diff options
author | Jake Buchholz <tomalok@gmail.com> | 2019-04-24 21:56:42 -0700 |
---|---|---|
committer | Jake Buchholz <tomalok@gmail.com> | 2019-04-24 21:56:42 -0700 |
commit | 9dc3539850ba4eaf4dedd3ad66be94ec28faa9b0 (patch) | |
tree | 7bf924acf2cbd21a249b102bdf397b5c18b6b07f | |
parent | 7cca8269b28f2b88de06614933b6f0b0aaa154a7 (diff) | |
download | alpine-ec2-ami-9dc3539850ba4eaf4dedd3ad66be94ec28faa9b0.tar.bz2 alpine-ec2-ami-9dc3539850ba4eaf4dedd3ad66be94ec28faa9b0.tar.xz alpine-ec2-ami-9dc3539850ba4eaf4dedd3ad66be94ec28faa9b0.zip |
* apk-tools and alpine-keys moved out of setup-ami.sh and into profiles (arch level)
* ami_access and ami_regions are now hashes (easier profile overrides)
* packer config now in HOCON
* revision is a profile/build var, moved it after arch in ami's name/description
* test profile now builds AMIs that use rngd instead of haveged
-rw-r--r-- | Makefile | 4 | ||||
-rw-r--r-- | packer.conf | 98 | ||||
-rw-r--r-- | packer.yaml | 73 | ||||
-rw-r--r-- | profiles/alpine-amis.conf | 49 | ||||
-rw-r--r-- | profiles/arch/aarch64-1 | 4 | ||||
-rw-r--r-- | profiles/arch/x86_64-1 | 10 | ||||
-rw-r--r-- | profiles/base/1 | 30 | ||||
-rw-r--r-- | profiles/test.conf | 41 | ||||
-rw-r--r-- | profiles/version/3.9 | 6 | ||||
-rw-r--r-- | profiles/version/edge | 9 | ||||
-rw-r--r-- | scripts/resolve-profile.py.in | 70 | ||||
-rwxr-xr-x | scripts/setup-ami.sh | 30 | ||||
-rw-r--r-- | scripts/yaml2json.py.in | 9 |
13 files changed, 226 insertions, 207 deletions
@@ -18,8 +18,8 @@ build: $(SCRIPTS) | |||
18 | build/profile: build build/resolve-profile.py $(CORE_PROFILES) $(TARGET_PROFILES) | 18 | build/profile: build build/resolve-profile.py $(CORE_PROFILES) $(TARGET_PROFILES) |
19 | build/resolve-profile.py $(PROFILE) | 19 | build/resolve-profile.py $(PROFILE) |
20 | 20 | ||
21 | build/packer.json: build build/yaml2json.py packer.yaml | 21 | build/packer.json: build packer.conf |
22 | build/yaml2json.py packer.yaml > build/packer.json | 22 | build/.py3/bin/pyhocon -i packer.conf -f json > build/packer.json |
23 | 23 | ||
24 | %.py: %.py.in build | 24 | %.py: %.py.in build |
25 | sed "s|@PYTHON@|#!`pwd`/build/.py3/bin/python|" $< > $@ | 25 | sed "s|@PYTHON@|#!`pwd`/build/.py3/bin/python|" $< > $@ |
diff --git a/packer.conf b/packer.conf new file mode 100644 index 0000000..ecd5b81 --- /dev/null +++ b/packer.conf | |||
@@ -0,0 +1,98 @@ | |||
1 | builders = [ | ||
2 | { | ||
3 | type = "amazon-ebssurrogate" | ||
4 | |||
5 | ### Builder Instance Details | ||
6 | |||
7 | region = "{{user `build_region`}}" | ||
8 | subnet_id = "{{user `build_subnet`}}" | ||
9 | security_group_id = "{{user `build_security_group`}}" | ||
10 | instance_type = "{{user `build_instance_type`}}" | ||
11 | associate_public_ip_address = "{{user `build_public_ip`}}" | ||
12 | source_ami_filter { | ||
13 | # use the latest Amazon Linux AMI | ||
14 | owners = [ "{{user `build_ami_owner`}}" ] | ||
15 | most_recent = "{{user `build_ami_latest`}}" | ||
16 | filters { | ||
17 | virtualization-type = "hvm" | ||
18 | root-device-type = "ebs" | ||
19 | architecture = "{{user `build_arch`}}" | ||
20 | name = "{{user `build_ami_name`}}" | ||
21 | } | ||
22 | } | ||
23 | launch_block_device_mappings = [ | ||
24 | { | ||
25 | volume_type = "gp2" | ||
26 | device_name = "/dev/xvdf" | ||
27 | delete_on_termination = "true" | ||
28 | volume_size = "{{user `ami_volume_size`}}" | ||
29 | } | ||
30 | ] | ||
31 | ssh_username = "{{user `build_user`}}" | ||
32 | |||
33 | ### AMI Build Details | ||
34 | |||
35 | ami_name = | ||
36 | "{{user `ami_name_prefix`}}{{user `release`}}-{{user `arch`}}-{{user `revision`}}{{user `ami_name_suffix`}}" | ||
