packer: build Fedora images

The decision logic which jobs to run is quite confusing but that's how we roll for now: Jenkins builds RHEL images only on main Schutzbot builds RHEL images only in PRs Schutzbot builds Fedora images on both PRs and on main To achieve this, the commit re-enables running Packer on main on Schutzbot. Signed-off-by: Ondřej Budai <ondrej@budai.cz>
2022-03-10 11:36:49 +01:00 · 2022-03-10 11:36:49 +01:00 · ad15179faf
commit ad15179faf
parent ec070612ff
5 changed files with 98 additions and 3 deletions
--- a/templates/packer/ansible/inventory/fedora-35-aarch64/group_vars/all.yml
+++ b/templates/packer/ansible/inventory/fedora-35-aarch64/group_vars/all.yml
@ -0,0 +1,5 @@
+---
+# this is just a template!
+# the actual content is generated by build/appsre-build-worker-packer.sh
+rpmrepo_distribution: distro
+osbuild_commit: abcdef
--- a/templates/packer/ansible/inventory/fedora-35-x86_64/group_vars/all.yml
+++ b/templates/packer/ansible/inventory/fedora-35-x86_64/group_vars/all.yml
@ -0,0 +1,5 @@
+---
+# this is just a template!
+# the actual content is generated by build/appsre-build-worker-packer.sh
+rpmrepo_distribution: distro
+osbuild_commit: abcdef
--- a/templates/packer/worker.pkr.hcl
+++ b/templates/packer/worker.pkr.hcl
@ -53,6 +53,80 @@ build {
    }
  }

+  source "amazon-ebs.image_builder"  {
+    name = "fedora-35-x86_64"
+
+    # Use a static Fedora 35 Cloud Base Image.
+    source_ami = "ami-08b4ee602f76bff79"
+    ssh_username = "fedora"
+    instance_type = "c6a.large"
+
+    # Set a name for the resulting AMI.
+    ami_name = "${var.image_name}-fedora-35-x86_64"
+
+    # Apply tags to the resulting AMI/EBS snapshot.
+    tags = {
+      AppCode = "IMGB-001"
+      Name = "${var.image_name}"
+      composer_commit = "${var.composer_commit}"
+      os = "fedora"
+      os_version = "35"
+      arch = "x86_64"
+    }
+
+    # Ensure that the EBS snapshot used for the AMI meets our requirements.
+    launch_block_device_mappings {
+      delete_on_termination = "true"
+      device_name           = "/dev/sda1"
+      volume_size           = 5
+      volume_type           = "gp2"
+    }
+
+    # go doesn't like modern Fedora crypto policies
+    # see https://github.com/hashicorp/packer/issues/10074
+    user_data = <<EOF
+#!/bin/bash
+update-crypto-policies --set LEGACY
+EOF
+  }
+
+  source "amazon-ebs.image_builder"  {
+    name = "fedora-35-aarch64"
+
+    # Use a static Fedora 35 Cloud Base Image.
+    source_ami = "ami-068c123e1c1ca0d49"
+    ssh_username = "fedora"
+    instance_type = "c6g.large"
+
+    # Set a name for the resulting AMI.
+    ami_name = "${var.image_name}-fedora-35-aarch64"
+
+    # Apply tags to the resulting AMI/EBS snapshot.
+    tags = {
+      AppCode = "IMGB-001"
+      Name = "${var.image_name}"
+      composer_commit = "${var.composer_commit}"
+      os = "fedora"
+      os_version = "35"
+      arch = "aarch64"
+    }
+
+    # Ensure that the EBS snapshot used for the AMI meets our requirements.
+    launch_block_device_mappings {
+      delete_on_termination = "true"
+      device_name           = "/dev/sda1"
+      volume_size           = 5
+      volume_type           = "gp2"
+    }
+
+    # go doesn't like modern Fedora crypto policies
+    # see https://github.com/hashicorp/packer/issues/10074
+    user_data = <<EOF
+#!/bin/bash
+update-crypto-policies --set LEGACY
+EOF
+  }
+
  provisioner "ansible" {
    playbook_file = "${path.root}/ansible/playbook.yml"
    user = build.User