Automation Guide
DOCUMENT CATEGORY: Runbook SCOPE: Infrastructure-as-Code, CI/CD platform setup, and automation tooling PURPOSE: Organize Azure Local automation guidance into a reader-friendly structure aligned to the implementation guide MASTER REFERENCE: Microsoft Learn - Azure Local
Status: Active
This guide centralizes the automation assets used to deliver Azure Local in a repeatable way. It is structured to mirror the implementation guide: start with orientation, move into CI/CD platform setup, then choose the pipeline platform and tooling that match your operating model.
Start Here
| Step | Purpose | Link |
|---|---|---|
| 1 | Understand the guide's boundaries and intended reader | Purpose and Scope |
| 2 | Learn how to navigate between automation and implementation docs | How to Use This Guide |
| 3 | Build the CI/CD foundation | Part 1: CI/CD Infrastructure |
| 4 | Choose a delivery platform | Part 2: CI/CD Pipelines |
| 5 | Use the tool-specific guides | Part 3: Automation Guides |
Deployment Paths
| Path | Azure Resources | On-Premises / Guest Configuration | Best For |
|---|---|---|---|
| Terraform + PowerShell | Terraform | PowerShell scripts | Teams with existing PowerShell operational workflows |
| Terraform + Ansible | Terraform | Ansible playbooks | Teams preferring declarative configuration management |
| Ansible Only | azure.azcollection | Ansible playbooks | Teams standardizing on Ansible across cloud and on-premises |
Why the Guide Is Split into Sections
- CI/CD Infrastructure covers the platform you must build first: source control project, environments, variables, and runners.
- CI/CD Pipelines covers the delivery engine you choose to run on that platform: GitLab, GitHub Actions, or Azure DevOps.
- Automation Guides covers the technical assets those pipelines call: Terraform, Ansible, Bicep, and PowerShell.
This separation keeps platform setup, delivery orchestration, and tool implementation from being mixed together on the same level of the sidebar.
Architecture
┌─────────────────────────────────────────────────────────────────────┐
│ variables.yml │
│ (Single Source of Truth — 970+ variables) │
└────────────┬───────────────────┬──────────────────┬─────────────────┘
│ │ │
Export-TerraformTfvars Export-AnsibleVars Export-BicepParams
│ │ │
▼ ▼ ▼
terraform.tfvars group_vars/all.yml *.bicepparam
│ │
▼ ▼
┌─────────────┐ ┌───────────────┐
│ Terraform │ │ Ansible │
│ Modules │ │ Roles │
├─────────────┤ ├───────────────┤
│ landing-zone│ │ ad-preparation│
│ networking │ │ os-config │
│ identity │ │ arc-register │
│ monitoring │ │ monitoring │
│ security │ │ domain-ctrl │
│ compute │ │ wac-server │
└──────┬──────┘ │ syslog │
│ └───────┬───────┘
▼ ▼
Azure Resources On-Prem Config
Section Overview
| Section | What You Get |
|---|---|
| Purpose and Scope | Reader expectations, deployment paths, scope boundaries |
| How to Use This Guide | Reading order and how to combine this guide with the implementation guide |
| Part 1: CI/CD Infrastructure | Runner deployment, project setup, environments, and variables |
| Part 2: CI/CD Pipelines | Platform-specific delivery pipeline models |
| Part 3: Automation Guides | Tool-specific guidance for Terraform, Ansible, Bicep, and PowerShell |
Variable System
All automation consumes the central config/variables/variables.yml file. Export functions transform YAML into tool-specific formats:
. scripts/common/utilities/helpers/config-loader.ps1
$config = Get-Config -ConfigPath "config/variables/variables.yml"
Export-TerraformTfvars -Config $config -OutputPath "src/terraform/environments/azure-local/terraform.tfvars"
Export-AnsibleVars -Config $config -OutputPath "src/ansible/inventory/group_vars/all.yml"
Repository
All automation code lives in the azurelocal-toolkit repository:
| Directory | Contents |
|---|---|
src/terraform/ | Terraform modules and root environment |
src/ansible/ | Ansible roles, playbooks, and inventory |
pipelines/ | CI/CD pipeline definitions |
scripts/deploy/ | PowerShell deployment scripts |
config/variables/ | Central variable system |