37 | ami_description = | ||
38 | "{{user `ami_desc_prefix`}}{{user `release`}} {{user `arch`}} {{user `revision`}} {{user `ami_desc_suffix`}}" | ||
39 | ami_virtualization_type = "hvm" | ||
40 | ami_root_device { | ||
41 | volume_type = "gp2" | ||
42 | source_device_name = "/dev/xvdf" | ||
43 | device_name = "/dev/xvda" | ||
44 | delete_on_termination = "true" | ||
45 | volume_size = "{{user `ami_volume_size`}}" | ||
46 | } | ||
47 | encrypt_boot = "{{user `ami_encrypt`}}" | ||
48 | ena_support = "true" | ||
49 | sriov_support = "true" | ||
50 | ami_groups = "{{user `ami_access`}}" | ||
51 | ami_regions = "{{user `ami_regions`}}" | ||
52 | } | ||
53 | ] | ||
54 | |||
55 | |||
56 | provisioners = [ | ||
57 | { | ||
58 | type = "file" | ||
59 | source = "nvme/" | ||
60 | destination = "/tmp" | ||
61 | } | ||
62 | { | ||
63 | type = "shell" | ||
64 | script = "setup-ami.sh" | ||
65 | environment_vars = [ | ||
66 | "VERSION={{user `version`}}" | ||
67 | "RELEASE={{user `release`}}" | ||
68 | "REVISION={{user `revision`}}" | ||
69 | "ARCH={{user `arch`}}" | ||
70 | "APK_TOOLS={{user `apk_tools`}}" | ||
71 | "APK_TOOLS_SHA256={{user `apk_tools_sha256`}}" | ||
72 | "ALPINE_KEYS={{user `alpine_keys`}}" | ||
73 | "ALPINE_KEYS_SHA256={{user `alpine_keys_sha256`}}" | ||
74 | "BOOTLOADER={{user `bootloader`}}" | ||
75 | "REPOS={{user `repos`}}" | ||
76 | "PKGS={{user `pkgs`}}" | ||
77 | "SVCS={{user `svcs`}}" | ||
78 | ] | ||
79 | execute_command = "sudo sh -c '{{ .Vars }} {{ .Path }}'" | ||
80 | } | ||
81 | ] | ||
82 | |||
83 | |||
84 | post-processors = [ | ||
85 | { | ||
86 | type = "manifest" | ||
87 | output = "profile/{{user `profile_build`}}/manifest.json" | ||
88 | custom_data { | ||
89 | profile = "{{user `profile`}}" | ||
90 | build = "{{user `profile_build`}}" | ||
91 | arch = "{{user `arch`}}" | ||
92 | version = "{{user `version`}}" | ||
93 | release = "{{user `release`}}" | ||
94 | revision = "{{user `revision`}}" | ||
95 | end_of_life = "{{user `end_of_life`}}" | ||
96 | } | ||
97 | } | ||
98 | ] | ||
diff --git a/packer.yaml b/packer.yaml deleted file mode 100644 index 75ac5b2..0000000 --- a/packer.yaml +++ /dev/null | |||
@@ -1,73 +0,0 @@ | |||
1 | builders: | ||
2 | - type: amazon-ebssurrogate | ||
3 | |||
4 | ### Builder Instance Details | ||
5 | |||
6 | region: '{{user `build_region`}}' | ||
7 | subnet_id: '{{user `build_subnet`}}' | ||
8 | security_group_id: '{{user `build_security_group`}}' | ||
9 | instance_type: '{{user `build_instance_type`}}' | ||
10 | associate_public_ip_address: '{{user `build_public_ip`}}' | ||
11 | source_ami_filter: | ||
12 | # use the latest Amazon Linux AMI | ||
13 | owners: | ||
14 | - '{{user `build_ami_owner`}}' | ||
15 | most_recent: '{{user `build_ami_latest`}}' | ||
16 | filters: | ||
17 | virtualization-type: hvm | ||
18 | root-device-type: ebs | ||
19 | architecture: '{{user `build_arch`}}' | ||
20 | name: '{{user `build_ami_name`}}' | ||
21 | launch_block_device_mappings: | ||
22 | - volume_type: gp2 | ||
23 | device_name: /dev/xvdf | ||
24 | delete_on_termination: 'true' | ||
25 | volume_size: '{{user `ami_volume_size`}}' | ||
26 | ssh_username: '{{user `build_user`}}' | ||
27 | |||
28 | ### AMI Build Details | ||
29 | |||
30 | ami_name: '{{user `ami_name_prefix`}}{{user `release`}}-{{user `revision`}}-{{user `arch`}}{{user `ami_name_suffix`}}' | ||
31 | ami_description: '{{user `ami_desc_prefix`}}{{user `release`}}-{{user `revision`}} {{user `arch`}}{{user `ami_desc_suffix`}}' | ||
32 | ami_virtualization_type: hvm | ||
33 | ami_root_device: | ||
34 | volume_type: gp2 | ||
35 | source_device_name: /dev/xvdf | ||
36 | device_name: /dev/xvda | ||
