Commit Graph

72 Commits

Author SHA1 Message Date
Adrien Delorme 40947c2bf6
HCL2: generate hcl tags with go-cty tags too (#9306)
This will allow to generate the config files:

```go
package main

import (
	"fmt"

	"github.com/hashicorp/hcl/v2/gohcl"
	"github.com/hashicorp/hcl/v2/hclwrite"
	"github.com/hashicorp/packer/builder/alicloud/ecs"
)

func main() {
	name := "name"
	app := ecs.FlatConfig{
		AlicloudImageName: &name,
		ECSSystemDiskMapping: &ecs.FlatAlicloudDiskDevice{
			DiskName: &name,
		},
	}

	f := hclwrite.NewEmptyFile()
	block := gohcl.EncodeAsBlock(&app, `source "something" "something"`)
	f.Body().AppendBlock(block)
	fmt.Printf("%s", f.Bytes())
}

```

Will output:

```
source "something" "something" {
  packer_user_variables      = null
  packer_sensitive_variables = null
  image_name                 = "name"
  image_share_account        = null
  image_unshare_account      = null
  image_copy_regions         = null
  image_copy_names           = null
  tags                       = null
  tag                        = null
  system_disk_mapping        = { disk_category = null, disk_delete_with_instance = null, disk_descri
ption = null, disk_device = null, disk_encrypted = null, disk_name = "name", disk_size = null, disk_
snapshot_id = null }
  image_disk_mappings        = null
  ssh_remote_tunnels         = null
  ssh_local_tunnels          = null
  ssh_public_key             = null
  ssh_private_key            = null
}
```

This is a good first step for #9015 and #9282 

fix #9304
2020-05-28 11:19:00 +02:00
Adrien Delorme 840e67f775
HCL2: when we see a map generate an attribute spec instead of a block spec (#9035)
* mapstructure-to-hcl2: when we see a map generate an attribute spec and not a block spec

this will alow to do

tags = {
 key = "value"
}

instead of

tags {
  key = "value"
}

This will also enable using variables directly for those tags

* generate code

* update tests
2020-04-14 16:05:13 +02:00
Paschalis Tsilias beca6de71b Add packer.ExpandUser() function to support tilde in usage of config.ValidationKeyPath (#8657) 2020-01-28 14:33:42 +01:00
Megan Marsh 9eda2031d2 Remove redundant placeholder (#8503) 2019-12-19 10:39:46 +01:00
Adrien Delorme 4b7132c87c Merge remote-tracking branch 'origin/master' into sharing_info 2019-12-17 11:57:09 +01:00
Adrien Delorme 0785c2f6fc
build using HCL2 (#8423)
This follows #8232 which added the code to generate the code required to parse
HCL files for each packer component.

All old config files of packer will keep on working the same. Packer takes one
argument. When a directory is passed, all files in the folder with a name
ending with  “.pkr.hcl” or “.pkr.json” will be parsed using the HCL2 format.
When a file ending with “.pkr.hcl” or “.pkr.json” is passed it will be parsed
using the HCL2 format. For every other case; the old packer style will be used.

## 1. the hcl2template pkg can create a packer.Build from a set of HCL (v2) files

I had to make the packer.coreBuild (which is our one and only packer.Build ) a public struct with public fields

## 2. Components interfaces get a new ConfigSpec Method to read a file from an HCL file.

  This is a breaking change for packer plugins.

a packer component can be a: builder/provisioner/post-processor

each component interface now gets a `ConfigSpec() hcldec.ObjectSpec`
which allows packer to tell what is the layout of the hcl2 config meant
to configure that specific component.

This ObjectSpec is sent through the wire (RPC) and a cty.Value is now
sent through the already existing configuration entrypoints:

 Provisioner.Prepare(raws ...interface{}) error
 Builder.Prepare(raws ...interface{}) ([]string, error)
 PostProcessor.Configure(raws ...interface{}) error

