Make AWS AMI builder fetch package from artifact instead of S3 bucket
Signed-off-by: Balasankar "Balu" C <balasankar@gitlab.com>
This commit is contained in:
parent
d506125b64
commit
0702eb4db3
|
@ -713,12 +713,12 @@ validate_packer_changes:
|
|||
image: "${PUBLIC_BUILDER_IMAGE_REGISTRY}/debian_packer:${BUILDER_IMAGE_REVISION}"
|
||||
stage: check
|
||||
script:
|
||||
- cd "${CI_PROJECT_DIR}/support/packer" && packer validate -var aws_access_key=XXX -var aws_secret_key=XXX -var download_url=XXX ce-arm64.pkr.hcl
|
||||
- cd "${CI_PROJECT_DIR}/support/packer" && packer validate -var aws_access_key=XXX -var aws_secret_key=XXX -var download_url=XXX ce.pkr.hcl
|
||||
- cd "${CI_PROJECT_DIR}/support/packer" && packer validate -var aws_access_key=XXX -var aws_secret_key=XXX -var download_url=XXX ee-arm64.pkr.hcl
|
||||
- cd "${CI_PROJECT_DIR}/support/packer" && packer validate -var aws_access_key=XXX -var aws_secret_key=XXX -var download_url=XXX ee-premium.pkr.hcl
|
||||
- cd "${CI_PROJECT_DIR}/support/packer" && packer validate -var aws_access_key=XXX -var aws_secret_key=XXX -var download_url=XXX ee-ultimate.pkr.hcl
|
||||
- cd "${CI_PROJECT_DIR}/support/packer" && packer validate -var aws_access_key=XXX -var aws_secret_key=XXX -var download_url=XXX ee.pkr.hcl
|
||||
- cd "${CI_PROJECT_DIR}/support/packer" && packer validate -var ci_job_token=XXX -var aws_access_key=XXX -var aws_secret_key=XXX -var download_url=XXX ce-arm64.pkr.hcl
|
||||
- cd "${CI_PROJECT_DIR}/support/packer" && packer validate -var ci_job_token=XXX -var aws_access_key=XXX -var aws_secret_key=XXX -var download_url=XXX ce.pkr.hcl
|
||||
- cd "${CI_PROJECT_DIR}/support/packer" && packer validate -var ci_job_token=XXX -var aws_access_key=XXX -var aws_secret_key=XXX -var download_url=XXX ee-arm64.pkr.hcl
|
||||
- cd "${CI_PROJECT_DIR}/support/packer" && packer validate -var ci_job_token=XXX -var aws_access_key=XXX -var aws_secret_key=XXX -var download_url=XXX ee-premium.pkr.hcl
|
||||
- cd "${CI_PROJECT_DIR}/support/packer" && packer validate -var ci_job_token=XXX -var aws_access_key=XXX -var aws_secret_key=XXX -var download_url=XXX ee-ultimate.pkr.hcl
|
||||
- cd "${CI_PROJECT_DIR}/support/packer" && packer validate -var ci_job_token=XXX -var aws_access_key=XXX -var aws_secret_key=XXX -var download_url=XXX ee.pkr.hcl
|
||||
rules:
|
||||
- if: '$PIPELINE_TYPE == "_TEST_PIPELINE"'
|
||||
changes:
|
||||
|
|
|
@ -14,7 +14,7 @@ class AWSHelper
|
|||
@type = type || 'ce'
|
||||
end
|
||||
|
||||
def create_ami
|
||||
def create_ami_old
|
||||
release_type = Gitlab::Util.get_env('AWS_RELEASE_TYPE')
|
||||
architecture = Gitlab::Util.get_env('AWS_ARCHITECTURE')
|
||||
args = {}
|
||||
|
@ -31,7 +31,27 @@ class AWSHelper
|
|||
|
||||
@download_url = Build::Info.ami_deb_package_download_url(**args)
|
||||
|
||||
system(*%W[support/packer/packer_ami.sh #{@version} #{@type} #{@download_url} #{@license_file}])
|
||||
system(*%W[support/packer_old/packer_ami.sh #{@version} #{@type} #{@download_url} #{@license_file}])
|
||||
end
|
||||
|
||||
def create_ami
|
||||
release_type = Gitlab::Util.get_env('AWS_RELEASE_TYPE')
|
||||
architecture = Gitlab::Util.get_env('AWS_ARCHITECTURE')
|
||||
|
||||
if (@type == 'ee') && release_type
|
||||
@type = "ee-#{release_type}"
|
||||
@license_file = "AWS_#{release_type}_LICENSE_FILE".upcase
|
||||
end
|
||||
|
||||
if architecture
|
||||
@type = "#{@type}-#{architecture}"
|
||||
else
|
||||
architecture = 'amd64'
|
||||
end
|
||||
|
||||
@download_url = Build::Info::CI.package_download_url(job_name: "Ubuntu-20.04", arch: architecture)
|
||||
|
||||
system(*%W[support/packer/packer_ami.sh #{@version} #{@type} #{@download_url} #{Build::Info::CI.job_token} #{@license_file}])
|
||||
end
|
||||
|
||||
def set_marketplace_details
|
||||
|
|
|
@ -12,7 +12,11 @@ namespace :aws do
|
|||
next if Build::Check.is_auto_deploy? || Build::Check.is_rc_tag?
