diff --git a/packer.mk b/packer.mk index 4a74421ee3b..6f0914dc5d0 100755 --- a/packer.mk +++ b/packer.mk @@ -8,58 +8,9 @@ ifeq (${ARCHITECTURE},ARM64) endif GOHOSTARCH = $(shell go env GOHOSTARCH) -build-packer: generate-prefetch-scripts build-aks-node-controller build-lister-binary -ifeq (${ARCHITECTURE},ARM64) - @echo "${MODE}: Building with Hyper-v generation 2 ARM64 VM" -ifeq (${OS_SKU},Ubuntu) - @echo "Using packer template file vhd-image-builder-arm64-gen2.json" - @packer build -timestamp-ui -var-file=vhdbuilder/packer/settings.json vhdbuilder/packer/vhd-image-builder-arm64-gen2.json -else ifeq (${OS_SKU},CBLMariner) - @echo "Using packer template file vhd-image-builder-mariner-arm64.json" - @packer build -timestamp-ui -var-file=vhdbuilder/packer/settings.json vhdbuilder/packer/vhd-image-builder-mariner-arm64.json -else ifeq (${OS_SKU},AzureLinux) - @echo "Using packer template file vhd-image-builder-mariner-arm64.json" - @packer build -timestamp-ui -var-file=vhdbuilder/packer/settings.json vhdbuilder/packer/vhd-image-builder-mariner-arm64.json -else ifeq (${OS_SKU},Flatcar) - @echo "Using packer template file vhd-image-builder-flatcar-arm64.json" - @packer build -timestamp-ui -var-file=vhdbuilder/packer/settings.json vhdbuilder/packer/vhd-image-builder-flatcar-arm64.json -else - $(error OS_SKU was invalid ${OS_SKU}) -endif -else ifeq (${ARCHITECTURE},X86_64) -ifeq (${HYPERV_GENERATION},V2) - @echo "${MODE}: Building with Hyper-v generation 2 x86_64 VM" -else ifeq (${HYPERV_GENERATION},V1) - @echo "${MODE}: Building with Hyper-v generation 1 X86_64 VM" -else - $(error HYPERV_GENERATION was invalid ${HYPERV_GENERATION}) -endif -ifeq (${OS_SKU},Ubuntu) -ifeq ($(findstring cvm,$(FEATURE_FLAGS)),cvm) - @echo "Using packer template file vhd-image-builder-cvm.json" - @packer build -timestamp-ui -var-file=vhdbuilder/packer/settings.json vhdbuilder/packer/vhd-image-builder-cvm.json -else - @echo "Using packer template file vhd-image-builder-base.json" - @packer build -timestamp-ui -var-file=vhdbuilder/packer/settings.json vhdbuilder/packer/vhd-image-builder-base.json -endif -else ifeq (${OS_SKU},CBLMariner) - @echo "Using packer template file vhd-image-builder-mariner.json" - @packer build -timestamp-ui -var-file=vhdbuilder/packer/settings.json vhdbuilder/packer/vhd-image-builder-mariner.json -else ifeq (${OS_SKU},AzureLinux) -ifeq ($(findstring cvm,$(FEATURE_FLAGS)),cvm) - @echo "Using packer template file vhd-image-builder-mariner-cvm.json" - @packer build -timestamp-ui -var-file=vhdbuilder/packer/settings.json vhdbuilder/packer/vhd-image-builder-mariner-cvm.json -else - @echo "Using packer template file vhd-image-builder-mariner.json" - @packer build -timestamp-ui -var-file=vhdbuilder/packer/settings.json vhdbuilder/packer/vhd-image-builder-mariner.json -endif -else ifeq (${OS_SKU},Flatcar) - @echo "Using packer template file vhd-image-builder-flatcar.json" - @packer build -timestamp-ui -var-file=vhdbuilder/packer/settings.json vhdbuilder/packer/vhd-image-builder-flatcar.json -else - $(error OS_SKU was invalid ${OS_SKU}) -endif -endif +build-packer: generate-prefetch-scripts build-aks-node-controller build-lister-binary generate-packer-template-linux + @echo "MODE: ${MODE}, HYPERV_GENERATION: ${HYPERV_GENERATION}, ARCHITECTURE: ${ARCHITECTURE}; Using generated packer template: linux-template.json" + @packer build -timestamp-ui -var-file=vhdbuilder/packer/settings.json vhdbuilder/packer/linux-template.json build-packer-windows: ifeq (${MODE},windowsVhdMode) @@ -79,6 +30,10 @@ endif @packer build -timestamp-ui -var-file=vhdbuilder/packer/settings.json vhdbuilder/packer/windows/windows-vhd-builder-sig.json endif +generate-packer-template-linux: + @echo "Generating Linux packer template" + @bash -c "pushd vhdbuilder/packer/templater; go run main.go --output-path=../linux-template.json || exit 1; popd" + build-imagecustomizer: generate-prefetch-scripts build-aks-node-controller build-lister-binary @./vhdbuilder/packer/imagecustomizer/scripts/build-imagecustomizer-image.sh diff --git a/vhdbuilder/packer/packer_source.sh b/vhdbuilder/packer/packer_source.sh index 7ba60bfb237..713d8aa2723 100644 --- a/vhdbuilder/packer/packer_source.sh +++ b/vhdbuilder/packer/packer_source.sh @@ -11,8 +11,6 @@ copyPackerFiles() { ETC_ISSUE_CONFIG_DEST=/etc/issue ETC_ISSUE_NET_CONFIG_SRC=/home/packer/etc-issue.net ETC_ISSUE_NET_CONFIG_DEST=/etc/issue.net - SSHD_CONFIG_SRC=/home/packer/sshd_config - SSHD_CONFIG_DEST=/etc/ssh/sshd_config MODPROBE_CIS_SRC=/home/packer/modprobe-CIS.conf MODPROBE_CIS_DEST=/etc/modprobe.d/CIS.conf FAILLOCK_CONF_SRC=/home/packer/faillock-CIS.conf @@ -274,6 +272,8 @@ copyPackerFiles() { NOTICE_SRC=/home/packer/NOTICE.txt NOTICE_DEST=/NOTICE.txt + SSHD_CONFIG_SRC=/home/packer/sshd_config + SSHD_CONFIG_DEST=/etc/ssh/sshd_config if [ ${UBUNTU_RELEASE} = "22.04" ] && [ ${ENABLE_FIPS,,} = "true" ]; then SSHD_CONFIG_SRC=/home/packer/sshd_config_2204_fips fi diff --git a/vhdbuilder/packer/templater/go.mod b/vhdbuilder/packer/templater/go.mod new file mode 100644 index 00000000000..214d3e01e1e --- /dev/null +++ b/vhdbuilder/packer/templater/go.mod @@ -0,0 +1,3 @@ +module github.com/Azure/AgentBaker/vhdbuilder/packer/templater + +go 1.23.6 diff --git a/vhdbuilder/packer/templater/internal/config/config.go b/vhdbuilder/packer/templater/internal/config/config.go new file mode 100644 index 00000000000..d4d36578eef --- /dev/null +++ b/vhdbuilder/packer/templater/internal/config/config.go @@ -0,0 +1,154 @@ +package config + +import ( + "fmt" + "os" + "strconv" + "strings" +) + +type VHD struct { + OS string + OSVersion string + HyperVGeneration string + Architecture string + CGroupsV2 bool + FIPS bool + TrustedLaunch bool + FeatureFlags FeatureFlags +} + +type FeatureFlags struct { + CVM bool + Kata bool + GB200 bool +} + +func LoadVHDConfigFromEnv() (VHD, error) { + os, err := getOSFromEnv() + if err != nil { + return VHD{}, fmt.Errorf("getting OS from environment: %w", err) + } + osVersion, err := getOSVersionFromEnv() + if err != nil { + return VHD{}, fmt.Errorf("getting OS version from environment: %w", err) + } + hyperVGeneration, err := getHyperVGenerationFromEnv() + if err != nil { + return VHD{}, fmt.Errorf("getting hyper-V generation version from environment: %w", err) + } + architecture, err := getArchitectureFromEnv() + if err != nil { + return VHD{}, fmt.Errorf("getting architecture from environment: %w", err) + } + cgroupsV2, err := getCGroupsV2FromEnv() + if err != nil { + return VHD{}, fmt.Errorf("determining cgroupsv2 enablement from environment: %w", err) + } + fips, err := getFIPSFromEnv() + if err != nil { + return VHD{}, fmt.Errorf("determining FIPS enablement from environment: %w", err) + } + trustedLaunch, err := getTrustedLaunchFromEnv() + if err != nil { + return VHD{}, fmt.Errorf("determining Trusted Launch enablement from environment: %w", err) + } + return VHD{ + OS: os, + OSVersion: osVersion, + HyperVGeneration: hyperVGeneration, + Architecture: architecture, + CGroupsV2: cgroupsV2, + FIPS: fips, + TrustedLaunch: trustedLaunch, + FeatureFlags: getFeatureFlagsFromEnv(), + }, nil +} + +func getOSFromEnv() (string, error) { + os := os.Getenv("OS_SKU") + if os == "" { + return "", fmt.Errorf("environment variable OS_SKU must be set") + } + switch strings.ToLower(os) { + case "ubuntu": + return "Ubuntu", nil + case "cblmariner", "azurelinux", "azurelinuxosguard": + return "Mariner", nil + case "flatcar": + return "Flatcar", nil + default: + return "", fmt.Errorf("unrecognized OS: %s", os) + } +} + +func getOSVersionFromEnv() (string, error) { + osVersion := os.Getenv("OS_VERSION") + if osVersion == "" { + return "", fmt.Errorf("environment variable OS_VERSION must be set") + } + return osVersion, nil +} + +func getHyperVGenerationFromEnv() (string, error) { + hyperVGeneration := os.Getenv("HYPERV_GENERATION") + if hyperVGeneration == "" { + return "", fmt.Errorf("environment variable HYPERV_GENERATION must be set") + } + switch strings.ToLower(hyperVGeneration) { + case "v1", "v2": + return hyperVGeneration, nil + default: + return "", fmt.Errorf("unrecognized hyperV generation: %s", hyperVGeneration) + } +} + +func getArchitectureFromEnv() (string, error) { + architecture := os.Getenv("ARCHITECTURE") + if architecture == "" { + return "", fmt.Errorf("environment variable ARCHITECTURE must be set") + } + switch strings.ToLower(architecture) { + case "x86_64", "arm64": + return architecture, nil + default: + return "", fmt.Errorf("unrecognized architecture: %s", architecture) + } +} + +func getCGroupsV2FromEnv() (bool, error) { + cgroupsV2 := os.Getenv("ENABLE_CGROUPV2") + if cgroupsV2 == "" { + return false, nil + } + return strconv.ParseBool(cgroupsV2) +} + +func getFIPSFromEnv() (bool, error) { + fips := os.Getenv("ENABLE_FIPS") + if fips == "" { + return false, nil + } + return strconv.ParseBool(fips) +} + +func getTrustedLaunchFromEnv() (bool, error) { + trustedLaunch := os.Getenv("ENABLE_TRUSTED_LAUNCH") + if trustedLaunch == "" { + return false, nil + } + return strconv.ParseBool(trustedLaunch) +} + +func getFeatureFlagsFromEnv() FeatureFlags { + featureFlags := os.Getenv("FEATURE_FLAGS") + if featureFlags == "" { + return FeatureFlags{} + } + flags := strings.ToLower(featureFlags) + return FeatureFlags{ + CVM: strings.Contains(flags, "cvm"), + Kata: strings.Contains(flags, "kata"), + GB200: strings.Contains(flags, "gb200"), + } +} diff --git a/vhdbuilder/packer/templater/internal/template.go b/vhdbuilder/packer/templater/internal/template.go new file mode 100644 index 00000000000..d90912e7e87 --- /dev/null +++ b/vhdbuilder/packer/templater/internal/template.go @@ -0,0 +1,63 @@ +package template + +import ( + "bytes" + _ "embed" + "strings" + "text/template" + + "github.com/Azure/AgentBaker/vhdbuilder/packer/templater/internal/config" +) + +var ( + //go:embed templates/packer.gtpl + packerTemplate string +) + +func BuildPackerTemplate(vhdConfig config.VHD) (string, error) { + tmpl := template.Must(template.New("packer").Funcs(getFuncMap(vhdConfig)).Parse(packerTemplate)) + var buffer bytes.Buffer + if err := tmpl.Execute(&buffer, vhdConfig); err != nil { + return "", err + } + return buffer.String(), nil + +} + +func getFuncMap(vhdConfig config.VHD) template.FuncMap { + return template.FuncMap{ + "ToLower": strings.ToLower, + "GetArchitectureExtension": func() string { + switch strings.ToLower(vhdConfig.Architecture) { + case "arm64": + return "arm64" + default: + return "amd64" + } + }, + "GetRebootCommand": func() string { + switch strings.ToLower(vhdConfig.OS) { + case "flatcar": + return "reboot" + default: + return "sudo reboot" + } + }, + "GetRebootPauseDuration": func() string { + switch strings.ToLower(vhdConfig.OS) { + case "flatcar": + return "0s" + default: + return "60s" + } + }, + "GetWAAgentPath": func() string { + switch strings.ToLower(vhdConfig.OS) { + case "mariner": + return "waagent" + default: + return "/usr/sbin/waagent" + } + }, + } +} diff --git a/vhdbuilder/packer/templater/internal/templates/packer.gtpl b/vhdbuilder/packer/templater/internal/templates/packer.gtpl new file mode 100644 index 00000000000..f33428edd3c --- /dev/null +++ b/vhdbuilder/packer/templater/internal/templates/packer.gtpl @@ -0,0 +1,430 @@ +{ + "variables": { + "subscription_id": "{{ "{{env `AZURE_SUBSCRIPTION_ID`}}" }}", + "gallery_subscription_id": "{{ "{{user `gallery_subscription_id`}}" }}", + "location": "{{ "{{env `PACKER_BUILD_LOCATION`}}" }}", + "vm_size": "{{ "{{env `AZURE_VM_SIZE`}}" }}", + "build_definition_name": "{{ "{{env `BUILD_DEFINITION_NAME`}}" }}", + "build_number": "{{ "{{env `BUILD_NUMBER`}}" }}", + "build_id": "{{ "{{env `BUILD_ID`}}" }}", + "commit": "{{ "{{env `GIT_VERSION`}}" }}", + "feature_flags": "{{ "{{env `FEATURE_FLAGS`}}" }}", + "image_version": "{{ "{{env `IMAGE_VERSION`}}" }}", + "os_version": "{{ "{{env `OS_VERSION`}}" }}", + "sku_name": "{{ "{{env `SKU_NAME`}}" }}", + "hyperv_generation": "{{ "{{env `HYPERV_GENERATION`}}" }}", + "sig_gallery_name": "{{ "{{env `SIG_GALLERY_NAME`}}" }}", + "sig_image_name": "{{ "{{env `SIG_IMAGE_NAME`}}" }}", + "sig_image_version": "{{ "{{env `SIG_IMAGE_VERSION`}}" }}", + "container_runtime": "{{ "{{env `CONTAINER_RUNTIME`}}" }}", + "teleportd_plugin_download_url": "{{ "{{env `TELEPORTD_PLUGIN_DOWNLOAD_URL`}}" }}", + "captured_sig_version": "{{ "{{env `${CAPTURED_SIG_VERSION`}}" }}", + "enable_fips": "{{ "{{env `ENABLE_FIPS`}}" }}", + "img_publisher": "{{ "{{env `IMG_PUBLISHER`}}" }}", + "img_offer": "{{ "{{env `IMG_OFFER`}}" }}", + "img_sku": "{{ "{{env `IMG_SKU`}}" }}", + "img_version": "{{ "{{env `IMG_VERSION`}}" }}", + "vnet_resource_group_name": "{{ "{{env `VNET_RESOURCE_GROUP_NAME`}}" }}", + "vnet_name": "{{ "{{env `VNET_NAME`}}" }}", + "subnet_name": "{{ "{{env `SUBNET_NAME`}}" }}", + "enable_cgroupv2": "{{ "{{env `ENABLE_CGROUPV2`}}" }}", + "private_packages_url": "{{ "{{env `PRIVATE_PACKAGES_URL`}}" }}", + "branch": "{{ "{{env `BRANCH`}}" }}", + "vhd_build_timestamp": "{{ "{{user `VHD_BUILD_TIMESTAMP`}}" }}", + "local_doca_repo_url": "{{ "{{env `LOCAL_DOCA_REPO_URL`}}" }}", + "continue_on_local_repo_download_error": "{{ "{{env `CONTINUE_ON_LOCAL_REPO_DOWNLOAD_ERROR`}}" }}" + }, + "builders": [ + { + "type": "azure-arm", + "subscription_id": "{{ "{{user `subscription_id`}}" }}", + "virtual_network_resource_group_name": "{{ "{{user `vnet_resource_group_name`}}" }}", + "virtual_network_name": "{{ "{{user `vnet_name`}}" }}", + "virtual_network_subnet_name": "{{" {{user `subnet_name`}} "}}", + "ssh_read_write_timeout": "5m", + "os_type": "Linux", + "os_disk_size_gb": 30, + "image_publisher": "{{ "{{user `img_publisher`}}" }}", + "image_offer": "{{ "{{user `img_offer`}}" }}", + "image_sku": "{{ "{{user `img_sku`}}" }}", + "image_version": "{{ "{{user `img_version`}}" }}", + "azure_tags": { + "buildDefinitionName": "{{ "{{user `build_definition_name`}}" }}", + "buildNumber": "{{ "{{user `build_number`}}" }}", + "buildId":" {{ "{{user `build_id`}}" }}", + "SkipLinuxAzSecPack": "true", + "os": "Linux", + "now": "{{ "{{user `create_time`}}" }}", + "createdBy": "aks-vhd-pipeline", + "image_sku":" {{ "{{user `img_sku`}}" }}", + "branch": "{{ "{{user `branch`}}" }}" + }, + "location": "{{ "{{user `location`}}" }}", + "vm_size": "{{ "{{user `vm_size`}}" }}", + "use_azure_cli_auth": "true", + "polling_duration_timeout": "1h", +{{- if eq .OS "Flatcar" }} + "custom_data_file": "./vhdbuilder/packer/flatcar-customdata.json", +{{- end }} +{{- if .FeatureFlags.CVM }} + "secure_boot_enabled": true, + "vtpm_enabled": true, + "security_type": "ConfidentialVM", + "security_encryption_type": "VMGuestStateOnly", +{{- end }} + "shared_image_gallery_destination": { + {{- if .FeatureFlags.CVM }} + "specialized": true, + "confidential_vm_image_encryption_type": "EncryptedVMGuestStateOnlyWithPmk", + {{- end }} + "subscription": "{{ "{{user `gallery_subscription_id`}}" }}", + "resource_group": "{{ "{{user `resource_group_name`}}" }}", + "gallery_name": "{{ "{{user `sig_gallery_name`}}" }}", + "image_name": "{{ "{{user `sig_image_name`}}" }}", + "image_version": "{{ "{{user `captured_sig_version`}}" }}", + "replication_regions": [ + "{{ "{{user `location`}}" }}" + ] + }, + "user_assigned_managed_identities": "{{ "{{user `msi_resource_strings`}}" }}" + } + ], + "provisioners": [ + { + "type": "shell", + "inline": [ + "sudo mkdir -p /opt/azure/containers", + "sudo mkdir -p /opt/scripts", + "sudo mkdir -p /opt/certs" + ] + }, + { + "type": "file", + "source": "parts/linux/cloud-init/artifacts/cse_helpers.sh", + "destination": "/home/packer/provision_source.sh" + }, + { + "type": "file", + "source": "parts/linux/cloud-init/artifacts/{{.OS | ToLower}}/cse_helpers_{{.OS | ToLower}}.sh", + "destination": "/home/packer/provision_source_distro.sh" + }, + { + "type": "file", + "source": "parts/linux/cloud-init/artifacts/cse_install.sh", + "destination": "/home/packer/provision_installs.sh" + }, + { + "type": "file", + "source": "parts/linux/cloud-init/artifacts/{{.OS | ToLower}}/cse_install_{{.OS | ToLower}}.sh", + "destination": "/home/packer/provision_installs_distro.sh" + }, + { + "type": "file", + "source": "parts/linux/cloud-init/artifacts/cse_config.sh", + "destination": "/home/packer/provision_configs.sh" + }, + { + "type": "file", + "source": "parts/linux/cloud-init/artifacts/cse_start.sh", + "destination": "/home/packer/provision_start.sh" + }, + { + "type": "file", + "source": "parts/linux/cloud-init/artifacts/cse_benchmark_functions.sh", + "destination": "/home/packer/provision_source_benchmarks.sh" + }, + { + "type": "file", + "source": "vhdbuilder/scripts/linux/{{.OS | ToLower}}/tool_installs_{{.OS | ToLower}}.sh", + "destination": "/home/packer/tool_installs_distro.sh" + }, + { + "type": "file", + {{- if eq .OS "Flatcar" }} + "source": "parts/linux/cloud-init/artifacts/flatcar/update_certs.service" + {{- else }} + "source": "parts/linux/cloud-init/artifacts/update_certs.service", + {{- end }} + "destination": "/home/packer/update_certs.service" + }, + { + "type": "file", + "direction": "upload", + "destination": "/home/packer/", + "sources": [ + "aks-node-controller/bin/aks-node-controller-linux-{{GetArchitectureExtension}}", + "vhdbuilder/lister/bin/lister", + "parts/linux/cloud-init/artifacts/aks-node-controller.service", + "parts/linux/cloud-init/artifacts/cloud-init-status-check.sh", + "vhdbuilder/packer/prefetch.sh", + "vhdbuilder/packer/cleanup-vhd.sh", + "vhdbuilder/packer/packer_source.sh", + "parts/linux/cloud-init/artifacts/containerd_exec_start.conf", + "parts/linux/cloud-init/artifacts/kubelet.service", + "parts/linux/cloud-init/artifacts/secure-tls-bootstrap.service", + "parts/linux/cloud-init/artifacts/reconcile-private-hosts.sh", + "parts/linux/cloud-init/artifacts/block_wireserver.sh", + "parts/linux/cloud-init/artifacts/ensure_imds_restriction.sh", + "parts/linux/cloud-init/artifacts/measure-tls-bootstrapping-latency.sh", + "parts/linux/cloud-init/artifacts/measure-tls-bootstrapping-latency.service", + "parts/linux/cloud-init/artifacts/validate-kubelet-credentials.sh", + "parts/linux/cloud-init/artifacts/cse_redact_cloud_config.py", + "parts/linux/cloud-init/artifacts/cse_send_logs.py", + "parts/linux/cloud-init/artifacts/init-aks-custom-cloud.sh", + "parts/linux/cloud-init/artifacts/reconcile-private-hosts.service", + "parts/linux/cloud-init/artifacts/mig-partition.service", + "parts/linux/cloud-init/artifacts/bind-mount.sh", + "parts/linux/cloud-init/artifacts/bind-mount.service", + "parts/linux/cloud-init/artifacts/enable-dhcpv6.sh", + "parts/linux/cloud-init/artifacts/dhcpv6.service", + "parts/linux/cloud-init/artifacts/sync-container-logs.sh", + "parts/linux/cloud-init/artifacts/sync-container-logs.service", + "parts/linux/cloud-init/artifacts/crictl.yaml", + "parts/linux/cloud-init/artifacts/ensure-no-dup.sh", + "parts/linux/cloud-init/artifacts/ensure-no-dup.service", + "parts/linux/cloud-init/artifacts/teleportd.service", + "parts/linux/cloud-init/artifacts/setup-custom-search-domains.sh", + "parts/linux/cloud-init/artifacts/cis.sh", + {{- if or (eq .OS "Ubuntu") (eq .OS "Flatcar") }} + "parts/linux/cloud-init/artifacts/ubuntu/ubuntu-snapshot-update.sh", + "parts/linux/cloud-init/artifacts/ubuntu/snapshot-update.service", + "parts/linux/cloud-init/artifacts/ubuntu/snapshot-update.timer", + {{- end }} + {{- if eq .OS "Mariner" }} + "parts/linux/cloud-init/artifacts/mariner/mariner-package-update.sh", + "parts/linux/cloud-init/artifacts/mariner/package-update.service", + "parts/linux/cloud-init/artifacts/mariner/package-update.timer", + {{- end }} + "vhdbuilder/scripts/linux/tool_installs.sh", + "vhdbuilder/packer/pre-install-dependencies.sh", + "vhdbuilder/packer/install-dependencies.sh", + "vhdbuilder/packer/post-install-dependencies.sh", + "parts/common/components.json", + "parts/linux/cloud-init/artifacts/manifest.json", + "parts/linux/cloud-init/artifacts/sysctl-d-60-CIS.conf", + {{- if and .FIPS (eq .OSVersion "22.04") }} + "parts/linux/cloud-init/artifacts/sshd_config_2204_fips", + {{- else }} + "parts/linux/cloud-init/artifacts/sshd_config", + {{- end }} + "parts/linux/cloud-init/artifacts/rsyslog-d-60-CIS.conf", + "parts/linux/cloud-init/artifacts/logrotate-d-rsyslog-CIS.conf", + "parts/linux/cloud-init/artifacts/etc-issue", + "parts/linux/cloud-init/artifacts/etc-issue.net", + "parts/linux/cloud-init/artifacts/modprobe-CIS.conf", + "parts/linux/cloud-init/artifacts/faillock-CIS.conf", + "parts/linux/cloud-init/artifacts/pwquality-CIS.conf", + "parts/linux/cloud-init/artifacts/pam-d-su", + {{- if eq .OS "Mariner" }} + "parts/linux/cloud-init/artifacts/mariner/pam-d-system-auth", + "parts/linux/cloud-init/artifacts/mariner/pam-d-system-password", + {{- else}} + "parts/linux/cloud-init/artifacts/pam-d-common-account", + {{- end }} + {{- if or (eq .OSVersion "22.04") (eq .OSVersion "24.04") }} + "parts/linux/cloud-init/artifacts/pam-d-common-auth-2204", + {{- else }} + "parts/linux/cloud-init/artifacts/pam-d-common-auth", + {{- end }} + "parts/linux/cloud-init/artifacts/pam-d-common-password", + "parts/linux/cloud-init/artifacts/profile-d-cis.sh", + "parts/linux/cloud-init/artifacts/disk_queue.service", + "parts/linux/cloud-init/artifacts/cgroup-memory-telemetry.sh", + "parts/linux/cloud-init/artifacts/cgroup-memory-telemetry.service", + "parts/linux/cloud-init/artifacts/cgroup-memory-telemetry.timer", + "parts/linux/cloud-init/artifacts/cgroup-pressure-telemetry.sh", + "parts/linux/cloud-init/artifacts/cgroup-pressure-telemetry.service", + "parts/linux/cloud-init/artifacts/cgroup-pressure-telemetry.timer", + "parts/linux/cloud-init/artifacts/update_certs.path", + "parts/linux/cloud-init/artifacts/update_certs.sh", + "parts/linux/cloud-init/artifacts/ci-syslog-watcher.path", + "parts/linux/cloud-init/artifacts/ci-syslog-watcher.service", + "parts/linux/cloud-init/artifacts/ci-syslog-watcher.sh", + "parts/linux/cloud-init/artifacts/aks-diagnostic.py", + "parts/linux/cloud-init/artifacts/aks-log-collector.sh", + "parts/linux/cloud-init/artifacts/aks-log-collector-send.py", + "parts/linux/cloud-init/artifacts/aks-log-collector.service", + "parts/linux/cloud-init/artifacts/aks-log-collector.slice", + "parts/linux/cloud-init/artifacts/aks-log-collector.timer", + "parts/linux/cloud-init/artifacts/aks-check-network.sh", + "parts/linux/cloud-init/artifacts/aks-check-network.service", + "parts/linux/cloud-init/artifacts/aks-logrotate.sh", + "parts/linux/cloud-init/artifacts/aks-logrotate.service", + "parts/linux/cloud-init/artifacts/aks-logrotate.timer", + "parts/linux/cloud-init/artifacts/aks-logrotate-override.conf", + "parts/linux/cloud-init/artifacts/aks-rsyslog", + "parts/linux/cloud-init/artifacts/ipv6_nftables", + "parts/linux/cloud-init/artifacts/ipv6_nftables.service", + "parts/linux/cloud-init/artifacts/ipv6_nftables.sh", + "parts/linux/cloud-init/artifacts/apt-preferences", + "parts/linux/cloud-init/artifacts/kms.service", + "parts/linux/cloud-init/artifacts/mig-partition.sh", + "parts/linux/cloud-init/artifacts/docker_clear_mount_propagation_flags.conf", + "parts/linux/cloud-init/artifacts/nvidia-modprobe.service", + "parts/linux/cloud-init/artifacts/nvidia-docker-daemon.json", + "vhdbuilder/notice_flatcar.txt" + "vhdbuilder/notice.txt", + "parts/linux/cloud-init/artifacts/localdns.sh", + "parts/linux/cloud-init/artifacts/localdns.service", + "parts/linux/cloud-init/artifacts/localdns-delegate.conf", + "parts/linux/cloud-init/artifacts/10_azure_nvidia", + "parts/linux/cloud-init/artifacts/51-azure-nvidia.cfg", + {{- if and (and (eq .OS "Ubuntu") (eq .OSVersion "24.04")) .FeatureFlags.GB200 }} + "parts/linux/cloud-init/artifacts/ubuntu/doca.list", + "parts/linux/cloud-init/artifacts/ubuntu/doca.pub", + "parts/linux/cloud-init/artifacts/ubuntu/nvidia-2404.list", + "parts/linux/cloud-init/artifacts/ubuntu/nvidia.pub", + "parts/linux/cloud-init/artifacts/ubuntu/containerd-nvidia.toml", + "parts/linux/cloud-init/artifacts/ubuntu/modprobe-nvidia-parameters.conf", + "vhdbuilder/packer/gb200-mai-bom.json" + {{- end }} + ] + }, + { + "type": "shell", + "environment_vars": [ + {{- if and (eq .OS "Ubuntu") (or .FIPS .FeatureFlags.CVM) }} + "UA_TOKEN={{ "{{user `ua_token`}}" }}", + {{- end }} + "ENABLE_CGROUPV2={{ "{{user `enable_cgroupv2`}}" }}", + "FEATURE_FLAGS={{ "{{user `feature_flags`}}" }}", + "BUILD_NUMBER={{ "{{user `build_number`}}" }}", + "BUILD_ID={{ "{{user `build_id`}}" }}", + "COMMIT={{ "{{user `commit`}}" }}", + "HYPERV_GENERATION={{ "{{user `hyperv_generation`}}" }}", + "CONTAINER_RUNTIME={{ "{{user `container_runtime`}}" }}", + "TELEPORTD_PLUGIN_DOWNLOAD_URL={{ "{{user `teleportd_plugin_download_url`}}" }}", + "ENABLE_FIPS={{ "{{user `enable_fips`}}" }}", + "IMG_SKU={{ "{{user `img_sku`}}" }}", + "VHD_BUILD_TIMESTAMP={{ "{{user `vhd_build_timestamp`}}" }}" + ], + "inline": [ + "sudo -E /bin/bash -ux /home/packer/pre-install-dependencies.sh" + ] + }, + { + "type": "shell", + "inline": "{{GetRebootCommand}}", + "expect_disconnect": true, + "skip_clean": true, + "pause_after": "{{GetRebootPauseDuration}}" + }, + { + "type": "shell", + "environment_vars": [ + "ENABLE_CGROUPV2={{ "{{user `enable_cgroupv2`}}" }}", + "FEATURE_FLAGS={{ "{{user `feature_flags`}}" }}", + "BUILD_NUMBER={{ "{{user `build_number`}}" }}", + "BUILD_ID={{ "{{user `build_id`}}" }}", + "COMMIT={{ "{{user `commit`}}" }}", + "HYPERV_GENERATION={{ "{{user `hyperv_generation`}}" }}", + "CONTAINER_RUNTIME={{ "{{user `container_runtime`}}" }}", + "TELEPORTD_PLUGIN_DOWNLOAD_URL={{ "{{user `teleportd_plugin_download_url`}}" }}", + "ENABLE_FIPS={{ "{{user `enable_fips`}}" }}", + "IMG_SKU={{ "{{user `img_sku`}}" }}", + "PRIVATE_PACKAGES_URL={{" {{user `private_packages_url`}}" }}", + "CONTINUE_ON_LOCAL_REPO_DOWNLOAD_ERROR={{ "{{user `continue_on_local_repo_download_error`}}" }}", + "LOCAL_DOCA_REPO_URL={{" {{user `local_doca_repo_url`}}" }}", + "VHD_BUILD_TIMESTAMP={{ "{{user `vhd_build_timestamp`}}" }}" + ], + "inline": [ + "sudo -E /bin/bash -ux /home/packer/install-dependencies.sh" + ] + }, + { + "type": "file", + "direction": "download", + "source": "/var/log/bcc_installation.log", + "destination": "bcc-tools-installation.log" + }, + { + "type": "shell", + "inline": [ + "sudo rm /var/log/bcc_installation.log" + ] + }, + { + "type": "shell", + "inline": "{{GetRebootCommand}}", + "expect_disconnect": true, + "skip_clean": true, + "pause_after": "{{GetRebootPauseDuration}}" + }, + { + "type": "shell", + "environment_vars": [ + "ENABLE_CGROUPV2={{ "{{user `enable_cgroupv2`}}" }}", + "FEATURE_FLAGS={{" {{user `feature_flags`}}" }}", + "BUILD_NUMBER={{ "{{user `build_number`}}" }}", + "BUILD_ID={{ "{{user `build_id`}}" }}", + "COMMIT={{ "{{user `commit`}}" }}", + "HYPERV_GENERATION={{ "{{user `hyperv_generation`}}" }}", + "CONTAINER_RUNTIME={{ "{{user `container_runtime`}}" }}", + "TELEPORTD_PLUGIN_DOWNLOAD_URL={{ "{{user `teleportd_plugin_download_url`}}" }}", + "ENABLE_FIPS={{ "{{user `enable_fips`}}" }}", + "IMG_SKU={{ "{{user `img_sku`}}" }}" + ], + "inline": [ + "sudo -E /bin/bash -ux /home/packer/post-install-dependencies.sh" + ] + }, + { + "type": "file", + "source": "vhdbuilder/packer/list-images.sh", + "destination": "/home/packer/list-images.sh" + }, + { + "type": "shell", + "environment_vars": [ + "SKU_NAME={{ "{{user `sku_name`}}" }}", + "IMAGE_VERSION={{ "{{user `image_version`}}" }}", + "CONTAINER_RUNTIME={{ "{{user `container_runtime`}}" }}" + ], + "inline": [ + "sudo -E /bin/bash -ux /home/packer/list-images.sh" + ] + }, + { + "type": "file", + "direction": "download", + "source": "/opt/azure/containers/image-bom.json", + "destination": "image-bom.json" + }, + { + "type": "file", + "direction": "download", + "source": "/opt/azure/vhd-install.complete", + "destination": "release-notes.txt" + }, + { + "type": "file", + "direction": "download", + "source": "/opt/azure/vhd-build-performance-data.json", + "destination": "vhd-build-performance-data.json" + }, + { + "type": "file", + "direction": "download", + "source": "/opt/azure/vhd-grid-compatibility-data.json", + "destination": "vhd-grid-compatibility-data.json" + }, + { + "type": "shell", + "inline": [ + "sudo rm /opt/azure/vhd-build-performance-data.json", + "sudo rm /opt/azure/vhd-grid-compatibility-data.json" + ] + }, + { + "type": "shell", + "inline": [ + "sudo /bin/bash -eux /home/packer/cis.sh", + "sudo /bin/bash -eux /opt/azure/containers/cleanup-vhd.sh", + {{- if eq .OS "Flatcar" }} + "sudo touch /boot/flatcar/first_boot" + {{- end }} + "sudo {{GetWAAgentPath}} -force -deprovision+user && export HISTSIZE=0 && sync || exit 125" + ] + } + ] +} diff --git a/vhdbuilder/packer/templater/main.go b/vhdbuilder/packer/templater/main.go new file mode 100644 index 00000000000..16ea2ae870f --- /dev/null +++ b/vhdbuilder/packer/templater/main.go @@ -0,0 +1,52 @@ +package main + +import ( + "flag" + "fmt" + "log" + "os" + + internal "github.com/Azure/AgentBaker/vhdbuilder/packer/templater/internal" + "github.com/Azure/AgentBaker/vhdbuilder/packer/templater/internal/config" +) + +type flags struct { + outputPath string +} + +func (f *flags) validate() error { + if f.outputPath == "" { + return fmt.Errorf("output-path must be specified") + } + return nil +} + +var fl = new(flags) + +func parseFlags() { + flag.StringVar(&fl.outputPath, "output-path", "", "where to write the generated packer template") + flag.Parse() +} + +func main() { + parseFlags() + if err := fl.validate(); err != nil { + log.Printf("failed to validate command line flags: %s", err) + os.Exit(1) + } + vhdConfig, err := config.LoadVHDConfigFromEnv() + if err != nil { + log.Printf("failed to load VHD configuration from environment: %s", err) + os.Exit(1) + } + packerTemplate, err := internal.BuildPackerTemplate(vhdConfig) + if err != nil { + log.Printf("failed to build packer template with VHD configuration: %s", err) + os.Exit(1) + } + if err := os.WriteFile(fl.outputPath, []byte(packerTemplate), os.ModePerm); err != nil { + log.Printf("failed to write generated packer template to %s: %s", fl.outputPath, err) + os.Exit(1) + } + log.Printf("generated packer template at %s:\n%s\n", fl.outputPath, packerTemplate) +} diff --git a/vhdbuilder/packer/vhd-image-builder-arm64-gen2.json b/vhdbuilder/packer/vhd-image-builder-arm64-gen2.json deleted file mode 100644 index 542732e393b..00000000000 --- a/vhdbuilder/packer/vhd-image-builder-arm64-gen2.json +++ /dev/null @@ -1,731 +0,0 @@ -{ - "variables": { - "subscription_id": "{{env `AZURE_SUBSCRIPTION_ID`}}", - "gallery_subscription_id": "{{user `gallery_subscription_id`}}", - "location": "{{env `PACKER_BUILD_LOCATION`}}", - "vm_size": "{{env `AZURE_VM_SIZE`}}", - "build_definition_name": "{{env `BUILD_DEFINITION_NAME`}}", - "build_number": "{{env `BUILD_NUMBER`}}", - "build_id": "{{env `BUILD_ID`}}", - "commit": "{{env `GIT_VERSION`}}", - "feature_flags": "{{env `FEATURE_FLAGS`}}", - "image_version": "{{env `IMAGE_VERSION`}}", - "os_version": "{{env `OS_VERSION`}}", - "sku_name": "{{env `SKU_NAME`}}", - "hyperv_generation": "{{env `HYPERV_GENERATION`}}", - "sig_gallery_name": "{{env `SIG_GALLERY_NAME`}}", - "sig_image_name": "{{env `SIG_IMAGE_NAME`}}", - "sig_image_version": "{{env `SIG_IMAGE_VERSION`}}", - "container_runtime": "{{env `CONTAINER_RUNTIME`}}", - "teleportd_plugin_download_url": "{{env `TELEPORTD_PLUGIN_DOWNLOAD_URL`}}", - "captured_sig_version": "{{env `${CAPTURED_SIG_VERSION`}}", - "enable_fips": "{{env `ENABLE_FIPS`}}", - "img_publisher": "{{env `IMG_PUBLISHER`}}", - "img_offer": "{{env `IMG_OFFER`}}", - "img_sku": "{{env `IMG_SKU`}}", - "img_version": "{{env `IMG_VERSION`}}", - "vnet_resource_group_name": "{{env `VNET_RESOURCE_GROUP_NAME`}}", - "vnet_name": "{{env `VNET_NAME`}}", - "subnet_name": "{{env `SUBNET_NAME`}}", - "private_packages_url": "{{env `PRIVATE_PACKAGES_URL`}}", - "branch": "{{env `BRANCH`}}", - "vhd_build_timestamp": "{{user `VHD_BUILD_TIMESTAMP`}}" - }, - "builders": [ - { - "type": "azure-arm", - "subscription_id": "{{user `subscription_id`}}", - "virtual_network_resource_group_name": "{{user `vnet_resource_group_name`}}", - "virtual_network_name": "{{user `vnet_name`}}", - "virtual_network_subnet_name": "{{user `subnet_name`}}", - "ssh_read_write_timeout": "5m", - "os_type": "Linux", - "os_disk_size_gb": 30, - "image_publisher": "{{user `img_publisher`}}", - "image_offer": "{{user `img_offer`}}", - "image_sku": "{{user `img_sku`}}", - "image_version": "{{user `img_version`}}", - "azure_tags": { - "buildDefinitionName": "{{user `build_definition_name`}}", - "buildNumber": "{{user `build_number`}}", - "buildId": "{{user `build_id`}}", - "SkipLinuxAzSecPack": "true", - "os": "Linux", - "now": "{{user `create_time`}}", - "createdBy": "aks-vhd-pipeline", - "image_sku": "{{user `img_sku`}}", - "branch": "{{user `branch`}}" - }, - "location": "{{user `location`}}", - "vm_size": "{{user `vm_size`}}", - "use_azure_cli_auth": "true", - "polling_duration_timeout": "1h", - "managed_image_storage_account_type": "Premium_LRS", - "shared_image_gallery_destination": { - "subscription": "{{user `gallery_subscription_id`}}", - "resource_group": "{{user `resource_group_name`}}", - "gallery_name": "{{user `sig_gallery_name`}}", - "image_name": "{{user `sig_image_name`}}", - "image_version": "{{user `captured_sig_version`}}", - "replication_regions": [ - "{{user `location`}}" - ] - }, - "user_assigned_managed_identities": "{{user `msi_resource_strings`}}" - } - ], - "provisioners": [ - { - "type": "shell", - "inline": [ - "sudo mkdir -p /opt/azure/containers", - "sudo mkdir -p /opt/scripts", - "sudo mkdir -p /opt/certs" - ] - }, - { - "type": "file", - "source": "vhdbuilder/lister/bin/lister", - "destination": "/home/packer/lister" - }, - { - "type": "file", - "source": "aks-node-controller/bin/aks-node-controller-linux-arm64", - "destination": "/home/packer/aks-node-controller" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-node-controller.service", - "destination": "/home/packer/aks-node-controller.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cloud-init-status-check.sh", - "destination": "/home/packer/cloud-init-status-check.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/prefetch.sh", - "destination": "/home/packer/prefetch.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/cleanup-vhd.sh", - "destination": "/home/packer/cleanup-vhd.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/packer_source.sh", - "destination": "/home/packer/packer_source.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_install.sh", - "destination": "/home/packer/provision_installs.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ubuntu/cse_install_ubuntu.sh", - "destination": "/home/packer/provision_installs_distro.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_helpers.sh", - "destination": "/home/packer/provision_source.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_benchmark_functions.sh", - "destination": "/home/packer/provision_source_benchmarks.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ubuntu/cse_helpers_ubuntu.sh", - "destination": "/home/packer/provision_source_distro.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_config.sh", - "destination": "/home/packer/provision_configs.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_main.sh", - "destination": "/home/packer/provision.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_start.sh", - "destination": "/home/packer/provision_start.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/containerd_exec_start.conf", - "destination": "/home/packer/containerd_exec_start.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/kubelet.service", - "destination": "/home/packer/kubelet.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/secure-tls-bootstrap.service", - "destination": "/home/packer/secure-tls-bootstrap.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/reconcile-private-hosts.sh", - "destination": "/home/packer/reconcile-private-hosts.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/block_wireserver.sh", - "destination": "/home/packer/block_wireserver.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ensure_imds_restriction.sh", - "destination": "/home/packer/ensure_imds_restriction.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/measure-tls-bootstrapping-latency.sh", - "destination": "/home/packer/measure-tls-bootstrapping-latency.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/measure-tls-bootstrapping-latency.service", - "destination": "/home/packer/measure-tls-bootstrapping-latency.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/validate-kubelet-credentials.sh", - "destination": "/home/packer/validate-kubelet-credentials.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_redact_cloud_config.py", - "destination": "/home/packer/cse_redact_cloud_config.py" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_send_logs.py", - "destination": "/home/packer/cse_send_logs.py" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/init-aks-custom-cloud.sh", - "destination": "/home/packer/init-aks-custom-cloud.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/reconcile-private-hosts.service", - "destination": "/home/packer/reconcile-private-hosts.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mig-partition.service", - "destination": "/home/packer/mig-partition.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/bind-mount.sh", - "destination": "/home/packer/bind-mount.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/bind-mount.service", - "destination": "/home/packer/bind-mount.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/enable-dhcpv6.sh", - "destination": "/home/packer/enable-dhcpv6.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/dhcpv6.service", - "destination": "/home/packer/dhcpv6.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sync-container-logs.sh", - "destination": "/home/packer/sync-container-logs.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sync-container-logs.service", - "destination": "/home/packer/sync-container-logs.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/crictl.yaml", - "destination": "/home/packer/crictl.yaml" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ensure-no-dup.sh", - "destination": "/home/packer/ensure-no-dup.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ensure-no-dup.service", - "destination": "/home/packer/ensure-no-dup.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/teleportd.service", - "destination": "/home/packer/teleportd.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/setup-custom-search-domains.sh", - "destination": "/home/packer/setup-custom-search-domains.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ubuntu/ubuntu-snapshot-update.sh", - "destination": "/home/packer/ubuntu-snapshot-update.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ubuntu/snapshot-update.service", - "destination": "/home/packer/snapshot-update.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ubuntu/snapshot-update.timer", - "destination": "/home/packer/snapshot-update.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cis.sh", - "destination": "/home/packer/cis.sh" - }, - { - "type": "file", - "source": "vhdbuilder/scripts/linux/tool_installs.sh", - "destination": "/home/packer/tool_installs.sh" - }, - { - "type": "file", - "source": "vhdbuilder/scripts/linux/ubuntu/tool_installs_ubuntu.sh", - "destination": "/home/packer/tool_installs_distro.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/pre-install-dependencies.sh", - "destination": "/home/packer/pre-install-dependencies.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/install-dependencies.sh", - "destination": "/home/packer/install-dependencies.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/post-install-dependencies.sh", - "destination": "/home/packer/post-install-dependencies.sh" - }, - { - "type": "file", - "source": "parts/common/components.json", - "destination": "/home/packer/components.json" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/manifest.json", - "destination": "/home/packer/manifest.json" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sysctl-d-60-CIS.conf", - "destination": "/home/packer/sysctl-d-60-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sshd_config", - "destination": "/home/packer/sshd_config" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/rsyslog-d-60-CIS.conf", - "destination": "/home/packer/rsyslog-d-60-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/logrotate-d-rsyslog-CIS.conf", - "destination": "/home/packer/logrotate-d-rsyslog-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/etc-issue", - "destination": "/home/packer/etc-issue" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/etc-issue.net", - "destination": "/home/packer/etc-issue.net" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/modprobe-CIS.conf", - "destination": "/home/packer/modprobe-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/faillock-CIS.conf", - "destination": "/home/packer/faillock-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pwquality-CIS.conf", - "destination": "/home/packer/pwquality-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-su", - "destination": "/home/packer/pam-d-su" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-account", - "destination": "/home/packer/pam-d-common-account" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-auth", - "destination": "/home/packer/pam-d-common-auth" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-auth-2204", - "destination": "/home/packer/pam-d-common-auth-2204" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-password", - "destination": "/home/packer/pam-d-common-password" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/profile-d-cis.sh", - "destination": "/home/packer/profile-d-cis.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/disk_queue.service", - "destination": "/home/packer/disk_queue.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-memory-telemetry.sh", - "destination": "/home/packer/cgroup-memory-telemetry.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-memory-telemetry.service", - "destination": "/home/packer/cgroup-memory-telemetry.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-memory-telemetry.timer", - "destination": "/home/packer/cgroup-memory-telemetry.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-pressure-telemetry.sh", - "destination": "/home/packer/cgroup-pressure-telemetry.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-pressure-telemetry.service", - "destination": "/home/packer/cgroup-pressure-telemetry.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-pressure-telemetry.timer", - "destination": "/home/packer/cgroup-pressure-telemetry.