-
-
Notifications
You must be signed in to change notification settings - Fork 100
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
add packer files for building Orka images
- Loading branch information
Showing
6 changed files
with
161 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
name: Packer | ||
|
||
on: | ||
workflow_dispatch: | ||
push: | ||
paths: | ||
- .github/workflows/build_packer.yml | ||
- ansible/playbooks/AdoptOpenJDK_Unix_Playbook/** | ||
- ansible/packer/** | ||
branches: | ||
- master | ||
|
||
permissions: | ||
contents: read | ||
|
||
jobs: | ||
run-packer: | ||
name: Run Packer | ||
runs-on: ubuntu-latest | ||
steps: | ||
|
||
- uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0 | ||
|
||
- name: Install openconnect | ||
run: sudo apt-get install openconnect | ||
|
||
- name: Connect to Orka VPN using openconnect | ||
run: | | ||
echo ${{ secrets.ORKA_VPN_PASSWORD }} | | ||
sudo openconnect \ | ||
${{ secrets.ORKA_VPN }} \ | ||
--protocol=anyconnect \ | ||
--background \ | ||
--user=${{ secrets.ORKA_VPN_USER }} \ | ||
--passwd-on-stdin \ | ||
--servercert pin-sha256:bRJt1DUgnbH6Mi2GjvLohOzVs0mmjkwb4Nyi62h+LZM= | ||
- name: Intialize Packer | ||
working-directory: ansible/packer | ||
run: packer init orka.pkr.hcl | ||
|
||
- name: Build Packer | ||
working-directory: ansible/packer | ||
run: packer build orka.pkr.hcl | ||
env: | ||
ORKA_TOKEN: ${{ secrets.ORKA_TOKEN }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,50 @@ | ||
packer { | ||
required_plugins { | ||
macstadium-orka = { | ||
source = "github.com/macstadium/macstadium-orka" | ||
version = "~>3" | ||
} | ||
} | ||
} | ||
|
||
variable "ORKA_TOKEN" { | ||
default = env("ORKA_TOKEN") | ||
} | ||
|
||
variable "ORKA_ENDPOINT" { | ||
default = "http://10.221.188.20" | ||
} | ||
|
||
source "macstadium-orka" "sonoma-arm64" { | ||
source_image = "sonoma-90gb-orka3-arm" | ||
image_name = "sonoma-arm64-base" | ||
image_description = "Base image with sudoers setup and brew/ansible installed" | ||
image_force_overwrite = true | ||
orka_endpoint = var.ORKA_ENDPOINT | ||
orka_auth_token = var.ORKA_TOKEN | ||
} | ||
|
||
# Generate the base image for the sonoma-arm64 VMs which we will use to run the ansible playbook | ||
build { | ||
sources = [ | ||
"macstadium-orka.sonoma-arm64", | ||
] | ||
|
||
# set sudoers to allow passwordless sudo | ||
provisioner "shell" { | ||
inline = [ | ||
"echo admin | sudo -S sh -c 'echo \"%admin ALL=(ALL) NOPASSWD:ALL\" >> /etc/sudoers'", | ||
] | ||
} | ||
|
||
# Install homebrew and ansible | ||
provisioner "shell" { | ||
inline = [ | ||
"curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install.sh | bash", | ||
"echo 'eval \"$(/opt/homebrew/bin/brew shellenv)\"' >> /Users/admin/.zprofile", | ||
"eval \"$(/opt/homebrew/bin/brew shellenv)\"", | ||
"echo 'export PATH=\"/opt/homebrew/bin:$PATH\"' >> /Users/admin/.zprofile", | ||
"brew install ansible", | ||
] | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,59 @@ | ||
packer { | ||
required_plugins { | ||
macstadium-orka = { | ||
source = "github.com/macstadium/macstadium-orka" | ||
version = "~>3" | ||
} | ||
ansible = { | ||
source = "github.com/hashicorp/ansible" | ||
version = "~> 1" | ||
} | ||
} | ||
} | ||
|
||
variable "ORKA_TOKEN" { | ||
default = env("ORKA_TOKEN") | ||
} | ||
|
||
variable "ORKA_ENDPOINT" { | ||
default = "http://10.221.188.20" | ||
} | ||
|
||
source "macstadium-orka" "sonoma-arm64" { | ||
source_image = "sonoma-arm64-base" | ||
image_name = "adoptium-sonoma-arm64" | ||
image_description = "Adoptium Sonoma ARM64 image with full ansible playbook run" | ||
image_force_overwrite = true | ||
orka_endpoint = var.ORKA_ENDPOINT | ||
orka_auth_token = var.ORKA_TOKEN | ||
} | ||
|
||
build { | ||
sources = [ | ||
"macstadium-orka.sonoma-arm64", | ||
] | ||
|
||
# Create /tmp/packer-provisioner-ansible-local | ||
provisioner "shell" { | ||
inline = [ | ||
"mkdir -p /tmp/packer-provisioner-ansible-local", | ||
] | ||
} | ||
|
||
# Copy playbooks/Supporting_Scripts to /tmp/packer-provisioner-ansible-local | ||
provisioner "file" { | ||
source = "../playbooks/Supporting_Scripts" | ||
destination = "/tmp/packer-provisioner-ansible-local" | ||
} | ||
|
||
# Run ansible playbook | ||
provisioner "ansible-local" { | ||
playbook_file = "../playbooks/AdoptOpenJDK_Unix_Playbook/main.yml" | ||
playbook_dir = "../playbooks/AdoptOpenJDK_Unix_Playbook" | ||
extra_arguments = [ | ||
"--extra-vars", "ansible_user=admin", | ||
"--skip-tags=hostname,brew_upgrade,brew_cu,core_dumps,crontab,kernel_tuning,adoptopenjdk,jenkins,nagios,superuser,swap_file,jck_tools" | ||
] | ||
command = "/opt/homebrew/bin/ansible-playbook" | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters