Commit Graph

62 Commits

Author SHA1 Message Date
upodroid f13099edfb rebase the branch 2020-10-01 20:39:06 +01:00
upodroid 2faacfd5d7 add service account impersonation 2020-09-20 15:18:37 +01:00
Wei Cheng e5606d483d
builder/googlecompute: add support for oslogin (#9339)
* feat: add support for oslogin

Signed-off-by: Wei Cheng <calvinpohwc@gmail.com>

Co-authored-by: Wilken Rivera <dev@wilkenrivera.com>
2020-07-08 06:30:25 -04:00
Megan Marsh 850303b8b8 get gcloud integration working on Windows 2020-05-08 10:13:43 -07:00
Megan Marsh f67a8ab431 revert unneeded changes to driver roles 2020-05-08 10:13:42 -07:00
Megan Marsh e6073bcec7 implement iap proxy for googlecompute. ssh-only so far 2020-05-08 10:13:42 -07:00
Megan Marsh d252a24b82 allow user to set winrm_host override like we do ssh_host override 2020-01-30 15:22:22 -08:00
Sylvia Moss dc31bad539
Sharing info with post-processors via artifact (#8632) 2020-01-30 11:27:58 +01:00
Adrien Delorme 4b7132c87c Merge remote-tracking branch 'origin/master' into sharing_info 2019-12-17 11:57:09 +01:00
Adrien Delorme 0785c2f6fc
build using HCL2 (#8423)
This follows #8232 which added the code to generate the code required to parse
HCL files for each packer component.

All old config files of packer will keep on working the same. Packer takes one
argument. When a directory is passed, all files in the folder with a name
ending with  “.pkr.hcl” or “.pkr.json” will be parsed using the HCL2 format.
When a file ending with “.pkr.hcl” or “.pkr.json” is passed it will be parsed
using the HCL2 format. For every other case; the old packer style will be used.

## 1. the hcl2template pkg can create a packer.Build from a set of HCL (v2) files

I had to make the packer.coreBuild (which is our one and only packer.Build ) a public struct with public fields

## 2. Components interfaces get a new ConfigSpec Method to read a file from an HCL file.

  This is a breaking change for packer plugins.

a packer component can be a: builder/provisioner/post-processor

each component interface now gets a `ConfigSpec() hcldec.ObjectSpec`
which allows packer to tell what is the layout of the hcl2 config meant
to configure that specific component.

This ObjectSpec is sent through the wire (RPC) and a cty.Value is now
sent through the already existing configuration entrypoints:

 Provisioner.Prepare(raws ...interface{}) error
 Builder.Prepare(raws ...interface{}) ([]string, error)
 PostProcessor.Configure(raws ...interface{}) error

close #1768


Example hcl files:

```hcl
// file amazon-ebs-kms-key/run.pkr.hcl
build {
    sources = [
        "source.amazon-ebs.first",
    ]

    provisioner "shell" {
        inline = [
            "sleep 5"
        ]
    }

    post-processor "shell-local" {
        inline = [
            "sleep 5"
        ]
    }
}

// amazon-ebs-kms-key/source.pkr.hcl

source "amazon-ebs" "first" {

    ami_name = "hcl2-test"
    region = "us-east-1"
    instance_type = "t2.micro"

    kms_key_id = "c729958f-c6ba-44cd-ab39-35ab68ce0a6c"
    encrypt_boot = true
    source_ami_filter {
        filters {
          virtualization-type = "hvm"
          name =  "amzn-ami-hvm-????.??.?.????????-x86_64-gp2"
          root-device-type = "ebs"
        }
        most_recent = true
        owners = ["amazon"]
    }
    launch_block_device_mappings {
        device_name = "/dev/xvda"
        volume_size = 20
        volume_type = "gp2"
        delete_on_termination = "true"
    }
    launch_block_device_mappings {
        device_name = "/dev/xvdf"
        volume_size = 500
        volume_type = "gp2"
        delete_on_termination = true
        encrypted = true
    }

    ami_regions = ["eu-central-1"]
    run_tags {
        Name = "packer-solr-something"
        stack-name = "DevOps Tools"
    }
    
    communicator = "ssh"
    ssh_pty = true
    ssh_username = "ec2-user"
    associate_public_ip_address = true
}
```
2019-12-17 11:25:56 +01:00
Megan Marsh 0f6d1beccf add an extra string array to the Prepare() return values in the builder interfaces; this sets up the ability for builders to give the provisioners custom user-accessible build-time variables. 2019-12-16 21:23:05 -08:00
Adrien Delorme 17c069baa5 builder.google:
* make CustomerEncryptionKey our own type so that it can be hcl2 generated
* make Account setting unexported so that it doesn't temper with HCL2 generation ( the field is set a bit later after processing )
2019-10-15 12:56:41 +02:00
Megan Marsh 3c14c50aba Allow user to real oauth token from properly configured Vault instance 2019-09-23 13:26:03 -07:00
Megan Marsh a87ce366b3
Merge pull request #7835 from hashicorp/google_oauth
replace some bespoke google auth code with code from golang's oauth2 …
2019-07-08 09:48:27 -07:00
Megan Marsh 0dfb3cc56f replace some bespoke google auth code with code from golang's oauth2 library 2019-07-03 14:27:33 -07:00
Megan Marsh c03c3f4410 replace duplicate commHost functions with a single communicator helper that checks for ssh_host and does a statebag lookup for a given key 2019-07-03 13:30:29 -07:00
Megan Marsh eb8c74bf85 allow ssh_host config option to override host logic for all builders 2019-07-02 13:56:28 -07:00
Adrien Delorme a4bf94dd3c change Builder to be passed a context for cancellation
we have to to give it to our hook
2019-04-03 15:55:55 +02:00
Adrien Delorme 9f82b75e57 Use the hashicorp/go-getter to download files
* removed packer.Cache and references since packer.Cache is never used except in the download step. The download step now uses the new func packer.CachePath(targetPath) for this, the behavior is the same.
* removed download code from packer that was reimplemented into the go-getter library: progress bar, http download restart, checksuming from file, skip already downloaded files, symlinking, make a download cancellable by context.
* on windows if packer is running without symlinking rights and we are getting a local file, the file will be copied instead to avoid errors.
* added unit tests for step_download that are now CI tested on windows, mac & linux.
* files are now downloaded under cache dir `sha1(filename + "?checksum=" + checksum) + file_extension`
* since the output dir is based on the source url and the checksum, when the checksum fails, the file is auto deleted.
* a download file is protected and locked by a file lock,
* updated docs
* updated go modules and vendors
2019-03-13 12:11:58 +01:00
Megan Marsh 38cc525ec7 new option allowing user to clean up the ephemeral ssh key from the authorized_keys file 2018-09-14 11:06:38 -07:00
Adrien Delorme 050a98e8bb googlecompute builder: use config from statebag 2018-08-29 18:15:09 +02:00
Adrien Delorme 4982627dd2 builder.gcp: use c.Comm for ssh 2018-08-29 14:40:33 +02:00
Adrien Delorme 51d2aac9f6 SSHPrivateKey => SSHPrivateKeyFile 2018-08-29 14:40:32 +02:00
Adrien Delorme 41f6e0334d refactor all copy pasted sshConfig with into communicator.Config.SSHConfigFunc
* still need to append the auth methods into an array for gracefullness
2018-08-22 17:02:23 +02:00
Matthew Hooker 366dc3da0a
move multistep imports to helper.
gomvpkg -from "github.com/mitchellh/multistep" -to "github.com/hashicorp/packer/helper/multistep"
2018-01-24 17:09:15 -08:00
Atsushi Ishibashi 210dd08326 Change args of NewConfig 2017-10-17 13:48:15 +09:00
Atsushi Ishibashi 5310d5629b Modify clean_image_name not defined error 2017-10-17 12:31:50 +09:00
Matthew Hooker 81522dced0
move packer to hashicorp 2017-04-04 13:39:01 -07:00
Matthew Hooker 5d0892bd37 Merge pull request #4101 from lwander/f-googlecompute-ssh-private-key-file
builder/googlecompute: Use ssh_private_key_file if provided
2016-11-03 11:04:02 -07:00
Scott Crunkleton 85210afe92 googlecompute: conditionally omit the wait for startup script step if no startup script is provided. 2016-11-02 15:20:21 -07:00
Lars Wander d70e783455 builder/googlecompute: Use ssh_private_key_file if provided
This seemed to be missing from the googlecompute provider. Now if the
ssh_private_key_file is provided, that will be used in place of a temporary
key. I didn't update the googlecompute specific docs under `./website/`, since
this parameter is already documented under the communicators templates page.
2016-11-02 17:04:34 -04:00
Pieter Lazzaro 5db1c1f503 Create a password for windows instances when using WinRM communicator and no password is provided. 2016-09-27 18:42:34 -04:00
Orivej Desh 6762965696 Add -on-error command line argument to allow preserving artifacts on builder errors
Resolves #409
2016-09-16 12:15:00 +00:00
Scott Crunkleton b54b82d3ac Some googlecompute fixes and cleanup. Addresses https://github.com/mitchellh/packer/issues/3829. Changes:
- startup scripts don't run for Windows since it is isn't implemented yet.
- startup scripts use instance metadata instead of serial port output to flag when they are done.
- added licenses to Image data type (to check if an Image is a  Windows Image).
- added GetImage and GetImageFromProject to googlecompute Drivers.
- changed some of the builder/googlecompute tests to use github.com/stretchr/testify/assert.