37 | delete_on_termination: 'true' | ||
38 | volume_size: '{{user `ami_volume_size`}}' | ||
39 | encrypt_boot: '{{user `ami_encrypt`}}' | ||
40 | ena_support: 'true' | ||
41 | sriov_support: 'true' | ||
42 | ami_groups: '{{user `ami_access`}}' | ||
43 | ami_regions: '{{user `ami_regions`}}' | ||
44 | |||
45 | |||
46 | provisioners: | ||
47 | - type: file | ||
48 | source: nvme/ | ||
49 | destination: /tmp | ||
50 | - type: shell | ||
51 | script: setup-ami.sh | ||
52 | environment_vars: | ||
53 | - "VERSION='{{user `version`}}'" | ||
54 | - "RELEASE='{{user `release`}}'" | ||
55 | - "REVISION='{{user `revision`}}'" | ||
56 | - "ARCH='{{user `arch`}}'" | ||
57 | - "REPOS='{{user `repos`}}'" | ||
58 | - "PKGS='{{user `pkgs`}}'" | ||
59 | - "SVCS='{{user `svcs`}}'" | ||
60 | execute_command: 'sudo sh -c "{{ .Vars }} {{ .Path }}"' | ||
61 | |||
62 | |||
63 | post-processors: | ||
64 | - type: manifest | ||
65 | output: 'profile/{{user `profile_build`}}/manifest.json' | ||
66 | custom_data: | ||
67 | profile: '{{user `profile`}}' | ||
68 | build: '{{user `profile_build`}}' | ||
69 | arch: '{{user `arch`}}' | ||
70 | version: '{{user `version`}}' | ||
71 | release: '{{user `release`}}' | ||
72 | revision: '{{user `revision`}}' | ||
73 | end_of_life: '{{user `end_of_life`}}' | ||
diff --git a/profiles/alpine-amis.conf b/profiles/alpine-amis.conf index 6ece5d4..f5db1b7 100644 --- a/profiles/alpine-amis.conf +++ b/profiles/alpine-amis.conf | |||
@@ -1,36 +1,39 @@ | |||
1 | ### Profile for Building the Publically-Available Alpine Linux AMIs | 1 | ### Profile for Building the Publically-Available Alpine Linux AMIs |
2 | 2 | ||
3 | version_current { include "version/current" } | 3 | version-current { include "version/current" } |
4 | arch_x86_64 { include "arch/x86_64" } | 4 | arch-x86_64 { include "arch/x86_64" } |
5 | 5 | ||
6 | # profile vars | 6 | # profile vars |
7 | alpine-amis { | 7 | alpine-amis { |
8 | revision = "1" | 8 | revision = "1" |
9 | build_region = "us-west-2" | 9 | build_region = "us-west-2" |
10 | build_subnet = "subnet-b80c36e2" | 10 | build_subnet = "subnet-b80c36e2" |
11 | ami_access = [ "all" ] | 11 | ami_access { |
12 | ami_regions = [ | 12 | all = true |
13 | "ap-northeast-1" | 13 | } |
14 | "ap-northeast-2" | 14 | ami_regions { |
15 | # "ap-northeast-3" # skipped, available by subscription only | 15 | ap-northeast-1 = true |
16 | "ap-southeast-1" | 16 | ap-northeast-2 = true |
17 | "ap-southeast-2" | 17 | ap-northeast-3 = false # available by subscription only |
18 | "ap-south-1" | 18 | ap-southeast-1 = true |
19 | "ca-central-1" | 19 | ap-southeast-2 = true |
20 | "eu-central-1" | 20 | ap-south-1 = true |
21 | "eu-north-1" | 21 | ca-central-1 = true |
22 | "eu-west-1" | 22 | eu-central-1 = true |
23 | "eu-west-2" | 23 | eu-north-1 = true |
24 | "eu-west-3" | 24 | eu-west-1 = true |
25 | "sa-east-1" | 25 | eu-west-2 = true |
26 | "us-east-1" | 26 | eu-west-3 = true |
27 | "us-east-2" | 27 | sa-east-1 = true |
28 | "us-west-1" | 28 | us-east-1 = true |
29 | "us-west-2" | 29 | us-east-2 = true |
30 | ] | 30 | us-west-1 = true |
31 | us-west-2 = true | ||
32 | } | ||
31 | } | 33 | } |
32 | 34 | ||
33 | # Build definitions | 35 | # Build definitions |
34 | builds { | 36 | builds { |
35 | current-x86_64 = ${version_current} ${arch_x86_64} ${alpine-amis} | 37 | # merge version, arch, and profile vars |
38 | current-x86_64 = ${version-current} ${arch-x86_64} ${alpine-amis} | ||
36 | } | 39 | } |
diff --git a/profiles/arch/aarch64-1 b/profiles/arch/aarch64-1 index 083a744..f3ddd13 100644 --- a/profiles/arch/aarch64-1 +++ b/profiles/arch/aarch64-1 | |||
@@ -3,4 +3,8 @@ | |||
3 | arch = "aarch64" | 3 | arch = "aarch64" |
4 | build_arch = "arm64" | 4 | build_arch = "arm64" |
5 | build_instance_type = "a1.medium" | 5 | build_instance_type = "a1.medium" |
6 | apk_tools = "https://github.com/alpinelinux/apk-tools/releases/download/v2.10.3/apk-tools-2.10.3-aarch64-linux.tar.gz" | ||
7 | apk_tools_sha256 = "58a07e547c83c3a30eb0a0bd73db57d6bbaf92cc093df7a1d9805631f7d349e3" | ||
8 | alpine_keys = "http://dl-cdn.alpinelinux.org/alpine/v3.9/main/aarch64/alpine-keys-2.1-r1.apk" | ||
9 | alpine_keys_sha256 = "1ae4cebb43adee47a68aa891660e69a1ac6467690daca6f211aabff36a17cad1" | ||
6 | bootloader = "grub" | 10 | bootloader = "grub" |
diff --git a/profiles/arch/x86_64-1 b/profiles/arch/x86_64-1 index ca4bcb9..814757c 100644 --- a/profiles/arch/x86_64-1 +++ b/profiles/arch/x86_64-1 | |||
@@ -1,5 +1,9 @@ | |||
1 | ### x86_64 vars, revision 1 | 1 | ### x86_64 vars, revision 1 |
2 | 2 | ||
3 | arch = "x86_64" | 3 | arch = "x86_64" |
4 | build_arch = "x86_64" | 4 | build_arch = "x86_64" |
5 | bootloader = "syslinux" | 5 | apk_tools = "https://github.com/alpinelinux/apk-tools/releases/download/v2.10.3/apk-tools-2.10.3-x86_64-linux.tar.gz" |
6 | apk_tools_sha256 = "4d0b2cda606720624589e6171c374ec6d138867e03576d9f518dddde85c33839" | ||
7 | alpine_keys = "http://dl-cdn.alpinelinux.org/alpine/v3.9/main/x86_64/alpine-keys-2.1-r1.apk" | ||
8 | alpine_keys_sha256 = "9c7bc5d2e24c36982da7aa49b3cfcb8d13b20f7a03720f25625fa821225f5fbc" | ||
9 | bootloader = "syslinux" | ||
diff --git a/profiles/base/1 b/profiles/base/1 index 8b88c2a..a4c8ab1 100644 --- a/profiles/base/1 +++ b/profiles/base/1 | |||
@@ -3,12 +3,12 @@ | |||
3 | # Profile/Build | 3 | # Profile/Build |
4 | profile = null | 4 | profile = null |
5 | profile_build = null | 5 | profile_build = null |
6 | revision = 'r0' | ||
6 | 7 | ||
7 | # Versioning | 8 | # Versioning |
8 | version = null | 9 | version = null |
9 | release = null | 10 | release = null |
10 | end_of_life = null | 11 | end_of_life = null |
11 | revision = null | ||
12 | 12 | ||
13 | # Architecture | 13 | # Architecture |
14 | arch = null | 14 | arch = null |
@@ -19,7 +19,7 @@ build_region = null | |||
19 | build_subnet = null | 19 | build_subnet = null |
20 | build_security_group = null | 20 | build_security_group = null |
21 | build_instance_type = "t3.nano" | 21 | build_instance_type = "t3.nano" |
22 | build_public_ip = null # was "" | 22 | build_public_ip = null |
23 | build_user = "ec2-user" | 23 | build_user = "ec2-user" |
24 | build_ami_name = "amzn2-ami-hvm-2.0.*-gp2" | 24 | build_ami_name = "amzn2-ami-hvm-2.0.*-gp2" |
25 | build_ami_owner = "137112412989" | 25 | build_ami_owner = "137112412989" |
@@ -33,11 +33,15 @@ ami_desc_suffix = " - https://github.com/mcrute/alpine-ec2-ami" | |||
33 | ami_volume_size = "1" | 33 | ami_volume_size = "1" |
34 | ami_encrypt = "false" | 34 | ami_encrypt = "false" |
35 | ami_user = "alpine" | 35 | ami_user = "alpine" |
36 | ami_access = null | 36 | ami_access = {} |
37 | ami_regions = null | 37 | ami_regions = {} |
38 | 38 | ||
39 | # AMI configuration | 39 | # AMI configuration |
40 | bootloader = null | 40 | apk_tools = null |
41 | apk_tools_sha256 = null | ||
42 | alpine_keys = null | ||
43 | alpine_keys_sha256 = null | ||
44 | bootloader = null | ||
41 | repos {} | 45 | repos {} |
42 | pkgs { | 46 | pkgs { |
43 | linux-virt = true | 47 | linux-virt = true |
@@ -52,10 +56,10 @@ pkgs { | |||
52 | } | 56 | } |
53 | svcs { | 57 | svcs { |
54 | # sysinit | 58 | # sysinit |
55 | devfs = "sysinit" | 59 | devfs = "sysinit" |
56 | dmesg = "sysinit" | 60 | dmesg = "sysinit" |
57 | hwdrivers = "sysinit" | 61 | hwdrivers = "sysinit" |
58 | mdev = "sysinit" | 62 | mdev = "sysinit" |