|
||||
|
||||
Omnibus.load_configuration('omnibus.rb')
|
||||
AWSHelper.new(Omnibus::BuildVersion.semver, Build::Info.edition).create_ami
|
||||
if Gitlab::Util.get_env('AMI_USE_OLD_BUILD_PROCESS') == "true"
|
||||
AWSHelper.new(Omnibus::BuildVersion.semver, Build::Info.edition).create_ami_old
|
||||
else
|
||||
AWSHelper.new(Omnibus::BuildVersion.semver, Build::Info.edition).create_ami
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -40,6 +40,27 @@ RSpec.describe 'aws:ami:create', type: :rake do
|
|||
before do
|
||||
Rake::Task['aws:ami:create'].reenable
|
||||
allow_any_instance_of(Kernel).to receive(:system).and_return(true)
|
||||
allow(ENV).to receive(:[]).and_call_original
|
||||
stub_env_var('CI_JOB_TOKEN', 'CI-NO-JOB-TOKEN')
|
||||
end
|
||||
|
||||
context 'when using `AMI_USE_OLD_BUILD_PROCESS` environment variable' do
|
||||
before do
|
||||
stub_env_var('AMI_USE_OLD_BUILD_PROCESS', 'true')
|
||||
allow(Build::Check).to receive(:on_tag?).and_return(true)
|
||||
allow(Build::Check).to receive(:is_auto_deploy?).and_return(false)
|
||||
allow(Build::Check).to receive(:is_rc_tag?).and_return(false)
|
||||
allow(Build::Info).to receive(:ami_deb_package_download_url).and_return('http://example.com')
|
||||
end
|
||||
|
||||
it 'should call the old script' do
|
||||
allow(Build::Info).to receive(:edition).and_return('ce')
|
||||
allow(Omnibus::BuildVersion).to receive(:semver).and_return('9.3.0')
|
||||
|
||||
expect_any_instance_of(Kernel).to receive(:system).with(*["support/packer_old/packer_ami.sh", "9.3.0", "ce", "http://example.com", ""])
|
||||
|
||||
Rake::Task['aws:ami:create'].invoke
|
||||
end
|
||||
end
|
||||
|
||||
describe 'on a regular tag' do
|
||||
|
@ -47,14 +68,14 @@ RSpec.describe 'aws:ami:create', type: :rake do
|
|||
allow(Build::Check).to receive(:on_tag?).and_return(true)
|
||||
allow(Build::Check).to receive(:is_auto_deploy?).and_return(false)
|
||||
allow(Build::Check).to receive(:is_rc_tag?).and_return(false)
|
||||
allow(Build::Info).to receive(:ami_deb_package_download_url).and_return('http://example.com')
|
||||
allow(Build::Info::CI).to receive(:package_download_url).and_return('http://example.com')
|
||||
end
|
||||
|
||||
it 'should identify ce category correctly, if specified' do
|
||||
allow(Build::Info).to receive(:edition).and_return('ce')
|
||||
allow(Omnibus::BuildVersion).to receive(:semver).and_return('9.3.0')
|
||||
|
||||
expect_any_instance_of(Kernel).to receive(:system).with(*["support/packer/packer_ami.sh", "9.3.0", "ce", "http://example.com", ""])
|
||||
expect_any_instance_of(Kernel).to receive(:system).with(*["support/packer/packer_ami.sh", "9.3.0", "ce", "http://example.com", "CI-NO-JOB-TOKEN", ""])
|
||||
|
||||
Rake::Task['aws:ami:create'].invoke
|
||||
end
|
||||
|
@ -63,7 +84,7 @@ RSpec.describe 'aws:ami:create', type: :rake do
|
|||
allow(Build::Info).to receive(:edition).and_return(nil)
|
||||
allow(Omnibus::BuildVersion).to receive(:semver).and_return('9.3.0')
|
||||
|
||||
expect_any_instance_of(Kernel).to receive(:system).with(*["support/packer/packer_ami.sh", "9.3.0", "ce", "http://example.com", ""])
|
||||
expect_any_instance_of(Kernel).to receive(:system).with(*["support/packer/packer_ami.sh", "9.3.0", "ce", "http://example.com", "CI-NO-JOB-TOKEN", ""])
|
||||
|
||||
Rake::Task['aws:ami:create'].invoke
|
||||
end
|
||||
|
@ -72,7 +93,7 @@ RSpec.describe 'aws:ami:create', type: :rake do
|
|||
allow(Build::Info).to receive(:edition).and_return('ee')
|
||||
allow(Omnibus::BuildVersion).to receive(:semver).and_return('9.3.0')
|
||||
|
||||
expect_any_instance_of(Kernel).to receive(:system).with(*["support/packer/packer_ami.sh", "9.3.0", "ee", "http://example.com", ""])
|
||||
expect_any_instance_of(Kernel).to receive(:system).with(*["support/packer/packer_ami.sh", "9.3.0", "ee", "http://example.com", "CI-NO-JOB-TOKEN", ""])
|
||||
|
||||
Rake::Task['aws:ami:create'].invoke
|
||||
end
|
||||
|
@ -83,7 +104,7 @@ RSpec.describe 'aws:ami:create', type: :rake do
|
|||
allow(Build::Info).to receive(:edition).and_return(nil)
|
||||
allow(Omnibus::BuildVersion).to receive(:semver).and_return('9.3.0')
|
||||
|
||||
expect_any_instance_of(Kernel).to receive(:system).with(*["support/packer/packer_ami.sh", "9.3.0", "ce-arm64", "http://example.com", ""])
|
||||
expect_any_instance_of(Kernel).to receive(:system).with(*["support/packer/packer_ami.sh", "9.3.0", "ce-arm64", "http://example.com", "CI-NO-JOB-TOKEN", ""])
|
||||
|
||||
Rake::Task['aws:ami:create'].invoke
|
||||
end
|
||||
|
@ -94,7 +115,7 @@ RSpec.describe 'aws:ami:create', type: :rake do
|
|||
allow(Build::Info).to receive(:edition).and_return('ee')
|
||||
allow(Omnibus::BuildVersion).to receive(:semver).and_return('9.3.0')
|
||||
|
||||
expect_any_instance_of(Kernel).to receive(:system).with(*["support/packer/packer_ami.sh", "9.3.0", "ee-arm64", "http://example.com", ""])
|
||||
expect_any_instance_of(Kernel).to receive(:system).with(*["support/packer/packer_ami.sh", "9.3.0", "ee-arm64", "http://example.com", "CI-NO-JOB-TOKEN", ""])
|
||||
|
||||
Rake::Task['aws:ami:create'].invoke
|
||||
end
|
||||
|
@ -105,7 +126,7 @@ RSpec.describe 'aws:ami:create', type: :rake do
|
|||
allow(Gitlab::Util).to receive(:get_env).with("AWS_RELEASE_TYPE").and_return('ultimate')
|
||||
allow(Omnibus::BuildVersion).to receive(:semver).and_return('9.3.0')
|
||||
|
||||
expect_any_instance_of(Kernel).to receive(:system).with(*["support/packer/packer_ami.sh", "9.3.0", "ee-ultimate", "http://example.com", "AWS_ULTIMATE_LICENSE_FILE"])
|
||||
expect_any_instance_of(Kernel).to receive(:system).with(*["support/packer/packer_ami.sh", "9.3.0", "ee-ultimate", "http://example.com", "CI-NO-JOB-TOKEN", "AWS_ULTIMATE_LICENSE_FILE"])
|
||||
|
||||
Rake::Task['aws:ami:create'].invoke
|
||||
end
|
||||
|
@ -116,7 +137,7 @@ RSpec.describe 'aws:ami:create', type: :rake do
|
|||
allow(Gitlab::Util).to receive(:get_env).with("AWS_RELEASE_TYPE").and_return('premium')
|
||||
allow(Omnibus::BuildVersion).to receive(:semver).and_return('9.3.0')
|
||||
|
||||
expect_any_instance_of(Kernel).to receive(:system).with(*["support/packer/packer_ami.sh", "9.3.0", "ee-premium", "http://example.com", "AWS_PREMIUM_LICENSE_FILE"])
|
||||
expect_any_instance_of(Kernel).to receive(:system).with(*["support/packer/packer_ami.sh", "9.3.0", "ee-premium", "http://example.com", "CI-NO-JOB-TOKEN", "AWS_PREMIUM_LICENSE_FILE"])
