Merge branch 'feat/43-add-alpine-3-16-support' into 'develop'

Resolve "Add alpine 3.16 support" Closes #43 See merge request EOLE/eole-3/infra/builder!68

Merge branch 'feat/43-add-alpine-3-16-support' into 'develop'
Resolve "Add alpine 3.16 support" Closes #43 See merge request EOLE/eole-3/infra/builder!68
ca8059a1 · Laurent Gourvénec · 49fcc1bb · 1f1b144b · ca8059a1 · ca8059a1
Commit ca8059a1 authored Jul 05, 2022 by Laurent Gourvénec
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -69,6 +69,7 @@ hcl check:
  before_script:
    - packer version
  script:
+    - for rcp in $(ls -d recipes/*);do echo $rcp ; packer init "${rcp}";done
    - for rcp in $(ls -d recipes/*);do echo $rcp ; packer validate "${rcp}";done



--- a/build
+++ b/build
@@ -8,13 +8,22 @@ VERSION=${3}

 RCP_DIR="./recipes"

+#
+# Init packer
+# install plugins
+#
+initPacker() {
+  os=${1}
+  packer init ${RCP_DIR}/${os}
+}
+
 #
 # Run the build
 # First the "base" image then the provisionned ones
 #
 run() {
-  packer build ${PACKER_OPTS} -var-file="${RCP_DIR}/${OS}/${VERSION}.auto.pkrvars.hcl" -only="base.qemu.${OS}" "${RCP_DIR}/${OS}/."
-  packer build ${PACKER_OPTS} -force -var-file="${RCP_DIR}/${OS}/${VERSION}.auto.pkrvars.hcl" -except="base.qemu.${OS}" "${RCP_DIR}/${OS}/."
+  packer build ${PACKER_OPTS} -var-file="${RCP_DIR}/${OS}/${VERSION}.pkrvars.hcl" -only="base.qemu.${OS}" "${RCP_DIR}/${OS}/."
+  packer build ${PACKER_OPTS} -force -var-file="${RCP_DIR}/${OS}/${VERSION}.pkrvars.hcl" -except="base.qemu.${OS}" "${RCP_DIR}/${OS}/."
 }

 #
@@ -23,7 +32,7 @@ run() {
 run_build() {
  target=${4}
  packer build ${PACKER_OPTS} -force \
-    -var-file="${RCP_DIR}/${OS}/${VERSION}.auto.pkrvars.hcl" \
+    -var-file="${RCP_DIR}/${OS}/${VERSION}.pkrvars.hcl" \
    -only="${target}.qemu.${OS}" \
    "${RCP_DIR}/${OS}/."
 }
@@ -37,7 +46,7 @@ list() {
    echo "  * $(basename "${os}") :"
    cd "${os}" || exit 100
    for vfile in *.pkrvars.hcl; do
-      echo "    - ${vfile}" | sed 's/\.auto\.pkrvars\.hcl$//'
+      echo "    - ${vfile}" | sed 's/\.pkrvars\.hcl$//'
    done
    cd - >/dev/null 2>&1 || exit 100
  done
@@ -92,15 +101,18 @@ case "${ACTION}" in
    ;;

  "all")
+    initPacker "${2}" || exit 1
    run_all
    exit ${?}
    ;;

  "start")
+    initPacker "${2}" || exit 1
    start_build
    ;;

  "run")
+    initPacker "${2}" || exit 1
    run_build $@
    ;;


--- a/provisionning/alpine/alpine-3.14-install.sh
+++ b/provisionning/alpine/alpine-3.14-install.sh
 #!/bin/sh
 set -xeo pipefail

-setup-ntp -c chrony
-
-setup-apkrepos "https://dl-cdn.alpinelinux.org/alpine/v${SHORT_VERSION}/community" "https://dl-cdn.alpinelinux.org/alpine/v${SHORT_VERSION}/main"
-
-apk add --no-cache wget curl jq expect haveged ca-certificates rsyslog
-
-rc-update add haveged boot
-rc-update add rsyslog boot
-
-service haveged start
-service rsyslog start
-
-export DISKOPTS="-L"
-expect <<EOF
-set timeout 300
-
-spawn setup-alpine
-
-expect "Select keyboard layout**"
-send "fr\r"
-
-expect "Select variant**"
-send "fr-azerty\r"
-
-expect "Enter system hostname**"
-send "${VM_NAME}\r"
-
-expect "Which one do you want to initialize**"
-send "eth0\r"
-
-expect "Ip address for eth0**"
-send "dhcp\r"
-
-expect "Do you want to do any manual network configuration**"
-send "no\r"
-
-expect "New password:"
-send "${ROOT_PASSWORD}\r"
-
-expect "Retype password:"
-send "${ROOT_PASSWORD}\r"
-
-expect "Which timezone are you in**"
-send "Europe/Paris\r"
-
-expect "HTTP/FTP proxy URL**"
-send "none\r"
-
-expect "Enter mirror number**"
-send "done\r"
-
-expect "Which SSH server**"
-send "openssh\r"
-
-expect "Which disk*s* would you like to use**"
-send "vda\r"
-
-expect "How would you like to use it**"
-send "sys\r"
-
-expect "WARNING: Erase the above disk*s* and continue**"
-send "y\r"
-
-expect eof
-EOF
-
-# Package removing is done in the -postinstall file
-
-rc-update add sshd boot
+# Run the installer
+echo "y" | setup-alpine -e -f install.conf

