wombat-cli 0.4.3 → 0.5.0

data/generator_files/templates/{arm.json.erb → arm.vhd.json.erb}

@@ -102,7 +102,7 @@
       }
     },
 
-    "customData": "#cloud-config\nmanage_etc_hosts: true\n\npackage_update: false"
+    "customData": "#cloud-config\nmanage_etc_hosts: false\n\npackage_update: false"
   },
   "resources": [
 
@@ -190,7 +190,7 @@
         },
         "osProfile": {
           "computerName": "[concat(variables('network').ipAddresses.workstation.external.domainNameLabel, '-', '<%= i.to_s %>')]",
-          "adminUsername": "azure",
+          "adminUsername": "chef",
           "adminPassword": "[parameters('adminPassword')]"
         },
         "storageProfile": {
@@ -263,7 +263,18 @@
         "osProfile": {
           "computerName": "build-node-<%= i.to_s %>",
           "adminUsername": "ubuntu",
-          "adminPassword": "[parameters('adminPassword')]"
+          "adminPassword": "[parameters('adminPassword')]",
+          "linuxConfiguration": {
+            "disablePasswordAuthentication": "true",
+            "ssh": {
+              "publicKeys": [
+                {
+                  "path": "/home/ubuntu/.ssh/authorized_keys",
+                  "keyData": "<%= @public_key -%>"
+                }
+              ]
+            }
+          }
         },
         "storageProfile": {
           "osDisk": {
@@ -335,7 +346,18 @@
         "osProfile": {
           "computerName": "<%= name %>",
           "adminUsername": "ubuntu",
-          "adminPassword": "[parameters('adminPassword')]"
+          "adminPassword": "[parameters('adminPassword')]",
+          "linuxConfiguration": {
+            "disablePasswordAuthentication": "true",
+            "ssh": {
+              "publicKeys": [
+                {
+                  "path": "/home/ubuntu/.ssh/authorized_keys",
+                  "keyData": "<%= @public_key -%>"
+                }
+              ]
+            }
+          }
         },
         "storageProfile": {
           "osDisk": {
@@ -406,7 +428,18 @@
           "computerName": "[concat('chef-', variables('uniqueShort'))]",
           "customData": "[base64(concat(variables('customData'), '\n\nruncmd:\n - hostnamectl set-hostname chef\n - chef-server-ctl reconfigure'))]",
           "adminUsername": "ubuntu",
-          "adminPassword": "[parameters('adminPassword')]"
+          "adminPassword": "[parameters('adminPassword')]",
+          "linuxConfiguration": {
+            "disablePasswordAuthentication": "true",
+            "ssh": {
+              "publicKeys": [
+                {
+                  "path": "/home/ubuntu/.ssh/authorized_keys",
+                  "keyData": "<%= @public_key -%>"
+                }
+              ]
+            }
+          }
         },
         "storageProfile": {
           "osDisk": {
@@ -475,7 +508,18 @@
           "computerName": "[concat('chef-', variables('uniqueShort'))]",
           "customData": "[base64(concat(variables('customData'), '\n\nruncmd:\n - hostnamectl set-hostname automate\n - chef-server-ctl reconfigure'))]",
           "adminUsername": "ubuntu",
-          "adminPassword": "[parameters('adminPassword')]"
+          "adminPassword": "[parameters('adminPassword')]",
+          "linuxConfiguration": {
+            "disablePasswordAuthentication": "true",
+            "ssh": {
+              "publicKeys": [
+                {
+                  "path": "/home/ubuntu/.ssh/authorized_keys",
+                  "keyData": "<%= @public_key -%>"
+                }
+              ]
+            }
+          }
         },
         "storageProfile": {
           "osDisk": {
@@ -544,7 +588,18 @@
           "computerName": "[concat('chef-', variables('uniqueShort'))]",
           "customData": "[base64(concat(variables('customData'), '\n\nruncmd:\n - hostnamectl set-hostname compliance\n - compliance-ctl reconfigure'))]",
           "adminUsername": "ubuntu",
-          "adminPassword": "[parameters('adminPassword')]"
+          "adminPassword": "[parameters('adminPassword')]",
+          "linuxConfiguration": {
+            "disablePasswordAuthentication": "true",
+            "ssh": {
+              "publicKeys": [
+                {
+                  "path": "/home/ubuntu/.ssh/authorized_keys",
+                  "keyData": "<%= @public_key -%>"
+                }
+              ]
+            }
+          }
         },
         "storageProfile": {
           "osDisk": {

data/generator_files/templates/bootstrap-aws.erb

@@ -5,6 +5,8 @@ write-host "(host) Running User Data Script"
 