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/update_certs.service", - "destination": "/home/packer/update_certs.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/update_certs.path", - "destination": "/home/packer/update_certs.path" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/update_certs.sh", - "destination": "/home/packer/update_certs.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ci-syslog-watcher.path", - "destination": "/home/packer/ci-syslog-watcher.path" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ci-syslog-watcher.service", - "destination": "/home/packer/ci-syslog-watcher.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ci-syslog-watcher.sh", - "destination": "/home/packer/ci-syslog-watcher.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-diagnostic.py", - "destination": "/home/packer/aks-diagnostic.py" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector.sh", - "destination": "/home/packer/aks-log-collector.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector-send.py", - "destination": "/home/packer/aks-log-collector-send.py" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector.service", - "destination": "/home/packer/aks-log-collector.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector.slice", - "destination": "/home/packer/aks-log-collector.slice" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector.timer", - "destination": "/home/packer/aks-log-collector.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-check-network.sh", - "destination": "/home/packer/aks-check-network.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-check-network.service", - "destination": "/home/packer/aks-check-network.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-logrotate.sh", - "destination": "/home/packer/logrotate.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-logrotate.service", - "destination": "/home/packer/logrotate.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-logrotate.timer", - "destination": "/home/packer/logrotate.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-logrotate-override.conf", - "destination": "/home/packer/override.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-rsyslog", - "destination": "/home/packer/rsyslog" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ipv6_nftables", - "destination": "/home/packer/ipv6_nftables" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ipv6_nftables.service", - "destination": "/home/packer/ipv6_nftables.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ipv6_nftables.sh", - "destination": "/home/packer/ipv6_nftables.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/apt-preferences", - "destination": "/home/packer/apt-preferences" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/kms.service", - "destination": "/home/packer/kms.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mig-partition.sh", - "destination": "/home/packer/mig-partition.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/docker_clear_mount_propagation_flags.conf", - "destination": "/home/packer/docker_clear_mount_propagation_flags.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/nvidia-modprobe.service", - "destination": "/home/packer/nvidia-modprobe.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/nvidia-docker-daemon.json", - "destination": "/home/packer/nvidia-docker-daemon.json" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-auth", - "destination": "/home/packer/pam-d-common-auth" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-password", - "destination": "/home/packer/pam-d-common-password" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-su", - "destination": "/home/packer/pam-d-su" - }, - { - "type": "file", - "source": "vhdbuilder/notice.txt", - "destination": "/home/packer/NOTICE.txt" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/localdns.sh", - "destination": "/home/packer/localdns.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/localdns.service", - "destination": "/home/packer/localdns.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/localdns-delegate.conf", - "destination": "/home/packer/localdns-delegate.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/10_azure_nvidia", - "destination": "/home/packer/10_azure_nvidia" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/51-azure-nvidia.cfg", - "destination": "/home/packer/51-azure-nvidia.cfg" - }, - { - "type": "shell", - "inline": [ - "sudo FEATURE_FLAGS={{user `feature_flags`}} BUILD_NUMBER={{user `build_number`}} BUILD_ID={{user `build_id`}} COMMIT={{user `commit`}} HYPERV_GENERATION={{user `hyperv_generation`}} CONTAINER_RUNTIME={{user `container_runtime`}} TELEPORTD_PLUGIN_DOWNLOAD_URL={{user `teleportd_plugin_download_url`}} ENABLE_FIPS={{user `enable_fips`}} IMG_SKU={{user `img_sku`}} VHD_BUILD_TIMESTAMP={{user `vhd_build_timestamp`}} /bin/bash -ux /home/packer/pre-install-dependencies.sh" - ] - }, - { - "type": "shell", - "inline": "sudo reboot", - "expect_disconnect": true, - "skip_clean": true, - "pause_after": "60s" - }, - { - "type": "shell", - "inline": [ - "sudo FEATURE_FLAGS={{user `feature_flags`}} BUILD_NUMBER={{user `build_number`}} BUILD_ID={{user `build_id`}} COMMIT={{user `commit`}} HYPERV_GENERATION={{user `hyperv_generation`}} CONTAINER_RUNTIME={{user `container_runtime`}} TELEPORTD_PLUGIN_DOWNLOAD_URL={{user `teleportd_plugin_download_url`}} ENABLE_FIPS={{user `enable_fips`}} IMG_SKU={{user `img_sku`}} PRIVATE_PACKAGES_URL={{user `private_packages_url`}} VHD_BUILD_TIMESTAMP={{user `vhd_build_timestamp`}} /bin/bash -ux /home/packer/install-dependencies.sh" - ] - }, - { - "type": "file", - "direction": "download", - "source": "/var/log/bcc_installation.log", - "destination": "bcc-tools-installation.log" - }, - { - "type": "shell", - "inline": [ - "sudo rm /var/log/bcc_installation.log" - ] - }, - { - "type": "shell", - "inline": "sudo reboot", - "expect_disconnect": true, - "skip_clean": true, - "pause_after": "60s" - }, - { - "type": "shell", - "inline": [ - "sudo FEATURE_FLAGS={{user `feature_flags`}} BUILD_NUMBER={{user `build_number`}} BUILD_ID={{user `build_id`}} COMMIT={{user `commit`}} HYPERV_GENERATION={{user `hyperv_generation`}} CONTAINER_RUNTIME={{user `container_runtime`}} TELEPORTD_PLUGIN_DOWNLOAD_URL={{user `teleportd_plugin_download_url`}} ENABLE_FIPS={{user `enable_fips`}} IMG_SKU={{user `img_sku`}} /bin/bash -ux /home/packer/post-install-dependencies.sh" - ] - }, - { - "type": "file", - "source": "vhdbuilder/packer/list-images.sh", - "destination": "/home/packer/list-images.sh" - }, - { - "type": "shell", - "inline": [ - "sudo SKU_NAME={{user `sku_name`}} IMAGE_VERSION={{user `image_version`}} CONTAINER_RUNTIME={{user `container_runtime`}} /bin/bash -ux /home/packer/list-images.sh" - ] - }, - { - "type": "file", - "direction": "download", - "source": "/opt/azure/containers/image-bom.json", - "destination": "image-bom.json" - }, - { - "type": "file", - "direction": "download", - "source": "/opt/azure/vhd-install.complete", - "destination": "release-notes.txt" - }, - { - "type": "file", - "direction": "download", - "source": "/opt/azure/vhd-build-performance-data.json", - "destination": "vhd-build-performance-data.json" - }, - { - "type": "file", - "direction": "download", - "source": "/opt/azure/vhd-grid-compatibility-data.json", - "destination": "vhd-grid-compatibility-data.json" - }, - { - "type": "shell", - "inline": [ - "sudo rm /opt/azure/vhd-build-performance-data.json", - "sudo rm /opt/azure/vhd-grid-compatibility-data.json" - ] - }, - { - "type": "shell", - "inline": [ - "sudo /bin/bash -eux /home/packer/cis.sh", - "sudo /bin/bash -eux /opt/azure/containers/cleanup-vhd.sh", - "sudo /usr/sbin/waagent -force -deprovision+user && export HISTSIZE=0 && sync || exit 125" - ] - } - ] -} diff --git a/vhdbuilder/packer/vhd-image-builder-cvm.json b/vhdbuilder/packer/vhd-image-builder-cvm.json deleted file mode 100644 index ede6b40d961..00000000000 --- a/vhdbuilder/packer/vhd-image-builder-cvm.json +++ /dev/null @@ -1,733 +0,0 @@ -{ - "variables": { - "subscription_id": "{{env `AZURE_SUBSCRIPTION_ID`}}", - "gallery_subscription_id": "{{user `gallery_subscription_id`}}", - "location": "{{env `PACKER_BUILD_LOCATION`}}", - "vm_size": "{{env `AZURE_VM_SIZE`}}", - "build_definition_name": "{{env `BUILD_DEFINITION_NAME`}}", - "build_number": "{{env `BUILD_NUMBER`}}", - "build_id": "{{env `BUILD_ID`}}", - "commit": "{{env `GIT_VERSION`}}", - "feature_flags": "{{env `FEATURE_FLAGS`}}", - "image_version": "{{env `IMAGE_VERSION`}}", - "os_version": "{{env `OS_VERSION`}}", - "sku_name": "{{env `SKU_NAME`}}", - "hyperv_generation": "{{env `HYPERV_GENERATION`}}", - "sig_gallery_name": "{{env `SIG_GALLERY_NAME`}}", - "sig_image_name": "{{env `SIG_IMAGE_NAME`}}", - "sig_image_version": "{{env `SIG_IMAGE_VERSION`}}", - "container_runtime": "{{env `CONTAINER_RUNTIME`}}", - "teleportd_plugin_download_url": "{{env `TELEPORTD_PLUGIN_DOWNLOAD_URL`}}", - "captured_sig_version": "{{env `${CAPTURED_SIG_VERSION`}}", - "enable_fips": "{{env `ENABLE_FIPS`}}", - "img_publisher": "{{env `IMG_PUBLISHER`}}", - "img_offer": "{{env `IMG_OFFER`}}", - "img_sku": "{{env `IMG_SKU`}}", - "img_version": "{{env `IMG_VERSION`}}", - "vnet_resource_group_name": "{{env `VNET_RESOURCE_GROUP_NAME`}}", - "vnet_name": "{{env `VNET_NAME`}}", - "subnet_name": "{{env `SUBNET_NAME`}}", - "private_packages_url": "{{env `PRIVATE_PACKAGES_URL`}}", - "branch": "{{env `BRANCH`}}", - "ua_token": "{{env `UA_TOKEN`}}", - "vhd_build_timestamp": "{{user `VHD_BUILD_TIMESTAMP`}}" - }, - "builders": [ - { - "type": "azure-arm", - "subscription_id": "{{user `subscription_id`}}", - "virtual_network_resource_group_name": "{{user `vnet_resource_group_name`}}", - "virtual_network_name": "{{user `vnet_name`}}", - "virtual_network_subnet_name": "{{user `subnet_name`}}", - "ssh_read_write_timeout": "5m", - "os_type": "Linux", - "os_disk_size_gb": 30, - "image_publisher": "{{user `img_publisher`}}", - "image_offer": "{{user `img_offer`}}", - "image_sku": "{{user `img_sku`}}", - "image_version": "{{user `img_version`}}", - "azure_tags": { - "buildDefinitionName": "{{user `build_definition_name`}}", - "buildNumber": "{{user `build_number`}}", - "buildId": "{{user `build_id`}}", - "SkipLinuxAzSecPack": "true", - "os": "Linux", - "now": "{{user `create_time`}}", - "createdBy": "aks-vhd-pipeline", - "image_sku": "{{user `img_sku`}}", - "branch": "{{user `branch`}}" - }, - "location": "{{user `location`}}", - "vm_size": "{{user `vm_size`}}", - "use_azure_cli_auth": "true", - "polling_duration_timeout": "1h", - "managed_image_storage_account_type": "Premium_LRS", - "secure_boot_enabled": true, - "vtpm_enabled": true, - "security_type": "ConfidentialVM", - "security_encryption_type": "VMGuestStateOnly", - "shared_image_gallery_destination": { - "specialized": true, - "confidential_vm_image_encryption_type": "EncryptedVMGuestStateOnlyWithPmk", - "subscription": "{{user `gallery_subscription_id`}}", - "resource_group": "{{user `resource_group_name`}}", - "gallery_name": "{{user `sig_gallery_name`}}", - "image_name": "{{user `sig_image_name`}}", - "image_version": "{{user `captured_sig_version`}}", - "replication_regions": [ - "{{user `location`}}" - ] - }, - "user_assigned_managed_identities": "{{user `msi_resource_strings`}}" - } - ], - "provisioners": [ - { - "type": "shell", - "inline": [ - "sudo mkdir -p /opt/azure/containers", - "sudo mkdir -p /opt/scripts", - "sudo mkdir -p /opt/certs" - ] - }, - { - "type": "file", - "source": "vhdbuilder/lister/bin/lister", - "destination": "/home/packer/lister" - }, - { - "type": "file", - "source": "aks-node-controller/bin/aks-node-controller-linux-amd64", - "destination": "/home/packer/aks-node-controller" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-node-controller.service", - "destination": "/home/packer/aks-node-controller.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cloud-init-status-check.sh", - "destination": "/home/packer/cloud-init-status-check.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/prefetch.sh", - "destination": "/home/packer/prefetch.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/cleanup-vhd.sh", - "destination": "/home/packer/cleanup-vhd.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/packer_source.sh", - "destination": "/home/packer/packer_source.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_install.sh", - "destination": "/home/packer/provision_installs.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ubuntu/cse_install_ubuntu.sh", - "destination": "/home/packer/provision_installs_distro.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_helpers.sh", - "destination": "/home/packer/provision_source.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_benchmark_functions.sh", - "destination": "/home/packer/provision_source_benchmarks.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ubuntu/cse_helpers_ubuntu.sh", - "destination": "/home/packer/provision_source_distro.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_config.sh", - "destination": "/home/packer/provision_configs.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_main.sh", - "destination": "/home/packer/provision.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_start.sh", - "destination": "/home/packer/provision_start.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/containerd_exec_start.conf", - "destination": "/home/packer/containerd_exec_start.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/kubelet.service", - "destination": "/home/packer/kubelet.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/secure-tls-bootstrap.service", - "destination": "/home/packer/secure-tls-bootstrap.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/reconcile-private-hosts.sh", - "destination": "/home/packer/reconcile-private-hosts.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/block_wireserver.sh", - "destination": "/home/packer/block_wireserver.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ensure_imds_restriction.sh", - "destination": "/home/packer/ensure_imds_restriction.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/measure-tls-bootstrapping-latency.sh", - "destination": "/home/packer/measure-tls-bootstrapping-latency.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/measure-tls-bootstrapping-latency.service", - "destination": "/home/packer/measure-tls-bootstrapping-latency.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/validate-kubelet-credentials.sh", - "destination": "/home/packer/validate-kubelet-credentials.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_redact_cloud_config.py", - "destination": "/home/packer/cse_redact_cloud_config.py" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_send_logs.py", - "destination": "/home/packer/cse_send_logs.py" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/init-aks-custom-cloud.sh", - "destination": "/home/packer/init-aks-custom-cloud.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/reconcile-private-hosts.service", - "destination": "/home/packer/reconcile-private-hosts.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mig-partition.service", - "destination": "/home/packer/mig-partition.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/bind-mount.sh", - "destination": "/home/packer/bind-mount.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/bind-mount.service", - "destination": "/home/packer/bind-mount.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/enable-dhcpv6.sh", - "destination": "/home/packer/enable-dhcpv6.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/dhcpv6.service", - "destination": "/home/packer/dhcpv6.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sync-container-logs.sh", - "destination": "/home/packer/sync-container-logs.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sync-container-logs.service", - "destination": "/home/packer/sync-container-logs.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/crictl.yaml", - "destination": "/home/packer/crictl.yaml" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ensure-no-dup.sh", - "destination": "/home/packer/ensure-no-dup.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ensure-no-dup.service", - "destination": "/home/packer/ensure-no-dup.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/teleportd.service", - "destination": "/home/packer/teleportd.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/setup-custom-search-domains.sh", - "destination": "/home/packer/setup-custom-search-domains.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ubuntu/ubuntu-snapshot-update.sh", - "destination": "/home/packer/ubuntu-snapshot-update.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ubuntu/snapshot-update.service", - "destination": "/home/packer/snapshot-update.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ubuntu/snapshot-update.timer", - "destination": "/home/packer/snapshot-update.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cis.sh", - "destination": "/home/packer/cis.sh" - }, - { - "type": "file", - "source": "vhdbuilder/scripts/linux/tool_installs.sh", - "destination": "/home/packer/tool_installs.sh" - }, - { - "type": "file", - "source": "vhdbuilder/scripts/linux/ubuntu/tool_installs_ubuntu.sh", - "destination": "/home/packer/tool_installs_distro.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/pre-install-dependencies.sh", - "destination": "/home/packer/pre-install-dependencies.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/install-dependencies.sh", - "destination": "/home/packer/install-dependencies.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/post-install-dependencies.sh", - "destination": "/home/packer/post-install-dependencies.sh" - }, - { - "type": "file", - "source": "parts/common/components.json", - "destination": "/home/packer/components.json" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/manifest.json", - "destination": "/home/packer/manifest.json" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sysctl-d-60-CIS.conf", - "destination": "/home/packer/sysctl-d-60-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sshd_config", - "destination": "/home/packer/sshd_config" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sshd_config_2204_fips", - "destination": "/home/packer/sshd_config_2204_fips" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/rsyslog-d-60-CIS.conf", - "destination": "/home/packer/rsyslog-d-60-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/logrotate-d-rsyslog-CIS.conf", - "destination": "/home/packer/logrotate-d-rsyslog-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/etc-issue", - "destination": "/home/packer/etc-issue" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/etc-issue.net", - "destination": "/home/packer/etc-issue.net" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/modprobe-CIS.conf", - "destination": "/home/packer/modprobe-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/faillock-CIS.conf", - "destination": "/home/packer/faillock-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pwquality-CIS.conf", - "destination": "/home/packer/pwquality-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-su", - "destination": "/home/packer/pam-d-su" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-account", - "destination": "/home/packer/pam-d-common-account" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-auth", - "destination": "/home/packer/pam-d-common-auth" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-auth-2204", - "destination": "/home/packer/pam-d-common-auth-2204" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-password", - "destination": "/home/packer/pam-d-common-password" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/profile-d-cis.sh", - "destination": "/home/packer/profile-d-cis.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/disk_queue.service", - "destination": "/home/packer/disk_queue.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-memory-telemetry.sh", - "destination": "/home/packer/cgroup-memory-telemetry.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-memory-telemetry.service", - "destination": "/home/packer/cgroup-memory-telemetry.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-memory-telemetry.timer", - "destination": "/home/packer/cgroup-memory-telemetry.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-pressure-telemetry.sh", - "destination": "/home/packer/cgroup-pressure-telemetry.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-pressure-telemetry.service", - "destination": "/home/packer/cgroup-pressure-telemetry.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-pressure-telemetry.timer", - "destination": "/home/packer/cgroup-pressure-telemetry.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/update_certs.service", - "destination": "/home/packer/update_certs.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/update_certs.path", - "destination": "/home/packer/update_certs.path" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/update_certs.sh", - "destination": "/home/packer/update_certs.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ci-syslog-watcher.path", - "destination": "/home/packer/ci-syslog-watcher.path" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ci-syslog-watcher.service", - "destination": "/home/packer/ci-syslog-watcher.