* Created a new parameter for using existing resource groups
* Implemented logic to ensure temp_ and build_ can't both be used
* Implemented logic to ensure they can only be used in correct context
* Implemented tests for this logic
* Updated where required to ensure the process works
A bug was reported to Joyent, that sometimes packer UI reports that an image was created but it wasn't actually available in Triton for use. We believe that there was a bug uploading that image to Manta but that the metadata of the image was already populated and thus packer was reporting success as it was just checking for the metadata presence
This PR changes Packer to wait for the state of the image to be `active` to make sure that it has fully uploaded and is ready for use
```
==> triton: Stopping source machine (61647c3c-f2bf-4e30-b4bc-f076d3b01522)...
==> triton: Waiting for source machine to stop (61647c3c-f2bf-4e30-b4bc-f076d3b01522)...
==> triton: Creating image from source machine...
==> triton: Waiting for image to become available...
==> triton: Deleting source machine...
==> triton: Waiting for source machine to be deleted...
Build 'triton' finished.
==> Builds finished. The artifacts of successful builds are:
--> triton: Image was created: c2537582-34c7-42ea-bd11-b6ed499d5831
```
This change constructs partial URLs for networks and subnetworks if they
are not already partial or full URLs (i.e., they do not contain a '/' in
their name). Network and subnetwork self-links are no longer retrieved
from the API.
Previously, if a user did not provide the network or subnetwork as a
fully-qualified URL (i.e., self-link), the builder would make
compute.(sub)networks.get API calls with the provided identifier to
discover the self-link. This requires the user or service account Packer
is using to have permission to describe those network resources, which
is becoming less common as IAM is used more. Specifically, a user may
have permission to launch a VM into a network/subnetwork, but will not
have permission to call APIs to describe network resources.
This changeset will detect if the defined temporary resource group
already exists. If it does, it will not destroy it, but clean up
every resource required for building that is created by Packer
individually, both on success and failure.
Unit tests have been fixed, but more tests should be added for the new
functionalities.
fixes: #5476
Based on this new template addition:
```
{
"variables": {
"image_version": "",
"triton_account": "",
"triton_key_id": "",
"triton_key_material": ""
},
"builders": [{
"type": "triton",
"triton_account": "{{user `triton_account`}}",
"triton_key_id": "{{user `triton_key_id`}}",
"triton_key_material": "{{user `triton_key_material`}}",
"source_machine_package": "g4-highcpu-128M",
"source_machine_image_filter": {
"name": "ubuntu-16.04",
"most_recent": "true"
},
"ssh_username": "root",
"image_version": "{{user `image_version`}}",
"image_name": "teamcity-server"
}],
"provisioners": [
{
"type": "shell",
"start_retry_timeout": "10m",
"inline": [
"sudo apt-get update -y",
"sudo apt-get install -y nginx"
]
}
]
}
```
I got the following output from packer:
```
packer-testing % make image
packer build \
-var "triton_account=stack72_joyent" \
-var "triton_key_id=40:9d:d3:f9:0b:86:62:48:f4:2e:a5:8e:43:00:2a:9b" \
-var "triton_key_material=""" \
-var "image_version=1.0.0" \
new-template.json
triton output will be in this color.
==> triton: Selecting an image based on search criteria
==> triton: Based, on given search criteria, Machine ID is: "7b5981c4-1889-11e7-b4c5-3f3bdfc9b88b"
==> triton: Waiting for source machine to become available...
==> triton: Waiting for SSH to become available...
==> triton: Connected to SSH!
==> triton: Provisioning with shell script: /var/folders/_p/2_zj9lqn4n11fx20qy787p7c0000gn/T/packer-shell797317310
triton: Get:1 http://security.ubuntu.com/ubuntu xenial-security InRelease [102 kB]
triton: Hit:2 http://archive.ubuntu.com/ubuntu xenial InRelease
```
I can verify from the triton cli tools that the id `7b5981c4` (from the packer output) is indeed the correct ID
```
terraform [master●] % triton images name=~ubuntu-16.04
SHORTID NAME VERSION FLAGS OS TYPE PUBDATE
49b22aec ubuntu-16.04 20160427 P linux lx-dataset 2016-04-27
675834a0 ubuntu-16.04 20160505 P linux lx-dataset 2016-05-05
4edaa46a ubuntu-16.04 20160516 P linux lx-dataset 2016-05-16
05140a7e ubuntu-16.04 20160601 P linux lx-dataset 2016-06-01
e331b22a ubuntu-16.04 20161004 P linux lx-dataset 2016-10-04
8879c758 ubuntu-16.04 20161213 P linux lx-dataset 2016-12-13
7b5981c4 ubuntu-16.04 20170403 P linux lx-dataset 2017-04-03 <------- THIS IS THE LATEST UBUNTU IMAGE
```
This brings packer into the same version of triton-go as that in Terraform, where we rewrote the package from a library with everything in 1 place to individual packages
I was able to successfully provision a machine on triton using this new change, you can find the output in the attached gist
https://gist.github.com/stack72/a64d745459107c5a16bcb156965597ce
via
- create_options: a list of options passed to lxc-create
- start_options: a list of options passed to lxc-start
- attach_options: a list of options passed to lxc-attach
Also extended existing LXC builder BATS tests to exercise the new builder
options, and added website docs.
