I currently have a GitHub Actions workflow that does a terraform apply and creates an Azure VM. Terraform code is as follows:
resource "azurerm_linux_virtual_machine" "linux_vm" {
name = var.vm_linux_name
resource_group_name = data.azurerm_resource_group.resource_group.name
location = data.azurerm_resource_group.resource_group.location
size = var.vm_size
admin_username = var.vm_admin_user
custom_data = filebase64("test.sh")
network_interface_ids = [
azurerm_network_interface.vm_linux_ni.id,
]
admin_ssh_key {
username = var.vm_admin_user
public_key = file(var.vm_linux_admin_ssh_key)
}
os_disk {
caching = var.vm_os_disk_caching
storage_account_type = var.vm_os_disk_sa_type
}
source_image_reference {
publisher = var.vm_linux_image_publisher
offer = var.vm_linux_image_offer
sku = var.vm_linux_image_sku
version = var.vm_linux_image_version
}
identity {
type = "SystemAssigned"
}
}
I'm using the test.sh script as a custom data that will be ran when the VM is created. However, I need to pass some variables from my GitHub Actions Secrets in order to run some of the commands in the script. Something like:
az cloud set --name AzureCloud
az login --service-principal --username $client_id --password $client_secret --tenant $tenant_id
Any idea how to pass values/variables into $client_id, $client_secret, $tenant_id?
I tried to to use something like
client_secret:${{ secrets.SP_SECRET }}
in the workflow yml file but I don't think that worked.