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ci-syslog-watcher.sh", - "destination": "/home/packer/ci-syslog-watcher.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-diagnostic.py", - "destination": "/home/packer/aks-diagnostic.py" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector.sh", - "destination": "/home/packer/aks-log-collector.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector-send.py", - "destination": "/home/packer/aks-log-collector-send.py" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector.service", - "destination": "/home/packer/aks-log-collector.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector.slice", - "destination": "/home/packer/aks-log-collector.slice" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector.timer", - "destination": "/home/packer/aks-log-collector.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-check-network.sh", - "destination": "/home/packer/aks-check-network.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-check-network.service", - "destination": "/home/packer/aks-check-network.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-logrotate.sh", - "destination": "/home/packer/logrotate.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-logrotate.service", - "destination": "/home/packer/logrotate.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-logrotate.timer", - "destination": "/home/packer/logrotate.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-logrotate-override.conf", - "destination": "/home/packer/override.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-rsyslog", - "destination": "/home/packer/rsyslog" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ipv6_nftables", - "destination": "/home/packer/ipv6_nftables" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ipv6_nftables.service", - "destination": "/home/packer/ipv6_nftables.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ipv6_nftables.sh", - "destination": "/home/packer/ipv6_nftables.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/apt-preferences", - "destination": "/home/packer/apt-preferences" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/kms.service", - "destination": "/home/packer/kms.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mig-partition.sh", - "destination": "/home/packer/mig-partition.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/docker_clear_mount_propagation_flags.conf", - "destination": "/home/packer/docker_clear_mount_propagation_flags.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/nvidia-modprobe.service", - "destination": "/home/packer/nvidia-modprobe.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/nvidia-docker-daemon.json", - "destination": "/home/packer/nvidia-docker-daemon.json" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-auth", - "destination": "/home/packer/pam-d-common-auth" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-password", - "destination": "/home/packer/pam-d-common-password" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-su", - "destination": "/home/packer/pam-d-su" - }, - { - "type": "file", - "source": "vhdbuilder/notice.txt", - "destination": "/home/packer/NOTICE.txt" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/localdns.sh", - "destination": "/home/packer/localdns.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/localdns.service", - "destination": "/home/packer/localdns.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/localdns-delegate.conf", - "destination": "/home/packer/localdns-delegate.conf" - }, - { - "type": "shell", - "inline": [ - "sudo FEATURE_FLAGS={{user `feature_flags`}} BUILD_NUMBER={{user `build_number`}} BUILD_ID={{user `build_id`}} COMMIT={{user `commit`}} HYPERV_GENERATION={{user `hyperv_generation`}} CONTAINER_RUNTIME={{user `container_runtime`}} TELEPORTD_PLUGIN_DOWNLOAD_URL={{user `teleportd_plugin_download_url`}} ENABLE_FIPS={{user `enable_fips`}} IMG_SKU={{user `img_sku`}} UA_TOKEN={{user `ua_token`}} VHD_BUILD_TIMESTAMP={{user `vhd_build_timestamp`}} /bin/bash -ux /home/packer/pre-install-dependencies.sh" - ] - }, - { - "type": "shell", - "inline": "sudo reboot", - "expect_disconnect": true, - "skip_clean": true, - "pause_after": "60s" - }, - { - "type": "shell", - "inline": [ - "sudo FEATURE_FLAGS={{user `feature_flags`}} BUILD_NUMBER={{user `build_number`}} BUILD_ID={{user `build_id`}} COMMIT={{user `commit`}} HYPERV_GENERATION={{user `hyperv_generation`}} CONTAINER_RUNTIME={{user `container_runtime`}} TELEPORTD_PLUGIN_DOWNLOAD_URL={{user `teleportd_plugin_download_url`}} ENABLE_FIPS={{user `enable_fips`}} IMG_SKU={{user `img_sku`}} PRIVATE_PACKAGES_URL={{user `private_packages_url`}} VHD_BUILD_TIMESTAMP={{user `vhd_build_timestamp`}} /bin/bash -ux /home/packer/install-dependencies.sh" - ] - }, - { - "type": "file", - "direction": "download", - "source": "/var/log/bcc_installation.log", - "destination": "bcc-tools-installation.log" - }, - { - "type": "shell", - "inline": [ - "sudo rm /var/log/bcc_installation.log" - ] - }, - { - "type": "shell", - "inline": "sudo reboot", - "expect_disconnect": true, - "skip_clean": true, - "pause_after": "60s" - }, - { - "type": "shell", - "inline": [ - "sudo FEATURE_FLAGS={{user `feature_flags`}} BUILD_NUMBER={{user `build_number`}} BUILD_ID={{user `build_id`}} COMMIT={{user `commit`}} HYPERV_GENERATION={{user `hyperv_generation`}} CONTAINER_RUNTIME={{user `container_runtime`}} TELEPORTD_PLUGIN_DOWNLOAD_URL={{user `teleportd_plugin_download_url`}} ENABLE_FIPS={{user `enable_fips`}} IMG_SKU={{user `img_sku`}} /bin/bash -ux /home/packer/post-install-dependencies.sh" - ] - }, - { - "type": "file", - "source": "vhdbuilder/packer/list-images.sh", - "destination": "/home/packer/list-images.sh" - }, - { - "type": "shell", - "inline": [ - "sudo SKU_NAME={{user `sku_name`}} IMAGE_VERSION={{user `image_version`}} CONTAINER_RUNTIME={{user `container_runtime`}} /bin/bash -ux /home/packer/list-images.sh" - ] - }, - { - "type": "file", - "direction": "download", - "source": "/opt/azure/containers/image-bom.json", - "destination": "image-bom.json" - }, - { - "type": "file", - "direction": "download", - "source": "/opt/azure/vhd-install.complete", - "destination": "release-notes.txt" - }, - { - "type": "file", - "direction": "download", - "source": "/opt/azure/vhd-build-performance-data.json", - "destination": "vhd-build-performance-data.json" - }, - { - "type": "file", - "direction": "download", - "source": "/opt/azure/vhd-grid-compatibility-data.json", - "destination": "vhd-grid-compatibility-data.json" - }, - { - "type": "shell", - "inline": [ - "sudo rm /opt/azure/vhd-build-performance-data.json", - "sudo rm /opt/azure/vhd-grid-compatibility-data.json" - ] - }, - { - "type": "shell", - "inline": [ - "sudo /bin/bash -eux /home/packer/cis.sh", - "sudo /bin/bash -eux /opt/azure/containers/cleanup-vhd.sh", - "sudo /usr/sbin/waagent -force -deprovision+user && export HISTSIZE=0 && sync || exit 125" - ] - } - ] -} diff --git a/vhdbuilder/packer/vhd-image-builder-flatcar-arm64.json b/vhdbuilder/packer/vhd-image-builder-flatcar-arm64.json deleted file mode 100644 index 57625b5dd53..00000000000 --- a/vhdbuilder/packer/vhd-image-builder-flatcar-arm64.json +++ /dev/null @@ -1,728 +0,0 @@ -{ - "variables": { - "subscription_id": "{{env `AZURE_SUBSCRIPTION_ID`}}", - "gallery_subscription_id": "{{user `gallery_subscription_id`}}", - "location": "{{env `PACKER_BUILD_LOCATION`}}", - "vm_size": "{{env `AZURE_VM_SIZE`}}", - "build_definition_name": "{{env `BUILD_DEFINITION_NAME`}}", - "build_number": "{{env `BUILD_NUMBER`}}", - "build_id": "{{env `BUILD_ID`}}", - "commit": "{{env `GIT_VERSION`}}", - "feature_flags": "{{env `FEATURE_FLAGS`}}", - "image_version": "{{env `IMAGE_VERSION`}}", - "os_version": "{{env `OS_VERSION`}}", - "sku_name": "{{env `SKU_NAME`}}", - "hyperv_generation": "{{env `HYPERV_GENERATION`}}", - "sig_gallery_name": "{{env `SIG_GALLERY_NAME`}}", - "sig_image_name": "{{env `SIG_IMAGE_NAME`}}", - "sig_image_version": "{{env `SIG_IMAGE_VERSION`}}", - "container_runtime": "{{env `CONTAINER_RUNTIME`}}", - "teleportd_plugin_download_url": "{{env `TELEPORTD_PLUGIN_DOWNLOAD_URL`}}", - "captured_sig_version": "{{env `${CAPTURED_SIG_VERSION`}}", - "enable_fips": "{{env `ENABLE_FIPS`}}", - "img_publisher": "{{env `IMG_PUBLISHER`}}", - "img_offer": "{{env `IMG_OFFER`}}", - "img_sku": "{{env `IMG_SKU`}}", - "img_version": "{{env `IMG_VERSION`}}", - "vnet_resource_group_name": "{{env `VNET_RESOURCE_GROUP_NAME`}}", - "vnet_name": "{{env `VNET_NAME`}}", - "subnet_name": "{{env `SUBNET_NAME`}}", - "private_packages_url": "{{env `PRIVATE_PACKAGES_URL`}}", - "branch": "{{env `BRANCH`}}", - "vhd_build_timestamp": "{{user `VHD_BUILD_TIMESTAMP`}}" - }, - "builders": [ - { - "custom_data_file": "./vhdbuilder/packer/flatcar-customdata.json", - "type": "azure-arm", - "subscription_id": "{{user `subscription_id`}}", - "virtual_network_resource_group_name": "{{user `vnet_resource_group_name`}}", - "virtual_network_name": "{{user `vnet_name`}}", - "virtual_network_subnet_name": "{{user `subnet_name`}}", - "ssh_read_write_timeout": "5m", - "os_type": "Linux", - "os_disk_size_gb": 30, - "image_publisher": "{{user `img_publisher`}}", - "image_offer": "{{user `img_offer`}}", - "image_sku": "{{user `img_sku`}}", - "image_version": "{{user `img_version`}}", - "azure_tags": { - "buildDefinitionName": "{{user `build_definition_name`}}", - "buildNumber": "{{user `build_number`}}", - "buildId": "{{user `build_id`}}", - "SkipLinuxAzSecPack": "true", - "os": "Linux", - "now": "{{user `create_time`}}", - "createdBy": "aks-vhd-pipeline", - "image_sku": "{{user `img_sku`}}", - "branch": "{{user `branch`}}" - }, - "location": "{{user `location`}}", - "vm_size": "{{user `vm_size`}}", - "use_azure_cli_auth": "true", - "polling_duration_timeout": "1h", - "managed_image_storage_account_type": "Premium_LRS", - "shared_image_gallery_destination": { - "subscription": "{{user `gallery_subscription_id`}}", - "resource_group": "{{user `resource_group_name`}}", - "gallery_name": "{{user `sig_gallery_name`}}", - "image_name": "{{user `sig_image_name`}}", - "image_version": "{{user `captured_sig_version`}}", - "replication_regions": [ - "{{user `location`}}" - ] - }, - "user_assigned_managed_identities": "{{user `msi_resource_strings`}}" - } - ], - "provisioners": [ - { - "type": "shell", - "inline": [ - "sudo mkdir -p /opt/azure/containers", - "sudo mkdir -p /opt/scripts", - "sudo mkdir -p /opt/certs" - ] - }, - { - "type": "file", - "source": "vhdbuilder/lister/bin/lister", - "destination": "/home/packer/lister" - }, - { - "type": "file", - "source": "aks-node-controller/bin/aks-node-controller-linux-arm64", - "destination": "/home/packer/aks-node-controller" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-node-controller.service", - "destination": "/home/packer/aks-node-controller.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cloud-init-status-check.sh", - "destination": "/home/packer/cloud-init-status-check.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/prefetch.sh", - "destination": "/home/packer/prefetch.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/cleanup-vhd.sh", - "destination": "/home/packer/cleanup-vhd.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/packer_source.sh", - "destination": "/home/packer/packer_source.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_install.sh", - "destination": "/home/packer/provision_installs.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/flatcar/cse_install_flatcar.sh", - "destination": "/home/packer/provision_installs_distro.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_helpers.sh", - "destination": "/home/packer/provision_source.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_benchmark_functions.sh", - "destination": "/home/packer/provision_source_benchmarks.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/flatcar/cse_helpers_flatcar.sh", - "destination": "/home/packer/provision_source_distro.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_config.sh", - "destination": "/home/packer/provision_configs.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_main.sh", - "destination": "/home/packer/provision.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_start.sh", - "destination": "/home/packer/provision_start.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/containerd_exec_start.conf", - "destination": "/home/packer/containerd_exec_start.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/kubelet.service", - "destination": "/home/packer/kubelet.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/secure-tls-bootstrap.service", - "destination": "/home/packer/secure-tls-bootstrap.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/reconcile-private-hosts.sh", - "destination": "/home/packer/reconcile-private-hosts.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/block_wireserver.sh", - "destination": "/home/packer/block_wireserver.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ensure_imds_restriction.sh", - "destination": "/home/packer/ensure_imds_restriction.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/measure-tls-bootstrapping-latency.sh", - "destination": "/home/packer/measure-tls-bootstrapping-latency.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/measure-tls-bootstrapping-latency.service", - "destination": "/home/packer/measure-tls-bootstrapping-latency.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/validate-kubelet-credentials.sh", - "destination": "/home/packer/validate-kubelet-credentials.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_redact_cloud_config.py", - "destination": "/home/packer/cse_redact_cloud_config.py" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_send_logs.py", - "destination": "/home/packer/cse_send_logs.py" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/init-aks-custom-cloud.sh", - "destination": "/home/packer/init-aks-custom-cloud.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/reconcile-private-hosts.service", - "destination": "/home/packer/reconcile-private-hosts.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mig-partition.service", - "destination": "/home/packer/mig-partition.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/bind-mount.sh", - "destination": "/home/packer/bind-mount.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/bind-mount.service", - "destination": "/home/packer/bind-mount.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/enable-dhcpv6.sh", - "destination": "/home/packer/enable-dhcpv6.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/dhcpv6.service", - "destination": "/home/packer/dhcpv6.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sync-container-logs.sh", - "destination": "/home/packer/sync-container-logs.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sync-container-logs.service", - "destination": "/home/packer/sync-container-logs.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/crictl.yaml", - "destination": "/home/packer/crictl.yaml" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ensure-no-dup.sh", - "destination": "/home/packer/ensure-no-dup.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ensure-no-dup.service", - "destination": "/home/packer/ensure-no-dup.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/teleportd.service", - "destination": "/home/packer/teleportd.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/setup-custom-search-domains.sh", - "destination": "/home/packer/setup-custom-search-domains.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ubuntu/ubuntu-snapshot-update.sh", - "destination": "/home/packer/ubuntu-snapshot-update.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ubuntu/snapshot-update.service", - "destination": "/home/packer/snapshot-update.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ubuntu/snapshot-update.timer", - "destination": "/home/packer/snapshot-update.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cis.sh", - "destination": "/home/packer/cis.sh" - }, - { - "type": "file", - "source": "vhdbuilder/scripts/linux/tool_installs.sh", - "destination": "/home/packer/tool_installs.sh" - }, - { - "type": "file", - "source": "vhdbuilder/scripts/linux/flatcar/tool_installs_flatcar.sh", - "destination": "/home/packer/tool_installs_distro.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/pre-install-dependencies.sh", - "destination": "/home/packer/pre-install-dependencies.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/install-dependencies.sh", - "destination": "/home/packer/install-dependencies.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/post-install-dependencies.sh", - "destination": "/home/packer/post-install-dependencies.sh" - }, - { - "type": "file", - "source": "parts/common/components.json", - "destination": "/home/packer/components.json" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/manifest.json", - "destination": "/home/packer/manifest.json" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sysctl-d-60-CIS.conf", - "destination": "/home/packer/sysctl-d-60-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sshd_config", - "destination": "/home/packer/sshd_config" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/rsyslog-d-60-CIS.conf", - "destination": "/home/packer/rsyslog-d-60-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/logrotate-d-rsyslog-CIS.conf", - "destination": "/home/packer/logrotate-d-rsyslog-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/etc-issue", - "destination": "/home/packer/etc-issue" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/etc-issue.net", - "destination": "/home/packer/etc-issue.net" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/modprobe-CIS.conf", - "destination": "/home/packer/modprobe-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/faillock-CIS.conf", - "destination": "/home/packer/faillock-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pwquality-CIS.conf", - "destination": "/home/packer/pwquality-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-su", - "destination": "/home/packer/pam-d-su" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-auth", - "destination": "/home/packer/pam-d-common-auth" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-account", - "destination": "/home/packer/pam-d-common-account" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-auth-2204", - "destination": "/home/packer/pam-d-common-auth-2204" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-password", - "destination": "/home/packer/pam-d-common-password" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/profile-d-cis.sh", - "destination": "/home/packer/profile-d-cis.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/disk_queue.service", - "destination": "/home/packer/disk_queue.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-memory-telemetry.sh", - "destination": "/home/packer/cgroup-memory-telemetry.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-memory-telemetry.service", - "destination": "/home/packer/cgroup-memory-telemetry.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-memory-telemetry.timer", - "destination": "/home/packer/cgroup-memory-telemetry.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-pressure-telemetry.sh", - "destination": "/home/packer/cgroup-pressure-telemetry.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-pressure-telemetry.service", - "destination": "/home/packer/cgroup-pressure-telemetry.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-pressure-telemetry.timer", - "destination": "/home/packer/cgroup-pressure-telemetry.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/flatcar/update_certs.service", - "destination": "/home/packer/update_certs.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/update_certs.path", - "destination": "/home/packer/update_certs.path" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/update_certs.sh", - "destination": "/home/packer/update_certs.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ci-syslog-watcher.path", - "destination": "/home/packer/ci-syslog-watcher.path" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ci-syslog-watcher.service", - "destination": "/home/packer/ci-syslog-watcher.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ci-syslog-watcher.sh", - "destination": "/home/packer/ci-syslog-watcher.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-diagnostic.py", - "destination": "/home/packer/aks-diagnostic.py" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector.sh", - "destination": "/home/packer/aks-log-collector.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector-send.py", - "destination": "/home/packer/aks-log-collector-send.py" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector.service", - "destination": "/home/packer/aks-log-collector.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector.slice", - "destination": "/home/packer/aks-log-collector.slice" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector.timer", - "destination": "/home/packer/aks-log-collector.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-check-network.sh", - "destination": "/home/packer/aks-check-network.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-check-network.service", - "destination": "/home/packer/aks-check-network.