#packer (2020-06)
Discuss Packer for building AMIs and Docker Images
Archive: https://archive.sweetops.com/packer/
2020-06-04
Hey I am trying to pass 2 env vars from a ci pipeline to my shell provisioner somehow this does not seems to work. RESOURCES_AWS_ACCESS_KEY_ID and RESOURCES_AWS_SECRET_ACCESS_KEY my packer json is in the thread
{
"variables": {
"resources_aws_id": "{{env `RESOURCES_AWS_ACCESS_KEY_ID`}}",
"resources_aws_key": "{{env `RESOURCES_AWS_SECRET_ACCESS_KEY`}}"
},
"provisioners": [
{
"type": "shell",
"inline": [
"mkdir -p /tmp/httpd/ /tmp/crontab/ /tmp/sAI/"
]
},
{
"type": "file",
"source": "./httpd",
"destination": "/tmp/"
},
{
"type": "file",
"source": "./sAI",
"destination": "/tmp/"
},
{
"type": "file",
"source": "./crontab",
"destination": "/tmp/"
},
{
"type": "shell",
"scripts": [
"./httpd/install.sh",
"./sAI/install.sh",
"./crontab/install.sh"
],
"environment_vars": [
"RELEASE_PROJECT={{user `RELEASE_PROJECT`}}",
"RELEASE_STAGE={{user `RELEASE_STAGE`}}",
"RELEASE_VERSION={{user `RELEASE_VERSION`}}",
"AWS_ACCESS_KEY_ID={{user `AWS_ACCESS_KEY_ID`}}",
"AWS_SECRET_ACCESS_KEY={{user `AWS_SECRET_ACCESS_KEY`}}",
"RESOURCES_AWS_ACCESS_KEY_ID={{user `resources_aws_id`}}",
"RESOURCES_AWS_SECRET_ACCESS_KEY={{user `resources_aws_key`}}"
]
}
]
}
"AWS_ACCESS_KEY_ID={{user `AWS_ACCESS_KEY_ID`}}"
should be:
"AWS_ACCESS_KEY_ID={{user `resources_aws_id`}}"
also RELEASE_* seem not to be defined?
oh these I pass in via cli
packer build \
-var "SOURCE_AMI=$SOURCE_AMI" \
-var "RELEASE_PROJECT=$PROJECT_NAME" \
-var "RELEASE_STAGE=$TARGET" \
-var "RELEASE_VERSION=$TAG" \
-var "RELEASE_NAME=$PROJECT_NAME-$TARGET-$TAG" \
-var "AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID" \
-var "AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY" \
-var "CI_JOB_TOKEN=$CI_JOB_TOKEN" \
"packer.json"
but I want the RESOURCES_* to be passed in via env vars instead of defining them via cli arguments
since those are project specific
I found the issue it is not related to packer but how I merge with a different packer file later
dunno, sorry. Was my first shot in the dark
2020-06-14
Anyone use hcl for packer?
One thing I’m interested in is modules so i can create a good template of build commands that other repos can source.. i don’t see any examples of this
We recently looked into it for a project we are working on.
Decided against it due to https://github.com/hashicorp/packer/issues/9176
Many things are not yet implemented.
This is helpful !! Thanks @Erik Osterman (Cloud Posse) @RB!! I was looking to use HCL for packer stuff, thanks for heads up !!
Ah i see. Ill watch that issue and wait for it to be fully implemented
2020-06-15
2020-06-18
Hi Everyone - How do I set image name in packer docker image builder script?
2020-06-19
2020-06-30
is there a packer linter ?
or perhaps a json linter with configurable rules for packer
conftest?
it supports like 20 languages and formats
including json/yaml/hcl/etc
ah interesting. i guess i need to explore this more. once hcl2 is completely embraced by packer, we could modularize our packer configs hopefully, and to be extra we could test with conftest too
awesome, thanks erik. i wonder if someone has already posted on testing their json code with this tool.
ah heres a jsonnet example in conftest itself
https://github.com/open-policy-agent/conftest/blob/master/examples/jsonnet/arith.jsonnet
ya was just about to share
funny coincidence, @joshmyers just asked about https://sweetops.slack.com/archives/CB6GHNLG0/p1593520077380600
Ya, doing that now, integrating OPA with Atlantis
Very cool! I hope we get to work on a project that requires that this year.
Still figuring out if I want conftest or direct OPA
Looking reasonable so far though
Interested to know folks approaches to this and integration into Atlantis, storing the rego policies besides your modules etc?
That seems like it would work but you may require the same checks across different repos so perhaps youd want to either put the shared checka in its own repo and somehow clone it as a custom workflow
Aye, or separate to actually enforce policies, so folks can just change them on a branch to suit their needs