close #1768


Example hcl files:

```hcl
// file amazon-ebs-kms-key/run.pkr.hcl
build {
    sources = [
        "source.amazon-ebs.first",
    ]

    provisioner "shell" {
        inline = [
            "sleep 5"
        ]
    }

    post-processor "shell-local" {
        inline = [
            "sleep 5"
        ]
    }
}

// amazon-ebs-kms-key/source.pkr.hcl

source "amazon-ebs" "first" {

    ami_name = "hcl2-test"
    region = "us-east-1"
    instance_type = "t2.micro"

    kms_key_id = "c729958f-c6ba-44cd-ab39-35ab68ce0a6c"
    encrypt_boot = true
    source_ami_filter {
        filters {
          virtualization-type = "hvm"
          name =  "amzn-ami-hvm-????.??.?.????????-x86_64-gp2"
          root-device-type = "ebs"
        }
        most_recent = true
        owners = ["amazon"]
    }
    launch_block_device_mappings {
        device_name = "/dev/xvda"
        volume_size = 20
        volume_type = "gp2"
        delete_on_termination = "true"
    }
    launch_block_device_mappings {
        device_name = "/dev/xvdf"
        volume_size = 500
        volume_type = "gp2"
        delete_on_termination = true
        encrypted = true
    }

    ami_regions = ["eu-central-1"]
    run_tags {
        Name = "packer-solr-something"
        stack-name = "DevOps Tools"
    }
    
    communicator = "ssh"
    ssh_pty = true
    ssh_username = "ec2-user"
    associate_public_ip_address = true
}
```
2019-12-17 11:25:56 +01:00
Megan Marsh 82367a88f8 reorganize placeholder data call to live with provisioner implementation; force users to use the generated function, therefore forcing validation, for all variables except winrmpassword, by doing a simple string check against the placeholder data. 2019-12-14 03:32:38 -08:00
Megan Marsh 3389d843f0 update all provisioners that used the winrmpassword tooling to use the new generateddata option 2019-12-12 16:42:53 -08:00
Megan Marsh 39fd462b56 change all provision func signatures to use map[string]interface{} 2019-12-12 15:38:32 -08:00
Megan Marsh 6f418d0e54 get data sharing to a working state with the powershell provisioner 2019-12-11 15:43:38 -08:00
Megan Marsh f4c3501af5 pass struct of generated data into provision() call 2019-12-11 15:43:38 -08:00
pfuender ffb9272fb2 adding version-override for chef-client provisioner 2019-12-09 20:58:04 +01:00
Adrien Delorme 078ba7c8c3 commit old code generation tool
for history
2019-10-15 12:56:42 +02:00
Aaron Walker 85b8a654b0 only sets default value for chef license when installing chef and the install command is not set 2019-05-21 15:26:07 +02:00
Aaron Walker dfc5e5cf94 adds support for accepting the chef license 2019-05-17 17:19:22 +02:00
Adrien Delorme f555e7a9f2 allow a provisioner to timeout
* I had to contextualise Communicator.Start and RemoteCmd.StartWithUi
NOTE: Communicator.Start starts a RemoteCmd but RemoteCmd.StartWithUi will run the cmd and wait for a return, so I renamed StartWithUi to RunWithUi so that the intent is clearer.
Ideally in the future RunWithUi will be named back to StartWithUi and the exit status or wait funcs of the command will allow to wait for a return. If you do so please read carrefully https://golang.org/pkg/os/exec/#Cmd.Stdout to avoid a deadlock
* cmd.ExitStatus to cmd.ExitStatus() is now blocking to avoid race conditions
* also had to simplify StartWithUi
2019-04-08 20:09:21 +02:00
Adrien Delorme c4f3dccc14 rename interpolation context from ctx to ictx and contexts to ctx to avoid conflicts 2019-04-03 15:56:15 +02:00
Adrien Delorme c7ce4d598e change Provisioner to be passed a context for cancellation 2019-04-03 15:55:54 +02:00
Matt Dainty 451709b956 Elevated support for chef-client provisioner
Fixes #4661
2018-12-13 10:25:12 +00:00
Megan Marsh eb685b7140 remove duplicate code from chef provisioner 2018-08-07 10:01:06 -07:00
Don Luchini edb845b3f4 Allow skipping Chef Client staging directory cleanup (fixes #3151). 2018-04-27 19:35:01 -04:00
Matthew Hooker 9f87213ba4
tests and docs for #5831 2018-01-31 13:08:25 -08:00
Evan Machnic 5cedfc4557 Fixed go format errors 2018-01-31 11:06:31 -06:00
Evan Machnic 7354247933 Added policyGroup and policyName to Packer Communicator 2018-01-31 11:01:08 -06:00
Evan Machnic fe90f79704 Changed new code to use tabs instead of spaces 2018-01-31 10:54:40 -06:00
Evan Machnic 1f92aa2c0a Added Policyfile support to chef-client provisioner 2018-01-31 10:49:04 -06:00
Gennady Lipenkov 53aaf84100 Support 'trusted_certs_dir' chef-client configuration option 2018-01-13 01:53:49 +03:00
Casey Robertson 8f02150178 Changes Linux install URL to omnitruck. Changes powershell install to use omnitruck rather than hard-coded 32-bit url 2017-11-28 14:23:12 -08:00
Matthew Hooker 81522dced0
move packer to hashicorp 2017-04-04 13:39:01 -07:00
Matthew Hooker d1b20b3d9c
remove a bunch of dead code.
https://github.com/dominikh/go-tools/tree/master/cmd/unused
2017-03-28 20:36:20 -07:00
Matthew Hooker 825f69c64d
provisioner/chef-client: only upload knife config if we're cleaning 2017-02-09 23:37:35 -08:00
Matthew Hooker d920b3fbf4 run gofmt 2016-11-01 14:08:04 -07:00
Matthew Hooker a8e57d83d2 gofmt project.
noticed many unrelated changes being added to patches because of gofmt.