59 | # boot | 63 | # boot |
60 | acpid = "boot" | 64 | acpid = "boot" |
61 | bootmisc = "boot" | 65 | bootmisc = "boot" |
@@ -67,10 +71,10 @@ svcs { | |||
67 | sysctl = "boot" | 71 | sysctl = "boot" |
68 | syslog = "boot" | 72 | syslog = "boot" |
69 | # default | 73 | # default |
70 | chronyd = "default" | 74 | chronyd = "default" |
71 | networking = "default" | 75 | networking = "default" |
72 | sshd = "default" | 76 | sshd = "default" |
73 | tiny-ec2-bootstrap = "default" | 77 | tiny-ec2-bootstrap = "default" |
74 | # shutdown | 78 | # shutdown |
75 | killprocs = "shutdown" | 79 | killprocs = "shutdown" |
76 | mount-ro = "shutdown" | 80 | mount-ro = "shutdown" |
diff --git a/profiles/test.conf b/profiles/test.conf index 3a44458..eeec6a5 100644 --- a/profiles/test.conf +++ b/profiles/test.conf | |||
@@ -1,28 +1,39 @@ | |||
1 | ### Profile for Testing Builds | 1 | ### Profile for Testing Builds |
2 | 2 | ||
3 | version_current { include "version/current" } | 3 | version-current { include "version/current" } |
4 | version_edge { include "version/edge" } | 4 | version-edge { include "version/edge" } |
5 | arch_x86_64 { include "arch/x86_64" } | 5 | arch-x86_64 { include "arch/x86_64" } |
6 | 6 | ||
7 | # specific to this profile's builds | 7 | # specific to this profile's builds |
8 | test { | 8 | test { |
9 | build_region = "us-west-2" | 9 | build_region = "us-west-2" |
10 | build_subnet = "subnet-033a30d7b5220d177" | 10 | build_subnet = "subnet-033a30d7b5220d177" |
11 | ami_regions = [ | 11 | ami_regions { |
12 | "us-east-1" | 12 | us-east-1 = true |
13 | "us-west-2" | 13 | us-west-2 = true |
14 | ] | 14 | } |
15 | } | 15 | } |
16 | 16 | ||
17 | # Build definitions | 17 | # Build definitions |
18 | builds { | 18 | builds { |
19 | # merge version, arch, and profile vars | 19 | # merge version, arch, profile, and build vars |
20 | test-current-x86_64 = ${version_current} ${arch_x86_64} ${test} | 20 | current-x86_64 = ${version-current} ${arch-x86_64} ${test} { |
21 | # build-specific override | ||
22 | test-current-x86_64 { | ||
23 | revision = "test" | 21 | revision = "test" |
24 | } | 22 | } |
25 | 23 | ||
26 | # merge version, arch, and profile vars | 24 | # merge version, arch, profile, and build vars |
27 | test-edge-x86_64 = ${version_edge} ${arch_x86_64} ${test} | 25 | edge-x86_64 = ${version-edge} ${arch-x86_64} ${test} { |
26 | ami_regions { | ||
27 | us-east-1 = false | ||
28 | } | ||
29 | # try rng-tools instead of haveged | ||
30 | pkgs { | ||
31 | haveged = false | ||
32 | rng-tools = true | ||
33 | } | ||
34 | svcs { | ||
35 | haveged = false | ||
36 | rngd = "boot" | ||
37 | } | ||
38 | } | ||
28 | } | 39 | } |
diff --git a/profiles/version/3.9 b/profiles/version/3.9 index 7c98ba1..3d950e0 100644 --- a/profiles/version/3.9 +++ b/profiles/version/3.9 | |||
@@ -4,9 +4,9 @@ | |||
4 | include "../base/current" | 4 | include "../base/current" |
5 | 5 | ||
6 | # set version-specific vars | 6 | # set version-specific vars |
7 | version = "3.9" | 7 | version = "3.9" |
8 | release = "3.9.3" | 8 | release = "3.9.3" |
9 | end_of_life = null # set to YYYY-MM-DD when known | 9 | end_of_life = null # set to "YYYY-MM-DD" when known |
10 | repos { | 10 | repos { |
11 | "http://dl-cdn.alpinelinux.org/alpine/v3.9/main": true | 11 | "http://dl-cdn.alpinelinux.org/alpine/v3.9/main": true |
12 | "http://dl-cdn.alpinelinux.org/alpine/v3.9/community": true | 12 | "http://dl-cdn.alpinelinux.org/alpine/v3.9/community": true |
diff --git a/profiles/version/edge b/profiles/version/edge index 248d31c..371e7e4 100644 --- a/profiles/version/edge +++ b/profiles/version/edge | |||
@@ -4,11 +4,12 @@ | |||