+# Copy ssh keys
+echo "Copy packer ssh key"
+mount /dev/vg0/lv_root /mnt
+cp -rp .ssh /mnt/root/
 sync
+umount /mnt

+echo "Rebooting the host after install"
 reboot
--- a/provisionning/alpine/alpine-3.14-postinstall.sh
+++ b/provisionning/alpine/alpine-3.14-postinstall.sh
 #!/bin/sh
 set -xeo pipefail

+rlz=$(cut -d '.' -f1,2 /etc/alpine-release)
+
+cat >/etc/apk/repositories <<EOF
+
+https://dl-cdn.alpinelinux.org/alpine/v${rlz}/main/
+https://dl-cdn.alpinelinux.org/alpine/v${rlz}/community/
+
+EOF
+$(echo)
+
+apk add --no-cache wget curl jq haveged ca-certificates rsyslog
+
+rc-update add haveged boot
+rc-update add rsyslog boot
+rc-update add sshd boot
+
+# Generate root password
+pass=$(openssl rand -base64 32 | tee -a .secret)
+chmod 600 .secret
+echo -e "${pass}\n${pass}" | passwd
+
 # Remove expect package
-apk del --no-cache expect

 # Prevent logs spamming like "process '/sbin/getty -L 0 ttyS0 vt100' (pid 2516) exited. Scheduling for restart."
 # We don't need an access to ttyS0

--- a/provisionning/alpine/alpine-3.15-install.sh
+++ b/provisionning/alpine/alpine-3.15-install.sh
-#!/bin/sh
-set -xeo pipefail
-
-setup-ntp -c chrony
-
-setup-apkrepos "https://dl-cdn.alpinelinux.org/alpine/v${SHORT_VERSION}/community" "https://dl-cdn.alpinelinux.org/alpine/v${SHORT_VERSION}/main"
-
-apk add --no-cache wget curl jq expect haveged ca-certificates rsyslog
-
-rc-update add haveged boot
-rc-update add rsyslog boot
-
-service haveged start
-service rsyslog start
-
-export DISKOPTS="-L"
-expect <<EOF
-set timeout 300
-
-spawn setup-alpine
-
-expect "Select keyboard layout**"
-send "fr\r"
-
-expect "Select variant**"
-send "fr-azerty\r"
-
-expect "Enter system hostname**"
-send "${VM_NAME}\r"
-
-expect "Which one do you want to initialize**"
-send "eth0\r"
-
-expect "Ip address for eth0**"
-send "dhcp\r"
-
-expect "Do you want to do any manual network configuration**"
-send "no\r"
-
-expect "New password:"
-send "${ROOT_PASSWORD}\r"
-
-expect "Retype password:"
-send "${ROOT_PASSWORD}\r"
-
-expect "Which timezone are you in**"
-send "Europe/Paris\r"
-
-expect "HTTP/FTP proxy URL**"
-send "none\r"
-
-expect "Enter mirror number**"
-send "done\r"
-
-expect "Which SSH server**"
-send "openssh\r"
-
-expect "Which disk*s* would you like to use**"
-send "vda\r"
-
-expect "How would you like to use it**"
-send "sys\r"
-
-expect "WARNING: Erase the above disk*s* and continue**"
-send "y\r"
-
-expect eof
-EOF
-
-# Package removing is done in the -postinstall file
-
-rc-update add sshd boot
-
-sync
-
-reboot
--- a/provisionning/alpine/alpine-3.15-install.sh
+++ b/provisionning/alpine/alpine-3.15-install.sh
+alpine-3.14-install.sh
\ No newline at end of file
--- a/provisionning/alpine/alpine-3.15-postinstall.sh
+++ b/provisionning/alpine/alpine-3.15-postinstall.sh
 #!/bin/sh
 set -xeo pipefail

