pool:
  vmImage: 'ubuntu-latest'

#
# Import KeyVault secrets by linking Variable Group
#
variables:
- group: "pulumi-secrets-vg"

jobs:
- job: PulumiUpJob
  displayName: Pulumi Up Job
  steps:
  - task: UseDotNet@2
    displayName: 'Use .NET 6.0 sdk'
    inputs:
      packageType: 'sdk'
      version: '6.0.x'
      includePreviewVersions: true
  - task: Pulumi@1
    inputs:
      azureSubscription: 'xxx-sc' # sc -> service connection
      command: up
      loginArgs: 'azblob://pulumi-backend-container'
      args: '--yes'
      stack: dev
    env:
      AZURE_STORAGE_ACCOUNT: $(AZURE-STORAGE-ACCOUNT)
      AZURE_STORAGE_KEY: $(AZURE-STORAGE-KEY)
      AZURE_CLIENT_ID: $(AZURE-CLIENT-ID)
      AZURE_CLIENT_SECRET: $(AZURE-CLIENT-SECRET)
      AZURE_TENANT_ID: $(AZURE-TENANT-ID)

pool:
  vmImage: 'ubuntu-latest'

#
# Import KeyVault secrets by linking Variable Group
#
variables:
- group: "pulumi-secrets-vg"

jobs:
- job: PulumiDestroyJob
  displayName: Pulumi Destroy Job
  steps:
  - task: Pulumi@1
    inputs:
      azureSubscription: 'xxx-sc' # sc -> service connection
      command: destroy
      loginArgs: 'azblob://pulumi-backend-container'
      args: '--yes'
      stack: dev
    env:
      AZURE_STORAGE_ACCOUNT: $(AZURE-STORAGE-ACCOUNT)
      AZURE_STORAGE_KEY: $(AZURE-STORAGE-KEY)
      AZURE_CLIENT_ID: $(AZURE-CLIENT-ID)
      AZURE_CLIENT_SECRET: $(AZURE-CLIENT-SECRET)
      AZURE_TENANT_ID: $(AZURE-TENANT-ID)