custom: split config for Custom AMI off
Up until now we have been repurposing the
Linux mbedtls AMI for use as "Custom AMI" to
run generic jobs that aren't necessarily
related to mbedtls.
This has led to some versioning problems as it's
not clear which version of an AMI is serving which
role.
Let's just split the custom AMI config off into its
own template so we can easily manage all these images
through this repo.
Signed-off-by: Kelley Spoon <kelley.spoon@linaro.org>
Change-Id: I582c1f8641d8bbe56e50714749395a615932c2e2
diff --git a/README.txt b/README.txt
new file mode 100644
index 0000000..fed29bc
--- /dev/null
+++ b/README.txt
@@ -0,0 +1,6 @@
+These are the packer build templates we use to create the AMIs
+used by the TrustedFirmware CI system.
+
+packer_freebsd.json -- produces the mbedtls FreeBSD AMI
+packer_ubuntu.json -- produces the mbedtls Linux AMI
+packer_custom.json -- produces an Ubuntu based utility AMI
diff --git a/custom.sh b/custom.sh
new file mode 100755
index 0000000..e7d727c
--- /dev/null
+++ b/custom.sh
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -eu
+apt-get -qq update
+DEBIAN_FRONTEND=noninteractive apt-get install -qy \
+ apt-transport-https \
+ ca-certificates \
+ curl \
+ gnupg \
+ gnupg-agent \
+ openjdk-11-jdk-headless \
+ python3 \
+ python3-venv \
+ software-properties-common \
+ unzip
+
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
+add-apt-repository \
+ "deb https://download.docker.com/linux/ubuntu \
+ $(lsb_release -cs) \
+ stable"
+
+apt-get -qq update
+DEBIAN_FRONTEND=noninteractive apt-get install -qy --no-install-recommends \
+ docker-ce \
+ docker-ce-cli
+
+update-alternatives --install /usr/bin/python python /usr/bin/python3 1
+
+if [ $(uname -m) = "aarch64" ]
+then
+ AWS_ZIP=https://awscli.amazonaws.com/awscli-exe-linux-aarch64.zip
+else
+ AWS_ZIP=https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip
+fi
+
+curl "$AWS_ZIP" -o "/tmp/awscli-bundle.zip"
+unzip -q -d /tmp/awscli /tmp/awscli-bundle.zip
+/tmp/awscli/aws/install -i /usr/local/aws
+aws --version
+
+adduser ubuntu docker
+
+mkdir /home/ubuntu/.aws
+echo '[default]' >> /home/ubuntu/.aws/config
+echo 'region = us-east-1' >> /home/ubuntu/.aws/config
+
+# Disable unattended-upgrade
+systemctl disable unattended-upgrades.service
+apt-get -y remove unattended-upgrades
+
+sed -i -e 's/#PermitTTY.*/PermitTTY yes/g' /etc/ssh/sshd_config
+
+# install packer
+wget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg
+echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
+sudo apt update && sudo apt install packer
diff --git a/packer_custom.json b/packer_custom.json
new file mode 100644
index 0000000..7f81a0c
--- /dev/null
+++ b/packer_custom.json
@@ -0,0 +1,53 @@
+{
+ "variables": {
+ "vpc_region": "us-east-1",
+ "ssh_username": "ubuntu"
+ },
+ "builders": [
+ {
+ "type": "amazon-ebs",
+ "name": "ubuntu-20.04-custom",
+ "vpc_id": "vpc-d28c0ca9",
+ "subnet_id": "subnet-a0d573af",
+ "region": "{{user `vpc_region`}}",
+ "source_ami_filter": {
+ "filters": {
+ "virtualization-type": "hvm",
+ "name": "ubuntu/images/*ubuntu-focal-20.04-amd64-server-*",
+ "root-device-type": "ebs"
+ },
+ "owners": ["099720109477"],
+ "most_recent": true
+ },
+ "instance_type": "m5a.large",
+ "ssh_username": "{{user `ssh_username`}}",
+ "ami_name": "jenkins-custom-amd64-{{isotime \"2006-01-02-1504\"}}",
+ "ami_regions": ["eu-central-1" ],
+ "ami_users": [
+ "987685672616"
+ ],
+ "snapshot_users": [
+ "987685672616"
+ ],
+ "launch_block_device_mappings": [
+ {
+ "device_name": "/dev/sda1",
+ "volume_type": "gp2",
+ "volume_size": "40",
+ "delete_on_termination": true
+ }
+ ]
+ }
+ ],
+ "provisioners": [
+ {
+ "type": "shell",
+ "inline": [ "sleep 60" ]
+ },
+ {
+ "type": "shell",
+ "script": "custom.sh",
+ "execute_command": "{{.Vars}} sudo -E sh -eux '{{.Path}}'"
+ }
+ ]
+}