+apk add --no-cache wget curl jq haveged ca-certificates rsyslog
+
+rc-update add haveged boot
+rc-update add rsyslog boot
+rc-update add sshd boot
+
+# Generate root password
+pass=$(openssl rand -base64 32 | tee -a .secret)
+chmod 600 .secret
+echo -e "${pass}\n${pass}" | passwd
+
 # Remove expect package
-apk del --no-cache expect

 # Prevent logs spamming like "process '/sbin/getty -L 0 ttyS0 vt100' (pid 2516) exited. Scheduling for restart."
 # We don't need an access to ttyS0

--- a/provisionning/alpine/alpine-3.16-install.sh
+++ b/provisionning/alpine/alpine-3.16-install.sh
+#!/bin/sh
+set -xeo pipefail
+
+# Run the installer
+echo "y" | setup-alpine -e -f install.conf
+
+# Copy ssh keys
+echo "Copy packer ssh key"
+mount /dev/vg0/lv_root /mnt
+cp -rp .ssh /mnt/root/
+sync
+umount /mnt
+
+echo "Rebooting the host after install"
+reboot
--- a/provisionning/alpine/alpine-3.16-postinstall.sh
+++ b/provisionning/alpine/alpine-3.16-postinstall.sh
+alpine-3.15-postinstall.sh
\ No newline at end of file
--- a/recipes/alpine/3.14.auto.pkrvars.hcl
+++ b/recipes/alpine/3.14.auto.pkrvars.hcl
@@ -3,4 +3,4 @@ version = "3.14.2"
 short_version = "3.14"
 arch = "x86_64"
 source_url = "https://dl-cdn.alpinelinux.org/alpine"
-iso_cd_checksum = "sha256:fcba6ecc8419da955d326a12b2f6d9d8f885a420a1112e0cf1910914c4c814a7"
+iso_cd_checksum = "sha256:fcba6ecc8419da955d326a12b2f6d9d8f885a420a1112e0cf1910914c4c814a7"
\ No newline at end of file
--- a/recipes/alpine/3.15.auto.pkrvars.hcl
+++ b/recipes/alpine/3.15.auto.pkrvars.hcl
 name = "alpine"
-version = "3.15.0"
+version = "3.15.4"
 short_version = "3.15"
 arch = "x86_64"
 source_url = "https://dl-cdn.alpinelinux.org/alpine"
-iso_cd_checksum = "sha256:e97eaedb3bff39a081d1d7e67629d5c0e8fb39677d6a9dd1eaf2752e39061e02"
\ No newline at end of file
+iso_cd_checksum = "sha256:11cb6ceec4967e0089c44268d2cc7b4efbad74f40d962ecec558e1a8fb6f2ac9"
\ No newline at end of file
--- a/recipes/alpine/3.16.pkrvars.hcl
+++ b/recipes/alpine/3.16.pkrvars.hcl
+name = "alpine"
+version = "3.16.0"
+short_version = "3.16"
+arch = "x86_64"
+source_url = "https://dl-cdn.alpinelinux.org/alpine"
+iso_cd_checksum = "ba8007f74f9b54fbae3b2520da577831b4834778a498d732f091260c61aa7ca1"
\ No newline at end of file
--- a/recipes/alpine/base-onecontext.pkr.hcl
+++ b/recipes/alpine/base-onecontext.pkr.hcl
@@ -15,6 +15,7 @@ EOF
    disk_size        = 8000
    disk_image       = true
    boot_command     = [ "<enter><enter><wait>" ]
+    ssh_clear_authorized_keys = true
  }

  provisioner "file" {

--- a/recipes/alpine/grafana.pkr.hcl
+++ b/recipes/alpine/grafana.pkr.hcl
@@ -14,6 +14,7 @@ EOF
    disk_size        = 40960
    disk_image       = true
    boot_command     = [ "<enter><enter><wait>" ]
+    ssh_clear_authorized_keys = true
  }

  provisioner "file" {

--- a/recipes/alpine/k3s.pkr.hcl
+++ b/recipes/alpine/k3s.pkr.hcl
@@ -14,6 +14,7 @@ EOF
    disk_size        = 40960
    disk_image       = true
    boot_command     = [ "<enter><enter><wait>" ]
+    ssh_clear_authorized_keys = true
  }

  provisioner "file" {

--- a/recipes/alpine/locals.pkr.hcl
+++ b/recipes/alpine/locals.pkr.hcl
@@ -9,4 +9,8 @@ locals {
  ssh_password = "PbkRc1vup7Wq5n4r"
  disk_size = 8000
  memory = 512
+  installOpts = {
+    hostname = var.name
+    user = "eole"
+  }
 }
--- a/recipes/alpine/loki.pkr.hcl
+++ b/recipes/alpine/loki.pkr.hcl
@@ -14,6 +14,7 @@ EOF
    disk_size        = 40960
    disk_image       = true
    boot_command     = [ "<enter><enter><wait>" ]
+    ssh_clear_authorized_keys = true
  }