|
||||
|
||||
Rake::Task['aws:ami:create'].invoke
|
||||
end
|
||||
|
@ -127,7 +148,7 @@ RSpec.describe 'aws:ami:create', type: :rake do
|
|||
allow(Build::Check).to receive(:on_tag?).and_return(true)
|
||||
allow(Build::Check).to receive(:is_auto_deploy?).and_return(false)
|
||||
allow(Build::Check).to receive(:is_rc_tag?).and_return(true)
|
||||
allow(Build::Info).to receive(:ami_deb_package_download_url).and_return('http://example.com')
|
||||
allow(Build::Info::CI).to receive(:package_download_url).and_return('http://example.com')
|
||||
end
|
||||
|
||||
it 'does not do anything' do
|
||||
|
@ -142,7 +163,7 @@ RSpec.describe 'aws:ami:create', type: :rake do
|
|||
allow(Build::Check).to receive(:on_tag?).and_return(true)
|
||||
allow(Build::Check).to receive(:is_auto_deploy?).and_return(true)
|
||||
allow(Build::Check).to receive(:is_rc_tag?).and_return(false)
|
||||
allow(Build::Info).to receive(:ami_deb_package_download_url).and_return('http://example.com')
|
||||
allow(Build::Info::CI).to receive(:package_download_url).and_return('http://example.com')
|
||||
end
|
||||
|
||||
it 'does not do anything' do
|
||||
|
|
|
@ -14,6 +14,11 @@ variable "download_url" {
|
|||
type = string
|
||||
}
|
||||
|
||||
# ci_job_token is the token used to download the package from CI artifacts
|
||||
variable "ci_job_token" {
|
||||
type = string
|
||||
}
|
||||
|
||||
# license_file, somewhat of a misnomer, is the contents of the license to
|
||||
# install on the image. Due to the size of the license contents, it is usually
|
||||
# better to use a shell variable to hold the contents and then use the variable
|
||||
|
@ -121,7 +126,7 @@ build {
|
|||
}
|
||||
|
||||
provisioner "shell" {
|
||||
environment_vars = ["DOWNLOAD_URL=${var.download_url}"]
|
||||
environment_vars = ["DOWNLOAD_URL=${var.download_url}", "CI_JOB_TOKEN=${var.ci_job_token}"]
|
||||
script = "update-script-ce.sh"
|
||||
}
|
||||
|
||||
|
|
|
@ -14,6 +14,11 @@ variable "download_url" {
|
|||
type = string
|
||||
}
|
||||
|
||||
# ci_job_token is the token used to download the package from CI artifacts
|
||||
variable "ci_job_token" {
|
||||
type = string
|
||||
}
|
||||
|
||||
# license_file, somewhat of a misnomer, is the contents of the license to
|
||||
# install on the image. Due to the size of the license contents, it is usually
|
||||
# better to use a shell variable to hold the contents and then use the variable
|
||||
|
@ -121,7 +126,7 @@ build {
|
|||
}
|
||||
|
||||
provisioner "shell" {
|
||||
environment_vars = ["DOWNLOAD_URL=${var.download_url}"]
|
||||
environment_vars = ["DOWNLOAD_URL=${var.download_url}", "CI_JOB_TOKEN=${var.ci_job_token}"]
|
||||
script = "update-script-ce.sh"
|
||||
}
|
||||
|
||||
|
|
|
@ -14,6 +14,11 @@ variable "download_url" {
|
|||
type = string
|
||||
}
|
||||
|
||||
# ci_job_token is the token used to download the package from CI artifacts
|
||||
variable "ci_job_token" {
|
||||
type = string
|
||||
}
|
||||
|
||||
# license_file, somewhat of a misnomer, is the contents of the license to
|
||||