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-logrotate.sh", - "destination": "/home/packer/logrotate.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-logrotate.service", - "destination": "/home/packer/logrotate.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-logrotate.timer", - "destination": "/home/packer/logrotate.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-logrotate-override.conf", - "destination": "/home/packer/override.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-rsyslog", - "destination": "/home/packer/rsyslog" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ipv6_nftables", - "destination": "/home/packer/ipv6_nftables" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ipv6_nftables.service", - "destination": "/home/packer/ipv6_nftables.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ipv6_nftables.sh", - "destination": "/home/packer/ipv6_nftables.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/apt-preferences", - "destination": "/home/packer/apt-preferences" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/kms.service", - "destination": "/home/packer/kms.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mig-partition.sh", - "destination": "/home/packer/mig-partition.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/docker_clear_mount_propagation_flags.conf", - "destination": "/home/packer/docker_clear_mount_propagation_flags.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/nvidia-modprobe.service", - "destination": "/home/packer/nvidia-modprobe.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/nvidia-docker-daemon.json", - "destination": "/home/packer/nvidia-docker-daemon.json" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-auth", - "destination": "/home/packer/pam-d-common-auth" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-password", - "destination": "/home/packer/pam-d-common-password" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-su", - "destination": "/home/packer/pam-d-su" - }, - { - "type": "file", - "source": "vhdbuilder/notice.txt", - "destination": "/home/packer/NOTICE.txt" - }, - { - "type": "file", - "source": "vhdbuilder/notice_flatcar.txt", - "destination": "/home/packer/NOTICE_FLATCAR.txt" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/localdns.sh", - "destination": "/home/packer/localdns.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/localdns.service", - "destination": "/home/packer/localdns.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/localdns-delegate.conf", - "destination": "/home/packer/localdns-delegate.conf" - }, - { - "type": "shell", - "inline": [ - "sudo FEATURE_FLAGS={{user `feature_flags`}} BUILD_NUMBER={{user `build_number`}} BUILD_ID={{user `build_id`}} COMMIT={{user `commit`}} HYPERV_GENERATION={{user `hyperv_generation`}} CONTAINER_RUNTIME={{user `container_runtime`}} TELEPORTD_PLUGIN_DOWNLOAD_URL={{user `teleportd_plugin_download_url`}} ENABLE_FIPS={{user `enable_fips`}} IMG_SKU={{user `img_sku`}} VHD_BUILD_TIMESTAMP={{user `vhd_build_timestamp`}} /bin/bash -ux /home/packer/pre-install-dependencies.sh" - ] - }, - { - "type": "shell", - "inline": ": reboot", - "expect_disconnect": true, - "skip_clean": true, - "pause_after": "0s" - }, - { - "type": "shell", - "inline": [ - "sudo FEATURE_FLAGS={{user `feature_flags`}} BUILD_NUMBER={{user `build_number`}} BUILD_ID={{user `build_id`}} COMMIT={{user `commit`}} HYPERV_GENERATION={{user `hyperv_generation`}} CONTAINER_RUNTIME={{user `container_runtime`}} TELEPORTD_PLUGIN_DOWNLOAD_URL={{user `teleportd_plugin_download_url`}} ENABLE_FIPS={{user `enable_fips`}} IMG_SKU={{user `img_sku`}} PRIVATE_PACKAGES_URL={{user `private_packages_url`}} VHD_BUILD_TIMESTAMP={{user `vhd_build_timestamp`}} /bin/bash -ux /home/packer/install-dependencies.sh" - ] - }, - { - "type": "file", - "direction": "download", - "source": "/var/log/bcc_installation.log", - "destination": "bcc-tools-installation.log" - }, - { - "type": "shell", - "inline": [ - "sudo rm /var/log/bcc_installation.log" - ] - }, - { - "type": "shell", - "inline": ": reboot", - "expect_disconnect": true, - "skip_clean": true, - "pause_after": "0s" - }, - { - "type": "shell", - "inline": [ - "sudo FEATURE_FLAGS={{user `feature_flags`}} BUILD_NUMBER={{user `build_number`}} BUILD_ID={{user `build_id`}} COMMIT={{user `commit`}} HYPERV_GENERATION={{user `hyperv_generation`}} CONTAINER_RUNTIME={{user `container_runtime`}} TELEPORTD_PLUGIN_DOWNLOAD_URL={{user `teleportd_plugin_download_url`}} ENABLE_FIPS={{user `enable_fips`}} IMG_SKU={{user `img_sku`}} /bin/bash -ux /home/packer/post-install-dependencies.sh" - ] - }, - { - "type": "file", - "source": "vhdbuilder/packer/list-images.sh", - "destination": "/home/packer/list-images.sh" - }, - { - "type": "shell", - "inline": [ - "sudo SKU_NAME={{user `sku_name`}} IMAGE_VERSION={{user `image_version`}} CONTAINER_RUNTIME={{user `container_runtime`}} /bin/bash -ux /home/packer/list-images.sh" - ] - }, - { - "type": "file", - "direction": "download", - "source": "/opt/azure/containers/image-bom.json", - "destination": "image-bom.json" - }, - { - "type": "file", - "direction": "download", - "source": "/opt/azure/vhd-install.complete", - "destination": "release-notes.txt" - }, - { - "type": "file", - "direction": "download", - "source": "/opt/azure/vhd-build-performance-data.json", - "destination": "vhd-build-performance-data.json" - }, - { - "type": "file", - "direction": "download", - "source": "/opt/azure/vhd-grid-compatibility-data.json", - "destination": "vhd-grid-compatibility-data.json" - }, - { - "type": "shell", - "inline": [ - "sudo rm /opt/azure/vhd-build-performance-data.json", - "sudo rm /opt/azure/vhd-grid-compatibility-data.json" - ] - }, - { - "type": "shell", - "inline": [ - "sudo /bin/bash -eux /home/packer/cis.sh", - "sudo /bin/bash -eux /opt/azure/containers/cleanup-vhd.sh", - "sudo touch /boot/flatcar/first_boot", - "sudo /usr/sbin/waagent -force -deprovision+user && export HISTSIZE=0 && sync || exit 125" - ] - } - ] -} diff --git a/vhdbuilder/packer/vhd-image-builder-flatcar.json b/vhdbuilder/packer/vhd-image-builder-flatcar.json deleted file mode 100644 index 93e5eb3485e..00000000000 --- a/vhdbuilder/packer/vhd-image-builder-flatcar.json +++ /dev/null @@ -1,733 +0,0 @@ -{ - "variables": { - "subscription_id": "{{env `AZURE_SUBSCRIPTION_ID`}}", - "gallery_subscription_id": "{{user `gallery_subscription_id`}}", - "location": "{{env `PACKER_BUILD_LOCATION`}}", - "vm_size": "{{env `AZURE_VM_SIZE`}}", - "build_definition_name": "{{env `BUILD_DEFINITION_NAME`}}", - "build_number": "{{env `BUILD_NUMBER`}}", - "build_id": "{{env `BUILD_ID`}}", - "commit": "{{env `GIT_VERSION`}}", - "feature_flags": "{{env `FEATURE_FLAGS`}}", - "image_version": "{{env `IMAGE_VERSION`}}", - "os_version": "{{env `OS_VERSION`}}", - "sku_name": "{{env `SKU_NAME`}}", - "hyperv_generation": "{{env `HYPERV_GENERATION`}}", - "sig_gallery_name": "{{env `SIG_GALLERY_NAME`}}", - "sig_image_name": "{{env `SIG_IMAGE_NAME`}}", - "sig_image_version": "{{env `SIG_IMAGE_VERSION`}}", - "container_runtime": "{{env `CONTAINER_RUNTIME`}}", - "teleportd_plugin_download_url": "{{env `TELEPORTD_PLUGIN_DOWNLOAD_URL`}}", - "captured_sig_version": "{{env `${CAPTURED_SIG_VERSION`}}", - "enable_fips": "{{env `ENABLE_FIPS`}}", - "img_publisher": "{{env `IMG_PUBLISHER`}}", - "img_offer": "{{env `IMG_OFFER`}}", - "img_sku": "{{env `IMG_SKU`}}", - "img_version": "{{env `IMG_VERSION`}}", - "vnet_resource_group_name": "{{env `VNET_RESOURCE_GROUP_NAME`}}", - "vnet_name": "{{env `VNET_NAME`}}", - "subnet_name": "{{env `SUBNET_NAME`}}", - "private_packages_url": "{{env `PRIVATE_PACKAGES_URL`}}", - "branch": "{{env `BRANCH`}}", - "vhd_build_timestamp": "{{user `VHD_BUILD_TIMESTAMP`}}" - }, - "builders": [ - { - "custom_data_file": "./vhdbuilder/packer/flatcar-customdata.json", - "type": "azure-arm", - "subscription_id": "{{user `subscription_id`}}", - "virtual_network_resource_group_name": "{{user `vnet_resource_group_name`}}", - "virtual_network_name": "{{user `vnet_name`}}", - "virtual_network_subnet_name": "{{user `subnet_name`}}", - "ssh_read_write_timeout": "5m", - "os_type": "Linux", - "os_disk_size_gb": 30, - "image_publisher": "{{user `img_publisher`}}", - "image_offer": "{{user `img_offer`}}", - "image_sku": "{{user `img_sku`}}", - "image_version": "{{user `img_version`}}", - "azure_tags": { - "buildDefinitionName": "{{user `build_definition_name`}}", - "buildNumber": "{{user `build_number`}}", - "buildId": "{{user `build_id`}}", - "SkipLinuxAzSecPack": "true", - "os": "Linux", - "now": "{{user `create_time`}}", - "createdBy": "aks-vhd-pipeline", - "image_sku": "{{user `img_sku`}}", - "branch": "{{user `branch`}}" - }, - "location": "{{user `location`}}", - "vm_size": "{{user `vm_size`}}", - "use_azure_cli_auth": "true", - "polling_duration_timeout": "1h", - "managed_image_storage_account_type": "Premium_LRS", - "shared_image_gallery_destination": { - "subscription": "{{user `gallery_subscription_id`}}", - "resource_group": "{{user `resource_group_name`}}", - "gallery_name": "{{user `sig_gallery_name`}}", - "image_name": "{{user `sig_image_name`}}", - "image_version": "{{user `captured_sig_version`}}", - "replication_regions": [ - "{{user `location`}}" - ] - }, - "user_assigned_managed_identities": "{{user `msi_resource_strings`}}" - } - ], - "provisioners": [ - { - "type": "shell", - "inline": [ - "sudo mkdir -p /opt/azure/containers", - "sudo mkdir -p /opt/scripts", - "sudo mkdir -p /opt/certs" - ] - }, - { - "type": "file", - "source": "vhdbuilder/lister/bin/lister", - "destination": "/home/packer/lister" - }, - { - "type": "file", - "source": "aks-node-controller/bin/aks-node-controller-linux-amd64", - "destination": "/home/packer/aks-node-controller" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-node-controller.service", - "destination": "/home/packer/aks-node-controller.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cloud-init-status-check.sh", - "destination": "/home/packer/cloud-init-status-check.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/prefetch.sh", - "destination": "/home/packer/prefetch.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/cleanup-vhd.sh", - "destination": "/home/packer/cleanup-vhd.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/packer_source.sh", - "destination": "/home/packer/packer_source.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_install.sh", - "destination": "/home/packer/provision_installs.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/flatcar/cse_install_flatcar.sh", - "destination": "/home/packer/provision_installs_distro.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_helpers.sh", - "destination": "/home/packer/provision_source.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_benchmark_functions.sh", - "destination": "/home/packer/provision_source_benchmarks.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/flatcar/cse_helpers_flatcar.sh", - "destination": "/home/packer/provision_source_distro.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_config.sh", - "destination": "/home/packer/provision_configs.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_main.sh", - "destination": "/home/packer/provision.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_start.sh", - "destination": "/home/packer/provision_start.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/containerd_exec_start.conf", - "destination": "/home/packer/containerd_exec_start.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/kubelet.service", - "destination": "/home/packer/kubelet.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/secure-tls-bootstrap.service", - "destination": "/home/packer/secure-tls-bootstrap.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/reconcile-private-hosts.sh", - "destination": "/home/packer/reconcile-private-hosts.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/block_wireserver.sh", - "destination": "/home/packer/block_wireserver.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ensure_imds_restriction.sh", - "destination": "/home/packer/ensure_imds_restriction.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/measure-tls-bootstrapping-latency.sh", - "destination": "/home/packer/measure-tls-bootstrapping-latency.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/measure-tls-bootstrapping-latency.service", - "destination": "/home/packer/measure-tls-bootstrapping-latency.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/validate-kubelet-credentials.sh", - "destination": "/home/packer/validate-kubelet-credentials.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_redact_cloud_config.py", - "destination": "/home/packer/cse_redact_cloud_config.py" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_send_logs.py", - "destination": "/home/packer/cse_send_logs.py" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/init-aks-custom-cloud.sh", - "destination": "/home/packer/init-aks-custom-cloud.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/reconcile-private-hosts.service", - "destination": "/home/packer/reconcile-private-hosts.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mig-partition.service", - "destination": "/home/packer/mig-partition.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/bind-mount.sh", - "destination": "/home/packer/bind-mount.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/bind-mount.service", - "destination": "/home/packer/bind-mount.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/enable-dhcpv6.sh", - "destination": "/home/packer/enable-dhcpv6.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/dhcpv6.service", - "destination": "/home/packer/dhcpv6.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sync-container-logs.sh", - "destination": "/home/packer/sync-container-logs.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sync-container-logs.service", - "destination": "/home/packer/sync-container-logs.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/crictl.yaml", - "destination": "/home/packer/crictl.yaml" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ensure-no-dup.sh", - "destination": "/home/packer/ensure-no-dup.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ensure-no-dup.service", - "destination": "/home/packer/ensure-no-dup.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/teleportd.service", - "destination": "/home/packer/teleportd.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/setup-custom-search-domains.sh", - "destination": "/home/packer/setup-custom-search-domains.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ubuntu/ubuntu-snapshot-update.sh", - "destination": "/home/packer/ubuntu-snapshot-update.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ubuntu/snapshot-update.service", - "destination": "/home/packer/snapshot-update.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ubuntu/snapshot-update.timer", - "destination": "/home/packer/snapshot-update.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cis.sh", - "destination": "/home/packer/cis.sh" - }, - { - "type": "file", - "source": "vhdbuilder/scripts/linux/tool_installs.sh", - "destination": "/home/packer/tool_installs.sh" - }, - { - "type": "file", - "source": "vhdbuilder/scripts/linux/flatcar/tool_installs_flatcar.sh", - "destination": "/home/packer/tool_installs_distro.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/pre-install-dependencies.sh", - "destination": "/home/packer/pre-install-dependencies.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/install-dependencies.sh", - "destination": "/home/packer/install-dependencies.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/post-install-dependencies.sh", - "destination": "/home/packer/post-install-dependencies.sh" - }, - { - "type": "file", - "source": "parts/common/components.json", - "destination": "/home/packer/components.json" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/manifest.json", - "destination": "/home/packer/manifest.json" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sysctl-d-60-CIS.conf", - "destination": "/home/packer/sysctl-d-60-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sshd_config", - "destination": "/home/packer/sshd_config" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sshd_config_2204_fips", - "destination": "/home/packer/sshd_config_2204_fips" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/rsyslog-d-60-CIS.conf", - "destination": "/home/packer/rsyslog-d-60-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/logrotate-d-rsyslog-CIS.conf", - "destination": "/home/packer/logrotate-d-rsyslog-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/etc-issue", - "destination": "/home/packer/etc-issue" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/etc-issue.net", - "destination": "/home/packer/etc-issue.net" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/modprobe-CIS.conf", - "destination": "/home/packer/modprobe-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/faillock-CIS.conf", - "destination": "/home/packer/faillock-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pwquality-CIS.conf", - "destination": "/home/packer/pwquality-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-su", - "destination": "/home/packer/pam-d-su" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-auth", - "destination": "/home/packer/pam-d-common-auth" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-account", - "destination": "/home/packer/pam-d-common-account" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-auth-2204", - "destination": "/home/packer/pam-d-common-auth-2204" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-password", - "destination": "/home/packer/pam-d-common-password" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/profile-d-cis.sh", - "destination": "/home/packer/profile-d-cis.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/disk_queue.service", - "destination": "/home/packer/disk_queue.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-memory-telemetry.sh", - "destination": "/home/packer/cgroup-memory-telemetry.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-memory-telemetry.service", - "destination": "/home/packer/cgroup-memory-telemetry.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-memory-telemetry.timer", - "destination": "/home/packer/cgroup-memory-telemetry.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-pressure-telemetry.sh", - "destination": "/home/packer/cgroup-pressure-telemetry.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-pressure-telemetry.service", - "destination": "/home/packer/cgroup-pressure-telemetry.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-pressure-telemetry.timer", - "destination": "/home/packer/cgroup-pressure-telemetry.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/flatcar/update_certs.service", - "destination": "/home/packer/update_certs.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/update_certs.path", - "destination": "/home/packer/update_certs.path" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/update_certs.sh", - "destination": "/home/packer/update_certs.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ci-syslog-watcher.path", - "destination": "/home/packer/ci-syslog-watcher.path" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ci-syslog-watcher.service", - "destination": "/home/packer/ci-syslog-watcher.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ci-syslog-watcher.sh", - "destination": "/home/packer/ci-syslog-watcher.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-diagnostic.py", - "destination": "/home/packer/aks-diagnostic.py" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector.sh", - "destination": "/home/packer/aks-log-collector.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector-send.py", - "destination": "/home/packer/aks-log-collector-send.py" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector.service", - "destination": "/home/packer/aks-log-collector.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector.slice", - "destination": "/home/packer/aks-log-collector.slice" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector.timer", - "destination": "/home/packer/aks-log-collector.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-check-network.sh", - "destination": "/home/packer/aks-check-network.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-check-network.service", - "destination": "/home/packer/aks-check-network.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-logrotate.sh", - "destination": "/home/packer/logrotate.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-logrotate.service", - "destination": "/home/packer/logrotate.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-logrotate.timer", - "destination": "/home/packer/logrotate.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-logrotate-override.conf", - "destination": "/home/packer/override.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-rsyslog", - "destination": "/home/packer/rsyslog" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ipv6_nftables", - "destination": "/home/packer/ipv6_nftables" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ipv6_nftables.service", - "destination": "/home/packer/ipv6_nftables.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ipv6_nftables.sh", - "destination": "/home/packer/ipv6_nftables.