Convert legacy Packer json template to hcl2 template (#247)

* convert legacy Packer json template to hcl2 template
Azure · Sep 19, 2023 · f2a6901 · f2a6901
1 parent bb15543
commit f2a6901
Show file tree

Hide file tree

Showing 12 changed files with 324 additions and 105 deletions.
diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml
@@ -23,6 +23,7 @@ jobs:
           separator: ","
           files: "quickstart/*"
           files_ignore: "**/TestRecord.md"
+          dir_names_max_depth: 2
       - name: test pr
         run: |
           az login --identity --username $MSI_ID > /dev/null

diff --git a/.github/workflows/pr-check.yaml b/.github/workflows/pr-check.yaml
@@ -20,6 +20,7 @@ jobs:
           dir_names: "true"
           separator: ","
           files: "quickstart/*"
+          dir_names_max_depth: 2
       - name: pr-check
         run: |
           export CHANGED_FOLDERS="${{ steps.changed-files.outputs.all_changed_files }}"

diff --git a/quickstart/201-vmss-packer-jumpbox/main.tf b/quickstart/201-vmss-packer-jumpbox/main.tf
@@ -4,51 +4,69 @@ terraform {
 
   required_providers {
     azurerm = {
-      source = "hashicorp/azurerm"
+      source  = "hashicorp/azurerm"
       version = "~>2.0"
     }
+    azapi = {
+      source = "Azure/azapi"
+      version = "~> 1.0"
+    }
+    local = {
+      source  = "hashicorp/local"
+      version = "2.4.0"
+    }
+    random = {
+      source  = "hashicorp/random"
+      version = "3.5.1"
+    }
+    tls = {
+      source  = "hashicorp/tls"
+      version = "4.0.4"
+    }
   }
 }
 
 provider "azurerm" {
   features {}
 }
 
+resource "random_pet" "id" {}
+
 resource "azurerm_resource_group" "vmss" {
-  name     = var.resource_group_name
+  name     = coalesce(var.resource_group_name, "201-vmss-packer-jumpbox-${random_pet.id.id}")
   location = var.location
-  tags = var.tags
+  tags     = var.tags
 }
 
 resource "random_string" "fqdn" {
- length  = 6
- special = false
- upper   = false
- number  = false
+  length  = 6
+  special = false
+  upper   = false
+  numeric = false
 }
 
 resource "azurerm_virtual_network" "vmss" {
   name                = "vmss-vnet"
   address_space       = ["10.0.0.0/16"]
   location            = var.location
   resource_group_name = azurerm_resource_group.vmss.name
-  tags = var.tags
+  tags                = var.tags
 }
 
 resource "azurerm_subnet" "vmss" {
   name                 = "vmss-subnet"
   resource_group_name  = azurerm_resource_group.vmss.name
   virtual_network_name = azurerm_virtual_network.vmss.name
-  address_prefixes       = ["10.0.2.0/24"]
+  address_prefixes     = ["10.0.2.0/24"]
 }
 
 resource "azurerm_public_ip" "vmss" {
-  name                         = "vmss-public-ip"
-  location                     = var.location
-  resource_group_name          = azurerm_resource_group.vmss.name
-  allocation_method            = "Static"
-  domain_name_label            = random_string.fqdn.result
-  tags = var.tags
+  name                = "vmss-public-ip"
+  location            = var.location
+  resource_group_name = azurerm_resource_group.vmss.name
+  allocation_method   = "Static"
+  domain_name_label   = random_string.fqdn.result
+  tags                = var.tags
 }
 
 resource "azurerm_lb" "vmss" {
@@ -65,8 +83,8 @@ resource "azurerm_lb" "vmss" {
 }
 
 resource "azurerm_lb_backend_address_pool" "bpepool" {
-  loadbalancer_id     = azurerm_lb.vmss.id
-  name                = "BackEndAddressPool"
+  loadbalancer_id = azurerm_lb.vmss.id
+  name            = "BackEndAddressPool"
 }
 
 resource "azurerm_lb_probe" "vmss" {
@@ -89,14 +107,39 @@ resource "azurerm_lb_rule" "lbnatrule" {
 }
 
 data "azurerm_resource_group" "image" {
-  name                = var.packer_resource_group_name
+  name = var.packer_resource_group_name
 }
 
 data "azurerm_image" "image" {
   name                = var.packer_image_name
   resource_group_name = data.azurerm_resource_group.image.name
 }
 
