vms/recipes/debian/hydra.pkr.hcl

#Flavour base
build {
  name = "hydra"
  description = <<EOF
This builder build a Debian 12 image for Ory Hydra
EOF
  source "hydra.vmware-vmx.debian" {
    output_directory = "${var.output_dir}/${var.version}/hydra"
    vm_name          = "hydra-${local.output_name}-${var.version}"
    source_path      = "${var.output_dir}/${var.version}/base/${local.output_name}-${var.version}.vmx"
    boot_command     = [ "<enter><enter><wait>" ]
    ssh_clear_authorized_keys = true
    vmx_data_post = {
      "memsize" = "2048",
      "numvcpus" = "2",
    }
  }

  // Clone ansible-role-sso repository
  provisioner "ansible" {
    playbook_file = "${local.locations.provisionning}/hydra/clone-role-sso.yml"
    // Manjaro/Arch OpenSSH version compatibility mode
    // See https://github.com/hashicorp/packer/issues/11783
    extra_arguments = [ "--scp-extra-args", "'-O'", "-v" ]
  }

  // Run ansible-role-sso playbook from cloned repository
  provisioner "ansible" {
    playbook_file = "${local.locations.provisionning}/hydra/run-role-sso.yml"
    // Manjaro/Arch OpenSSH version compatibility mode
    // See https://github.com/hashicorp/packer/issues/11783
    extra_arguments = [ "--scp-extra-args", "'-O'", "-v", "--extra-vars=@${local.locations.provisionning}/hydra/ansible-vars.yml" ]
  }

  // Copy ssh Cadoles keys
  provisioner "file" {
    destination = "/tmp"
    source = "${local.locations.provisionning}/ssh/cadoles/"
  }

  // Copy CNOUS SSH keys
  provisioner "file" {
    destination = "/tmp"
    source = "${local.locations.provisionning}/ssh/cnous/"
  }

  provisioner "shell" {
    inline = [
      "sh -cx 'cat /tmp/*.pub >> /root/.ssh/authorized_keys'",
      "sh -cx 'chmod -R 600 /root/.ssh/authorized_keys'"
    ]
  }

  post-processor "shell-local" {
    inline = [
      "/bin/sh ${path.cwd}/post-processors/sparsify.sh ${var.output_dir}/${var.version}/hydra ${var.image_version}",
    ]
  }

  post-processor "manifest" {
    keep_input_artifact = true
  }
}