feat: add initial support for Packer in Orka (#3872)

- Add git rules to ignore `.env` files in `orka/` folder and subfolders - Add the first Packer template to validate the workfow - Add a GH pipeline to validate any change done in the templates (exclusively) - Add basic documentation for using Packer with Orka
nodejs · Aug 27, 2024 · b008503 · b008503
1 parent 24912dc
commit b008503
Show file tree

Hide file tree

Showing 4 changed files with 169 additions and 0 deletions.
diff --git a/.github/workflows/orka-templates.yml b/.github/workflows/orka-templates.yml
@@ -0,0 +1,40 @@
+name: Check ORKA Packer Templates
+
+on:
+  push:
+    paths:
+      - 'orka/**/*.pkr.hcl'
+  pull_request:
+    paths:
+      - 'orka/**/*.pkr.hcl'
+
+permissions:
+  contents: read
+
+jobs:
+  validate:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
+
+    - name: Set up Packer
+      uses: hashicorp/setup-packer@1aa358be5cf73883762b302a3a03abd66e75b232 #v3.1.0
+
+    - name: Initialize Packer
+      run: packer init .
+      working-directory: orka/templates
+
+    - name: Validate Packer templates
+      env:
+        ORKA_ENDPOINT: 'https://mock-orka-endpoint'
+        ORKA_AUTH_TOKEN: 'mock-orka-auth-token'
+        SSH_USERNAME: 'mock-ssh-username'
+        SSH_PASSWORD: 'mock-ssh-password'
+      run: |
+        packer validate -var "orka_endpoint=$ORKA_ENDPOINT" \
+                        -var "orka_auth_token=$ORKA_AUTH_TOKEN" \
+                        -var "ssh_username=$SSH_USERNAME" \
+                        -var "ssh_password=$SSH_PASSWORD" .
+      working-directory: orka/templates
diff --git a/.gitignore b/.gitignore
@@ -14,3 +14,6 @@ ansible/host_vars/*
 !ansible/host_vars/*-template
 .venv
 Pipfile.lock
+
+# Orka secrets files including naming mutations
+orka/*/.env*
diff --git a/orka/templates/README.md b/orka/templates/README.md
@@ -0,0 +1,77 @@
+# Using Packer with Orka
+
+## Pre-requisites
+
+You need to install Packer in your local machine. You can find the installation instructions [here](https://learn.hashicorp.com/tutorials/packer/get-started-install-cli).
+
+Once installed, you can verify the installation by running the following command:
+
+```shell
+packer --version
+```
+
+While writing this document, the latest version of Packer is `1.11.2`.
+
+## Install dependencies
+
+You need to run the following command to install the dependencies:
+
+```shell
+packer init .
+```
+
+## Access the Orka environment
+
+You need to connect to the Orka VPN. You can find the instructions in the secrets repository. 
+
+## Load the environment variables
+
+You need to load the environment variables:
+
+1. Get the `.env` file from the secrets repository. You will find the instructions in the repository.
+2. Copy the `.env` file to this directory.
+3. Run the following command:
+    ```shell
+    source .env
+    ```
+4. Verify that the environment variables are loaded by running the following command:
+    ```shell
+    echo $ORKA_ENDPOINT
+    echo $ORKA_AUTH_TOKEN
+    echo $SSH_USERNAME
+    echo $SSH_PASSWORD
+    ```
+
+## Validate the template
+
+You can validate all the templates by running the following command:
+
+```shell
+packer validate -var "orka_endpoint=$ORKA_ENDPOINT" -var "orka_auth_token=$ORKA_AUTH_TOKEN" -var "ssh_username=$SSH_USERNAME" -var "ssh_password=$SSH_PASSWORD" .
+```
+
+You can validate a specific template by running the following command:
+
+```shell
+packer validate -var "orka_endpoint=$ORKA_ENDPOINT" -var "orka_auth_token=$ORKA_AUTH_TOKEN" -var "ssh_username=$SSH_USERNAME" -var "ssh_password=$SSH_PASSWORD" <template_name>
+```
+
+## Build the image
+
+You can build all the templates by running the following command:
+
+```shell
+packer build -var "orka_endpoint=$ORKA_ENDPOINT" -var "orka_auth_token=$ORKA_AUTH_TOKEN" -var "ssh_username=$SSH_USERNAME" -var "ssh_password=$SSH_PASSWORD" .
+```
+
+You can build a specific template by running the following command:
+
+```shell
+packer build -var "orka_endpoint=$ORKA_ENDPOINT" -var "orka_auth_token=$ORKA_AUTH_TOKEN" -var "ssh_username=$SSH_USERNAME" -var "ssh_password=$SSH_PASSWORD" <template_name>
+```
+
+## Continuous Integration
+
+The templates are initialized and validated in the CI pipeline using GitHub Actions. The pipeline runs on every push to the repository that modifies the templates. You can find the pipeline in the `.github/workflows/orka-templates.yml` directory.
+
+We don't plan to build the images in the CI pipeline. The images are built manually by the team once the PRs are merged or just before merged. 
diff --git a/orka/templates/macos-11-intel-test.pkr.hcl b/orka/templates/macos-11-intel-test.pkr.hcl
@@ -0,0 +1,49 @@
+variable "orka_endpoint" {
+  type    = string
+  default = ""
+}
+
+variable "orka_auth_token" {
+  type    = string
+  default = ""
+}
+
+variable "ssh_username" {
+  type    = string
+  default = ""
+}
+
+variable "ssh_password" {
+  type    = string
+  default = ""
+}
+
+packer {
+  required_plugins {
+    macstadium-orka = {
+      version = "~> 3.0"
+      source  = "github.com/macstadium/macstadium-orka"
+    }
+  }
+}
+
+source "macstadium-orka" "macos11-intel-test-image" {
+  source_image      = "90gbigsurssh.img"
+  image_name        = "macos11-intel-test-latest.img"
+  image_description = "The MacOS 11 Intel test image"
+  orka_endpoint     = var.orka_endpoint
+  orka_auth_token   = var.orka_auth_token
+}
+
+build {
+  sources = [
+    "macstadium-orka.macos11-intel-test-image"
+  ]
+  provisioner "shell" {
+    inline = [
+      "echo we are running on the remote host",
+      "hostname",
+      "touch .we-ran-packer-successfully"
+    ]
+  }
+}