From 44d643c8a063eb02fce19db37b7e0e44482914d9 Mon Sep 17 00:00:00 2001 From: stovernic <34249785+stovernic@users.noreply.github.com> Date: Mon, 23 Sep 2024 12:18:48 +0200 Subject: [PATCH] feat: user workflow packer (#15) Co-authored-by: Silvija Tovernic --- .../reusable-workflow-packer-image.yml | 147 ++++++++++-------- images/docker/image-factory-runner/Dockerfile | 2 +- images/packer/user-packer/azure.pkr.hcl | 31 ++++ images/packer/user-packer/build.pkr.hcl | 21 +++ images/packer/user-packer/plugins.pkr.hcl | 8 + images/packer/user-packer/scripts/setup-vm.sh | 3 + images/packer/user-packer/variables.pkr.hcl | 35 +++++ 7 files changed, 179 insertions(+), 68 deletions(-) create mode 100644 images/packer/user-packer/azure.pkr.hcl create mode 100644 images/packer/user-packer/build.pkr.hcl create mode 100644 images/packer/user-packer/plugins.pkr.hcl create mode 100644 images/packer/user-packer/scripts/setup-vm.sh create mode 100644 images/packer/user-packer/variables.pkr.hcl diff --git a/.github/workflows/reusable-workflow-packer-image.yml b/.github/workflows/reusable-workflow-packer-image.yml index 4936e003..abc34c41 100644 --- a/.github/workflows/reusable-workflow-packer-image.yml +++ b/.github/workflows/reusable-workflow-packer-image.yml @@ -6,7 +6,16 @@ on: image-name: required: true type: string - + secrets: + AZURE_CLIENT_ID: + required: true + AZURE_CLIENT_SECRET: + required: true + AZURE_TENANT_ID: + required: true + AZURE_SUBSCRIPTION_ID: + required: true + jobs: packer-build: runs-on: self-hosted @@ -15,79 +24,83 @@ jobs: AZ_CLI_VERSION: 2.64.0 PACKER_VERSION: 1.9.4 - # AZURE_LOCATION: ${{ vars.AZURE_LOCATION }} - # AZURE_RESOURCE_GROUP: ${{ vars.AZURE_RESOURCE_GROUP }} - # AZURE_ACG: ${{ vars.AZURE_ACG }} - # AZURE_CREDENTIALS: | - # { - # "clientId": "${{ secrets.AZURE_CLIENT_ID }}", - # "clientSecret": "${{ secrets.AZURE_CLIENT_SECRET }}", - # "subscriptionId": "${{ secrets.AZURE_SUBSCRIPTION_ID }}", - # "tenantId": "${{ secrets.AZURE_TENANT_ID }}" - # } + AZURE_LOCATION: ${{ vars.AZURE_LOCATION }} + AZURE_RESOURCE_GROUP: ${{ vars.AZURE_RESOURCE_GROUP }} + AZURE_ACG: ${{ vars.AZURE_ACG }} + AZURE_CREDENTIALS: | + { + "clientId": "${{ secrets.AZURE_CLIENT_ID }}", + "clientSecret": "${{ secrets.AZURE_CLIENT_SECRET }}", + "subscriptionId": "${{ secrets.AZURE_SUBSCRIPTION_ID }}", + "tenantId": "${{ secrets.AZURE_TENANT_ID }}" + } - # IMAGE_PUBLISHER: "wp10-image-factory" - # IMAGE_OFFER: "wp10-image-factory-vm" - # IMAGE_SKU: "v1" - # IMAGE_OS_TYPE: "linux" - # IMAGE_VERSION: "${{ github.run_number }}" + IMAGE_NAME: ${{ inputs.image-name }} + IMAGE_PUBLISHER: "wp10-image-factory-user" + IMAGE_OFFER: "wp10-user-packer" + IMAGE_SKU: "v1" + IMAGE_OS_TYPE: "linux" + IMAGE_VERSION: "1.0.${{ github.run_number }}" steps: - name: Checkout Repository uses: actions/checkout@v4 + with: + repository: comsysto/wp10-image-factory + ref: feature/user-workflow-packer - # - name: Azure Login - # uses: azure/login@v2 - # with: - # creds: ${{ env.AZURE_CREDENTIALS }} - - # - name: Create Azure Image Definition - # uses: azure/cli@v2 - # with: - # azcliversion: ${{ env.AZ_CLI_VERSION }} - # inlineScript: | - # set +e - # az sig image-definition show \ - # --resource-group "$AZURE_RESOURCE_GROUP" \ - # --gallery-name "$AZURE_ACG" \ - # --gallery-image-definition "{{ inputs.image-name }}" \ - # --query "name" -o tsv - # az_exit_code=$? - # set -e - # if [ $az_exit_code -eq 3 ]; then - # echo "Image definition does not exist. Creating it..." - # az sig image-definition create \ - # --resource-group "$AZURE_RESOURCE_GROUP" \ - # --gallery-name "$AZURE_ACG" \ - # --gallery-image-definition "{{ inputs.image-name }} \ - # --publisher "$IMAGE_PUBLISHER" \ - # --offer "$IMAGE_OFFER" \ - # --sku "$IMAGE_SKU" \ - # --os-type "$IMAGE_OS_TYPE" - # else - # echo "Image definition '{{ inputs.image-name }}' already exists." - # fi + - name: Checkout User Repository + uses: actions/checkout@v4 + with: + path: user-repo + ref: feature/packer - # - name: Template Packer vars file - # uses: cuchi/jinja2-action@v1.2.2 - # with: - # template: images/packer/image-factory-vm/values.auto.pkrvars.hcl.j2 - # output_file: images/packer/image-factory-vm/values.auto.pkrvars.hcl + - name: Azure Login + uses: azure/login@v2 + with: + creds: ${{ env.AZURE_CREDENTIALS }} - # - name: Setup Packer - # uses: hashicorp/setup-packer@main - # with: - # version: ${{ env.PACKER_VERSION }} - - # - name: Packer Init - # run: packer init images/packer/image-factory-vm + - name: Create Azure Image Definition + run: | + set +e + az sig image-definition show \ + --resource-group "$AZURE_RESOURCE_GROUP" \ + --gallery-name "$AZURE_ACG" \ + --gallery-image-definition "$IMAGE_NAME" \ + --query "name" -o tsv + az_exit_code=$? + set -e + if [ $az_exit_code -eq 3 ]; then + echo "Image definition does not exist. Creating it..." + az sig image-definition create \ + --resource-group "$AZURE_RESOURCE_GROUP" \ + --gallery-name "$AZURE_ACG" \ + --gallery-image-definition "$IMAGE_NAME" \ + --publisher "$IMAGE_PUBLISHER" \ + --offer "$IMAGE_OFFER" \ + --sku "$IMAGE_SKU" \ + --os-type "$IMAGE_OS_TYPE" + else + echo "Image definition '$IMAGE_NAME' already exists." + fi - # - name: Packer Build - # run: | - # packer build \ - # -var "client_id=${{ secrets.AZURE_CLIENT_ID }}" \ - # -var "client_secret=${{ secrets.AZURE_CLIENT_SECRET }}" \ - # -var "tenant_id=${{ secrets.AZURE_TENANT_ID }}" \ - # -var "subscription_id=${{ secrets.AZURE_SUBSCRIPTION_ID }}" \ - # images/packer/image-factory-vm + - name: Packer Init + run: | + ls -lha user-repo/packer/example-linux + cp user-repo/packer/example-linux/user-setup-vm.sh images/packer/user-packer/scripts/setup-vm.sh + ls -lha images/packer/user-packer + packer init images/packer/user-packer + - name: Packer Build + run: | + packer build \ + -var "client_id=${{ secrets.AZURE_CLIENT_ID }}" \ + -var "client_secret=${{ secrets.AZURE_CLIENT_SECRET }}" \ + -var "tenant_id=${{ secrets.AZURE_TENANT_ID }}" \ + -var "subscription_id=${{ secrets.AZURE_SUBSCRIPTION_ID }}" \ + -var "gallery_image_name=${{ env.IMAGE_NAME }}" \ + -var "resource_group=${{ env.AZURE_RESOURCE_GROUP }}" \ + -var "gallery_name=${{ env.AZURE_ACG }}" \ + -var "gallery_image_version=${{ env.IMAGE_VERSION }}" \ + -var "location=${{ env.AZURE_LOCATION }}" \ + images/packer/user-packer diff --git a/images/docker/image-factory-runner/Dockerfile b/images/docker/image-factory-runner/Dockerfile index 3010a2ea..6e0e211f 100644 --- a/images/docker/image-factory-runner/Dockerfile +++ b/images/docker/image-factory-runner/Dockerfile @@ -75,7 +75,7 @@ RUN chmod +x start-github-runner.sh # Install Packer, Azure CLI, and Trivy RUN curl -fsSL https://apt.releases.hashicorp.com/gpg | apt-key add - && \ - apt-add-repository "deb [arch=${RUNNER_ARCH}] https://apt.releases.hashicorp.com $(lsb_release -cs) main" && \ + apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main" && \ apt-get update -y && \ apt-get install -y packer && \ curl -sL https://aka.ms/InstallAzureCLIDeb | bash && \ diff --git a/images/packer/user-packer/azure.pkr.hcl b/images/packer/user-packer/azure.pkr.hcl new file mode 100644 index 00000000..3e5823cb --- /dev/null +++ b/images/packer/user-packer/azure.pkr.hcl @@ -0,0 +1,31 @@ +source "azure-arm" "vm" { + client_id = var.client_id + client_secret = var.client_secret + subscription_id = var.subscription_id + tenant_id = var.tenant_id + location = var.location + + managed_image_name = "${var.gallery_image_name}-${formatdate("DD-MMM-YYYY-hh-mm-ss", timestamp())}" + managed_image_resource_group_name = var.resource_group + + communicator = "ssh" + os_type = "Linux" + image_publisher = "Canonical" + image_offer = "0001-com-ubuntu-server-jammy" + image_sku = "22_04-lts-gen2" + + vm_size = "Standard_B2ms" + + public_ip_sku = "Standard" + + shared_image_gallery_destination { + subscription = var.subscription_id + resource_group = var.resource_group + gallery_name = var.gallery_name + image_name = var.gallery_image_name + image_version = var.gallery_image_version + target_region { + name = var.location + } + } +} diff --git a/images/packer/user-packer/build.pkr.hcl b/images/packer/user-packer/build.pkr.hcl new file mode 100644 index 00000000..dc9ab898 --- /dev/null +++ b/images/packer/user-packer/build.pkr.hcl @@ -0,0 +1,21 @@ +build { + sources = [ + "source.azure-arm.vm" + ] + + provisioner "file" { + source = "images/packer/user-packer/scripts/setup-vm.sh" + destination = "/tmp/setup.sh" + } + + provisioner "shell" { + execute_command = "chmod +x {{ .Path }}; {{ .Vars }} sudo -E sh '{{ .Path }}'" + + inline = [ + "chmod +x /tmp/setup.sh", + "/tmp/setup.sh" + ] + + inline_shebang = "/bin/sh -x" + } +} diff --git a/images/packer/user-packer/plugins.pkr.hcl b/images/packer/user-packer/plugins.pkr.hcl new file mode 100644 index 00000000..06811f85 --- /dev/null +++ b/images/packer/user-packer/plugins.pkr.hcl @@ -0,0 +1,8 @@ +packer { + required_plugins { + azure = { + source = "github.com/hashicorp/azure" + version = "~> 1" + } + } +} diff --git a/images/packer/user-packer/scripts/setup-vm.sh b/images/packer/user-packer/scripts/setup-vm.sh new file mode 100644 index 00000000..f8d231aa --- /dev/null +++ b/images/packer/user-packer/scripts/setup-vm.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +echo "Hello" \ No newline at end of file diff --git a/images/packer/user-packer/variables.pkr.hcl b/images/packer/user-packer/variables.pkr.hcl new file mode 100644 index 00000000..6c96d5d4 --- /dev/null +++ b/images/packer/user-packer/variables.pkr.hcl @@ -0,0 +1,35 @@ +variable "subscription_id" { + type = string +} + +variable "tenant_id" { + type = string +} + +variable "client_id" { + type = string +} + +variable "client_secret" { + type = string +} + +variable "location" { + type = string +} + +variable "resource_group" { + type = string +} + +variable "gallery_name" { + type = string +} + +variable "gallery_image_name" { + type = string +} + +variable "gallery_image_version" { + type = string +}