chore: provide image definition for a build machine

Uses Packer to define a VM image which has a Rust environment pre-installed on it.

Since we already had a build setup defined in Ansible, we use Ansible as the provisioner for the
node. The way that Packer uses Ansible is quite strange. It runs it on the VM it spins up, rather
than running it on the machine where Packer is executing. So Ansible has to be installed first. This
was done using a script that uses a retry loop, since I was running into the usual problem with the
Apt package manager and file locks.

README.md

@@ -56,6 +56,21 @@ cargo run -- clean --name beta --provider digital-ocean
 
 This will use Terraform to tear down all the droplets it created.
 
+## Building VM Images
+
+This repository also contains a [Packer](https://www.packer.io/) template for constructing a VM image that has tools on it for building Rust code. With the tools preinstalled, the time to deploy the testnet is significantly reduced.
+
+Regenerating the image should be something that's infrequent, so as of yet there's no command in the deploy binary for generating it. However, it's a simple process. First, install Packer on your system; like Terraform, it's widely available in package managers. Then after that:
+
+```
+export DIGITALOCEAN_TOKEN=<your PAT>
+cd resources/packer
+packer init
+packer build build.pkr.hcl
+```
+
+This will produce a VM image that can now be launched as a droplet.
+
 ## License
 
 This repository is licensed under the BSD-3-Clause license.

resources/ansible/create_build_image.yml

@@ -0,0 +1,8 @@
+---
+- name: build a custom node binary
+  hosts: all
+  become: False
+  roles:
+    - role: prerequisites
+      become: True
+    - role: rust

resources/packer/build.pkr.hcl

@@ -0,0 +1,71 @@
+packer {
+  required_plugins {
+    digitalocean = {
+      version = ">= 1.0.4"
+      source  = "github.com/digitalocean/digitalocean"
+    }
+    ansible = {
+      source  = "github.com/hashicorp/ansible"
+      version = "~> 1"
+    }
+  }
+}
+
+variable "user_home" {
+  default = env("HOME")
+}
+
+variable "droplet_image" {
+  type = string
+  default = "ubuntu-22-10-x64"
+  description = ""
+}
+
+variable "region" {
+  type = string
+  default = "lon1"
+  description = "This is quite a powerful image but it means the build time will be fast"
+}
+
+variable "size" {
+  type = string
+  default = "s-8vcpu-16gb"
+  description = "This is quite a powerful image but it means the build time will be fast"
+}
+
+variable "ssh_username" {
+  type = string
+  default = "root"
+  description = "On DO the root user is used"
+}
+
+source "digitalocean" "build" {
+  image         = var.droplet_image
+  region        = var.region
+  size          = var.size
+  snapshot_name = "safe_network-build-{{timestamp}}"
+  ssh_username  = var.ssh_username
+}
+
+build {
+  name    = "build-testnet-deploy"
+  sources = [
+    "source.digitalocean.build"
+  ]
+  provisioner "file" {
+    source = "${var.user_home}/.ansible/vault-password"
+    destination = "/tmp/ansible-vault-password"
+  }
+  provisioner "shell" {
+    script = "../scripts/install_ansible.sh"
+  }
+  provisioner "ansible-local" {
+    playbook_dir = "../ansible"
+    playbook_file = "../ansible/create_build_image.yml"
+    extra_arguments = [
+      "--vault-password-file=/tmp/ansible-vault-password",
+      "--extra-vars",
+      "provider=digital-ocean",
+    ]
+  }
+}

resources/scripts/install_ansible.sh

@@ -0,0 +1,19 @@
+#!/bin/bash
+
+max_retries=10
+retry_delay=5
+
+for i in $(seq 1 $max_retries); do
+  echo "Attempt $i of $max_retries..."
+
+  apt-add-repository ppa:ansible/ansible -y && \
+  apt update -y && \
+  apt install ansible -y && \
+  echo "Ansible installed successfully!" && exit 0
+
+  echo "Failed attempt $i. Retrying in $retry_delay seconds..."
+  sleep $retry_delay
+done
+
+echo "Failed to install Ansible after $max_retries attempts."
+exit 1