# install on the image. Due to the size of the license contents, it is usually
|
||||
# better to use a shell variable to hold the contents and then use the variable
|
||||
|
@ -118,7 +123,7 @@ build {
|
|||
}
|
||||
|
||||
provisioner "shell" {
|
||||
environment_vars = ["DOWNLOAD_URL=${var.download_url}"]
|
||||
environment_vars = ["DOWNLOAD_URL=${var.download_url}", "CI_JOB_TOKEN=${var.ci_job_token}"]
|
||||
script = "update-script-ee.sh"
|
||||
}
|
||||
|
||||
|
|
|
@ -14,6 +14,11 @@ variable "download_url" {
|
|||
type = string
|
||||
}
|
||||
|
||||
# ci_job_token is the token used to download the package from CI artifacts
|
||||
variable "ci_job_token" {
|
||||
type = string
|
||||
}
|
||||
|
||||
# license_file, somewhat of a misnomer, is the contents of the license to
|
||||
# install on the image. Due to the size of the license contents, it is usually
|
||||
# better to use a shell variable to hold the contents and then use the variable
|
||||
|
@ -117,7 +122,7 @@ build {
|
|||
}
|
||||
|
||||
provisioner "shell" {
|
||||
environment_vars = ["DOWNLOAD_URL=${var.download_url}", "GITLAB_LICENSE_FILE=${var.license_file}"]
|
||||
environment_vars = ["DOWNLOAD_URL=${var.download_url}", "GITLAB_LICENSE_FILE=${var.license_file}", "CI_JOB_TOKEN=${var.ci_job_token}"]
|
||||
script = "update-script-ee-premium.sh"
|
||||
}
|
||||
|
||||
|
|
|
@ -14,6 +14,11 @@ variable "download_url" {
|
|||
type = string
|
||||
}
|
||||
|
||||
# ci_job_token is the token used to download the package from CI artifacts
|
||||
variable "ci_job_token" {
|
||||
type = string
|
||||
}
|
||||
|
||||
# license_file, somewhat of a misnomer, is the contents of the license to
|
||||
# install on the image. Due to the size of the license contents, it is usually
|
||||
# better to use a shell variable to hold the contents and then use the variable
|
||||
|
@ -117,7 +122,7 @@ build {
|
|||
}
|
||||
|
||||
provisioner "shell" {
|
||||
environment_vars = ["DOWNLOAD_URL=${var.download_url}", "GITLAB_LICENSE_FILE=${var.license_file}"]
|
||||
environment_vars = ["DOWNLOAD_URL=${var.download_url}", "GITLAB_LICENSE_FILE=${var.license_file}", "CI_JOB_TOKEN=${var.ci_job_token}"]
|
||||
script = "update-script-ee-ultimate.sh"
|
||||
}
|
||||
|
||||
|
|
|
@ -14,6 +14,11 @@ variable "download_url" {
|
|||
type = string
|
||||
}
|
||||
|
||||
# ci_job_token is the token used to download the package from CI artifacts
|
||||
variable "ci_job_token" {
|
||||
type = string
|
||||
}
|
||||
|
||||
# license_file, somewhat of a misnomer, is the contents of the license to
|
||||
# install on the image. Due to the size of the license contents, it is usually
|
||||
# better to use a shell variable to hold the contents and then use the variable
|
||||
|
@ -118,7 +123,7 @@ build {
|
|||
}
|
||||
|
||||
provisioner "shell" {
|
||||
environment_vars = ["DOWNLOAD_URL=${var.download_url}"]
|
||||
environment_vars = ["DOWNLOAD_URL=${var.download_url}", "CI_JOB_TOKEN=${var.ci_job_token}"]
|
||||
script = "update-script-ee.sh"
|
||||
}
|
||||
|
||||
|
|
|
@ -3,10 +3,11 @@
|
|||
VERSION=$1
|
||||
TYPE=$2
|
||||
DOWNLOAD_URL=$3
|
||||
CI_JOB_TOKEN=$4
|
||||
|
||||