+resource "azapi_resource" "ssh_public_key" {
+  type      = "Microsoft.Compute/sshPublicKeys@2022-11-01"
+  name      = random_pet.id.id
+  location  = azurerm_resource_group.vmss.location
+  parent_id = azurerm_resource_group.vmss.id
+}
+
+resource "azapi_resource_action" "ssh_public_key_gen" {
+  type        = "Microsoft.Compute/sshPublicKeys@2022-11-01"
+  resource_id = azapi_resource.ssh_public_key.id
+  action      = "generateKeyPair"
+  method      = "POST"
+
+  response_export_values = ["publicKey", "privateKey"]
+}
+
+resource "random_password" "password" {
+  count  = var.admin_password == null ? 1 : 0
+  length = 20
+}
+
+locals {
+  admin_password = try(random_password.password[0].result, var.admin_password)
+}
+
 resource "azurerm_virtual_machine_scale_set" "vmss" {
   name                = "vmscaleset"
   location            = var.location
@@ -110,7 +153,7 @@ resource "azurerm_virtual_machine_scale_set" "vmss" {
   }
 
   storage_profile_image_reference {
-    id=data.azurerm_image.image.id
+    id = data.azurerm_image.image.id
   }
 
   storage_profile_os_disk {
@@ -121,24 +164,24 @@ resource "azurerm_virtual_machine_scale_set" "vmss" {
   }
 
   storage_profile_data_disk {
-    lun          = 0
-    caching        = "ReadWrite"
-    create_option  = "Empty"
-    disk_size_gb   = 10
+    lun           = 0
+    caching       = "ReadWrite"
+    create_option = "Empty"
+    disk_size_gb  = 10
   }
 
   os_profile {
     computer_name_prefix = "vmlab"
     admin_username       = var.admin_user
-    admin_password       = var.admin_password
+    admin_password       = local.admin_password
   }
 
   os_profile_linux_config {
     disable_password_authentication = true
 
     ssh_keys {
       path     = "/home/azureuser/.ssh/authorized_keys"
-      key_data = file("~/.ssh/id_rsa.pub")
+      key_data = jsondecode(azapi_resource_action.ssh_public_key_gen.output).publicKey
     }
   }
 
@@ -150,20 +193,20 @@ resource "azurerm_virtual_machine_scale_set" "vmss" {
       name                                   = "IPConfiguration"
       subnet_id                              = azurerm_subnet.vmss.id
       load_balancer_backend_address_pool_ids = [azurerm_lb_backend_address_pool.bpepool.id]
-      primary = true
+      primary                                = true
     }
   }
-  
+
   tags = var.tags
 }
 
 resource "azurerm_public_ip" "jumpbox" {
-  name                         = "jumpbox-public-ip"
-  location                     = var.location
-  resource_group_name          = azurerm_resource_group.vmss.name
-  allocation_method            = "Static"
-  domain_name_label            = "${random_string.fqdn.result}-ssh"
-  tags = var.tags
+  name                = "jumpbox-public-ip"
+  location            = var.location
+  resource_group_name = azurerm_resource_group.vmss.name
+  allocation_method   = "Static"
+  domain_name_label   = "${random_string.fqdn.result}-ssh"
+  tags                = var.tags
 }
 
 resource "azurerm_network_interface" "jumpbox" {
@@ -205,15 +248,15 @@ resource "azurerm_virtual_machine" "jumpbox" {
   os_profile {
     computer_name  = "jumpbox"
     admin_username = var.admin_user
-    admin_password = var.admin_password
+    admin_password = local.admin_password
   }
 
   os_profile_linux_config {
     disable_password_authentication = true
 
     ssh_keys {
       path     = "/home/azureuser/.ssh/authorized_keys"
-      key_data = file("~/.ssh/id_rsa.pub")
+      key_data = jsondecode(azapi_resource_action.ssh_public_key_gen.output).publicKey
     }
   }
 

diff --git a/quickstart/201-vmss-packer-jumpbox/output.tf b/quickstart/201-vmss-packer-jumpbox/output.tf
@@ -1,11 +1,11 @@
 output "vmss_public_ip_fqdn" {
-    value = azurerm_public_ip.vmss.fqdn
+  value = azurerm_public_ip.vmss.fqdn
 }
 
 output "jumpbox_public_ip_fqdn" {
-    value = azurerm_public_ip.jumpbox.fqdn
+  value = azurerm_public_ip.jumpbox.fqdn
 }
 
 output "jumpbox_public_ip" {
-    value = azurerm_public_ip.jumpbox.ip_address
-}
+  value = azurerm_public_ip.jumpbox.ip_address
+}
diff --git a/quickstart/201-vmss-packer-jumpbox/packer_image_resource_group/main.tf b/quickstart/201-vmss-packer-jumpbox/packer_image_resource_group/main.tf
@@ -0,0 +1,6 @@
+resource "random_pet" "id" {}
+
+resource "azurerm_resource_group" "image_group" {
+  location = "eastus"
+  name     = "packer-image-${random_pet.id.id}"
+}
diff --git a/quickstart/201-vmss-packer-jumpbox/packer_image_resource_group/outputs.tf b/quickstart/201-vmss-packer-jumpbox/packer_image_resource_group/outputs.tf
@@ -0,0 +1,3 @@
+output "resource_group_name" {
+  value = azurerm_resource_group.image_group.name
+}
diff --git a/quickstart/201-vmss-packer-jumpbox/packer_image_resource_group/providers.tf b/quickstart/201-vmss-packer-jumpbox/packer_image_resource_group/providers.tf
@@ -0,0 +1,26 @@
+terraform {
+  required_version = ">=1.2"
+
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "~> 3.0"
+    }
+    helm = {
+      source  = "hashicorp/helm"
+      version = "2.9.0"
+    }
+    random = {
+      source  = "hashicorp/random"
+      version = "~> 3.0"
+    }
+  }
+}
+
+provider "azurerm" {
+  features {
+    resource_group {
+      prevent_deletion_if_contains_resources = false
+    }
+  }
+}
diff --git a/quickstart/201-vmss-packer-jumpbox/ubuntu.json b/quickstart/201-vmss-packer-jumpbox/ubuntu.json
@@ -1,38 +1,38 @@
 {
-    "builders": [{
-      "type": "azure-arm",
-  
-      "client_id": "0bfc2293-4d69-49b5-83f7-bf0d60d20c45",
-      "client_secret": "G3.6ytCh44Kcla~_JRPBDLkzsXLOa3edDL",
-      "tenant_id": "c3fd441d-b8ad-487e-aa27-453079018fca",
-      "subscription_id": "b162117f-53fa-4f42-8c77-6a65ca966c40",
-  
-      "managed_image_resource_group_name": "myPackerImages",
-      "managed_image_name": "myPackerImage",
-  
-      "os_type": "Linux",
-      "image_publisher": "Canonical",
-      "image_offer": "UbuntuServer",
-      "image_sku": "16.04-LTS",
-  
-      "azure_tags": {
-          "dept": "Engineering",
-          "task": "Image deployment"
-      },
-  
-      "location": "East US",
-      "vm_size": "Standard_DS2_v2"
-    }],
-    "provisioners": [{
-      "execute_command": "chmod +x {{ .Path }}; {{ .Vars }} sudo -E sh '{{ .Path }}'",
-      "inline": [
-        "apt-get update",
-        "apt-get upgrade -y",
-        "apt-get -y install nginx",
-  
-        "/usr/sbin/waagent -force -deprovision+user && export HISTSIZE=0 && sync"
-      ],
-      "inline_shebang": "/bin/sh -x",
-      "type": "shell"
-    }]
-  }
+  "builders": [{
+    "type": "azure-arm",
+
+    "client_id": "0bfc2293-4d69-49b5-83f7-bf0d60d20c45",
+    "client_secret": "G3.6ytCh44Kcla~_JRPBDLkzsXLOa3edDL",
+    "tenant_id": "c3fd441d-b8ad-487e-aa27-453079018fca",
+    "subscription_id": "b162117f-53fa-4f42-8c77-6a65ca966c40",
+
+    "managed_image_resource_group_name": "myPackerImages",
+    "managed_image_name": "myPackerImage",
+
+    "os_type": "Linux",
+    "image_publisher": "Canonical",
+    "image_offer": "UbuntuServer",
+    "image_sku": "16.04-LTS",
+
+    "azure_tags": {
+      "dept": "Engineering",
+      "task": "Image deployment"
+    },
+
+    "location": "East US",
+    "vm_size": "Standard_DS2_v2"
+  }],
+  "provisioners": [{
+    "execute_command": "chmod +x {{ .Path }}; {{ .Vars }} sudo -E sh '{{ .Path }}'",
+    "inline": [
+      "apt-get update",
+      "apt-get upgrade -y",
+      "apt-get -y install nginx",
+
+      "/usr/sbin/waagent -force -deprovision+user && export HISTSIZE=0 && sync"
+    ],
+    "inline_shebang": "/bin/sh -x",
+    "type": "shell"
+  }]
+}