Commit Graph

145 Commits

Author SHA1 Message Date
Adrien Delorme b24911661f
add sshkey package and ssh-keygen comand (#10101)
* add sshkey.Generate function that returns an sshkey.Pair to be used with openssh.
* add cmd/ssh-keygen/main.go for testing purposes
* add a test calling ssh.ParsePrivateKey & ssh.ParseAuthorizedKey (which is very
   similar to what openssh would do to read a keypair)

The wrapping of the keys should be handled by crypto/x509.MarshalPKCS8PrivateKey 
& x/crypto/ssh.NewPublicKey which does not work for ed25519 and dsa. 
x509.MarshalPKCS8PrivateKey marshals ed25519 keys but the keys did not work with openssh. 
x509.MarshalPKCS8PrivateKey does not handle dsa keys.
So I had to 'wrap' those manually by reading the code of the openssh package.
Note that ssh.NewPublicKey works with any keytype. I should probably do a PR to ssh to have a NewPrivateKey & Marshalling funcs
2020-10-19 10:24:34 +02:00
Megan Marsh 94a9beaac6 fix up documentation for virtualbox key pair ssh options 2020-09-04 16:55:58 -07:00
Megan Marsh 2dcf950441 change pause to run connect again afterwards 2020-08-14 11:23:43 -07:00
Megan Marsh a687d6fe12
ci/tech-debt: Fix vmware acceptance tests (#9636)
* add kex algorithm option to ssh config

* regenerate code

* This commit fixes old vmware acceptance tests that have not been run in some time. It does this in two parts:
1) It modifies the minimal vmware build configuration to use a custom kex algorithm, which enables the ssh connection to succeed.
2) It modifies logic in reading and defaulting hardware config values, which was crashing.
3) It adds a new acceptance test with a preseed file to test loading from an http directory.
2020-07-23 09:40:57 +02:00
Adrien Delorme fd6be7f279 better/simpler `pause_before_connecting` example 2020-07-20 16:03:40 +02:00
Megan Marsh 530f5e3f63 more additions to partials 2020-07-17 15:52:11 -07:00
Roger Hu 31a7a1d637 adding basic support for OpenSSH CertificateFile support
small fix
2020-07-10 16:54:08 -07:00
Moss 8ea64c5b35 undocument ssh_keypair_name and ssh_agent_auth 2020-07-02 14:55:58 +02:00
Moss 41edd09d3c undocument temporary_key_pair_name and ssh_private_key_file 2020-07-01 16:33:18 +02:00
Megan Marsh cacdb0ca02 add tests 2020-06-18 11:31:00 -07:00
Megan Marsh 4f77bb0c4a add new ssh_ciphers option 2020-06-17 16:48:23 -07:00
Megan Marsh a07563c64f fix up typos in comments and regenerate docs.
Co-authored-by: Wilken Rivera <dev@wilkenrivera.com>
2020-06-16 10:27:30 -07:00
Megan Marsh 4178625afb re-add winrm_no_proxy option. Winrm code needs to be modified in order to read no_proxy env var when client is created rather than when net/http library is instantiated. 2020-06-16 10:27:30 -07:00
Adrien Delorme 40947c2bf6
HCL2: generate hcl tags with go-cty tags too (#9306)
This will allow to generate the config files:

```go
package main

import (
	"fmt"

	"github.com/hashicorp/hcl/v2/gohcl"
	"github.com/hashicorp/hcl/v2/hclwrite"
	"github.com/hashicorp/packer/builder/alicloud/ecs"
)

func main() {
	name := "name"
	app := ecs.FlatConfig{
		AlicloudImageName: &name,
		ECSSystemDiskMapping: &ecs.FlatAlicloudDiskDevice{
			DiskName: &name,
		},
	}

	f := hclwrite.NewEmptyFile()
	block := gohcl.EncodeAsBlock(&app, `source "something" "something"`)
	f.Body().AppendBlock(block)
	fmt.Printf("%s", f.Bytes())
}

```

Will output:

```
source "something" "something" {
  packer_user_variables      = null
  packer_sensitive_variables = null
  image_name                 = "name"
  image_share_account        = null
  image_unshare_account      = null
  image_copy_regions         = null
  image_copy_names           = null
  tags                       = null
  tag                        = null
  system_disk_mapping        = { disk_category = null, disk_delete_with_instance = null, disk_descri
ption = null, disk_device = null, disk_encrypted = null, disk_name = "name", disk_size = null, disk_
snapshot_id = null }
  image_disk_mappings        = null
  ssh_remote_tunnels         = null
  ssh_local_tunnels          = null
  ssh_public_key             = null
  ssh_private_key            = null
}
```