4 | include "current" | 4 | include "current" |
5 | 5 | ||
6 | # add edge-specific tweaks... | 6 | # add edge-specific tweaks... |
7 | version = edge | 7 | version = "edge" |
8 | release = edge | 8 | release = "edge" |
9 | end_of_life = "@TODAY@" | 9 | end_of_life = "@TODAY@" |
10 | revision = "@NOW@" | 10 | revision = "@NOW@" |
11 | repos = null | 11 | |
12 | repos = null # undo "current" repos | ||
12 | repos { | 13 | repos { |
13 | "http://dl-cdn.alpinelinux.org/alpine/edge/main": true | 14 | "http://dl-cdn.alpinelinux.org/alpine/edge/main": true |
14 | "http://dl-cdn.alpinelinux.org/alpine/edge/community": true | 15 | "http://dl-cdn.alpinelinux.org/alpine/edge/community": true |
diff --git a/scripts/resolve-profile.py.in b/scripts/resolve-profile.py.in index daae31f..67f9d24 100644 --- a/scripts/resolve-profile.py.in +++ b/scripts/resolve-profile.py.in | |||
@@ -13,13 +13,6 @@ profile_conf = os.path.join(script_dir, '..', 'profiles', profile + '.conf') | |||
13 | # where we store profile's builds | 13 | # where we store profile's builds |
14 | profile_dir = os.path.join(script_dir, 'profile') | 14 | profile_dir = os.path.join(script_dir, 'profile') |
15 | 15 | ||
16 | # TODO? make these dicts instead? | ||
17 | # fold these list vars down to scalar | ||
18 | fold_list_keys = [ | ||
19 | 'ami_access', 'ami_regions' | ||
20 | ] | ||
21 | |||
22 | # parse/resolve HOCON profile config, we need just the 'builds' portion | ||
23 | builds = ConfigFactory.parse_file(profile_conf)['builds'] | 16 | builds = ConfigFactory.parse_file(profile_conf)['builds'] |
24 | 17 | ||
25 | # clean out any old builds | 18 | # clean out any old builds |
@@ -27,6 +20,25 @@ if os.path.exists(profile_dir): | |||
27 | shutil.rmtree(profile_dir) | 20 | shutil.rmtree(profile_dir) |
28 | os.makedirs(profile_dir) | 21 | os.makedirs(profile_dir) |
29 | 22 | ||
23 | # func to fold dict down to scalar | ||
24 | def fold(dict, fmt): | ||
25 | a = [] | ||
26 | for k, v in dict.items(): | ||
27 | if v == True: | ||
28 | a.append(k) | ||
29 | elif not (v == None or v == False): | ||
30 | a.append(fmt.format(k, v)) | ||
31 | return ','.join(str(x) for x in a) | ||
32 | |||
33 | # fold these dicts vars down to scalar, based on item values | ||
34 | fold_dicts = { | ||
35 | 'ami_access': '{0}', | ||
36 | 'ami_regions': '{0}', | ||
37 | 'repos': '@{1} {0}', | ||
38 | 'pkgs': '{0}@{1}' | ||
39 | } | ||
40 | |||
41 | # parse/resolve HOCON profile config, we need just the 'builds' portion | ||
30 | # for each build | 42 | # for each build |
31 | for bk, b in builds.items(): | 43 | for bk, b in builds.items(): |
32 | 44 | ||
@@ -45,48 +57,20 @@ for bk, b in builds.items(): | |||
45 | if b['revision'] == '@NOW@': | 57 | if b['revision'] == '@NOW@': |
46 | b['revision'] = time.strftime('%Y%m%d%H%M%S', time.gmtime()) | 58 | b['revision'] = time.strftime('%Y%m%d%H%M%S', time.gmtime()) |
47 | 59 | ||
48 | # fold list vars to scalars | 60 | # fold dict vars to scalars |
49 | for k in fold_list_keys: | 61 | for dk, fmt in fold_dicts.items(): |
50 | if k in b and isinstance(b[k], list): | 62 | b[dk] = fold(b[dk], fmt) |
51 | b[k] = ','.join(str(x) for x in b[k]) | ||
52 | 63 | ||
53 | # fold 'repos' hash to scalar | 64 | # fold 'svcs' dict to scalar |
54 | repos = [] | 65 | svcs = {} |
55 | for repo, v in b['repos'].items(): | ||
56 | if v == True: | ||
57 | # repo without alias | ||
58 | repos.append(repo) | ||
59 | elif not (v == False or v == None): | ||
60 | # repo with alias (skip repo when false/null) | ||
61 | v.lstrip('@') | ||
62 | repos.append(f"@{v} {repo}") | ||
63 | b['repos'] = ','.join(str(x) for x in repos) | ||
64 | |||
65 | # fold 'pkgs' hash to scalar | ||
