From d1e794c258f0f4699c633985470f684b719c3d83 Mon Sep 17 00:00:00 2001 From: William Petit Date: Mon, 23 Oct 2023 17:45:55 +0200 Subject: [PATCH] feat(hydra): add base recipe using ansible-role-sso --- recipes/debian/hydra.pkr.hcl | 40 +++++++++++++++++++ recipes/debian/provisionning/hydra/.gitignore | 1 + .../provisionning/hydra/ansible-vars.yml | 11 +++++ .../provisionning/hydra/clone-role-sso.yml | 10 +++++ .../provisionning/hydra/run-role-sso.yml | 3 ++ recipes/debian/readme.hydra.md | 23 +++++++++++ 6 files changed, 88 insertions(+) create mode 100644 recipes/debian/hydra.pkr.hcl create mode 100644 recipes/debian/provisionning/hydra/.gitignore create mode 100644 recipes/debian/provisionning/hydra/ansible-vars.yml create mode 100644 recipes/debian/provisionning/hydra/clone-role-sso.yml create mode 100644 recipes/debian/provisionning/hydra/run-role-sso.yml create mode 100644 recipes/debian/readme.hydra.md diff --git a/recipes/debian/hydra.pkr.hcl b/recipes/debian/hydra.pkr.hcl new file mode 100644 index 0000000..22ec86a --- /dev/null +++ b/recipes/debian/hydra.pkr.hcl @@ -0,0 +1,40 @@ +#Flavour base +build { + name = "hydra" + description = <" ] + ssh_clear_authorized_keys = true + } + + // Clone ansible-role-sso repository + provisioner "ansible" { + playbook_file = "${local.locations.provisionning}/hydra/clone-role-sso.yml" + // Manjaro/Arch OpenSSH version compatibility mode + // See https://github.com/hashicorp/packer/issues/11783 + extra_arguments = [ "--scp-extra-args", "'-O'", "-v" ] + } + + // Run ansible-role-sso playbook from cloned repository + provisioner "ansible" { + playbook_file = "${local.locations.provisionning}/hydra/run-role-sso.yml" + // Manjaro/Arch OpenSSH version compatibility mode + // See https://github.com/hashicorp/packer/issues/11783 + extra_arguments = [ "--scp-extra-args", "'-O'", "-v", "--extra-vars=@${local.locations.provisionning}/hydra/ansible-vars.yml", "--tags=hydra-only" ] + } + + post-processor "shell-local" { + inline = [ + "/bin/sh ${path.cwd}/post-processors/sparsify.sh ${var.output_dir}/${var.version}/hydra ${var.image_version}", + ] + } + + post-processor "manifest" { + keep_input_artifact = true + } +} \ No newline at end of file diff --git a/recipes/debian/provisionning/hydra/.gitignore b/recipes/debian/provisionning/hydra/.gitignore new file mode 100644 index 0000000..014e296 --- /dev/null +++ b/recipes/debian/provisionning/hydra/.gitignore @@ -0,0 +1 @@ +/role-sso \ No newline at end of file diff --git a/recipes/debian/provisionning/hydra/ansible-vars.yml b/recipes/debian/provisionning/hydra/ansible-vars.yml new file mode 100644 index 0000000..1def671 --- /dev/null +++ b/recipes/debian/provisionning/hydra/ansible-vars.yml @@ -0,0 +1,11 @@ +--- +hydra_use_external_database: true + +enable_hydra_dispatcher: false +enable_hydra_passwordless: false +enable_hydra_saml: false +enable_hydra_oidc: false +enable_hydra_ldap: false +enable_oidc_test_app: false + +install_only: true \ No newline at end of file diff --git a/recipes/debian/provisionning/hydra/clone-role-sso.yml b/recipes/debian/provisionning/hydra/clone-role-sso.yml new file mode 100644 index 0000000..3bfa798 --- /dev/null +++ b/recipes/debian/provisionning/hydra/clone-role-sso.yml @@ -0,0 +1,10 @@ +--- +- name: Ciblage de la machine locale + hosts: localhost + connection: local + tasks: + - name: Clonage du projet "Cadoles/ansible-role-sso" + ansible.builtin.git: + repo: "ssh://git@forge.cadoles.com:2222/Cadoles/ansible-role-sso.git" + dest: "role-sso" + version: "master" diff --git a/recipes/debian/provisionning/hydra/run-role-sso.yml b/recipes/debian/provisionning/hydra/run-role-sso.yml new file mode 100644 index 0000000..730d068 --- /dev/null +++ b/recipes/debian/provisionning/hydra/run-role-sso.yml @@ -0,0 +1,3 @@ +--- +- hosts: all + roles: [ role-sso ] diff --git a/recipes/debian/readme.hydra.md b/recipes/debian/readme.hydra.md new file mode 100644 index 0000000..45cbe54 --- /dev/null +++ b/recipes/debian/readme.hydra.md @@ -0,0 +1,23 @@ +# Flavor "Hydra" + +## Construction de l'image + +1. Lancer la construction de l'image de la machine virtuelle + + ``` + PACKER_OPTS="-var headless=false" ./build start debian 12 + ``` + + ou si l'image Debian de base est déjà construite: + + ``` + BUILDER="vmware-vmx" PACKER_OPTS="-var headless=false" ./build run debian 12 hydra + ``` + + > **Tip** Le paramètre `PACKER_OPTS="-var headless=false"` n'est nécessaire que dans le cas où vous souhaitez l'exécuteur VMWare avec son interface graphique. + +## Générer le fichier OVF à partir de l'OVA + +``` +ovftool output/debian/12.2.0/hydra/hydra-debian-12.2.0.ova output/debian/12.2.0/hydra/hydra-debian-12.2.0.ovf +``` \ No newline at end of file