_encryption_key_url=$KEY_ENCRYPTION_KEY_URL \ 60 -var key_vault_resource_id=$KEY_VAULT_RESOURCE_ID;"