ran `find . -not -path "./vendor/*" -name "*.go" -exec gofmt -w {} \;`
2016-09-29 14:13:06 -07:00
Jamie Snell 7b3224f3c7 rename KnifeChefTemplate to KnifeTemplate 2016-06-14 13:42:53 -05:00
Jamie Snell 4847e891b0 Fix knife clean-up run on windows 2016-06-14 13:34:25 -05:00
Justin Nauman f2b0fabe66 Fixes #3466 - Remote path needs to be set prior to config interpolation (#3468) 2016-04-29 19:21:27 -07:00
Chris Bednarski 569e6cc464 go fmt 2016-02-08 17:34:06 -08:00
Chris Bednarski 87532b1b00 Merge branch 'chef-provisioner-windows' of https://github.com/sneal/packer into f-chef-provisioner-windows 2016-01-28 14:55:17 -08:00
Chris Bednarski 3eabc6253d Merge pull request #2653 from evertrue/evertrue/eherot/add_data_bag_secret_to_chef_client
Chef-client provisioner: Add encrypted data bag secret path (Fixes #1945)
2016-01-13 13:59:48 -08:00
Shawn Neal 8014dac742 Add Windows support to Chef provisioners
- Add guest os type to change the default Chef-Solo and Chef-Client provisioner behavior. Paths, commands etc.
- Change Chef installation download location to chef.io domain
- Add encrypted data bag secret configuration
2015-10-01 10:04:59 -07:00
Tim Smith 72e8119233 Download chef from chef.io 2015-08-25 21:53:50 -07:00
Eric Herot f625c985af Chef-client provisioner: Add encrypted data bag secret support (Fixes #1945) 2015-08-21 16:05:47 -07:00
Chris Bednarski 715662f60b Reformat 2015-07-27 16:42:06 -07:00
Schreiter, Wulf-Thilo 18438cf291 Add knife config by template
Since the chef-client provisioner is cleaning the node and client at the chef-server from the provisioned node
it needs to have a flexible configuration

This is replacing the used knife flags: -s '<chef-server-url>' -k '/tmp/packer-chef-client/client.pem' -u '<client-name>'
and puts their values into a generated knife.rb

Additionally the knife.rb may include the optional ssl_verify_mode attribute to enable the verify mode verify_none

Background:

When deleting node and client to a self-hosted chef-server using self signed cerfiticates the usage of

    knife node delete <node-name> -y -s '<chef-server-url>' -k '/tmp/packer-chef-client/client.pem' -u '<client-name>'

will lead into a ssl verification failure.

The error output of the knife call is somthing like:

    2015/06/24 12:29:17 ui:     docker: WARNING: No knife configuration file found
    docker: WARNING: No knife configuration file found
    2015/06/24 12:29:17 ui:     docker: ERROR: SSL Validation failure connecting to host: 172.16.117.63 - SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B:
    certificate verify failed
    docker: ERROR: SSL Validation failure connecting to host: 172.16.117.63 - SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
    2015/06/24 12:29:17 ui:     docker: ERROR: Could not establish a secure connection to the server.
    docker: ERROR: Could not establish a secure connection to the server.
    2015/06/24 12:29:17 ui:     docker: Use 'knife ssl check' to troubleshoot your SSL configuration.
    docker: Use 'knife ssl check' to troubleshoot your SSL configuration.
    2015/06/24 12:29:17 ui:     docker: If your Chef Server uses a self-signed certificate, you can use
    docker: If your Chef Server uses a self-signed certificate, you can use
    2015/06/24 12:29:17 ui:     docker: 'knife ssl fetch' to make knife trust the server's certificates.
    docker: 'knife ssl fetch' to make knife trust the server's certificates.
    2015/06/24 12:29:17 ui:     docker:
    docker:
    2015/06/24 12:29:17 ui:     docker: Original Exception: OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
    docker: Original Exception: OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
    2015/06/24 12:29:17 packer-builder-docker: 2015/06/24 12:29:17 Executed command exit status: 100
2015-06-24 15:22:59 +02:00
Mitchell Hashimoto 7c8e86c9c5 provisioner/*: fix interpolation context 2015-06-22 12:26:54 -07:00
Mitchell Hashimoto 711dfc9d0a provisioner/chef: show command in output 2015-06-15 14:35:54 -07:00
Mitchell Hashimoto 14787fd4cc provisioner/chef-client: run cleanup on node [GH-1295] 2015-06-15 14:29:12 -07:00
Mitchell Hashimoto 106c9403ed provisioner/chef-client: chmod the directories 2015-06-15 13:41:07 -07:00
Mitchell Hashimoto bee3b59c40 Merge branch 'chef-client-client_key' of https://github.com/ameir/packer into ameir-chef-client-client_key 2015-06-15 13:40:33 -07:00
Mitchell Hashimoto c2381be44f provisioner/*: convert to interpolation 2015-05-27 14:41:47 -07:00