playbooks

home / skills / ntaksh42 / agents / terraform-azure-devops

terraform-azure-devops skill

/.claude/skills/terraform-azure-devops

This skill helps you manage Azure DevOps infrastructure as code by generating Terraform configurations for projects, repos, pipelines, and variable groups.

npx playbooks add skill ntaksh42/agents --skill terraform-azure-devops

Review the files below or copy the command above to add this skill to your agents.

Files (1)
SKILL.md
2.3 KB
---
name: terraform-azure-devops
description: Generate Terraform configurations for Azure DevOps resources. Use when managing Azure DevOps infrastructure as code.
---

# Terraform Azure DevOps Skill

TerraformでAzure DevOpsリソースを管理するスキルです。

## 主な機能

- **プロジェクト管理**: Terraform でプロジェクト作成
- **リポジトリ**: Gitリポジトリ管理
- **パイプライン**: IaC化
- **変数グループ**: コード管理

## プロバイダー設定

```hcl
terraform {
  required_providers {
    azuredevops = {
      source  = "microsoft/azuredevops"
      version = "~> 0.10.0"
    }
  }
}

provider "azuredevops" {
  org_service_url       = "https://dev.azure.com/myorg"
  personal_access_token = var.pat
}
```

## プロジェクト作成

```hcl
resource "azuredevops_project" "project" {
  name               = "My Terraform Project"
  description        = "Project managed by Terraform"
  visibility         = "private"
  version_control    = "Git"
  work_item_template = "Agile"

  features = {
    "boards"       = "enabled"
    "repositories" = "enabled"
    "pipelines"    = "enabled"
    "testplans"    = "disabled"
    "artifacts"    = "enabled"
  }
}
```

## リポジトリ作成

```hcl
resource "azuredevops_git_repository" "repo" {
  project_id = azuredevops_project.project.id
  name       = "my-app"
  
  initialization {
    init_type = "Clean"
  }
}
```

## ビルドパイプライン

```hcl
resource "azuredevops_build_definition" "build" {
  project_id = azuredevops_project.project.id
  name       = "CI Pipeline"

  ci_trigger {
    use_yaml = true
  }

  repository {
    repo_type   = "TfsGit"
    repo_id     = azuredevops_git_repository.repo.id
    branch_name = azuredevops_git_repository.repo.default_branch
    yml_path    = "azure-pipelines.yml"
  }
}
```

## 変数グループ

```hcl
resource "azuredevops_variable_group" "vars" {
  project_id   = azuredevops_project.project.id
  name         = "Production Variables"
  description  = "Variables for production"
  allow_access = true

  variable {
    name  = "DATABASE_HOST"
    value = "prod-db.database.windows.net"
  }

  variable {
    name      = "DATABASE_PASSWORD"
    secret_value = var.db_password
    is_secret = true
  }
}
```

## バージョン情報
- Version: 1.0.0

Overview

This skill generates Terraform configurations for Azure DevOps resources to manage Azure DevOps infrastructure as code. It automates creation of projects, Git repositories, build pipelines, and variable groups using the Microsoft Azure DevOps Terraform provider. Use it to codify DevOps environments, make deployments repeatable, and keep configuration in version control.

How this skill works

The skill emits Terraform HCL snippets and provider setup for the microsoft/azuredevops provider, including examples for provider configuration, project resources, Git repositories, build definitions, and variable groups. It inspects desired resource attributes (name, project_id, visibility, pipeline YAML path, variables) and produces complete resource blocks ready to paste into a Terraform module. The outputs are focused on practical, minimal examples you can adapt to your org and secrets management workflow.

When to use it

  • Provisioning new Azure DevOps projects and enabling core features (repos, pipelines, artifacts).
  • Creating and initializing Git repositories consistently across teams.
  • Defining CI build pipelines that source YAML from repo branches.
  • Managing variable groups and secrets for pipeline reuse.
  • Adopting infrastructure-as-code practices for DevOps configuration.

Best practices

  • Use a dedicated service account or managed identity and store the personal access token (PAT) securely in a secrets manager or CI variable.
  • Keep terraform state remote and locked (e.g., Azure Storage + Blob locking) when multiple engineers apply changes.
  • Parameterize names, visibility, and sensitive values via variables to reuse modules across environments.
  • Initialize repositories with a clear default branch and pipeline YAML to bootstrap CI immediately.
  • Mark secrets as secret_value in variable groups and avoid committing credentials to VCS.

Example use cases

  • Create a standardized project template with consistent features and visibility for each team.
  • Provision multiple Git repositories and initialize them programmatically during onboarding.
  • Define a CI pipeline resource that points to azure-pipelines.yml in a repository branch.
  • Manage environment-specific variable groups for production, staging, and development.

FAQ

What provider configuration is required?

Configure terraform to use microsoft/azuredevops and set provider azuredevops with org_service_url and a PAT stored in a variable.

How should I handle secrets for variable groups?

Use secret_value in the variable block and supply the secret from a secure source; avoid hardcoding secrets in HCL files.