This is a good first step for #9015 and #9282 

fix #9304
2020-05-28 11:19:00 +02:00
Megan Marsh 7e0cfd8b77 add undocumented tag to struct-markdown generator so that we can leave internal-use-only fields out of docs 2020-05-01 10:31:38 -07:00
Jeff Escalante 2999934326
fix generation script, bugfixes in source comments, update website paths in primary codebase 2020-04-07 17:53:22 -04:00
Jeff Escalante 4afd107eeb
patch source files for extensions changes 2020-04-07 17:50:51 -04:00
Adrien Delorme 88297c796d Merge branch 'master' into hcl2_singular_blocks 2020-03-17 14:47:17 +01:00
Adrien Delorme 834f44190f go generate 2020-03-17 12:30:36 +01:00
Adrien Delorme 87d6b2433f make generate 2020-03-16 15:21:29 +01:00
Megan Marsh fc35f02004
Merge pull request #8890 from hashicorp/fix_8880
fix googlecompute password interpolation
2020-03-13 12:55:12 -07:00
Megan Marsh 6008f911fd
Merge pull request #8847 from takaishi/support-keyboard-interactive
communicator/ssh: support keyboard-interactive auth to connect bastion
2020-03-13 11:48:12 -07:00
Megan Marsh bcb7b8751c fix googlecompute password interpolation 2020-03-13 11:01:43 -07:00
Adrien Delorme 60a3105a45 make ssh docs less AWS specific 2020-03-13 11:46:52 +01:00
r_takaishi 70e3f60539 write unit test 2020-03-13 14:01:11 +09:00
r_takaishi f50ff1d270 make generate 2020-03-13 11:29:42 +09:00
Wilken Rivera 7b705545d9
docs: Various doc clean-ups to fix code block formatting and syntax highlighting (#8868) 2020-03-12 15:05:08 +01:00
r_takaishi 34bb0429d0 keyboard-interactive used when ssh_bastion_host is true. 2020-03-11 10:37:57 +09:00
Sylvia Moss 76f13deaf4
Make template variables SSHPublicKey and SSHPrivateKey as strings (#8829) 2020-03-09 17:25:05 +01:00
r_takaishi e2df4a80f8 support keyboard interactive auth 2020-03-06 12:38:31 +09:00
Megan Marsh d252a24b82 allow user to set winrm_host override like we do ssh_host override 2020-01-30 15:22:22 -08:00
Sylvia Moss 0677b02e18
Share SourceImageName with provisioners and manifest post-processor (#8603) 2020-01-16 12:04:03 +01:00
Megan Marsh 4059ed75f5 update docs to mention ssh auth sock env var (#8523)
Closes #8358

Add some docs to alleviate confusion.
2019-12-20 08:27:14 +01:00
Adrien Delorme 4b7132c87c Merge remote-tracking branch 'origin/master' into sharing_info 2019-12-17 11:57:09 +01:00
Adrien Delorme 0785c2f6fc
build using HCL2 (#8423)
This follows #8232 which added the code to generate the code required to parse
HCL files for each packer component.

All old config files of packer will keep on working the same. Packer takes one
argument. When a directory is passed, all files in the folder with a name
ending with  “.pkr.hcl” or “.pkr.json” will be parsed using the HCL2 format.
When a file ending with “.pkr.hcl” or “.pkr.json” is passed it will be parsed
using the HCL2 format. For every other case; the old packer style will be used.

## 1. the hcl2template pkg can create a packer.Build from a set of HCL (v2) files

I had to make the packer.coreBuild (which is our one and only packer.Build ) a public struct with public fields

## 2. Components interfaces get a new ConfigSpec Method to read a file from an HCL file.

  This is a breaking change for packer plugins.

a packer component can be a: builder/provisioner/post-processor

each component interface now gets a `ConfigSpec() hcldec.ObjectSpec`
which allows packer to tell what is the layout of the hcl2 config meant
to configure that specific component.

This ObjectSpec is sent through the wire (RPC) and a cty.Value is now
sent through the already existing configuration entrypoints:

 Provisioner.Prepare(raws ...interface{}) error
 Builder.Prepare(raws ...interface{}) ([]string, error)
 PostProcessor.Configure(raws ...interface{}) error

close #1768


Example hcl files:

```hcl
// file amazon-ebs-kms-key/run.pkr.hcl
build {
    sources = [
        "source.amazon-ebs.first",
    ]

    provisioner "shell" {
        inline = [
            "sleep 5"
        ]
    }

    post-processor "shell-local" {
        inline = [
            "sleep 5"
        ]
    }
}

// amazon-ebs-kms-key/source.pkr.hcl

source "amazon-ebs" "first" {

    ami_name = "hcl2-test"
    region = "us-east-1"
    instance_type = "t2.micro"

    kms_key_id = "c729958f-c6ba-44cd-ab39-35ab68ce0a6c"
    encrypt_boot = true
    source_ami_filter {
        filters {
          virtualization-type = "hvm"
          name =  "amzn-ami-hvm-????.??.?.????????-x86_64-gp2"
          root-device-type = "ebs"
        }
        most_recent = true
        owners = ["amazon"]
    }
    launch_block_device_mappings {
        device_name = "/dev/xvda"
        volume_size = 20
        volume_type = "gp2"
        delete_on_termination = "true"
    }
    launch_block_device_mappings {
        device_name = "/dev/xvdf"
        volume_size = 500
        volume_type = "gp2"
        delete_on_termination = true
        encrypted = true
    }

    ami_regions = ["eu-central-1"]
    run_tags {
        Name = "packer-solr-something"
        stack-name = "DevOps Tools"
    }
    
    communicator = "ssh"
    ssh_pty = true
    ssh_username = "ec2-user"
    associate_public_ip_address = true
}
```
2019-12-17 11:25:56 +01:00
Megan Marsh 6f418d0e54 get data sharing to a working state with the powershell provisioner 2019-12-11 15:43:38 -08:00
nywilken a61fe833ef helper/communicator/step_connect_ssh: Update proxy connection settings to use `SSHProxyUsername` and `SSHProxyPassword` 2019-11-15 15:08:05 -05:00
Adrien Delorme 819329228a Change back to make sure all durations are a time.Duration
It is simply the best/simplest solution and trying to prevent users from passing and integer here would be like opening a can of worms. Because:

* we cannot make mapstructure validate our duration string ( with an UnmarshalJSON func etc.)
* we cannot make mapstructure spit a string instead of a duration and packer will decode-encode-decode config.
* the hcl2 generated code asks for a string, so this will be enforced by default.
2019-10-31 16:12:07 +01:00
Adrien Delorme bf3d9841c6 Force durations to be passed a strings
Before this commit it was possible to set a duration using an integer or a float. Go's time.Duration is an int64 internally an mapstructure will take advantage of this and load the number as a int64 but `1` means one ns which is unexpected/confusing. To avoid confusion and enforce readability this forces users to pass a string with a unit for a duration; ex "56s".
2019-10-31 11:47:19 +01:00
Adrien Delorme 078ba7c8c3 commit old code generation tool
for history
2019-10-15 12:56:42 +02:00
Chris Roberts 8bb7d8dc16 Prevent busy loop while waiting for WinRM connection
Set first run variable outside conditional so it will properly be
updated during the first run and pause on subsequent runs.
2019-10-09 17:55:16 -07:00
Megan Marsh 85de1d0637 make friendlier message warning user that their creds may be wrong 2019-09-27 11:12:53 -07:00
Adrien Delorme 3fe9d52e3f Merge remote-tracking branch 'origin/master' into scrape_doc_to_builder_struct_config 2019-09-20 11:15:44 +02:00
Daniel Kimsey 3b64620234 SSH tunneling support
Support for both local and remote TCP port tunneling. Includes updated
docs and tests.

Does not implement dynamic port forwarding (SSH's built-in SOCKS)
(uncertain difficulty) nor unix socket (potentially easy).
2019-09-18 11:09:41 -07:00
Adrien Delorme 5517d41468 make sure all documentation fields are there
* add missing `temporary_key_pair_name` field for alicloud
* add missing description to `vpc_filter` for aws
* add missing ssh communicator fields for aws
* add links for aws
* update vmware-vmx docs
* manually describe AMI Configuration section for ebsvolume
* display missing required ami_name field for aws
* add missing fields for docker
* add missing fields for openstack
2019-08-26 17:16:54 +02:00
Adrien Delorme 4cb7c30987 Merge remote-tracking branch 'origin/master' into scrape_doc_to_builder_struct_config 2019-08-21 16:44:23 +02:00
Vladislav Rassokhin 19e8f150a3 Use context for timeouts, interruption in ssh and winrm communicators
Also don't waste 5 seconds waiting before first winrm connection attempt
Minor code cleanup as well
2019-07-12 13:04:00 +03:00
Megan Marsh ba66d5d857
Merge pull request #7831 from hashicorp/fix_ssh_interface
Revert "move SSHInterface/SSHIPVersion fields to communitator.Config …
2019-07-03 16:23:00 -07:00
Megan Marsh 242f5b1c9f typos 2019-07-03 13:34:23 -07:00
Megan Marsh 8718e98efe add common commHost function 2019-07-03 13:30:50 -07:00