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/apt-preferences", - "destination": "/home/packer/apt-preferences" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/kms.service", - "destination": "/home/packer/kms.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mig-partition.sh", - "destination": "/home/packer/mig-partition.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/docker_clear_mount_propagation_flags.conf", - "destination": "/home/packer/docker_clear_mount_propagation_flags.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/nvidia-modprobe.service", - "destination": "/home/packer/nvidia-modprobe.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/nvidia-docker-daemon.json", - "destination": "/home/packer/nvidia-docker-daemon.json" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-auth", - "destination": "/home/packer/pam-d-common-auth" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-password", - "destination": "/home/packer/pam-d-common-password" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-su", - "destination": "/home/packer/pam-d-su" - }, - { - "type": "file", - "source": "vhdbuilder/notice.txt", - "destination": "/home/packer/NOTICE.txt" - }, - { - "type": "file", - "source": "vhdbuilder/notice_flatcar.txt", - "destination": "/home/packer/NOTICE_FLATCAR.txt" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/localdns.sh", - "destination": "/home/packer/localdns.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/localdns.service", - "destination": "/home/packer/localdns.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/localdns-delegate.conf", - "destination": "/home/packer/localdns-delegate.conf" - }, - { - "type": "shell", - "inline": [ - "sudo FEATURE_FLAGS={{user `feature_flags`}} BUILD_NUMBER={{user `build_number`}} BUILD_ID={{user `build_id`}} COMMIT={{user `commit`}} HYPERV_GENERATION={{user `hyperv_generation`}} CONTAINER_RUNTIME={{user `container_runtime`}} TELEPORTD_PLUGIN_DOWNLOAD_URL={{user `teleportd_plugin_download_url`}} ENABLE_FIPS={{user `enable_fips`}} IMG_SKU={{user `img_sku`}} VHD_BUILD_TIMESTAMP={{user `vhd_build_timestamp`}} /bin/bash -ux /home/packer/pre-install-dependencies.sh" - ] - }, - { - "type": "shell", - "inline": ": reboot", - "expect_disconnect": true, - "skip_clean": true, - "pause_after": "0s" - }, - { - "type": "shell", - "inline": [ - "sudo FEATURE_FLAGS={{user `feature_flags`}} BUILD_NUMBER={{user `build_number`}} BUILD_ID={{user `build_id`}} COMMIT={{user `commit`}} HYPERV_GENERATION={{user `hyperv_generation`}} CONTAINER_RUNTIME={{user `container_runtime`}} TELEPORTD_PLUGIN_DOWNLOAD_URL={{user `teleportd_plugin_download_url`}} ENABLE_FIPS={{user `enable_fips`}} IMG_SKU={{user `img_sku`}} PRIVATE_PACKAGES_URL={{user `private_packages_url`}} VHD_BUILD_TIMESTAMP={{user `vhd_build_timestamp`}} /bin/bash -ux /home/packer/install-dependencies.sh" - ] - }, - { - "type": "file", - "direction": "download", - "source": "/var/log/bcc_installation.log", - "destination": "bcc-tools-installation.log" - }, - { - "type": "shell", - "inline": [ - "sudo rm /var/log/bcc_installation.log" - ] - }, - { - "type": "shell", - "inline": ": reboot", - "expect_disconnect": true, - "skip_clean": true, - "pause_after": "0s" - }, - { - "type": "shell", - "inline": [ - "sudo FEATURE_FLAGS={{user `feature_flags`}} BUILD_NUMBER={{user `build_number`}} BUILD_ID={{user `build_id`}} COMMIT={{user `commit`}} HYPERV_GENERATION={{user `hyperv_generation`}} CONTAINER_RUNTIME={{user `container_runtime`}} TELEPORTD_PLUGIN_DOWNLOAD_URL={{user `teleportd_plugin_download_url`}} ENABLE_FIPS={{user `enable_fips`}} IMG_SKU={{user `img_sku`}} /bin/bash -ux /home/packer/post-install-dependencies.sh" - ] - }, - { - "type": "file", - "source": "vhdbuilder/packer/list-images.sh", - "destination": "/home/packer/list-images.sh" - }, - { - "type": "shell", - "inline": [ - "sudo SKU_NAME={{user `sku_name`}} IMAGE_VERSION={{user `image_version`}} CONTAINER_RUNTIME={{user `container_runtime`}} /bin/bash -ux /home/packer/list-images.sh" - ] - }, - { - "type": "file", - "direction": "download", - "source": "/opt/azure/containers/image-bom.json", - "destination": "image-bom.json" - }, - { - "type": "file", - "direction": "download", - "source": "/opt/azure/vhd-install.complete", - "destination": "release-notes.txt" - }, - { - "type": "file", - "direction": "download", - "source": "/opt/azure/vhd-build-performance-data.json", - "destination": "vhd-build-performance-data.json" - }, - { - "type": "file", - "direction": "download", - "source": "/opt/azure/vhd-grid-compatibility-data.json", - "destination": "vhd-grid-compatibility-data.json" - }, - { - "type": "shell", - "inline": [ - "sudo rm /opt/azure/vhd-build-performance-data.json", - "sudo rm /opt/azure/vhd-grid-compatibility-data.json" - ] - }, - { - "type": "shell", - "inline": [ - "sudo /bin/bash -eux /home/packer/cis.sh", - "sudo /bin/bash -eux /opt/azure/containers/cleanup-vhd.sh", - "sudo touch /boot/flatcar/first_boot", - "sudo /usr/sbin/waagent -force -deprovision+user && export HISTSIZE=0 && sync || exit 125" - ] - } - ] -} diff --git a/vhdbuilder/packer/vhd-image-builder-mariner-arm64.json b/vhdbuilder/packer/vhd-image-builder-mariner-arm64.json deleted file mode 100644 index c02c7762b74..00000000000 --- a/vhdbuilder/packer/vhd-image-builder-mariner-arm64.json +++ /dev/null @@ -1,695 +0,0 @@ -{ - "variables": { - "subscription_id": "{{env `AZURE_SUBSCRIPTION_ID`}}", - "gallery_subscription_id": "{{user `gallery_subscription_id`}}", - "location": "{{env `PACKER_BUILD_LOCATION`}}", - "vm_size": "{{env `AZURE_VM_SIZE`}}", - "build_definition_name": "{{env `BUILD_DEFINITION_NAME`}}", - "build_number": "{{env `BUILD_NUMBER`}}", - "build_id": "{{env `BUILD_ID`}}", - "commit": "{{env `GIT_VERSION`}}", - "feature_flags": "{{env `FEATURE_FLAGS`}}", - "image_version": "{{env `IMAGE_VERSION`}}", - "os_version": "{{env `OS_VERSION`}}", - "sku_name": "{{env `SKU_NAME`}}", - "hyperv_generation": "{{env `HYPERV_GENERATION`}}", - "sig_gallery_name": "{{env `SIG_GALLERY_NAME`}}", - "sig_image_name": "{{env `SIG_IMAGE_NAME`}}", - "container_runtime": "{{env `CONTAINER_RUNTIME`}}", - "teleportd_plugin_download_url": "{{env `TELEPORTD_PLUGIN_DOWNLOAD_URL`}}", - "captured_sig_version": "{{env `${CAPTURED_SIG_VERSION`}}", - "enable_fips": "{{env `ENABLE_FIPS`}}", - "img_publisher": "{{env `IMG_PUBLISHER`}}", - "img_offer": "{{env `IMG_OFFER`}}", - "img_sku": "{{env `IMG_SKU`}}", - "img_version": "{{env `IMG_VERSION`}}", - "vnet_resource_group_name": "{{env `VNET_RESOURCE_GROUP_NAME`}}", - "vnet_name": "{{env `VNET_NAME`}}", - "subnet_name": "{{env `SUBNET_NAME`}}", - "enable_cgroupv2": "{{env `ENABLE_CGROUPV2`}}", - "private_packages_url": "{{env `PRIVATE_PACKAGES_URL`}}", - "branch": "{{env `BRANCH`}}" - }, - "builders": [ - { - "type": "azure-arm", - "subscription_id": "{{user `subscription_id`}}", - "virtual_network_resource_group_name": "{{user `vnet_resource_group_name`}}", - "virtual_network_name": "{{user `vnet_name`}}", - "virtual_network_subnet_name": "{{user `subnet_name`}}", - "ssh_read_write_timeout": "5m", - "os_type": "Linux", - "os_disk_size_gb": 30, - "image_publisher": "{{user `img_publisher`}}", - "image_offer": "{{user `img_offer`}}", - "image_sku": "{{user `img_sku`}}", - "image_version": "{{user `img_version`}}", - "azure_tags": { - "buildDefinitionName": "{{user `build_definition_name`}}", - "buildNumber": "{{user `build_number`}}", - "buildId": "{{user `build_id`}}", - "SkipLinuxAzSecPack": "true", - "os": "Linux", - "now": "{{user `create_time`}}", - "createdBy": "aks-vhd-pipeline", - "image_sku": "{{user `img_sku`}}", - "branch": "{{user `branch`}}" - }, - "location": "{{user `location`}}", - "vm_size": "{{user `vm_size`}}", - "use_azure_cli_auth": "true", - "polling_duration_timeout": "1h", - "managed_image_storage_account_type": "Premium_LRS", - "shared_image_gallery_destination": { - "subscription": "{{user `gallery_subscription_id`}}", - "resource_group": "{{user `resource_group_name`}}", - "gallery_name": "{{user `sig_gallery_name`}}", - "image_name": "{{user `sig_image_name`}}", - "image_version": "{{user `captured_sig_version`}}", - "replication_regions": [ - "{{user `location`}}" - ] - }, - "user_assigned_managed_identities": "{{user `msi_resource_strings`}}" - } - ], - "provisioners": [ - { - "type": "shell", - "inline": [ - "sudo mkdir -p /opt/azure/containers", - "sudo mkdir -p /opt/scripts", - "sudo mkdir -p /opt/certs" - ] - }, - { - "type": "file", - "source": "vhdbuilder/lister/bin/lister", - "destination": "/home/packer/lister" - }, - { - "type": "file", - "source": "aks-node-controller/bin/aks-node-controller-linux-arm64", - "destination": "/home/packer/aks-node-controller" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-node-controller.service", - "destination": "/home/packer/aks-node-controller.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cloud-init-status-check.sh", - "destination": "/home/packer/cloud-init-status-check.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/prefetch.sh", - "destination": "/home/packer/prefetch.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/cleanup-vhd.sh", - "destination": "/home/packer/cleanup-vhd.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/packer_source.sh", - "destination": "/home/packer/packer_source.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_install.sh", - "destination": "/home/packer/provision_installs.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mariner/cse_install_mariner.sh", - "destination": "/home/packer/provision_installs_distro.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_helpers.sh", - "destination": "/home/packer/provision_source.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_benchmark_functions.sh", - "destination": "/home/packer/provision_source_benchmarks.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mariner/cse_helpers_mariner.sh", - "destination": "/home/packer/provision_source_distro.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_config.sh", - "destination": "/home/packer/provision_configs.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_main.sh", - "destination": "/home/packer/provision.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_start.sh", - "destination": "/home/packer/provision_start.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/containerd_exec_start.conf", - "destination": "/home/packer/containerd_exec_start.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/kubelet.service", - "destination": "/home/packer/kubelet.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/secure-tls-bootstrap.service", - "destination": "/home/packer/secure-tls-bootstrap.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/reconcile-private-hosts.sh", - "destination": "/home/packer/reconcile-private-hosts.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/block_wireserver.sh", - "destination": "/home/packer/block_wireserver.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ensure_imds_restriction.sh", - "destination": "/home/packer/ensure_imds_restriction.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/measure-tls-bootstrapping-latency.sh", - "destination": "/home/packer/measure-tls-bootstrapping-latency.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/measure-tls-bootstrapping-latency.service", - "destination": "/home/packer/measure-tls-bootstrapping-latency.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/validate-kubelet-credentials.sh", - "destination": "/home/packer/validate-kubelet-credentials.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_redact_cloud_config.py", - "destination": "/home/packer/cse_redact_cloud_config.py" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_send_logs.py", - "destination": "/home/packer/cse_send_logs.py" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/init-aks-custom-cloud.sh", - "destination": "/home/packer/init-aks-custom-cloud.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/reconcile-private-hosts.service", - "destination": "/home/packer/reconcile-private-hosts.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mig-partition.service", - "destination": "/home/packer/mig-partition.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/bind-mount.sh", - "destination": "/home/packer/bind-mount.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/bind-mount.service", - "destination": "/home/packer/bind-mount.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/enable-dhcpv6.sh", - "destination": "/home/packer/enable-dhcpv6.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/dhcpv6.service", - "destination": "/home/packer/dhcpv6.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sync-container-logs.sh", - "destination": "/home/packer/sync-container-logs.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sync-container-logs.service", - "destination": "/home/packer/sync-container-logs.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/crictl.yaml", - "destination": "/home/packer/crictl.yaml" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ensure-no-dup.sh", - "destination": "/home/packer/ensure-no-dup.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ensure-no-dup.service", - "destination": "/home/packer/ensure-no-dup.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/teleportd.service", - "destination": "/home/packer/teleportd.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/setup-custom-search-domains.sh", - "destination": "/home/packer/setup-custom-search-domains.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cis.sh", - "destination": "/home/packer/cis.sh" - }, - { - "type": "file", - "source": "vhdbuilder/scripts/linux/tool_installs.sh", - "destination": "/home/packer/tool_installs.sh" - }, - { - "type": "file", - "source": "vhdbuilder/scripts/linux/mariner/tool_installs_mariner.sh", - "destination": "/home/packer/tool_installs_distro.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/pre-install-dependencies.sh", - "destination": "/home/packer/pre-install-dependencies.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/install-dependencies.sh", - "destination": "/home/packer/install-dependencies.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/post-install-dependencies.sh", - "destination": "/home/packer/post-install-dependencies.sh" - }, - { - "type": "file", - "source": "parts/common/components.json", - "destination": "/home/packer/components.json" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/manifest.json", - "destination": "/home/packer/manifest.json" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sysctl-d-60-CIS.conf", - "destination": "/home/packer/sysctl-d-60-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sshd_config", - "destination": "/home/packer/sshd_config" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/rsyslog-d-60-CIS.conf", - "destination": "/home/packer/rsyslog-d-60-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/logrotate-d-rsyslog-CIS.conf", - "destination": "/home/packer/logrotate-d-rsyslog-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/etc-issue", - "destination": "/home/packer/etc-issue" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/etc-issue.net", - "destination": "/home/packer/etc-issue.net" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/modprobe-CIS.conf", - "destination": "/home/packer/modprobe-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pwquality-CIS.conf", - "destination": "/home/packer/pwquality-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-su", - "destination": "/home/packer/pam-d-su" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mariner/pam-d-system-auth", - "destination": "/home/packer/pam-d-system-auth" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mariner/pam-d-system-password", - "destination": "/home/packer/pam-d-system-password" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-auth", - "destination": "/home/packer/pam-d-common-auth" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-password", - "destination": "/home/packer/pam-d-common-password" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/profile-d-cis.sh", - "destination": "/home/packer/profile-d-cis.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/disk_queue.service", - "destination": "/home/packer/disk_queue.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-memory-telemetry.sh", - "destination": "/home/packer/cgroup-memory-telemetry.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-memory-telemetry.service", - "destination": "/home/packer/cgroup-memory-telemetry.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-memory-telemetry.timer", - "destination": "/home/packer/cgroup-memory-telemetry.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-pressure-telemetry.sh", - "destination": "/home/packer/cgroup-pressure-telemetry.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-pressure-telemetry.service", - "destination": "/home/packer/cgroup-pressure-telemetry.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-pressure-telemetry.timer", - "destination": "/home/packer/cgroup-pressure-telemetry.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mariner/update_certs_mariner.service", - "destination": "/home/packer/update_certs.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/update_certs.path", - "destination": "/home/packer/update_certs.path" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/update_certs.sh", - "destination": "/home/packer/update_certs.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ci-syslog-watcher.path", - "destination": "/home/packer/ci-syslog-watcher.path" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ci-syslog-watcher.service", - "destination": "/home/packer/ci-syslog-watcher.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ci-syslog-watcher.sh", - "destination": "/home/packer/ci-syslog-watcher.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-diagnostic.py", - "destination": "/home/packer/aks-diagnostic.py" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector.sh", - "destination": "/home/packer/aks-log-collector.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector-send.py", - "destination": "/home/packer/aks-log-collector-send.py" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector.service", - "destination": "/home/packer/aks-log-collector.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector.slice", - "destination": "/home/packer/aks-log-collector.slice" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector.timer", - "destination": "/home/packer/aks-log-collector.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-check-network.sh", - "destination": "/home/packer/aks-check-network.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-check-network.service", - "destination": "/home/packer/aks-check-network.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-logrotate.sh", - "destination": "/home/packer/logrotate.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-logrotate.service", - "destination": "/home/packer/logrotate.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-logrotate.timer", - "destination": "/home/packer/logrotate.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-logrotate-override.conf", - "destination": "/home/packer/override.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-rsyslog", - "destination": "/home/packer/rsyslog" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ipv6_nftables", - "destination": "/home/packer/ipv6_nftables" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ipv6_nftables.service", - "destination": "/home/packer/ipv6_nftables.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ipv6_nftables.sh", - "destination": "/home/packer/ipv6_nftables.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/apt-preferences", - "destination": "/home/packer/apt-preferences" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/kms.service", - "destination": "/home/packer/kms.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mig-partition.sh", - "destination": "/home/packer/mig-partition.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/containerd.service", - "destination": "/home/packer/containerd.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-su", - "destination": "/home/packer/pam-d-su" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mariner/mariner-package-update.sh", - "destination": "/home/packer/mariner-package-update.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mariner/package-update.service", - "destination": "/home/packer/snapshot-update.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mariner/package-update.timer", - "destination": "/home/packer/snapshot-update.timer" - }, - { - "type": "file", - "source": "vhdbuilder/notice.txt", - "destination": "/home/packer/NOTICE.txt" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/localdns.sh", - "destination": "/home/packer/localdns.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/localdns.service", - "destination": "/home/packer/localdns.