diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index bc8ce9f62..49a29bbfc 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -121,7 +121,7 @@ Packer: stage: test extends: .terraform rules: - - if: '$CI_PIPELINE_SOURCE != "schedule" && $CI_COMMIT_BRANCH =~ /PR-[0-9]+/' + - if: '$CI_PIPELINE_SOURCE != "schedule"' script: - tools/appsre-build-worker-packer.sh variables: diff --git a/templates/packer/ansible/inventory/fedora-35-aarch64/group_vars/all.yml b/templates/packer/ansible/inventory/fedora-35-aarch64/group_vars/all.yml new file mode 100644 index 000000000..04147ed09 --- /dev/null +++ b/templates/packer/ansible/inventory/fedora-35-aarch64/group_vars/all.yml @@ -0,0 +1,5 @@ +--- +# this is just a template! +# the actual content is generated by build/appsre-build-worker-packer.sh +rpmrepo_distribution: distro +osbuild_commit: abcdef diff --git a/templates/packer/ansible/inventory/fedora-35-x86_64/group_vars/all.yml b/templates/packer/ansible/inventory/fedora-35-x86_64/group_vars/all.yml new file mode 100644 index 000000000..04147ed09 --- /dev/null +++ b/templates/packer/ansible/inventory/fedora-35-x86_64/group_vars/all.yml @@ -0,0 +1,5 @@ +--- +# this is just a template! +# the actual content is generated by build/appsre-build-worker-packer.sh +rpmrepo_distribution: distro +osbuild_commit: abcdef diff --git a/templates/packer/worker.pkr.hcl b/templates/packer/worker.pkr.hcl index 468d4035b..b3372b3ea 100644 --- a/templates/packer/worker.pkr.hcl +++ b/templates/packer/worker.pkr.hcl @@ -53,6 +53,80 @@ build { } } + source "amazon-ebs.image_builder" { + name = "fedora-35-x86_64" + + # Use a static Fedora 35 Cloud Base Image. + source_ami = "ami-08b4ee602f76bff79" + ssh_username = "fedora" + instance_type = "c6a.large" + + # Set a name for the resulting AMI. + ami_name = "${var.image_name}-fedora-35-x86_64" + + # Apply tags to the resulting AMI/EBS snapshot. + tags = { + AppCode = "IMGB-001" + Name = "${var.image_name}" + composer_commit = "${var.composer_commit}" + os = "fedora" + os_version = "35" + arch = "x86_64" + } + + # Ensure that the EBS snapshot used for the AMI meets our requirements. + launch_block_device_mappings { + delete_on_termination = "true" + device_name = "/dev/sda1" + volume_size = 5 + volume_type = "gp2" + } + + # go doesn't like modern Fedora crypto policies + # see https://github.com/hashicorp/packer/issues/10074 + user_data = <> worker-packer.sh <<'EOF' -/usr/bin/packer build /osbuild-composer/templates/packer +if [ "$ON_JENKINS" = true ]; then + # jenkins on main: build rhel only + PACKER_ONLY_EXCEPT=--only=amazon-ebs.rhel-8-x86_64 +elif [ -n "$CI_COMMIT_BRANCH" ] && [ "$CI_COMMIT_BRANCH" == "main" ]; then + # Schutzbot on main: build all except rhel + PACKER_ONLY_EXCEPT=--except=amazon-ebs.rhel-8-x86_64 +elif [ -n "$CI_COMMIT_BRANCH" ]; then + # Schutzbot but not main, build everything (use dummy except) + PACKER_ONLY_EXCEPT=--except=amazon-ebs.dummy +fi + +cat >> worker-packer.sh <