 # set administrator password
 cmd.exe /c net user Administrator <%= @workstation_passwd %>
+cmd.exe /c net user chef <%= @workstation_passwd %> /add /LOGONPASSWORDCHG:NO
+cmd.exe /c net localgroup Administrators /add chef
 
 # RDP
 cmd.exe /c netsh advfirewall firewall add rule name="Open Port 3389" dir=in action=allow protocol=TCP localport=3389
@@ -30,6 +32,7 @@ cmd.exe /c net stop winrm
 cmd.exe /c sc config winrm start= auto
 cmd.exe /c net start winrm
 cmd.exe /c wmic useraccount where "name='Administrator'" set PasswordExpires=FALSE
+cmd.exe /c wmic useraccount where "name='chef'" set PasswordExpires=FALSE
 
 set-executionpolicy -executionpolicy bypass -force
 

data/generator_files/wombat.yml

@@ -62,6 +62,9 @@ aws:
 azure:
   location: eastus
   storage_account:
+  source_image:
+    ubuntu: Canonical:UbuntuServer:14.04.5-LTS
+    windows: MicrosoftWindowsServer:WindowsServer:2012-R2-Datacenter
 gce:
   zone: us-east1-b
   project: wombat-gce

data/lib/wombat/build.rb

@@ -6,13 +6,15 @@ require 'parallel'
 require 'ms_rest_azure'
 require 'azure_mgmt_resources'
 require 'azure_mgmt_storage'
+require 'azure/storage'
+require 'uri'
 
 module Wombat
   class BuildRunner
     include Wombat::Common
     include Wombat::Crypto
 
-    attr_reader :templates, :builder, :parallel
+    attr_reader :templates, :builder, :parallel, :storage_access_key
 
     def initialize(opts)
       @templates = opts.templates.nil? ? calculate_templates : opts.templates
@@ -52,6 +54,10 @@ module Wombat
           build_parallel(templates)
         end
       end
+
+      # Copy the images to the correct location if running Azure builder
+      azure_copy_images if builder == "azure-arm"
+
       shell_out_command("say -v fred \"Wombat has made an #{build_hash.keys}\" for you") if audio?
       banner("Build finished in #{duration(time.real)}.")
     end
@@ -97,7 +103,8 @@ module Wombat
 
         # Create hash to be used as tags on the resource group
         tags = {
-          owner: ENV['USER']
+          owner: ENV['USER'],
+          provider: azure_provider_tag
         }
 
         # If an owner has been specified in the wombat file override the owner value
@@ -117,7 +124,7 @@ module Wombat
           wombat['azure']['tags'].each_with_index do |(key, value), index|
             tags[key] = value
 
-            if index == 13
+            if index == 12
               break
             end
           end
@@ -147,6 +154,76 @@ module Wombat
 
       storage_management_client.storage_accounts.create(wombat['name'], wombat['azure']['storage_account'], storage_account)
 