When running in travis, metadata requests will timeout after 5 seconds.
After 24 such timeouts, we'll hit travis' build timeout of two minutes,
and the build will fail. Lowering it to 100 gets us in a safe time
limit. We _may_ need to expose a timeout env var with this logic,
however.
An aws_profile option is added to the AWS ECR login credentials
configuration to allow using shared AWS credentials stored in
a non-default profile.
Signed-off-by: Aaron Browne <aaron0browne@gmail.com>
StepTagEBSVolumes is no longer needed, since this functionality is now
taken over by StepRunSourceInstance and StepRunSpotInstance. So remove
this functionality from the codebase.
The EBS builder will now use the tag-on-creation pattern, so
that it's possible to restrict packer to only create volumes that are
properly tagged by using an AWS policy.
Before we couldn't be sure if we were a permanent container or not.
Now we explicitly pass this on the command line so we don't depend on the
extra logic in `lxc publish --force` for ephemeral handling.
This means we avoid restarting the container after we publish
since we tear it down right away anyhow.
Likewise, there was sometimes a race which prevented the deletion
while the container was in a boot stage.
Adds two new options:
- `create_security_group` which automatically creates a temporary SG.
- `security_groups` which takes a list of SGs to attach to the instance.
This changeset performs the following:
- Updates `masterzen/winrm` vendor to include change from (https://github.com/masterzen/winrm/pull/73).
- Removes `masterzen/xmlpath` dependency, as it is licensed under the LGPL license.
- Updates `dylanmei/winrmtest` vendor to include change from (https://github.com/dylanmei/winrmtest/pull/4).
- Updates `packer-community/winrmcp` vendor to include the removal of the `masterzen/winrm/winrm` sub-class as a result of the `winrm` CLI tool being removed from the `masterzen/winrm` repository.
- Updates nested dependencies as a result of the above vendor changes.
- Refactors `parallels/driver_9` to use `goxpath` instead of `xmlpath`, as `xmlpath` is licensed under LGPL.
- Adds a basic unit test for the refactor work in `parallels/driver_9` to confirm functionality.
This should completely remove any LGPL licensed dependencies inside of the Packer project.
```
$ make test
/home/jake/src/go/src/github.com/hashicorp/packer/scripts/gofmtcheck.sh $(find . -not -path "./vendor/*" -name "*.go")
==> Checking that code complies with gofmt requirements...
Check passed.
ok github.com/hashicorp/packer 0.044s
ok github.com/hashicorp/packer/builder/alicloud/ecs 0.055s
ok github.com/hashicorp/packer/builder/amazon/chroot 0.040s
ok github.com/hashicorp/packer/builder/amazon/common 0.021s
ok github.com/hashicorp/packer/builder/amazon/ebs 0.016s
ok github.com/hashicorp/packer/builder/amazon/ebssurrogate 0.015s
ok github.com/hashicorp/packer/builder/amazon/ebsvolume 0.014s
ok github.com/hashicorp/packer/builder/amazon/instance 0.058s
ok github.com/hashicorp/packer/builder/azure/arm 2.833s
ok github.com/hashicorp/packer/builder/azure/common 0.018s
? github.com/hashicorp/packer/builder/azure/common/constants [no test files]
? github.com/hashicorp/packer/builder/azure/common/lin [no test files]
? github.com/hashicorp/packer/builder/azure/common/logutil [no test files]
ok github.com/hashicorp/packer/builder/azure/common/template 0.038s
ok github.com/hashicorp/packer/builder/azure/pkcs12 0.120s
ok github.com/hashicorp/packer/builder/azure/pkcs12/rc2 0.020s
ok github.com/hashicorp/packer/builder/cloudstack 0.038s
ok github.com/hashicorp/packer/builder/digitalocean 0.015s
ok github.com/hashicorp/packer/builder/docker 0.028s
ok github.com/hashicorp/packer/builder/file 0.029s
ok github.com/hashicorp/packer/builder/googlecompute 3.162s
ok github.com/hashicorp/packer/builder/hyperv/common 0.006s
ok github.com/hashicorp/packer/builder/hyperv/iso 0.042s
ok github.com/hashicorp/packer/builder/null 0.018s
ok github.com/hashicorp/packer/builder/oneandone 0.022s
ok github.com/hashicorp/packer/builder/openstack 0.052s
ok github.com/hashicorp/packer/builder/parallels/common 2.549s
ok github.com/hashicorp/packer/builder/parallels/iso 0.050s