Tests:
- (in the Packer directory) `go test .`, `go test ./builder/googlecompute`, and `go test ./post-processor/googlecompute-export`
- manual run of `packer build packer_template.json` with the following files

--packer_template.json--
{
  "builders": [
    {
      "type": "googlecompute",
      "account_file": "creds.json",
      "project_id": "google.com:packer-test",
      "source_image": "debian-8-jessie-v20160629",
      "zone": "us-central1-a",
      "startup_script_file": "startup_script.sh",
      "metadata": {
        "startup-script": "#!/bin/sh\necho \"This should be overwritten.\"",
        "startup-script-log-dest": "gs://packer-test.google.com.a.appspot.com/startup-script.log"
      },
      "image_name": "test-packer-modifications",
      "ssh_username": "foo"
    }
  ],
  "post-processors": [
    {
      "type": "googlecompute-export",
      "paths": [
        "gs://packer-test.google.com.a.appspot.com/foo.tar.gz",
        "gs://packer-test.google.com.a.appspot.com/bar.tar.gz"
      ],
      "keep_input_artifact": true
    }
  ]
}

--startup_script.sh--
\#!/bin/sh
echo "Hi, my name is Scott. I'm waiting 60 seconds!" >> /scott
sleep 60
echo "I'm done waiting!" >> /scott
2016-09-09 16:22:50 -07:00
crunk1 55b5a45ae4 Created googlecompute-export post-processor. Modified the googlecompute builder to pass a few configuration values to its resulting artifact. These values can then be used in googlecompute-export post-processor.
Added documentation and changed authentication stuff on temporary VM.
2016-08-15 14:36:26 -07:00
Scott Crunkleton 7190fbeed8 Adding support for googlecompute startup scripts.
- Startup scripts can be provided through the instance creation metadata field 'startup-script'.
- Script log can be copied to a GCS location by setting the metadata field 'startup-script-log-dest'.
Added Retry method to googlecompute package.
Added GetSerialPortOutput to googlecompute Drivers.
Added StepWaitInstanceStartup (and associated test) which waits for an
instance startup-script to finish.
Changed the instance service account to use the same service account as the one provided in the Packer config template. It was the project default service account.

Tested googlecompute package with 'go test' and also performed builds
with a startup script and without a startup script.
2016-07-20 14:54:36 -07:00
Mitchell Hashimoto 115d583cff helper/communicator: make host more generic 2015-06-13 19:23:33 -04:00
Mitchell Hashimoto 502076c92e builder/googlecompute: use helper/comm 2015-06-13 18:30:16 -04:00
Mitchell Hashimoto 9dff0adfb1 builder/google: don't hardcode SSH timeout [GH-1781] 2015-06-08 21:13:25 -07:00
Dustin Carlino 7c67228912 Check if image already exists before doing anything else on GCE.
This fixes #1729.
2014-12-09 08:42:34 -08:00
Dustin Carlino 23c947acf0 Create GCE image from persistent disk instead of from a tarball.
The new flow:
1) Provision the instance
2) Tear down the instance, but keep the boot disk
3) Create an image from the disk
4) Tear down the disk

The step to update gcloud is no longer needed, since gceimagebundle isn't used anymore.
Fixes #1507 and addresses https://github.com/mitchellh/packer/issues/1447#issuecomment-61610235.
2014-11-25 17:07:06 -08:00
Evan Brown ff149df30f Use golang/oauth2, no longer require client_secrets.json, and use
Service Account when run from a GCE Instance.
2014-11-21 12:45:27 -08:00
Mitchell Hashimoto b5c0c63ebc builder/googlecompute: use new auth scheme 2014-09-05 09:47:20 -07:00
Misha Brukman 4a85aefe0f Rename "Gsutil" to "Gcloud" now that we're updating "gcloud" and not "gsutil".
Also renamed files accordingly.
2014-07-25 17:23:15 -04:00
Prasanna Santhanam d4c9ed43c9 Formatted googlecompute builder as per `make format` 2014-01-31 22:26:09 +05:30
Prasanna Santhanam 0e98b2a269 Fixes #867: save private key when debugging gce builder
Signed-off-by: Prasanna Santhanam <tsp@qubole.com>
2014-01-31 19:13:31 +05:30
Mitchell Hashimoto 33a84c0938 builder/googlecompute: StepRegisterImage 2013-12-13 19:03:10 -08:00
Mitchell Hashimoto 587f057bf6 builder/googlecompute: StepUploadImage 2013-12-13 18:30:57 -08:00
Mitchell Hashimoto 20a074b4ee builder/googlecompute: StepCreateImage 2013-12-13 18:26:00 -08:00
Mitchell Hashimoto 37903337ea builder/googlecompute: update gsutil 2013-12-13 18:21:02 -08:00