+      # Get the keys from the storage management client so that the container that the images will be moved into
+      # can be checked for and created if required
+      # Once Packer uses the MD features in the GO library this can be removed
+      # ------------------------------------------------------------------------
+      keys = storage_management_client.storage_accounts.list_keys(wombat['name'], wombat['azure']['storage_account'])
+      @storage_access_key = keys.keys[0].value
+
+      # Use the key to configure the storage library
+      Azure::Storage.setup(:storage_account_name => wombat['azure']['storage_account'], :storage_access_key => storage_access_key)
+      blobs = Azure::Storage::Blob::BlobService.new
+
+      # Get all the containers to determine if the one that is required already exists
+      container_names = []
+      blobs.list_containers().each do |container|
+        container_names.push(container.name)
+      end
+
+      # create the container if it does not exist
+      container_name = "mdimages"
+      if !container_names.include?(container_name)
+        info("Creating storage container")
+        container = blobs.create_container(container_name)
+      end
+      # ------------------------------------------------------------------------
+
+    end
+
+    # Packer does not put custom images into a location that is supported by Managed Disks
+    # So to be able to use the MD feature of Azure, the images have to be copied to a location that
+    # does work.  This method is responsible for doing this work.
+    #
+    # @author Russell Seymour
+    def azure_copy_images()
+
+      container_name = "mdimages"
+
+      Azure::Storage.setup(:storage_account_name => wombat['azure']['storage_account'], :storage_access_key => storage_access_key)
+      blobs = Azure::Storage::Blob::BlobService.new
+
+      # Read the logs for azure
+      path = "#{wombat['conf']['log_dir']}/azure*.log"
+      logs = Dir.glob(path).reject { |l| !l.match(wombat['linux']) }
+
+      # iterate around the log files and get the image location
+      time = Benchmark.measure do
+        logs.each do |log|
+          
+          # get the image uri
+          url = File.read(log).split("\n").grep(/OSDiskUri:/) {|x| x.split[1]}.last
+
+          next if url.nil?
+
+          # Use the storage library to copy the image from source to destination
+          uri = URI(url)
+
+          blob_name = uri.path.split(/\//).last
+
+          info "Copying: #{blob_name}"
+
+          status = blobs.copy_blob_from_uri(container_name, blob_name, url)
+
+          # Append the new location for the image to the log file
+          append_text = format("\nManagedDiskOSDiskUri: https://%s.blob.core.windows.net/%s/%s", wombat['azure']['storage_account'], container_name, blob_name)
+          File.open(log, 'a') { |f| f.write(append_text) }
+          
+        end
+      end
+      
+      info (format("Images copied in %s", duration(time.real)))
+
     end
 
     def build(template, options)
@@ -329,9 +406,28 @@ module Wombat
       cmd.insert(2, "--var gce_source_image=#{base_image(template, builder, options)}") if builder =~ /googlecompute/
       cmd.insert(2, "--var azure_location=#{wombat['azure']['location']}")
       cmd.insert(2, "--var ssh_username=#{linux}")
-      cmd.insert(2, "--var azure_resource_group=#{wombat['name']}")
-      cmd.insert(2, "--var azure_storage_account=#{wombat['azure']['storage_account']}")
       cmd.insert(2, "--debug") if @debug
+
+      # If running with the azure-arm builder add the necessary arguments
+      if builder =~ /azure-arm/
+
+        # Get the information about the base image to use
+        base_image = base_image(template, builder, options)
+
+        if !base_image.nil?
+          # This is a URN so it needs to be split out using : as delimiters
+          base_image_parts = base_image.split(/:/)
+
+          cmd.insert(2, "--var azure_image_publisher=#{base_image_parts[0]}")
+          cmd.insert(2, "--var azure_image_offer=#{base_image_parts[1]}")
+          cmd.insert(2, "--var azure_image_sku=#{base_image_parts[2]}")
+          cmd.insert(2, "--var azure_image_version=#{base_image_parts[3]}") if base_image_parts.length == 4
+        end
+      
+        cmd.insert(2, "--var azure_resource_group=#{wombat['name']}")
+        cmd.insert(2, "--var azure_storage_account=#{wombat['azure']['storage_account']}")
+      end
+
       cmd.join(' ')
     end
   end