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/localdns-delegate.conf", - "destination": "/home/packer/localdns-delegate.conf" - }, - { - "type": "shell", - "inline": [ - "sudo FEATURE_FLAGS={{user `feature_flags`}} BUILD_NUMBER={{user `build_number`}} BUILD_ID={{user `build_id`}} COMMIT={{user `commit`}} HYPERV_GENERATION={{user `hyperv_generation`}} CONTAINER_RUNTIME={{user `container_runtime`}} TELEPORTD_PLUGIN_DOWNLOAD_URL={{user `teleportd_plugin_download_url`}} ENABLE_FIPS={{user `enable_fips`}} ENABLE_CGROUPV2={{user `enable_cgroupv2`}} IMG_SKU={{user `img_sku`}} /bin/bash -ux /home/packer/pre-install-dependencies.sh" - ] - }, - { - "type": "shell", - "inline": "sudo reboot", - "expect_disconnect": true, - "skip_clean": true, - "pause_after": "60s" - }, - { - "type": "shell", - "inline": [ - "sudo FEATURE_FLAGS={{user `feature_flags`}} BUILD_NUMBER={{user `build_number`}} BUILD_ID={{user `build_id`}} COMMIT={{user `commit`}} HYPERV_GENERATION={{user `hyperv_generation`}} CONTAINER_RUNTIME={{user `container_runtime`}} TELEPORTD_PLUGIN_DOWNLOAD_URL={{user `teleportd_plugin_download_url`}} ENABLE_FIPS={{user `enable_fips`}} ENABLE_CGROUPV2={{user `enable_cgroupv2`}} IMG_SKU={{user `img_sku`}} PRIVATE_PACKAGES_URL={{user `private_packages_url`}} /bin/bash -ux /home/packer/install-dependencies.sh" - ] - }, - { - "type": "file", - "direction": "download", - "source": "/var/log/bcc_installation.log", - "destination": "bcc-tools-installation.log" - }, - { - "type": "shell", - "inline": [ - "sudo rm /var/log/bcc_installation.log" - ] - }, - { - "type": "shell", - "inline": "sudo reboot", - "expect_disconnect": true, - "skip_clean": true, - "pause_after": "60s" - }, - { - "type": "shell", - "inline": [ - "sudo FEATURE_FLAGS={{user `feature_flags`}} BUILD_NUMBER={{user `build_number`}} BUILD_ID={{user `build_id`}} COMMIT={{user `commit`}} HYPERV_GENERATION={{user `hyperv_generation`}} CONTAINER_RUNTIME={{user `container_runtime`}} TELEPORTD_PLUGIN_DOWNLOAD_URL={{user `teleportd_plugin_download_url`}} ENABLE_FIPS={{user `enable_fips`}} ENABLE_CGROUPV2={{user `enable_cgroupv2`}} IMG_SKU={{user `img_sku`}} /bin/bash -ux /home/packer/post-install-dependencies.sh" - ] - }, - { - "type": "file", - "source": "vhdbuilder/packer/list-images.sh", - "destination": "/home/packer/list-images.sh" - }, - { - "type": "shell", - "inline": [ - "sudo SKU_NAME={{user `sku_name`}} IMAGE_VERSION={{user `image_version`}} CONTAINER_RUNTIME={{user `container_runtime`}} /bin/bash -ux /home/packer/list-images.sh" - ] - }, - { - "type": "file", - "direction": "download", - "source": "/opt/azure/containers/image-bom.json", - "destination": "image-bom.json" - }, - { - "type": "file", - "direction": "download", - "source": "/opt/azure/vhd-install.complete", - "destination": "release-notes.txt" - }, - { - "type": "file", - "direction": "download", - "source": "/opt/azure/vhd-build-performance-data.json", - "destination": "vhd-build-performance-data.json" - }, - { - "type": "file", - "direction": "download", - "source": "/opt/azure/vhd-grid-compatibility-data.json", - "destination": "vhd-grid-compatibility-data.json" - }, - { - "type": "shell", - "inline": [ - "sudo rm /opt/azure/vhd-build-performance-data.json", - "sudo rm /opt/azure/vhd-grid-compatibility-data.json" - ] - }, - { - "type": "shell", - "inline": [ - "sudo /bin/bash -eux /home/packer/cis.sh", - "sudo /bin/bash -eux /opt/azure/containers/cleanup-vhd.sh", - "sudo waagent -force -deprovision+user && export HISTSIZE=0 && sync || exit 125" - ] - } - ] -} diff --git a/vhdbuilder/packer/vhd-image-builder-mariner-cvm.json b/vhdbuilder/packer/vhd-image-builder-mariner-cvm.json deleted file mode 100644 index 8c232f56cff..00000000000 --- a/vhdbuilder/packer/vhd-image-builder-mariner-cvm.json +++ /dev/null @@ -1,696 +0,0 @@ -{ - "variables": { - "subscription_id": "{{env `AZURE_SUBSCRIPTION_ID`}}", - "gallery_subscription_id": "{{user `gallery_subscription_id`}}", - "location": "{{env `PACKER_BUILD_LOCATION`}}", - "vm_size": "{{env `AZURE_VM_SIZE`}}", - "build_definition_name": "{{env `BUILD_DEFINITION_NAME`}}", - "build_number": "{{env `BUILD_NUMBER`}}", - "build_id": "{{env `BUILD_ID`}}", - "commit": "{{env `GIT_VERSION`}}", - "feature_flags": "{{env `FEATURE_FLAGS`}}", - "image_version": "{{env `IMAGE_VERSION`}}", - "os_version": "{{env `OS_VERSION`}}", - "sku_name": "{{env `SKU_NAME`}}", - "hyperv_generation": "{{env `HYPERV_GENERATION`}}", - "sig_gallery_name": "{{env `SIG_GALLERY_NAME`}}", - "sig_image_name": "{{env `SIG_IMAGE_NAME`}}", - "container_runtime": "{{env `CONTAINER_RUNTIME`}}", - "teleportd_plugin_download_url": "{{env `TELEPORTD_PLUGIN_DOWNLOAD_URL`}}", - "captured_sig_version": "{{env `${CAPTURED_SIG_VERSION`}}", - "enable_fips": "{{env `ENABLE_FIPS`}}", - "img_publisher": "{{env `IMG_PUBLISHER`}}", - "img_offer": "{{env `IMG_OFFER`}}", - "img_sku": "{{env `IMG_SKU`}}", - "img_version": "{{env `IMG_VERSION`}}", - "vnet_resource_group_name": "{{env `VNET_RESOURCE_GROUP_NAME`}}", - "vnet_name": "{{env `VNET_NAME`}}", - "subnet_name": "{{env `SUBNET_NAME`}}", - "enable_cgroupv2": "{{env `ENABLE_CGROUPV2`}}", - "private_packages_url": "{{env `PRIVATE_PACKAGES_URL`}}", - "branch": "{{env `BRANCH`}}" - }, - "builders": [ - { - "type": "azure-arm", - "subscription_id": "{{user `subscription_id`}}", - "virtual_network_resource_group_name": "{{user `vnet_resource_group_name`}}", - "virtual_network_name": "{{user `vnet_name`}}", - "virtual_network_subnet_name": "{{user `subnet_name`}}", - "ssh_read_write_timeout": "5m", - "os_type": "Linux", - "os_disk_size_gb": 30, - "image_publisher": "{{user `img_publisher`}}", - "image_offer": "{{user `img_offer`}}", - "image_sku": "{{user `img_sku`}}", - "image_version": "{{user `img_version`}}", - "azure_tags": { - "buildDefinitionName": "{{user `build_definition_name`}}", - "buildNumber": "{{user `build_number`}}", - "buildId": "{{user `build_id`}}", - "SkipLinuxAzSecPack": "true", - "os": "Linux", - "now": "{{user `create_time`}}", - "createdBy": "aks-vhd-pipeline", - "image_sku": "{{user `img_sku`}}", - "branch": "{{user `branch`}}" - }, - "location": "{{user `location`}}", - "vm_size": "{{user `vm_size`}}", - "use_azure_cli_auth": "true", - "polling_duration_timeout": "1h", - "managed_image_storage_account_type": "Premium_LRS", - "secure_boot_enabled": true, - "vtpm_enabled": true, - "security_type": "ConfidentialVM", - "security_encryption_type": "VMGuestStateOnly", - "shared_image_gallery_destination": { - "specialized": true, - "confidential_vm_image_encryption_type": "EncryptedVMGuestStateOnlyWithPmk", - "subscription": "{{user `gallery_subscription_id`}}", - "resource_group": "{{user `resource_group_name`}}", - "gallery_name": "{{user `sig_gallery_name`}}", - "image_name": "{{user `sig_image_name`}}", - "image_version": "{{user `captured_sig_version`}}", - "replication_regions": [ - "{{user `location`}}" - ] - }, - "user_assigned_managed_identities": "{{user `msi_resource_strings`}}" - } - ], - "provisioners": [ - { - "type": "shell", - "inline": [ - "sudo mkdir -p /opt/azure/containers", - "sudo mkdir -p /opt/scripts", - "sudo mkdir -p /opt/certs" - ] - }, - { - "type": "file", - "source": "vhdbuilder/lister/bin/lister", - "destination": "/home/packer/lister" - }, - { - "type": "file", - "source": "aks-node-controller/bin/aks-node-controller-linux-amd64", - "destination": "/home/packer/aks-node-controller" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cloud-init-status-check.sh", - "destination": "/home/packer/cloud-init-status-check.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-node-controller.service", - "destination": "/home/packer/aks-node-controller.service" - }, - { - "type": "file", - "source": "vhdbuilder/packer/prefetch.sh", - "destination": "/home/packer/prefetch.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/cleanup-vhd.sh", - "destination": "/home/packer/cleanup-vhd.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/packer_source.sh", - "destination": "/home/packer/packer_source.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_install.sh", - "destination": "/home/packer/provision_installs.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mariner/cse_install_mariner.sh", - "destination": "/home/packer/provision_installs_distro.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_helpers.sh", - "destination": "/home/packer/provision_source.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_benchmark_functions.sh", - "destination": "/home/packer/provision_source_benchmarks.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mariner/cse_helpers_mariner.sh", - "destination": "/home/packer/provision_source_distro.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_config.sh", - "destination": "/home/packer/provision_configs.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_main.sh", - "destination": "/home/packer/provision.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_start.sh", - "destination": "/home/packer/provision_start.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/containerd_exec_start.conf", - "destination": "/home/packer/containerd_exec_start.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/kubelet.service", - "destination": "/home/packer/kubelet.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/secure-tls-bootstrap.service", - "destination": "/home/packer/secure-tls-bootstrap.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/reconcile-private-hosts.sh", - "destination": "/home/packer/reconcile-private-hosts.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/block_wireserver.sh", - "destination": "/home/packer/block_wireserver.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ensure_imds_restriction.sh", - "destination": "/home/packer/ensure_imds_restriction.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/measure-tls-bootstrapping-latency.sh", - "destination": "/home/packer/measure-tls-bootstrapping-latency.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/measure-tls-bootstrapping-latency.service", - "destination": "/home/packer/measure-tls-bootstrapping-latency.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/validate-kubelet-credentials.sh", - "destination": "/home/packer/validate-kubelet-credentials.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_redact_cloud_config.py", - "destination": "/home/packer/cse_redact_cloud_config.py" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_send_logs.py", - "destination": "/home/packer/cse_send_logs.py" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/init-aks-custom-cloud.sh", - "destination": "/home/packer/init-aks-custom-cloud.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/reconcile-private-hosts.service", - "destination": "/home/packer/reconcile-private-hosts.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mig-partition.service", - "destination": "/home/packer/mig-partition.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/bind-mount.sh", - "destination": "/home/packer/bind-mount.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/bind-mount.service", - "destination": "/home/packer/bind-mount.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/enable-dhcpv6.sh", - "destination": "/home/packer/enable-dhcpv6.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/dhcpv6.service", - "destination": "/home/packer/dhcpv6.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sync-container-logs.sh", - "destination": "/home/packer/sync-container-logs.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sync-container-logs.service", - "destination": "/home/packer/sync-container-logs.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/crictl.yaml", - "destination": "/home/packer/crictl.yaml" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ensure-no-dup.sh", - "destination": "/home/packer/ensure-no-dup.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ensure-no-dup.service", - "destination": "/home/packer/ensure-no-dup.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/teleportd.service", - "destination": "/home/packer/teleportd.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/setup-custom-search-domains.sh", - "destination": "/home/packer/setup-custom-search-domains.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cis.sh", - "destination": "/home/packer/cis.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mariner/mariner-package-update.sh", - "destination": "/home/packer/mariner-package-update.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mariner/package-update.service", - "destination": "/home/packer/snapshot-update.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mariner/package-update.timer", - "destination": "/home/packer/snapshot-update.timer" - }, - { - "type": "file", - "source": "vhdbuilder/scripts/linux/tool_installs.sh", - "destination": "/home/packer/tool_installs.sh" - }, - { - "type": "file", - "source": "vhdbuilder/scripts/linux/mariner/tool_installs_mariner.sh", - "destination": "/home/packer/tool_installs_distro.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/pre-install-dependencies.sh", - "destination": "/home/packer/pre-install-dependencies.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/install-dependencies.sh", - "destination": "/home/packer/install-dependencies.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/post-install-dependencies.sh", - "destination": "/home/packer/post-install-dependencies.sh" - }, - { - "type": "file", - "source": "parts/common/components.json", - "destination": "/home/packer/components.json" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/manifest.json", - "destination": "/home/packer/manifest.json" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sysctl-d-60-CIS.conf", - "destination": "/home/packer/sysctl-d-60-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sshd_config", - "destination": "/home/packer/sshd_config" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/rsyslog-d-60-CIS.conf", - "destination": "/home/packer/rsyslog-d-60-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/logrotate-d-rsyslog-CIS.conf", - "destination": "/home/packer/logrotate-d-rsyslog-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/etc-issue", - "destination": "/home/packer/etc-issue" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/etc-issue.net", - "destination": "/home/packer/etc-issue.net" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/modprobe-CIS.conf", - "destination": "/home/packer/modprobe-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pwquality-CIS.conf", - "destination": "/home/packer/pwquality-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-su", - "destination": "/home/packer/pam-d-su" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mariner/pam-d-system-auth", - "destination": "/home/packer/pam-d-system-auth" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mariner/pam-d-system-password", - "destination": "/home/packer/pam-d-system-password" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-auth", - "destination": "/home/packer/pam-d-common-auth" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-password", - "destination": "/home/packer/pam-d-common-password" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/profile-d-cis.sh", - "destination": "/home/packer/profile-d-cis.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/disk_queue.service", - "destination": "/home/packer/disk_queue.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-memory-telemetry.sh", - "destination": "/home/packer/cgroup-memory-telemetry.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-memory-telemetry.service", - "destination": "/home/packer/cgroup-memory-telemetry.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-memory-telemetry.timer", - "destination": "/home/packer/cgroup-memory-telemetry.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-pressure-telemetry.sh", - "destination": "/home/packer/cgroup-pressure-telemetry.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-pressure-telemetry.service", - "destination": "/home/packer/cgroup-pressure-telemetry.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-pressure-telemetry.timer", - "destination": "/home/packer/cgroup-pressure-telemetry.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mariner/update_certs_mariner.service", - "destination": "/home/packer/update_certs.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/update_certs.path", - "destination": "/home/packer/update_certs.path" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/update_certs.sh", - "destination": "/home/packer/update_certs.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ci-syslog-watcher.path", - "destination": "/home/packer/ci-syslog-watcher.path" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ci-syslog-watcher.service", - "destination": "/home/packer/ci-syslog-watcher.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ci-syslog-watcher.sh", - "destination": "/home/packer/ci-syslog-watcher.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-diagnostic.py", - "destination": "/home/packer/aks-diagnostic.py" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector.sh", - "destination": "/home/packer/aks-log-collector.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector-send.py", - "destination": "/home/packer/aks-log-collector-send.py" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector.service", - "destination": "/home/packer/aks-log-collector.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector.slice", - "destination": "/home/packer/aks-log-collector.slice" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector.timer", - "destination": "/home/packer/aks-log-collector.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-check-network.sh", - "destination": "/home/packer/aks-check-network.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-check-network.service", - "destination": "/home/packer/aks-check-network.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-logrotate.sh", - "destination": "/home/packer/logrotate.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-logrotate.service", - "destination": "/home/packer/logrotate.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-logrotate.timer", - "destination": "/home/packer/logrotate.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-logrotate-override.conf", - "destination": "/home/packer/override.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-rsyslog", - "destination": "/home/packer/rsyslog" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ipv6_nftables", - "destination": "/home/packer/ipv6_nftables" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ipv6_nftables.service", - "destination": "/home/packer/ipv6_nftables.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ipv6_nftables.sh", - "destination": "/home/packer/ipv6_nftables.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/apt-preferences", - "destination": "/home/packer/apt-preferences" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/kms.service", - "destination": "/home/packer/kms.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mig-partition.sh", - "destination": "/home/packer/mig-partition.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/containerd.service", - "destination": "/home/packer/containerd.service" - }, - { - "type": "file", - "source": "vhdbuilder/notice.txt", - "destination": "/home/packer/NOTICE.txt" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/localdns.sh", - "destination": "/home/packer/localdns.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/localdns.service", - "destination": "/home/packer/localdns.