feat(ubuntu):Add an amazon-ebs AMI builder (#1447)

* feat!(aws):Add Amazon-ebs builder for Linux AMIs Signed-off-by: jayfranco999 <[email protected]> * fixup Signed-off-by: jayfranco999 <[email protected]> * fixup Signed-off-by: jayfranco999 <[email protected]> * Apply suggestions from code review Co-authored-by: Damien Duportal <[email protected]> * fixup Signed-off-by: jayfranco999 <[email protected]> * fixup Signed-off-by: jayfranco999 <[email protected]> * fixup Signed-off-by: jayfranco999 <[email protected]> * fixup Signed-off-by: jayfranco999 <[email protected]> * fixup Signed-off-by: jayfranco999 <[email protected]> * fixup Signed-off-by: jayfranco999 <[email protected]> * feat(aws): Removed all static credentials Signed-off-by: jayfranco999 <[email protected]> * fixup Signed-off-by: jayfranco999 <[email protected]> * mapping ami ids as per architecture Signed-off-by: jayfranco999 <[email protected]> * fixup Signed-off-by: jayfranco999 <[email protected]> * fixup Signed-off-by: jayfranco999 <[email protected]> * fixup Signed-off-by: jayfranco999 <[email protected]> * fixup --------- Signed-off-by: jayfranco999 <[email protected]> Co-authored-by: Damien Duportal <[email protected]>
jenkins-infra · Oct 17, 2024 · ccf81f7 · ccf81f7
1 parent 4c47698
commit ccf81f7
Show file tree

Hide file tree

Showing 6 changed files with 94 additions and 2 deletions.
diff --git a/Jenkinsfile_k8s b/Jenkinsfile_k8s
@@ -107,10 +107,36 @@ pipeline {
           axis {
             name 'compute_type'
             // "azure-arm" stands for "Azure Resource Manager", unrelated to arm64 CPU
-            values 'azure-arm', 'docker'
+            values 'amazon-ebs', 'azure-arm', 'docker'
           }
         }
         excludes {
+          // Only build Ubuntu images for arm64 CPU in AWS (notValues)
+          exclude {
+            axis {
+              name 'cpu_architecture'
+              values 'arm64'
+            }
+            axis {
+              name 'agent_type'
+              notValues 'ubuntu-22.04'
+            }
+            axis {
+              name 'compute_type'
+              values 'amazon-ebs'
+            }
+          }
+          // Exclude 'amazon-ebs' Windows builds while testing for Linux AMI
+          exclude {
+            axis {
+              name 'agent_type'
+              values 'windows-2019', 'windows-2022'
+            }
+            axis {
+              name 'compute_type'
+              values 'amazon-ebs'
+            }
+          }
           // Only build Ubuntu images for arm64 CPU in Azure (notValues)
           exclude {
             axis {
@@ -149,6 +175,10 @@ pipeline {
           }
         }
         environment {
+          // Defines the following environment variables: AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_DEFAULT_REGION
+          AWS_ACCESS_KEY_ID             = credentials('packer-aws-access-key-id')
+          AWS_SECRET_ACCESS_KEY         = credentials('packer-aws-secret-access-key')
+          AWS_DEFAULT_REGION            = 'us-east-2'
           // Defines the following environment variables: AZURE_CLIENT_ID, AZURE_CLIENT_SECRET, AZURE_TENANT_ID, AZURE_SUBSCRIPTION_ID
           // Ref. https://plugins.jenkins.io/azure-credentials/#plugin-content-declarative-pipeline
           AZURE                         = credentials('packer-azure-serviceprincipal-sponsorship')

diff --git a/build-jenkins-agent-ubuntu.pkr.hcl b/build-jenkins-agent-ubuntu.pkr.hcl
@@ -3,6 +3,13 @@ build {
     name = "ubuntu"
   }
 