66 | pkgs = [] | ||
67 | for pkg, v in b['pkgs'].items(): | ||
68 | if v == True: | ||
69 | # unpinned package | ||
70 | pkgs.append(pkg) | ||
71 | elif not (v == False or v == None): | ||
72 | # repo-pinned package (skip pkg when false/null) | ||
73 | v.lstrip('@') | ||
74 | pkgs.append(f'{pkg}@{v}') | ||
75 | b['pkgs'] = ','.join(str(x) for x in pkgs) | ||
76 | |||
77 | # fold 'svcs' hash to scalar | ||
78 | svcs = { | ||
79 | 'sysinit': [], | ||
80 | 'boot': [], | ||
81 | 'default': [], | ||
82 | 'shutdown': [] | ||
83 | } | ||
84 | for svc, v in b['svcs'].items(): | 66 | for svc, v in b['svcs'].items(): |
85 | if v == True: | 67 | if v == True: |
86 | # service in default runlevel | 68 | # service in default runlevel |
87 | svcs['default'].append(svc) | 69 | svcs['default'].append(svc) |
88 | elif not (v == False or v == None): | 70 | elif not (v == None or v == False): |
89 | # service in specified runlevel (skip svc when false/null) | 71 | # service in specified runlevel (skip svc when false/null) |
72 | if v not in svcs.keys(): | ||
73 | svcs[v] = [] | ||
90 | svcs[v].append(svc) | 74 | svcs[v].append(svc) |
91 | b['svcs'] = ':'.join(str(l) + '=' + ','.join(str(s) for s in ss) for l, ss in svcs.items()) | 75 | b['svcs'] = ':'.join(str(l) + '=' + ','.join(str(s) for s in ss) for l, ss in svcs.items()) |
92 | 76 | ||
diff --git a/scripts/setup-ami.sh b/scripts/setup-ami.sh index 4102c0f..b79768c 100755 --- a/scripts/setup-ami.sh +++ b/scripts/setup-ami.sh | |||
@@ -3,12 +3,6 @@ | |||
3 | 3 | ||
4 | set -eu | 4 | set -eu |
5 | 5 | ||
6 | # TODO: profile-ize these | ||
7 | : ${APK_TOOLS_URI:="https://github.com/alpinelinux/apk-tools/releases/download/v2.10.3/apk-tools-2.10.3-x86_64-linux.tar.gz"} | ||
8 | : ${APK_TOOLS_SHA256:="4d0b2cda606720624589e6171c374ec6d138867e03576d9f518dddde85c33839"} | ||
9 | : ${ALPINE_KEYS:="http://dl-cdn.alpinelinux.org/alpine/v3.9/main/x86_64/alpine-keys-2.1-r1.apk"} | ||
10 | : ${ALPINE_KEYS_SHA256:="9c7bc5d2e24c36982da7aa49b3cfcb8d13b20f7a03720f25625fa821225f5fbc"} | ||
11 | |||
12 | die() { | 6 | die() { |
13 | printf '\033[1;31mERROR:\033[0m %s\n' "$@" >&2 # bold red | 7 | printf '\033[1;31mERROR:\033[0m %s\n' "$@" >&2 # bold red |
14 | exit 1 | 8 | exit 1 |
@@ -53,9 +47,9 @@ validate_block_device() { | |||
53 | 47 | ||
54 | fetch_apk_tools() { | 48 | fetch_apk_tools() { |
55 | local store="$(mktemp -d)" | 49 | local store="$(mktemp -d)" |
56 | local tarball="$(basename $APK_TOOLS_URI)" | 50 | local tarball="$(basename $APK_TOOLS)" |
57 | 51 | ||
58 | wgets "$APK_TOOLS_URI" "$APK_TOOLS_SHA256" "$store/$tarball" | 52 | wgets "$APK_TOOLS" "$APK_TOOLS_SHA256" "$store/$tarball" |
59 | tar -C "$store" -xf "$store/$tarball" | 53 | tar -C "$store" -xf "$store/$tarball" |
60 | 54 | ||
61 | find "$store" -name apk | 55 | find "$store" -name apk |
@@ -117,8 +111,7 @@ install_core_packages() { | |||
117 | 111 | ||
118 | chroot "$target" apk --no-cache add $pkgs | 112 | chroot "$target" apk --no-cache add $pkgs |
119 | 113 | ||
120 | # TODO: use BOOTSTRAP | 114 | chroot "$target" apk --no-cache add --no-scripts $BOOTLOADER |
121 | chroot "$target" apk --no-cache add --no-scripts syslinux | ||
122 | 115 | ||
123 | # Disable starting getty for physical ttys because they're all inaccessible | 116 | # Disable starting getty for physical ttys because they're all inaccessible |
124 | # anyhow. With this configuration boot messages will still display in the | 117 | # anyhow. With this configuration boot messages will still display in the |
@@ -138,10 +131,12 @@ setup_mdev() { | |||
