From ec070612ffb5b88317ffb5e46141a9beb873e6c5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Budai?= <ondrej@budai.cz>
Date: Thu, 10 Mar 2022 11:25:59 +0100
Subject: [PATCH] packer: remove RHEL and x86_64-specific bits
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Arch was easy.

For passing the repository distribution and osbuild_commit (it can be
different for each distro), I decided to go in the way of ansible
inventory directories. It adds a bit of structure but I think it's
the most clean solution.

Signed-off-by: Ondřej Budai <ondrej@budai.cz>
---
 .../rhel-8-x86_64/group_vars/all.yml          |  5 +++
 .../ansible/roles/common/tasks/packages.yml   | 11 +++--
 templates/packer/variables.pkr.hcl            |  3 +-
 templates/packer/worker.pkr.hcl               |  5 +--
 tools/appsre-build-worker-packer.sh           | 43 ++++++++++++++++++-
 5 files changed, 57 insertions(+), 10 deletions(-)
 create mode 100644 templates/packer/ansible/inventory/rhel-8-x86_64/group_vars/all.yml

diff --git a/templates/packer/ansible/inventory/rhel-8-x86_64/group_vars/all.yml b/templates/packer/ansible/inventory/rhel-8-x86_64/group_vars/all.yml
new file mode 100644
index 000000000..04147ed09
--- /dev/null
+++ b/templates/packer/ansible/inventory/rhel-8-x86_64/group_vars/all.yml
@@ -0,0 +1,5 @@
+---
+# this is just a template!
+# the actual content is generated by build/appsre-build-worker-packer.sh
+rpmrepo_distribution: distro
+osbuild_commit: abcdef
diff --git a/templates/packer/ansible/roles/common/tasks/packages.yml b/templates/packer/ansible/roles/common/tasks/packages.yml
index 8f5004b43..93c689ec6 100644
--- a/templates/packer/ansible/roles/common/tasks/packages.yml
+++ b/templates/packer/ansible/roles/common/tasks/packages.yml
@@ -6,7 +6,7 @@
   yum_repository:
     name: "composer"
     description: "osbuild-composer commit {{ COMPOSER_COMMIT }}"
-    baseurl: "http://osbuild-composer-repos.s3.amazonaws.com/osbuild-composer/rhel-8-cdn/x86_64/{{ COMPOSER_COMMIT }}"
+    baseurl: "http://osbuild-composer-repos.s3.amazonaws.com/osbuild-composer/{{ rpmrepo_distribution }}/{{ ansible_architecture }}/{{ COMPOSER_COMMIT }}"
     enabled: yes
     gpgcheck: no
     priority: "5"
@@ -16,11 +16,13 @@
     - rpmrepo
   yum_repository:
     name: "osbuild"
-    description: "osbuild commit {{ OSBUILD_COMMIT }}"
-    baseurl: "http://osbuild-composer-repos.s3-website.us-east-2.amazonaws.com/osbuild/rhel-8-cdn/x86_64/{{ OSBUILD_COMMIT }}"
+    description: "osbuild commit {{ osbuild_commit }}"
+    baseurl: "http://osbuild-composer-repos.s3-website.us-east-2.amazonaws.com/osbuild/{{ rpmrepo_distribution }}/{{ ansible_architecture }}/{{ osbuild_commit }}"
     enabled: yes
     gpgcheck: no
     priority: "5"
+  # if osbuild_commit is not defined, osbuild from distribution repositories is installed
+  when: osbuild_commit is defined
 
 # We need EPEL for monit
 - name: Add EPEL
@@ -28,6 +30,7 @@
     name: https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
     state: present
     disable_gpg_check: yes
+  when: ansible_distribution == 'RedHat'
 
 - name: Upgrade all packages
   package:
@@ -55,7 +58,7 @@
 
 - name: Download AWS CLI installer
   get_url:
-    url: https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip
+    url: "https://awscli.amazonaws.com/awscli-exe-linux-{{ ansible_architecture }}.zip"
     dest: /tmp/awscli.zip
   register: result
   retries: 5
diff --git a/templates/packer/variables.pkr.hcl b/templates/packer/variables.pkr.hcl
index 44a628678..9e381ad33 100644
--- a/templates/packer/variables.pkr.hcl
+++ b/templates/packer/variables.pkr.hcl
@@ -15,9 +15,8 @@ variable "region" {
   default = "us-east-1"
 }
 
-# Automatically set by environment variables in GitHub Actions.
+# Automatically set by environment variables
 variable "composer_commit" { type = string }
-variable "osbuild_commit" { type = string }
 