# Expanding the variable to get actual license file contents
|
||||
if [ -n "$4" ]; then
|
||||
EE_LICENSE_FILE=${!4}
|
||||
if [ -n "$5" ]; then
|
||||
EE_LICENSE_FILE=${!5}
|
||||
fi
|
||||
|
||||
PACKER_PATH=$(pwd)/support/packer
|
||||
|
@ -16,4 +17,4 @@ cd $PACKER_PATH
|
|||
# To store the post processor manifest file
|
||||
mkdir -p manifests
|
||||
|
||||
packer build -var "aws_access_key=$AWS_AMI_ACCESS_KEY_ID" -var "aws_secret_key=$AWS_AMI_SECRET_ACCESS_KEY" -var "version=$VERSION" -var "download_url=$DOWNLOAD_URL" -var "license_file=$EE_LICENSE_FILE" $PACKER_PATH/$TYPE.pkr.hcl
|
||||
packer build -var "ci_job_token=$CI_JOB_TOKEN" -var "aws_access_key=$AWS_AMI_ACCESS_KEY_ID" -var "aws_secret_key=$AWS_AMI_SECRET_ACCESS_KEY" -var "version=$VERSION" -var "download_url=$DOWNLOAD_URL" -var "license_file=$EE_LICENSE_FILE" $PACKER_PATH/$TYPE.pkr.hcl
|
||||
|
|
|
@ -8,11 +8,11 @@ sudo debconf-set-selections <<< 'postfix postfix/main_mailer_type string "Intern
|
|||
sudo apt-get install -y curl openssh-server ca-certificates postfix libatomic1
|
||||
curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh | sudo bash
|
||||
|
||||
# Downloading package from S3 bucket
|
||||
curl -o gitlab.deb "$DOWNLOAD_URL"
|
||||
# Downloading package from CI artifact
|
||||
wget --quiet --header "JOB-TOKEN: ${CI_JOB_TOKEN}" ${DOWNLOAD_URL} -O /tmp/gitlab.deb
|
||||
# Explicitly passing EXTERNAL_URL to prevent automatic EC2 IP detection.
|
||||
sudo EXTERNAL_URL="http://gitlab.example.com" dpkg -i gitlab.deb
|
||||
sudo rm gitlab.deb
|
||||
sudo EXTERNAL_URL="http://gitlab.example.com" dpkg -i /tmp/gitlab.deb
|
||||
sudo rm /tmp/gitlab.deb
|
||||
|
||||
# Set install type to aws
|
||||
echo "gitlab-aws-ami" | sudo tee /opt/gitlab/embedded/service/gitlab-rails/INSTALLATION_TYPE > /dev/null
|
||||
|
|
|
@ -12,11 +12,11 @@ curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/scrip
|
|||
sudo mkdir -p /etc/gitlab
|
||||
echo "$GITLAB_LICENSE_FILE" | sudo tee /etc/gitlab/predefined.gitlab-license > /dev/null
|
||||
|
||||
# Downloading package from S3 bucket
|
||||
curl -o gitlab.deb "$DOWNLOAD_URL"
|
||||
# Downloading package from CI artifact
|
||||
wget --quiet --header "JOB-TOKEN: ${CI_JOB_TOKEN}" ${DOWNLOAD_URL} -O /tmp/gitlab.deb
|
||||
# Explicitly passing EXTERNAL_URL to prevent automatic EC2 IP detection.
|
||||
sudo EXTERNAL_URL="http://gitlab.example.com" dpkg -i gitlab.deb
|
||||
sudo rm gitlab.deb
|
||||
sudo EXTERNAL_URL="http://gitlab.example.com" dpkg -i /tmp/gitlab.deb
|
||||
sudo rm /tmp/gitlab.deb
|
||||
|
||||
# Set install type to aws
|
||||
echo "gitlab-aws-marketplace-ami" | sudo tee /opt/gitlab/embedded/service/gitlab-rails/INSTALLATION_TYPE > /dev/null
|
||||
|
|
|
@ -12,11 +12,11 @@ curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/scrip
|
|||
sudo mkdir -p /etc/gitlab
|
||||
echo "$GITLAB_LICENSE_FILE" | sudo tee /etc/gitlab/predefined.gitlab-license > /dev/null
|
||||
|
||||
# Downloading package from S3 bucket
|
||||
curl -o gitlab.deb "$DOWNLOAD_URL"
|
||||
# Downloading package from CI artifact
|
||||
wget --quiet --header "JOB-TOKEN: ${CI_JOB_TOKEN}" ${DOWNLOAD_URL} -O /tmp/gitlab.deb