138 | sed -n -i -e '/# fallback/r /tmp/nvme-ebs-mdev.conf' -e 1x -e '2,${x;p}' -e '${x;p}' "$target"/etc/mdev.conf | 131 | sed -n -i -e '/# fallback/r /tmp/nvme-ebs-mdev.conf' -e 1x -e '2,${x;p}' -e '${x;p}' "$target"/etc/mdev.conf |
139 | } | 132 | } |
140 | 133 | ||
141 | # TODO: use alpine-conf setup-*? | 134 | # TODO: use alpine-conf setup-*? (based on $BOOTLOADER) |
142 | create_initfs() { | 135 | create_initfs() { |
143 | local target="$1" | 136 | local target="$1" |
144 | 137 | ||
138 | # TODO: other useful mkinitfs stuff? | ||
139 | |||
145 | # Create ENA feature for mkinitfs | 140 | # Create ENA feature for mkinitfs |
146 | echo "kernel/drivers/net/ethernet/amazon" > \ | 141 | echo "kernel/drivers/net/ethernet/amazon" > \ |
147 | "$target"/etc/mkinitfs/features.d/ena.modules | 142 | "$target"/etc/mkinitfs/features.d/ena.modules |
@@ -154,7 +149,7 @@ create_initfs() { | |||
154 | chroot "$target" /sbin/mkinitfs $(basename $(find "$target"/lib/modules/* -maxdepth 0)) | 149 | chroot "$target" /sbin/mkinitfs $(basename $(find "$target"/lib/modules/* -maxdepth 0)) |
155 | } | 150 | } |
156 | 151 | ||
157 | # TODO: use alpine-conf setup-*? | 152 | # TODO: this is for syslinux only, there's likely a grub equivalence |
158 | setup_extlinux() { | 153 | setup_extlinux() { |
159 | local target="$1" | 154 | local target="$1" |
160 | 155 | ||
@@ -178,7 +173,7 @@ setup_extlinux() { | |||
178 | "$target"/etc/update-extlinux.conf | 173 | "$target"/etc/update-extlinux.conf |
179 | } | 174 | } |
180 | 175 | ||
181 | # TODO: use alpine-conf setup-*? | 176 | # TODO: this is for syslinux only, there's likely a grub equivalence |
182 | install_extlinux() { | 177 | install_extlinux() { |
183 | local target="$1" | 178 | local target="$1" |
184 | 179 | ||
@@ -216,7 +211,8 @@ enable_services() { | |||
216 | done | 211 | done |
217 | } | 212 | } |
218 | 213 | ||
219 | # TODO: allow profile to specify alternate ALPINE_USER | 214 | # TODO: allow profile to specify alternate ALPINE_USER? |
215 | # NOTE: tiny-ec2-bootstrap will need to be updated to support that! | ||
220 | create_alpine_user() { | 216 | create_alpine_user() { |
221 | local target="$1" | 217 | local target="$1" |
222 | 218 | ||
@@ -270,11 +266,6 @@ cleanup() { | |||
270 | umount "$target" | 266 | umount "$target" |
271 | } | 267 | } |
272 | 268 | ||
273 | version_sorted() { | ||
274 | # falsey if $1 version > $2 version | ||
275 | printf "%s\n%s" $1 $2 | sort -VC | ||
276 | } | ||
277 | |||
278 | main() { | 269 | main() { |
279 | local repos=$(echo "$REPOS" | tr , "\n") | 270 | local repos=$(echo "$REPOS" | tr , "\n") |
280 | local pkgs=$(echo "$PKGS" | tr , ' ') | 271 | local pkgs=$(echo "$PKGS" | tr , ' ') |
@@ -307,6 +298,7 @@ main() { | |||
307 | einfo "Installing core packages" | 298 | einfo "Installing core packages" |
308 | install_core_packages "$target" "$pkgs" | 299 | install_core_packages "$target" "$pkgs" |
309 | 300 | ||
301 | # TODO: syslinux vs grub, maybe use setup-* scripts? | ||
310 | einfo "Configuring and enabling boot loader" | 302 | einfo "Configuring and enabling boot loader" |
311 | create_initfs "$target" | 303 | create_initfs "$target" |
312 | setup_extlinux "$target" | 304 | setup_extlinux "$target" |
diff --git a/scripts/yaml2json.py.in b/scripts/yaml2json.py.in deleted file mode 100644 index ec9c8e8..0000000 --- a/scripts/yaml2json.py.in +++ /dev/null | |||
@@ -1,9 +0,0 @@ | |||
1 | @PYTHON@ | ||
2 | |||
3 | # Simple little YAML/JSON converter so we can maintain our Packer configs in a | ||
4 | # sane format that allows comments but also use Packer which only supports JSON | ||
5 | |||
6 | import yaml, json, sys | ||
7 | |||
8 | y = yaml.full_load(open(sys.argv[1])) | ||
9 | json.dump(y, sys.stdout, indent=4, separators=(',', ': ')) | ||