+  source "amazon-ebs.base" {
+    name         = "ubuntu"
+    ssh_username = "ubuntu"
+    # Egg-and-chicken: what is the base image to start from (eg. what is my egg)?
+    source_ami = local.aws_ubuntu_amis[var.architecture]
+  }
+
   source "azure-arm.base" {
     name = "ubuntu"
     # List available offers and publishers with the command `az vm image list --output table`

diff --git a/locals.pkr.hcl b/locals.pkr.hcl
@@ -4,6 +4,18 @@ locals {
   agent_os_version_safe = replace(var.agent_os_version, ".", "_")
   image_name            = format("jenkins-agent-%s-%s-%s", var.agent_os_type, var.agent_os_version, var.architecture)
   unique_image_name     = format("%s-%s", local.image_name, local.now_unix_timestamp)
+
+
+  aws_instance_types = {
+    "amd64" = "t3.xlarge"
+    "arm64" = "t4g.xlarge"
+  }
+  # TODO: track AMI versions with `updatecli`
+  # Uses aws ec2 describe-images to fetch the ami id as per the architecture
+  aws_ubuntu_amis = {
+    "amd64" = "ami-00eb69d236edcfaf8"
+    "arm64" = "ami-039e419d24a37cb82"
+  }
   # List available SKUs with the command `az vm image list-skus --offer 0001-com-ubuntu-server-jammy --location eastus --publisher canonical --output table`
   az_instance_image_sku = {
     "amd64" = "${local.agent_os_version_safe}-lts-gen2"
@@ -12,6 +24,7 @@ locals {
   windows_winrm_user = {
     "azure-arm" = "packer"
     "docker"    = "packer"
+    "amazon-ebs" = "Administrator"
   }
 
   # List available images `az vm image list --location eastus --publisher MicrosoftWindowsServer --offer WindowsServer --sku 2022-datacenter-core-g2 --all --output table`

diff --git a/main.pkr.hcl b/main.pkr.hcl
@@ -1,6 +1,10 @@
 packer {
   required_version = ">= 1.7.2, < 2"
   required_plugins {
+    amazon = { # TODO: track this version with `updatecli`
+      version = "1.3.3"
+      source  = "github.com/hashicorp/amazon"
+    }
     windows-update = {
       version = "0.16.8"
       source  = "github.com/rgl/windows-update"

diff --git a/sources.pkr.hcl b/sources.pkr.hcl
@@ -1,3 +1,37 @@
+# This source defines all the common settings for any AWS AMI (whatever Operating System)
+source "amazon-ebs" "base" {
+
+
+  ami_name      = "${local.image_name}-${var.architecture}-${local.now_unix_timestamp}"
+  instance_type = local.aws_instance_types[var.architecture]
+
+
+  # Define custom rootfs for build to avoid later filesystem extension during agent startups
+  launch_block_device_mappings {
+    delete_on_termination = true
+    device_name           = "/dev/sda1"
+    volume_size           = local.windows_disk_size_gb # TODO: check if we can rename this local to cover both windows and Ubuntu
+    volume_type           = "gp2" # TODO: check if we can use `gp3` (blocker was ec2 plugin, not packer)
+  }
+
+
+  # Where to export the AMI
+  ami_regions = [
+    var.aws_destination_region
+  ]
+
+
+  # To improve audit and garbage collecting, we provide tags
+  tags = {
+    imageplatform = var.architecture
+    imagetype     = local.image_name
+    timestamp     = local.now_unix_timestamp
+    version       = var.image_version
+    scm_ref       = var.scm_ref
+    build_type    = var.build_type
+  }
+}
+
 # This source defines all the common settings for any Azure image (whatever Operating System)
 source "azure-arm" "base" {
   managed_image_resource_group_name = local.azure_destination_resource_group

diff --git a/variables.pkr.hcl b/variables.pkr.hcl
@@ -13,6 +13,10 @@ variable "architecture" {
   description = "CPU architecture ID of the build with the following possible values: [amd64 (default), arm64]"
   default     = "amd64"
 }
+variable "aws_destination_region" {
+  type    = string
+  default = env("AWS_DEFAULT_REGION")   # Defaults to the only region we use
+}
 variable "azure_client_id" {
   type    = string
   default = env("AZURE_CLIENT_ID")
@@ -35,7 +39,7 @@ variable "image_version" {
 }
 variable "image_type" {
   type        = string
-  description = "Which kind of Packer builder to use (e.g. cloud platform): [azure-arm (default), docker]"
+  description = "Which kind of Packer builder to use (e.g. cloud platform): [amazon-ebs, azure-arm (default), docker]"
   default     = "azure-arm"
 }
 variable "build_type" {