|
||||
# Explicitly passing EXTERNAL_URL to prevent automatic EC2 IP detection.
|
||||
sudo EXTERNAL_URL="http://gitlab.example.com" dpkg -i gitlab.deb
|
||||
sudo rm gitlab.deb
|
||||
sudo EXTERNAL_URL="http://gitlab.example.com" dpkg -i /tmp/gitlab.deb
|
||||
sudo rm /tmp/gitlab.deb
|
||||
|
||||
# Set install type to aws
|
||||
echo "gitlab-aws-marketplace-ami" | sudo tee /opt/gitlab/embedded/service/gitlab-rails/INSTALLATION_TYPE > /dev/null
|
||||
|
|
|
@ -8,11 +8,11 @@ sudo debconf-set-selections <<< 'postfix postfix/main_mailer_type string "Intern
|
|||
sudo apt-get install -y curl openssh-server ca-certificates postfix libatomic1
|
||||
curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/script.deb.sh | sudo bash
|
||||
|
||||
# Downloading package from S3 bucket
|
||||
curl -o gitlab.deb "$DOWNLOAD_URL"
|
||||
# Downloading package from CI artifact
|
||||
wget --quiet --header "JOB-TOKEN: ${CI_JOB_TOKEN}" ${DOWNLOAD_URL} -O /tmp/gitlab.deb
|
||||
# Explicitly passing EXTERNAL_URL to prevent automatic EC2 IP detection.
|
||||
sudo EXTERNAL_URL="http://gitlab.example.com" dpkg -i gitlab.deb
|
||||
sudo rm gitlab.deb
|
||||
sudo EXTERNAL_URL="http://gitlab.example.com" dpkg -i /tmp/gitlab.deb
|
||||
sudo rm /tmp/gitlab.deb
|
||||
|
||||
# Set install type to aws
|
||||
echo "gitlab-aws-ami" | sudo tee /opt/gitlab/embedded/service/gitlab-rails/INSTALLATION_TYPE > /dev/null
|
||||
|
|
|
@ -0,0 +1,38 @@
|
|||
#!/bin/bash
|
||||
|
||||
get_ec2_address()
|
||||
{
|
||||
url=$1
|
||||
# Try collecting fqdn if it is set correctly
|
||||
fqdn=$(/opt/gitlab/embedded/bin/curl -s ${url})
|
||||
if [ -n "${fqdn}" ]; then
|
||||
# Checking if curl returned an XML message
|
||||
word="<?xml"
|
||||
if ! $(test "${fqdn#*$word}" != "$fqdn"); then
|
||||
EXTERNAL_URL="http://${fqdn}"
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
# Attempting to get public hostname. If that is not available, we get public
|
||||
# IPv4
|
||||
get_ec2_address "http://169.254.169.254/latest/meta-data/public-hostname"
|
||||
if [ -z "${EXTERNAL_URL}" ]; then
|
||||
get_ec2_address "http://169.254.169.254/latest/meta-data/public-ipv4"
|
||||
fi
|
||||
|
||||
# Replace external URL in gitlab.rb if user hasn't changed it by some other
|
||||
# means.
|
||||
EXISTING_EXTERNAL_URL=$(sudo awk '/^external_url/ { print $2 }' /etc/gitlab/gitlab.rb | xargs)
|
||||
if [ "$EXISTING_EXTERNAL_URL" = "http://gitlab.example.com" ]; then
|
||||
sudo sed -i 's!^external_url .*!external_url "'$EXTERNAL_URL'"!g' /etc/gitlab/gitlab.rb
|
||||
fi
|
||||
|
||||
# Setting initial root password to instance ID if user hasn't changed it by
|
||||
# some other means.
|
||||
EXISTING_ROOT_PASSWORD=$(sudo grep "^gitlab_rails.*initial_root_password.*" /etc/gitlab/gitlab.rb | cut -d '=' -f2- | xargs)
|
||||
if [ -z "${EXISTING_ROOT_PASSWORD}" ] && [ -z "${GITLAB_ROOT_PASSWORD}" ]; then
|
||||
GITLAB_ROOT_PASSWORD=$(curl http://169.254.169.254/latest/meta-data/instance-id)