  provisioner "file" {

--- a/recipes/alpine/main.pkr.hcl
+++ b/recipes/alpine/main.pkr.hcl
@@ -8,42 +8,35 @@ EOF
  source "qemu.alpine" {
    output_directory = "${var.output_dir}/${var.version}/base"
    vm_name          = "${local.output_name}-${var.version}.img"
-    #disk_size        = 8000
+    disk_size        = 8000
    iso_url          = "${local.source_iso}"
    iso_checksum     = "${var.iso_cd_checksum}"
+    http_content = {
+      "/ssh-packer-pub.key" = data.sshkey.install.public_key
+      "/install.conf" = templatefile("${path.cwd}/templates/conf/${var.name}/install/awnsers.pktpl.hcl", local.installOpts)
+    }
    boot_command = [
      "<wait5s>root<enter>",
      "<wait1s><enter>",
-      "<wait1s>passwd<enter><wait1s>${local.ssh_password}<enter><wait1s>${local.ssh_password}<enter>",
      "<wait1s>setup-interfaces<enter><wait1s><enter><wait1s><enter><wait1s><enter>",
      "<wait1s>ifup eth0<enter>",
-      "<wait1s>setup-sshd<enter>",
-      "<wait1s><enter><wait1s>",
-      "<wait1s>echo 'PermitRootLogin yes' >> /etc/ssh/sshd_config<enter>",
-      "<wait1s>rc-service sshd stop<enter>",
-      "<wait1s>rc-service sshd start<enter>",
-      "<wait1s><enter>"
+      "<wait1s>mkdir -p .ssh<enter>",
+      "<wait1s>wget http://{{.HTTPIP}}:{{.HTTPPort}}/ssh-packer-pub.key -O .ssh/authorized_keys<enter><wait1s>",
+      "<wait1s>chmod 600 .ssh/authorized_keys<enter>",
+      "<wait1s>wget http://{{.HTTPIP}}:{{.HTTPPort}}/install.conf<enter><wait1s>",
+      "<wait1s>setup-sshd -c openssh -k .ssh/authorized_keys<enter><wait1s>",
    ]
  }

-  provisioner "file" {
-    destination = "/tmp/alpine-install.sh"
-    source      = "${path.cwd}/provisionning/${var.name}/${var.name}-${var.short_version}-install.sh"
-  }
-
  provisioner "shell" {
-    environment_vars = [
-      "ROOT_PASSWORD=${local.ssh_password}",
-      "SHORT_VERSION=${var.short_version}"
-    ]
-    inline = [
-      "sh /tmp/alpine-install.sh"
-    ]
-    pause_after = "10s"
+    pause_before = "1s"
+    expect_disconnect = true  # Because the previous step has rebooted the machine
+    script = "${path.cwd}/provisionning/${var.name}/${var.name}-${var.short_version}-install.sh"
+    valid_exit_codes = [ 0, 141 ]
  }

  provisioner "shell" {
-    expect_disconnect = true  # Because the previous step has rebooted the machine
+    pause_before = "1s"
    inline = [ "sh -cx 'mkdir -p ${local.builder_config.TemplateDir}'" ]
  }


--- a/recipes/alpine/plugins.pkr.hcl
+++ b/recipes/alpine/plugins.pkr.hcl
+packer {
+    required_plugins {
+        sshkey = {
+            version = ">= 1.0.1"
+            source = "github.com/ivoronin/sshkey"
+        }
+    }
+}
+
+data "sshkey" "install" {
+    type = "ed25519"
+}
\ No newline at end of file
--- a/recipes/alpine/sources.pkr.hcl
+++ b/recipes/alpine/sources.pkr.hcl
@@ -3,19 +3,20 @@ source qemu "alpine" {
  memory      = "${local.memory}"
  accelerator = "kvm"

+
  headless = true

  # Serve the `http` directory via HTTP, used for preseeding the Debian installer.
-  http_directory = "${path.cwd}/provisionning/${var.name}/http"
  http_port_min  = 9990
  http_port_max  = 9999

  # SSH ports to redirect to the VM being built
  host_port_min = 2222
  host_port_max = 2229
+
  # This user is configured in the preseed file.
-  ssh_password     = "${local.ssh_password}"
  ssh_username     = "${local.ssh_user}"
+  ssh_private_key_file = data.sshkey.install.private_key_path
  ssh_wait_timeout = "1000s"

  shutdown_command = "/sbin/poweroff"