data/lib/wombat/common.rb

@@ -60,7 +60,13 @@ module Wombat
               when 'gcp'
                 'A disk image was created:'
               when 'azure'
-                'OSDiskUri:'
+
+                if !wombat['azure'].key?('use_managed_disks') || !wombat['azure']['use_managed_disks']
+                  '^OSDiskUri:'
+                else
+                  '^ManagedDiskOSDiskUri:'
+                end
+
               else
                 "#{wombat['aws']['region']}:"
               end
@@ -226,14 +232,26 @@ module Wombat
         when 'azure'
           region = lock['azure']['location']
           @storage_account = lock['azure']['storage_account']
+
           template_files = {
-            "arm.json.erb": "#{conf['stack_dir']}/#{@demo}.json",
-            "arm.tidy.json.erb": "#{conf['stack_dir']}/#{@demo}.tidy.json"
+            "arm.tidy.json.erb": format("%s/%s.tidy.json", conf['stack_dir'], @demo)
           }
+
+          # determine whether to use VHD or Managed Disks
+          if !lock['azure'].key?('use_managed_disks') || !lock['azure']['use_managed_disks']
+            template_files['arm.vhd.json.erb'] = format("%s/%s.json", conf['stack_dir'], @demo)
+          else
+            template_files['arm.md.json.erb'] = format("%s/%s.json", conf['stack_dir'], @demo)
+          end
+
           @chef_server_uri = lock['amis'][region]['chef-server']
           @automate_uri = lock['amis'][region]['automate']
           @compliance_uri = lock['amis'][region]['compliance']
           @password = lock['workstations']['password']
+          @public_key = File.read("#{conf['key_dir']}/public.pub").chomp
+
+          # Set the Azure Tag used to identify Chef products in Azure
+          @chef_tag = azure_provider_tag
         when 'gce'
           region = lock['gce']['zone']
         end
@@ -278,6 +296,11 @@ module Wombat
       end
     end
 
+    # Return the Azure Provider tag that should be applied to resource
+    def azure_provider_tag
+      "33194f91-eb5f-4110-827a-e95f640a9e46".upcase
+    end
+
     # Connect to Azure using environment variables
     #
     # 

data/lib/wombat/version.rb

@@ -1,3 +1,3 @@
 module Wombat
-  VERSION = "0.4.3"
+  VERSION = "0.5.0"
 end

data/wombat-cli.gemspec

@@ -31,4 +31,5 @@ Gem::Specification.new do |gem|
   gem.add_dependency 'azure_mgmt_resources', '~> 0.9'
   gem.add_dependency 'azure_mgmt_storage', '~> 0.9'
   gem.add_dependency 'azure_mgmt_network', '~> 0.9'
+  gem.add_dependency 'azure-storage', '~> 0.11.5.preview'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: wombat-cli
 version: !ruby/object:Gem::Version
-  version: 0.4.3
+  version: 0.5.0
 platform: ruby
 authors:
 - Andre Elizondo
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-02-23 00:00:00.000000000 Z
+date: 2017-03-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -123,6 +123,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '0.9'
+- !ruby/object:Gem::Dependency
+  name: azure-storage
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.11.5.preview
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.11.5.preview
 description: With a tough barrel-like body, short powerful legs, and long flat claws,
   the wombat walks with a shuffling gait but is extremely adept at tunneling
 email:
@@ -272,6 +286,7 @@ files:
 - generator_files/cookbooks/workstation/files/atom.apm.list
 - generator_files/cookbooks/workstation/files/atom.config.cson
 - generator_files/cookbooks/workstation/files/cmder.xml
+- generator_files/cookbooks/workstation/libraries/home.rb
 - generator_files/cookbooks/workstation/metadata.rb
 - generator_files/cookbooks/workstation/recipes/browser.rb
 - generator_files/cookbooks/workstation/recipes/certs-keys.rb
@@ -306,8 +321,9 @@ files:
 - generator_files/packer/infranodes-windows.json
 - generator_files/packer/infranodes.json
 - generator_files/packer/workstation.json
-- generator_files/templates/arm.json.erb
+- generator_files/templates/arm.md.json.erb
 - generator_files/templates/arm.tidy.json.erb
+- generator_files/templates/arm.vhd.json.erb
 - generator_files/templates/bootstrap-aws.erb
 - generator_files/templates/cfn.json.erb
 - generator_files/wombat.yml