 # The name of the resulting AMI and the underlying EBS snapshot
 variable "image_name" { type = string }
diff --git a/templates/packer/worker.pkr.hcl b/templates/packer/worker.pkr.hcl
index 1f02b98cd..468d4035b 100644
--- a/templates/packer/worker.pkr.hcl
+++ b/templates/packer/worker.pkr.hcl
@@ -20,7 +20,6 @@ source "amazon-ebs" "image_builder" {
   # Network configuration for the instance building our image.
   associate_public_ip_address = true
   ssh_interface = "public_ip"
-  instance_type = "c6a.large"
 }
 
 build {
@@ -30,6 +29,7 @@ build {
     # Use a static RHEL 8.5 Cloud Access Image.
     source_ami = "ami-06f1e6f8b3457ae7c"
     ssh_username = "ec2-user"
+    instance_type = "c6a.large"
 
     # Set a name for the resulting AMI.
     ami_name = "${var.image_name}"
@@ -39,7 +39,6 @@ build {
       AppCode = "IMGB-001"
       Name = "${var.image_name}"
       composer_commit = "${var.composer_commit}"
-      osbuild_commit = "${var.osbuild_commit}"
       os = "rhel"
       os_version = "8"
       arch = "x86_64"
@@ -59,8 +58,8 @@ build {
     user = build.User
     extra_arguments = [
       "-e", "COMPOSER_COMMIT=${var.composer_commit}",
-      "-e", "OSBUILD_COMMIT=${var.osbuild_commit}",
       "--skip-tags", "${var.ansible_skip_tags}",
     ]
+    inventory_directory = "${path.root}/ansible/inventory/${source.name}"
   }
 }
diff --git a/tools/appsre-build-worker-packer.sh b/tools/appsre-build-worker-packer.sh
index 562a7c6a4..733f639d2 100755
--- a/tools/appsre-build-worker-packer.sh
+++ b/tools/appsre-build-worker-packer.sh
@@ -126,6 +126,48 @@ cat >> worker-packer.sh <<'EOF'
 /usr/bin/packer build /osbuild-composer/templates/packer
 EOF
 
+# prepare ansible inventories
+function write_inventories {
+    for item in templates/packer/ansible/inventory/*; do
+        local distro_arch
+        distro_arch="$(basename "$item")"
+
+        # strip arch
+        local distro="${distro_arch%-*}"
+
+        # write rpmrepo_distribution variable
+        local rpmrepo_distribution="$distro"
+        if [[ $rpmrepo_distribution == rhel-8 ]]; then
+            rpmrepo_distribution=rhel-8-cdn
+        fi
+        cat >"$item/group_vars/all.yml" <<EOF
+---
+rpmrepo_distribution: $rpmrepo_distribution
+EOF
+
+        # get distro name for schutzfile
+        local schutzfile_distro="$distro"
+        if [[ $schutzfile_distro == rhel-8 ]]; then
+            schutzfile_distro=rhel-8.5
+        fi
+
+        # get osbuild_commit from schutzfile
+        local osbuild_commit
+        osbuild_commit=$(jq -r ".[\"$schutzfile_distro\"].dependencies.osbuild.commit" Schutzfile)
+
+        # write osbuild_commit variable if defined in Schutzfile
+        # if it's not defined, osbuild will be installed from distribution repositories
+        if [[ $osbuild_commit != "null" ]]; then
+            tee -a "$item/group_vars/all.yml" null >dev <<EOF
+osbuild_commit: $osbuild_commit
+EOF
+        fi
+
+    done
+}
+
+write_inventories
+
 greenprint "📦 Building the packer container"
 $CONTAINER_RUNTIME build \
                    -f distribution/Dockerfile-ubi-packer \
@@ -148,6 +190,5 @@ $CONTAINER_RUNTIME run --rm \
                    -e PKR_VAR_aws_secret_key="$PACKER_AWS_SECRET_ACCESS_KEY" \
                    -e PKR_VAR_image_name="osbuild-composer-worker-$COMMIT_BRANCH-$COMMIT_SHA" \
                    -e PKR_VAR_composer_commit="$COMMIT_SHA" \
-                   -e PKR_VAR_osbuild_commit="$(jq -r '.["rhel-8.4"].dependencies.osbuild.commit' Schutzfile)" \
                    -e PKR_VAR_ansible_skip_tags="$SKIP_TAGS" \
                    "packer:$COMMIT_SHA" /osbuild-composer/worker-packer.sh