Merge pull request #8879 from mbrancato/specify_keyvault_sku

Add support for configurable KeyVault SKU
This commit is contained in:
Megan Marsh 2020-03-12 13:47:51 -07:00 committed by GitHub
commit aeedc9af7a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 24 additions and 3 deletions

View File

@ -40,6 +40,7 @@ const (
DefaultUserName = "packer"
DefaultPrivateVirtualNetworkWithPublicIp = false
DefaultVMSize = "Standard_A1"
DefaultKeyVaultSKU = "standard"
)
const (
@ -256,7 +257,10 @@ type Config struct {
BuildResourceGroupName string `mapstructure:"build_resource_group_name"`
// Specify an existing key vault to use for uploading certificates to the
// instance to connect.
BuildKeyVaultName string `mapstructure:"build_key_vault_name"`
BuildKeyVaultName string `mapstructure:"build_key_vault_name"`
// Specify the KeyVault SKU to create during the build. Valid values are
// standard or premium. The default value is standard.
BuildKeyVaultSKU string `mapstructure:"build_key_vault_sku"`
storageAccountBlobEndpoint string
// This value allows you to
// set a virtual_network_name and obtain a public IP. If this value is not
@ -684,6 +688,10 @@ func provideDefaultValues(c *Config) {
c.ImageVersion = DefaultImageVersion
}
if c.BuildKeyVaultSKU == "" {
c.BuildKeyVaultSKU = DefaultKeyVaultSKU
}
c.ClientConfig.SetDefaultValues()
}

View File

@ -54,6 +54,7 @@ type FlatConfig struct {
TempResourceGroupName *string `mapstructure:"temp_resource_group_name" cty:"temp_resource_group_name"`
BuildResourceGroupName *string `mapstructure:"build_resource_group_name" cty:"build_resource_group_name"`
BuildKeyVaultName *string `mapstructure:"build_key_vault_name" cty:"build_key_vault_name"`
BuildKeyVaultSKU *string `mapstructure:"build_key_vault_sku" cty:"build_key_vault_sku"`
PrivateVirtualNetworkWithPublicIp *bool `mapstructure:"private_virtual_network_with_public_ip" required:"false" cty:"private_virtual_network_with_public_ip"`
VirtualNetworkName *string `mapstructure:"virtual_network_name" required:"false" cty:"virtual_network_name"`
VirtualNetworkSubnetName *string `mapstructure:"virtual_network_subnet_name" required:"false" cty:"virtual_network_subnet_name"`
@ -166,6 +167,7 @@ func (*FlatConfig) HCL2Spec() map[string]hcldec.Spec {
"temp_resource_group_name": &hcldec.AttrSpec{Name: "temp_resource_group_name", Type: cty.String, Required: false},
"build_resource_group_name": &hcldec.AttrSpec{Name: "build_resource_group_name", Type: cty.String, Required: false},
"build_key_vault_name": &hcldec.AttrSpec{Name: "build_key_vault_name", Type: cty.String, Required: false},
"build_key_vault_sku": &hcldec.AttrSpec{Name: "build_key_vault_sku", Type: cty.String, Required: false},
"private_virtual_network_with_public_ip": &hcldec.AttrSpec{Name: "private_virtual_network_with_public_ip", Type: cty.Bool, Required: false},
"virtual_network_name": &hcldec.AttrSpec{Name: "virtual_network_name", Type: cty.String, Required: false},
"virtual_network_subnet_name": &hcldec.AttrSpec{Name: "virtual_network_subnet_name", Type: cty.String, Required: false},

View File

@ -17,6 +17,7 @@ type templateFactoryFunc func(*Config) (*resources.Deployment, error)
func GetKeyVaultDeployment(config *Config) (*resources.Deployment, error) {
params := &template.TemplateParameters{
KeyVaultName: &template.TemplateParameter{Value: config.tmpKeyVaultName},
KeyVaultSKU: &template.TemplateParameter{Value: config.BuildKeyVaultSKU},
KeyVaultSecretValue: &template.TemplateParameter{Value: config.winrmCertificate},
ObjectId: &template.TemplateParameter{Value: config.ClientConfig.ObjectID},
TenantId: &template.TemplateParameter{Value: config.ClientConfig.TenantID},

View File

@ -5,6 +5,9 @@
"keyVaultName": {
"type": "string"
},
"keyVaultSKU": {
"type": "string"
},
"keyVaultSecretValue": {
"type": "securestring"
},
@ -39,7 +42,7 @@
"enabledForTemplateDeployment": "true",
"sku": {
"family": "A",
"name": "standard"
"name": "[parameters('keyVaultSKU')]"
},
"tenantId": "[parameters('tenantId')]"
},

View File

@ -482,6 +482,9 @@ const KeyVault = `{
"keyVaultName": {
"type": "string"
},
"keyVaultSKU": {
"type": "string"
},
"keyVaultSecretValue": {
"type": "securestring"
},
@ -518,7 +521,7 @@ const KeyVault = `{
}
],
"sku": {
"name": "standard",
"name": "[parameters('keyVaultSKU')]",
"family": "A"
}
},

View File

@ -22,6 +22,7 @@ type TemplateParameters struct {
AdminPassword *TemplateParameter `json:"adminPassword,omitempty"`
DnsNameForPublicIP *TemplateParameter `json:"dnsNameForPublicIP,omitempty"`
KeyVaultName *TemplateParameter `json:"keyVaultName,omitempty"`
KeyVaultSKU *TemplateParameter `json:"keyVaultSKU,omitempty"`
KeyVaultSecretValue *TemplateParameter `json:"keyVaultSecretValue,omitempty"`
ObjectId *TemplateParameter `json:"objectId,omitempty"`
NicName *TemplateParameter `json:"nicName,omitempty"`

View File

@ -118,6 +118,9 @@
- `build_key_vault_name` (string) - Specify an existing key vault to use for uploading certificates to the
instance to connect.
- `build_key_vault_sku` (string) - Specify the KeyVault SKU to create during the build. Valid values are
standard or premium. The default value is standard.
- `private_virtual_network_with_public_ip` (bool) - This value allows you to
set a virtual_network_name and obtain a public IP. If this value is not
set and virtual_network_name is defined Packer is only allowed to be