ok github.com/hashicorp/packer/builder/parallels/pvm 0.033s
ok github.com/hashicorp/packer/builder/profitbricks 0.023s
ok github.com/hashicorp/packer/builder/qemu 0.039s
ok github.com/hashicorp/packer/builder/triton 0.018s
ok github.com/hashicorp/packer/builder/virtualbox/common 5.533s
ok github.com/hashicorp/packer/builder/virtualbox/iso 0.044s
ok github.com/hashicorp/packer/builder/virtualbox/ovf 0.012s
ok github.com/hashicorp/packer/builder/vmware/common 5.325s
ok github.com/hashicorp/packer/builder/vmware/iso 0.076s
ok github.com/hashicorp/packer/builder/vmware/vmx 0.010s
ok github.com/hashicorp/packer/command 0.062s
ok github.com/hashicorp/packer/common 0.053s
ok github.com/hashicorp/packer/common/json 0.003s [no tests to run]
ok github.com/hashicorp/packer/common/powershell 0.015s
? github.com/hashicorp/packer/common/powershell/hyperv [no test files]
? github.com/hashicorp/packer/common/ssh [no test files]
ok github.com/hashicorp/packer/common/uuid 0.010s
ok github.com/hashicorp/packer/communicator/none 0.008s
ok github.com/hashicorp/packer/communicator/ssh 0.068s
ok github.com/hashicorp/packer/communicator/winrm 0.046s
ok github.com/hashicorp/packer/fix 0.005s
ok github.com/hashicorp/packer/helper/builder/testing 0.007s
ok github.com/hashicorp/packer/helper/communicator 0.013s
ok github.com/hashicorp/packer/helper/config 0.004s
? github.com/hashicorp/packer/helper/enumflag [no test files]
ok github.com/hashicorp/packer/helper/flag-kv 0.009s
ok github.com/hashicorp/packer/helper/flag-slice 0.006s
ok github.com/hashicorp/packer/packer 0.219s
ok github.com/hashicorp/packer/packer/plugin 0.233s
ok github.com/hashicorp/packer/packer/rpc 0.141s
ok github.com/hashicorp/packer/plugin/example 0.008s [no tests to run]
? github.com/hashicorp/packer/post-processor/alicloud-import [no test files]
? github.com/hashicorp/packer/post-processor/amazon-import [no test files]
ok github.com/hashicorp/packer/post-processor/artifice 0.003s [no tests to run]
ok github.com/hashicorp/packer/post-processor/atlas 0.018s
ok github.com/hashicorp/packer/post-processor/checksum 0.015s
ok github.com/hashicorp/packer/post-processor/compress 0.047s
ok github.com/hashicorp/packer/post-processor/docker-import 0.012s
ok github.com/hashicorp/packer/post-processor/docker-push 0.012s
ok github.com/hashicorp/packer/post-processor/docker-save 0.008s
ok github.com/hashicorp/packer/post-processor/docker-tag 0.008s
ok github.com/hashicorp/packer/post-processor/googlecompute-export 0.015s [no tests to run]
? github.com/hashicorp/packer/post-processor/manifest [no test files]
ok github.com/hashicorp/packer/post-processor/shell-local 0.028s
ok github.com/hashicorp/packer/post-processor/vagrant 0.030s
ok github.com/hashicorp/packer/post-processor/vagrant-cloud 0.028s
ok github.com/hashicorp/packer/post-processor/vsphere 0.014s
ok github.com/hashicorp/packer/provisioner 0.011s
ok github.com/hashicorp/packer/provisioner/ansible 0.140s
ok github.com/hashicorp/packer/provisioner/ansible-local 0.056s
ok github.com/hashicorp/packer/provisioner/chef-client 0.050s
ok github.com/hashicorp/packer/provisioner/chef-solo 0.061s
ok github.com/hashicorp/packer/provisioner/converge 0.018s
ok github.com/hashicorp/packer/provisioner/file 0.015s
ok github.com/hashicorp/packer/provisioner/powershell 0.168s
ok github.com/hashicorp/packer/provisioner/puppet-masterless 0.008s
ok github.com/hashicorp/packer/provisioner/puppet-server 0.031s
ok github.com/hashicorp/packer/provisioner/salt-masterless 0.010s
ok github.com/hashicorp/packer/provisioner/shell 0.010s
ok github.com/hashicorp/packer/provisioner/shell-local 0.037s
ok github.com/hashicorp/packer/provisioner/windows-restart 0.180s
ok github.com/hashicorp/packer/provisioner/windows-shell 0.159s
? github.com/hashicorp/packer/scripts [no test files]
ok github.com/hashicorp/packer/template 0.008s
ok github.com/hashicorp/packer/template/interpolate 0.004s
? github.com/hashicorp/packer/version [no test files]
```
This commit attempts to fix the timestamp-related part of #4885 by using the logic found in the analogous virtualbox implementation. In essence, it applies the solution from commit 93bb0d8 to the vmx case.