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/localdns-delegate.conf", - "destination": "/home/packer/localdns-delegate.conf" - }, - { - "type": "shell", - "inline": [ - "sudo FEATURE_FLAGS={{user `feature_flags`}} BUILD_NUMBER={{user `build_number`}} BUILD_ID={{user `build_id`}} COMMIT={{user `commit`}} HYPERV_GENERATION={{user `hyperv_generation`}} CONTAINER_RUNTIME={{user `container_runtime`}} TELEPORTD_PLUGIN_DOWNLOAD_URL={{user `teleportd_plugin_download_url`}} ENABLE_FIPS={{user `enable_fips`}} ENABLE_CGROUPV2={{user `enable_cgroupv2`}} IMG_SKU={{user `img_sku`}} /bin/bash -ux /home/packer/pre-install-dependencies.sh" - ] - }, - { - "type": "shell", - "inline": "sudo reboot", - "expect_disconnect": true, - "skip_clean": true, - "pause_after": "60s" - }, - { - "type": "shell", - "inline": [ - "sudo FEATURE_FLAGS={{user `feature_flags`}} BUILD_NUMBER={{user `build_number`}} BUILD_ID={{user `build_id`}} COMMIT={{user `commit`}} HYPERV_GENERATION={{user `hyperv_generation`}} CONTAINER_RUNTIME={{user `container_runtime`}} TELEPORTD_PLUGIN_DOWNLOAD_URL={{user `teleportd_plugin_download_url`}} ENABLE_FIPS={{user `enable_fips`}} ENABLE_CGROUPV2={{user `enable_cgroupv2`}} IMG_SKU={{user `img_sku`}} PRIVATE_PACKAGES_URL={{user `private_packages_url`}} /bin/bash -ux /home/packer/install-dependencies.sh" - ] - }, - { - "type": "file", - "direction": "download", - "source": "/var/log/bcc_installation.log", - "destination": "bcc-tools-installation.log" - }, - { - "type": "shell", - "inline": [ - "sudo rm /var/log/bcc_installation.log" - ] - }, - { - "type": "shell", - "inline": "sudo reboot", - "expect_disconnect": true, - "skip_clean": true, - "pause_after": "60s" - }, - { - "type": "shell", - "inline": [ - "sudo FEATURE_FLAGS={{user `feature_flags`}} BUILD_NUMBER={{user `build_number`}} BUILD_ID={{user `build_id`}} COMMIT={{user `commit`}} HYPERV_GENERATION={{user `hyperv_generation`}} CONTAINER_RUNTIME={{user `container_runtime`}} TELEPORTD_PLUGIN_DOWNLOAD_URL={{user `teleportd_plugin_download_url`}} ENABLE_FIPS={{user `enable_fips`}} ENABLE_CGROUPV2={{user `enable_cgroupv2`}} IMG_SKU={{user `img_sku`}} /bin/bash -ux /home/packer/post-install-dependencies.sh" - ] - }, - { - "type": "file", - "source": "vhdbuilder/packer/list-images.sh", - "destination": "/home/packer/list-images.sh" - }, - { - "type": "shell", - "inline": [ - "sudo SKU_NAME={{user `sku_name`}} IMAGE_VERSION={{user `image_version`}} CONTAINER_RUNTIME={{user `container_runtime`}} /bin/bash -ux /home/packer/list-images.sh" - ] - }, - { - "type": "file", - "direction": "download", - "source": "/opt/azure/containers/image-bom.json", - "destination": "image-bom.json" - }, - { - "type": "file", - "direction": "download", - "source": "/opt/azure/vhd-install.complete", - "destination": "release-notes.txt" - }, - { - "type": "file", - "direction": "download", - "source": "/opt/azure/vhd-build-performance-data.json", - "destination": "vhd-build-performance-data.json" - }, - { - "type": "file", - "direction": "download", - "source": "/opt/azure/vhd-grid-compatibility-data.json", - "destination": "vhd-grid-compatibility-data.json" - }, - { - "type": "shell", - "inline": [ - "sudo rm /opt/azure/vhd-build-performance-data.json", - "sudo rm /opt/azure/vhd-grid-compatibility-data.json" - ] - }, - { - "type": "shell", - "inline": [ - "sudo /bin/bash -eux /home/packer/cis.sh", - "sudo /bin/bash -eux /opt/azure/containers/cleanup-vhd.sh", - "sudo waagent -force -deprovision+user && export HISTSIZE=0 && sync || exit 125" - ] - } - ] -} diff --git a/vhdbuilder/packer/vhd-image-builder-mariner.json b/vhdbuilder/packer/vhd-image-builder-mariner.json deleted file mode 100644 index b994d28a2b8..00000000000 --- a/vhdbuilder/packer/vhd-image-builder-mariner.json +++ /dev/null @@ -1,697 +0,0 @@ -{ - "variables": { - "subscription_id": "{{env `AZURE_SUBSCRIPTION_ID`}}", - "gallery_subscription_id": "{{user `gallery_subscription_id`}}", - "location": "{{env `PACKER_BUILD_LOCATION`}}", - "vm_size": "{{env `AZURE_VM_SIZE`}}", - "build_definition_name": "{{env `BUILD_DEFINITION_NAME`}}", - "build_number": "{{env `BUILD_NUMBER`}}", - "build_id": "{{env `BUILD_ID`}}", - "commit": "{{env `GIT_VERSION`}}", - "feature_flags": "{{env `FEATURE_FLAGS`}}", - "image_version": "{{env `IMAGE_VERSION`}}", - "os_version": "{{env `OS_VERSION`}}", - "sku_name": "{{env `SKU_NAME`}}", - "hyperv_generation": "{{env `HYPERV_GENERATION`}}", - "sig_gallery_name": "{{env `SIG_GALLERY_NAME`}}", - "sig_image_name": "{{env `SIG_IMAGE_NAME`}}", - "container_runtime": "{{env `CONTAINER_RUNTIME`}}", - "teleportd_plugin_download_url": "{{env `TELEPORTD_PLUGIN_DOWNLOAD_URL`}}", - "captured_sig_version": "{{env `${CAPTURED_SIG_VERSION`}}", - "enable_fips": "{{env `ENABLE_FIPS`}}", - "img_publisher": "{{env `IMG_PUBLISHER`}}", - "img_offer": "{{env `IMG_OFFER`}}", - "img_sku": "{{env `IMG_SKU`}}", - "img_version": "{{env `IMG_VERSION`}}", - "vnet_resource_group_name": "{{env `VNET_RESOURCE_GROUP_NAME`}}", - "vnet_name": "{{env `VNET_NAME`}}", - "subnet_name": "{{env `SUBNET_NAME`}}", - "enable_cgroupv2": "{{env `ENABLE_CGROUPV2`}}", - "private_packages_url": "{{env `PRIVATE_PACKAGES_URL`}}", - "branch": "{{env `BRANCH`}}" - }, - "builders": [ - { - "type": "azure-arm", - "subscription_id": "{{user `subscription_id`}}", - "virtual_network_resource_group_name": "{{user `vnet_resource_group_name`}}", - "virtual_network_name": "{{user `vnet_name`}}", - "virtual_network_subnet_name": "{{user `subnet_name`}}", - "ssh_read_write_timeout": "5m", - "os_type": "Linux", - "os_disk_size_gb": 30, - "image_publisher": "{{user `img_publisher`}}", - "image_offer": "{{user `img_offer`}}", - "image_sku": "{{user `img_sku`}}", - "image_version": "{{user `img_version`}}", - "azure_tags": { - "buildDefinitionName": "{{user `build_definition_name`}}", - "buildNumber": "{{user `build_number`}}", - "buildId": "{{user `build_id`}}", - "SkipLinuxAzSecPack": "true", - "os": "Linux", - "now": "{{user `create_time`}}", - "createdBy": "aks-vhd-pipeline", - "image_sku": "{{user `img_sku`}}", - "branch": "{{user `branch`}}" - }, - "location": "{{user `location`}}", - "vm_size": "{{user `vm_size`}}", - "use_azure_cli_auth": "true", - "polling_duration_timeout": "1h", - "managed_image_name": "{{user `sig_image_name`}}-{{user `captured_sig_version`}}", - "managed_image_resource_group_name": "{{user `resource_group_name`}}", - "managed_image_storage_account_type": "Premium_LRS", - "shared_image_gallery_destination": { - "subscription": "{{user `gallery_subscription_id`}}", - "resource_group": "{{user `resource_group_name`}}", - "gallery_name": "{{user `sig_gallery_name`}}", - "image_name": "{{user `sig_image_name`}}", - "image_version": "{{user `captured_sig_version`}}", - "replication_regions": [ - "{{user `location`}}" - ] - }, - "user_assigned_managed_identities": "{{user `msi_resource_strings`}}" - } - ], - "provisioners": [ - { - "type": "shell", - "inline": [ - "sudo mkdir -p /opt/azure/containers", - "sudo mkdir -p /opt/scripts", - "sudo mkdir -p /opt/certs" - ] - }, - { - "type": "file", - "source": "vhdbuilder/lister/bin/lister", - "destination": "/home/packer/lister" - }, - { - "type": "file", - "source": "aks-node-controller/bin/aks-node-controller-linux-amd64", - "destination": "/home/packer/aks-node-controller" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-node-controller.service", - "destination": "/home/packer/aks-node-controller.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cloud-init-status-check.sh", - "destination": "/home/packer/cloud-init-status-check.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/prefetch.sh", - "destination": "/home/packer/prefetch.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/cleanup-vhd.sh", - "destination": "/home/packer/cleanup-vhd.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/packer_source.sh", - "destination": "/home/packer/packer_source.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_install.sh", - "destination": "/home/packer/provision_installs.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mariner/cse_install_mariner.sh", - "destination": "/home/packer/provision_installs_distro.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_helpers.sh", - "destination": "/home/packer/provision_source.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_benchmark_functions.sh", - "destination": "/home/packer/provision_source_benchmarks.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mariner/cse_helpers_mariner.sh", - "destination": "/home/packer/provision_source_distro.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_config.sh", - "destination": "/home/packer/provision_configs.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_main.sh", - "destination": "/home/packer/provision.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_start.sh", - "destination": "/home/packer/provision_start.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/containerd_exec_start.conf", - "destination": "/home/packer/containerd_exec_start.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/kubelet.service", - "destination": "/home/packer/kubelet.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/secure-tls-bootstrap.service", - "destination": "/home/packer/secure-tls-bootstrap.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/reconcile-private-hosts.sh", - "destination": "/home/packer/reconcile-private-hosts.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/block_wireserver.sh", - "destination": "/home/packer/block_wireserver.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ensure_imds_restriction.sh", - "destination": "/home/packer/ensure_imds_restriction.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/measure-tls-bootstrapping-latency.sh", - "destination": "/home/packer/measure-tls-bootstrapping-latency.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/measure-tls-bootstrapping-latency.service", - "destination": "/home/packer/measure-tls-bootstrapping-latency.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/validate-kubelet-credentials.sh", - "destination": "/home/packer/validate-kubelet-credentials.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_redact_cloud_config.py", - "destination": "/home/packer/cse_redact_cloud_config.py" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cse_send_logs.py", - "destination": "/home/packer/cse_send_logs.py" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/init-aks-custom-cloud.sh", - "destination": "/home/packer/init-aks-custom-cloud.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/reconcile-private-hosts.service", - "destination": "/home/packer/reconcile-private-hosts.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mig-partition.service", - "destination": "/home/packer/mig-partition.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/bind-mount.sh", - "destination": "/home/packer/bind-mount.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/bind-mount.service", - "destination": "/home/packer/bind-mount.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/enable-dhcpv6.sh", - "destination": "/home/packer/enable-dhcpv6.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/dhcpv6.service", - "destination": "/home/packer/dhcpv6.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sync-container-logs.sh", - "destination": "/home/packer/sync-container-logs.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sync-container-logs.service", - "destination": "/home/packer/sync-container-logs.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/crictl.yaml", - "destination": "/home/packer/crictl.yaml" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ensure-no-dup.sh", - "destination": "/home/packer/ensure-no-dup.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ensure-no-dup.service", - "destination": "/home/packer/ensure-no-dup.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/teleportd.service", - "destination": "/home/packer/teleportd.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/setup-custom-search-domains.sh", - "destination": "/home/packer/setup-custom-search-domains.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cis.sh", - "destination": "/home/packer/cis.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mariner/mariner-package-update.sh", - "destination": "/home/packer/mariner-package-update.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mariner/package-update.service", - "destination": "/home/packer/snapshot-update.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mariner/package-update.timer", - "destination": "/home/packer/snapshot-update.timer" - }, - { - "type": "file", - "source": "vhdbuilder/scripts/linux/tool_installs.sh", - "destination": "/home/packer/tool_installs.sh" - }, - { - "type": "file", - "source": "vhdbuilder/scripts/linux/mariner/tool_installs_mariner.sh", - "destination": "/home/packer/tool_installs_distro.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/pre-install-dependencies.sh", - "destination": "/home/packer/pre-install-dependencies.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/install-dependencies.sh", - "destination": "/home/packer/install-dependencies.sh" - }, - { - "type": "file", - "source": "vhdbuilder/packer/post-install-dependencies.sh", - "destination": "/home/packer/post-install-dependencies.sh" - }, - { - "type": "file", - "source": "parts/common/components.json", - "destination": "/home/packer/components.json" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/manifest.json", - "destination": "/home/packer/manifest.json" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sysctl-d-60-CIS.conf", - "destination": "/home/packer/sysctl-d-60-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/sshd_config", - "destination": "/home/packer/sshd_config" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/rsyslog-d-60-CIS.conf", - "destination": "/home/packer/rsyslog-d-60-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/logrotate-d-rsyslog-CIS.conf", - "destination": "/home/packer/logrotate-d-rsyslog-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/etc-issue", - "destination": "/home/packer/etc-issue" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/etc-issue.net", - "destination": "/home/packer/etc-issue.net" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/modprobe-CIS.conf", - "destination": "/home/packer/modprobe-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pwquality-CIS.conf", - "destination": "/home/packer/pwquality-CIS.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-su", - "destination": "/home/packer/pam-d-su" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mariner/pam-d-system-auth", - "destination": "/home/packer/pam-d-system-auth" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mariner/pam-d-system-password", - "destination": "/home/packer/pam-d-system-password" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-auth", - "destination": "/home/packer/pam-d-common-auth" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/pam-d-common-password", - "destination": "/home/packer/pam-d-common-password" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/profile-d-cis.sh", - "destination": "/home/packer/profile-d-cis.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/disk_queue.service", - "destination": "/home/packer/disk_queue.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-memory-telemetry.sh", - "destination": "/home/packer/cgroup-memory-telemetry.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-memory-telemetry.service", - "destination": "/home/packer/cgroup-memory-telemetry.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-memory-telemetry.timer", - "destination": "/home/packer/cgroup-memory-telemetry.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-pressure-telemetry.sh", - "destination": "/home/packer/cgroup-pressure-telemetry.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-pressure-telemetry.service", - "destination": "/home/packer/cgroup-pressure-telemetry.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/cgroup-pressure-telemetry.timer", - "destination": "/home/packer/cgroup-pressure-telemetry.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mariner/update_certs_mariner.service", - "destination": "/home/packer/update_certs.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/update_certs.path", - "destination": "/home/packer/update_certs.path" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/update_certs.sh", - "destination": "/home/packer/update_certs.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ci-syslog-watcher.path", - "destination": "/home/packer/ci-syslog-watcher.path" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ci-syslog-watcher.service", - "destination": "/home/packer/ci-syslog-watcher.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ci-syslog-watcher.sh", - "destination": "/home/packer/ci-syslog-watcher.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-diagnostic.py", - "destination": "/home/packer/aks-diagnostic.py" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector.sh", - "destination": "/home/packer/aks-log-collector.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector-send.py", - "destination": "/home/packer/aks-log-collector-send.py" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector.service", - "destination": "/home/packer/aks-log-collector.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector.slice", - "destination": "/home/packer/aks-log-collector.slice" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-log-collector.timer", - "destination": "/home/packer/aks-log-collector.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-check-network.sh", - "destination": "/home/packer/aks-check-network.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-check-network.service", - "destination": "/home/packer/aks-check-network.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-logrotate.sh", - "destination": "/home/packer/logrotate.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-logrotate.service", - "destination": "/home/packer/logrotate.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-logrotate.timer", - "destination": "/home/packer/logrotate.timer" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-logrotate-override.conf", - "destination": "/home/packer/override.conf" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/aks-rsyslog", - "destination": "/home/packer/rsyslog" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ipv6_nftables", - "destination": "/home/packer/ipv6_nftables" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ipv6_nftables.service", - "destination": "/home/packer/ipv6_nftables.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/ipv6_nftables.sh", - "destination": "/home/packer/ipv6_nftables.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/apt-preferences", - "destination": "/home/packer/apt-preferences" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/kms.service", - "destination": "/home/packer/kms.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/mig-partition.sh", - "destination": "/home/packer/mig-partition.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/containerd.service", - "destination": "/home/packer/containerd.service" - }, - { - "type": "file", - "source": "kata-containers.img", - "destination": "/home/packer/kata-containers.img" - }, - { - "type": "file", - "source": "vhdbuilder/notice.txt", - "destination": "/home/packer/NOTICE.txt" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/localdns.sh", - "destination": "/home/packer/localdns.sh" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/localdns.service", - "destination": "/home/packer/localdns.service" - }, - { - "type": "file", - "source": "parts/linux/cloud-init/artifacts/localdns-delegate.conf", - "destination": "/home/packer/localdns-delegate.conf" - }, - { - "type": "shell", - "inline": [ - "sudo FEATURE_FLAGS={{user `feature_flags`}} BUILD_NUMBER={{user `build_number`}} BUILD_ID={{user `build_id`}} COMMIT={{user `commit`}} HYPERV_GENERATION={{user `hyperv_generation`}} CONTAINER_RUNTIME={{user `container_runtime`}} TELEPORTD_PLUGIN_DOWNLOAD_URL={{user `teleportd_plugin_download_url`}} ENABLE_FIPS={{user `enable_fips`}} ENABLE_CGROUPV2={{user `enable_cgroupv2`}} IMG_SKU={{user `img_sku`}} /bin/bash -ux /home/packer/pre-install-dependencies.sh" - ] - }, - { - "type": "shell", - "inline": "sudo reboot", - "expect_disconnect": true, - "skip_clean": true, - "pause_after": "60s" - }, - { - "type": "shell", - "inline": [ - "sudo FEATURE_FLAGS={{user `feature_flags`}} BUILD_NUMBER={{user `build_number`}} BUILD_ID={{user `build_id`}} COMMIT={{user `commit`}} HYPERV_GENERATION={{user `hyperv_generation`}} CONTAINER_RUNTIME={{user `container_runtime`}} TELEPORTD_PLUGIN_DOWNLOAD_URL={{user `teleportd_plugin_download_url`}} ENABLE_FIPS={{user `enable_fips`}} ENABLE_CGROUPV2={{user `enable_cgroupv2`}} IMG_SKU={{user `img_sku`}} PRIVATE_PACKAGES_URL={{user `private_packages_url`}} /bin/bash -ux /home/packer/install-dependencies.sh" - ] - }, - { - "type": "file", - "direction": "download", - "source": "/var/log/bcc_installation.log", - "destination": "bcc-tools-installation.log" - }, - { - "type": "shell", - "inline": [ - "sudo rm /var/log/bcc_installation.log" - ] - }, - { - "type": "shell", - "inline": "sudo reboot", - "expect_disconnect": true, - "skip_clean": true, - "pause_after": "60s" - }, - { - "type": "shell", - "inline": [ - "sudo FEATURE_FLAGS={{user `feature_flags`}} BUILD_NUMBER={{user `build_number`}} BUILD_ID={{user `build_id`}} COMMIT={{user `commit`}} HYPERV_GENERATION={{user `hyperv_generation`}} CONTAINER_RUNTIME={{user `container_runtime`}} TELEPORTD_PLUGIN_DOWNLOAD_URL={{user `teleportd_plugin_download_url`}} ENABLE_FIPS={{user `enable_fips`}} ENABLE_CGROUPV2={{user `enable_cgroupv2`}} IMG_SKU={{user `img_sku`}} /bin/bash -ux /home/packer/post-install-dependencies.sh" - ] - }, - { - "type": "file", - "source": "vhdbuilder/packer/list-images.sh", - "destination": "/home/packer/list-images.sh" - }, - { - "type": "shell", - "inline": [ - "sudo SKU_NAME={{user `sku_name`}} IMAGE_VERSION={{user `image_version`}} CONTAINER_RUNTIME={{user `container_runtime`}} /bin/bash -ux /home/packer/list-images.sh" - ] - }, - { - "type": "file", - "direction": "download", - "source": "/opt/azure/containers/image-bom.json", - "destination": "image-bom.json" - }, - { - "type": "file", - "direction": "download", - "source": "/opt/azure/vhd-install.complete", - "destination": "release-notes.txt" - }, - { - "type": "file", - "direction": "download", - "source": "/opt/azure/vhd-build-performance-data.json", - "destination": "vhd-build-performance-data.json" - }, - { - "type": "file", - "direction": "download", - "source": "/opt/azure/vhd-grid-compatibility-data.json", - "destination": "vhd-grid-compatibility-data.json" - }, - { - "type": "shell", - "inline": [ - "sudo rm /opt/azure/vhd-build-performance-data.json", - "sudo rm /opt/azure/vhd-grid-compatibility-data.json" - ] - }, - { - "type": "shell", - "inline": [ - "sudo /bin/bash -eux /home/packer/cis.sh", - "sudo /bin/bash -eux /opt/azure/containers/cleanup-vhd.sh", - "sudo waagent -force -deprovision+user && export HISTSIZE=0 && sync || exit 125" - ] - } - ] -}