Adds pass_phrase property to the oracle-bmcs builder to allow users to
specify/override a pass phrase for the private key used to sign requests
to the BMCS API.
Implements a new Packer builder (oracle-bmcs) which adds support for
building custom images for Oracle Bare Metal Cloud Services (BMCS)
https://cloud.oracle.com/en_US/bare-metal.
Additionally includes documentation for the oracle-bmcs builder.
If full server URL's is used in subnetwork we can skip reading from the network
API. This is usefull when you can launch instances in a shared network but don't
have access to do GET on the network resources.
Closes: #5018
There are two types for storage profile, but they use the same
serialization name (storageProfile). This creates problems, so I worked
around it by taking the union of this type as well as OS Disk.
* More unit testing to assert customer's configuration.
* Further reduce the options that are needed to power an Azure build.
This seems like a much more manageable level.
* Update all of the examples to use a more current VM sku.
* Add an example for RHEL.
* Move from OpenSuSE to SuSE.
* Update the docs.
The OAuth code was moved to the adal package.
Authorizers now ues an interface instead of a simple token.
Long running operations return a channel for the operation, and the
error.
This commit adds a new option, `vmx_remove_ethernet_interfaces`, to both
of the VMWare builders. This is useful when building Vagrant boxes,
since Vagrant now produces output such as:
```
WARNING: The VMX file for this box contains a setting that is
automatically overwritten by Vagrant when started. Vagrant will stop
overwriting this setting in an upcoming release which may pre vent
proper networking setup. Below is the detected VMX setting:
ethernet0.pcislotnumber = "33"
If networking fails to properly configure, it may require this VMX
setting. It can be manually applied via the Vagrantfile:
Vagrant.configure(2) do |config|
config.vm.provider :vmware_fusion do |vmware|
vmware.vmx["ethernet0.pcislotnumber"] = "33"
end
end
```
This can be avoided entirely by removing the ethernet adapters from the
VMX file prior to packaging as a Vagrant box, in which case adapters are
created as expected according to the Vagrantfile specification.
When AUTH_URL and each endpoints need SSL client authentication, we
have to specify cert file and private key file.
So, add optional config, cert and key.
[A recent breaking change upstream in Golang's crypto
library](e4e2799dd7)
has broken SSH connectivity for a few builders:
```
==> qemu: Waiting for SSH to become available...
2017/05/20 16:23:58 ui: ==> qemu: Waiting for SSH to become available...
2017/05/20 16:23:58 packer: 2017/05/20 16:23:58 [INFO] Attempting SSH connection...
2017/05/20 16:23:58 packer: 2017/05/20 16:23:58 reconnecting to TCP connection for SSH
2017/05/20 16:23:58 packer: 2017/05/20 16:23:58 handshaking with SSH
2017/05/20 16:23:58 packer: 2017/05/20 16:23:58 handshake error: ssh: must specify HostKeyCallback
2017/05/20 16:23:58 packer: 2017/05/20 16:23:58 [DEBUG] SSH handshake err: ssh: must specify HostKeyCallback
2017/05/20 16:24:05 packer: 2017/05/20 16:24:05 [INFO] Attempting SSH connection...
2017/05/20 16:24:05 packer: 2017/05/20 16:24:05 reconnecting to TCP connection for SSH
2017/05/20 16:24:05 packer: 2017/05/20 16:24:05 handshaking with SSH
2017/05/20 16:24:05 packer: 2017/05/20 16:24:05 handshake error: ssh: must specify HostKeyCallback
2017/05/20 16:24:05 packer: 2017/05/20 16:24:05 [DEBUG] SSH handshake err: ssh: must specify HostKeyCallback
```
Specifying HostKeyCallback as insecure should make things work again
and would make sense for packer's use case.
In AWS we can derive the `VpcId` and AZ from the `SubnetId`, so now we do. In the config you can now only specify the `SubnetId`.
This fixes issue #4693.
This commit substitutes the now-deprecated gosdc library for the newer
triton-go library. This is transparent from a user perspective, except
for the fact that key material can now be ommitted and requests can be
signed with an SSH agent. This allows for both encrypted keys and ECDSA
keys to be used.
In addition, a fix is made to not pass in an empty array of networks if
none are specified in configuration, thus honouring the API default of
putting instances with no explicit networks specified on the Joyent
public and internal shared networks.
Pull request 1504 describes a workaround for a potential race condition in which the VMX builder can fail to remove mounted floppies or CDs. This workaround was enabled for all operating systems except OS X. Since this issue can also occur on OS X, also apply the workaround on it.