|
||||
fi
|
||||
|
||||
sudo GITLAB_ROOT_PASSWORD=${GITLAB_ROOT_PASSWORD} gitlab-ctl reconfigure
|
|
@ -0,0 +1,134 @@
|
|||
# aws_access_key is the AWS PAT public key.
|
||||
variable "aws_access_key" {
|
||||
type = string
|
||||
}
|
||||
|
||||
# aws_access_key is the AWS PAT private key.
|
||||
variable "aws_secret_key" {
|
||||
type = string
|
||||
}
|
||||
|
||||
# download_url is the URL used to download the Ubuntu Focal GitLab Omnibus
|
||||
# debian package.
|
||||
variable "download_url" {
|
||||
type = string
|
||||
}
|
||||
|
||||
# license_file, somewhat of a misnomer, is the contents of the license to
|
||||
# install on the image. Due to the size of the license contents, it is usually
|
||||
# better to use a shell variable to hold the contents and then use the variable
|
||||
# reference on the command line, e.g.,
|
||||
#
|
||||
# GITLAB_LICENSE="eyJkYXRhIjoicEoy..."
|
||||
# packer build ... -var "license_file=$GITLAB_LICENSE" ...
|
||||
#
|
||||
# Note: Licenses are not needed for the Community Edition. Leave this variable
|
||||
# set to the default.
|
||||
variable "license_file" {
|
||||
type = string
|
||||
default = ""
|
||||
}
|
||||
|
||||
# version is the version to use in the image name, description, and tag. It does
|
||||
# not affect the installed version which is determined by the downloaded GitLab
|
||||
# Omnibus deb).
|
||||
variable "version" {
|
||||
type = string
|
||||
default = "99.99.99"
|
||||
}
|
||||
|
||||
# ami_regions are a list of regions to copy the resulting AMI to (copied from
|
||||
# the 'us-east-1' region). For local develoment builds use -var "ami_regions=[]"
|
||||
# so no copying is done.
|
||||
variable "ami_regions" {
|
||||
type = list(string)
|
||||
default = [
|
||||
"af-south-1",
|
||||
"ap-northeast-1",
|
||||
"ap-northeast-2",
|
||||
"ap-northeast-3",
|
||||
"ap-south-1",
|
||||
"ap-southeast-1",
|
||||
"ap-southeast-2",
|
||||
"ca-central-1",
|
||||
"eu-central-1",
|
||||
"eu-north-1",
|
||||
"eu-south-1",
|
||||
"eu-west-1",
|
||||
"eu-west-2",
|
||||
"eu-west-3",
|
||||
"me-south-1",
|
||||
"sa-east-1",
|
||||
"us-east-2",
|
||||
"us-west-1",
|
||||
"us-west-2",
|
||||
]
|
||||
}
|
||||
|
||||
# ami_prefix is used to preface the the AMI description and name with something
|
||||
# useful to differentiate a local development build image from a production
|
||||
# build. Set it to something useful when doing local build testing. Example:
|
||||
#
|
||||
# -var "ami_prefix=Sally G Test".
|
||||
#
|
||||
# would create an image with the AMI name and description of "Sally G Test
|
||||
# <version> ...".
|
||||
variable "ami_prefix" {
|
||||
type = string
|
||||
default = ""
|
||||
}
|
||||
|
||||
data "amazon-ami" "base_ami" {
|
||||
access_key = "${var.aws_access_key}"
|
||||
filters = {
|
||||
name = "ubuntu/images/*ubuntu-focal-20.04-arm64-server-*"
|
||||
root-device-type = "ebs"
|
||||
virtualization-type = "hvm"
|
||||
}
|
||||
most_recent = true
|
||||
owners = ["099720109477"]
|
||||
region = "us-east-1"
|
||||
secret_key = "${var.aws_secret_key}"
|
||||
}
|
||||
|
||||
source "amazon-ebs" "base_ami" {
|
||||
access_key = "${var.aws_access_key}"
|
||||
ami_description = "${var.ami_prefix}GitLab CE ${var.version} (ARM64) AMI. https://about.gitlab.com/"
|
||||
ami_name = "${var.ami_prefix}GitLab CE ${var.version} (ARM64)"
|
||||
ami_groups = ["all"]
|
||||
ami_users = ["684062674729", "679593333241"]
|
||||
ena_support = true
|
||||
instance_type = "m6g.medium"
|
||||
region = "us-east-1"
|
||||
secret_key = "${var.aws_secret_key}"
|
||||
snapshot_users = ["684062674729", "679593333241"]
|
||||
source_ami = "${data.amazon-ami.base_ami.id}"
|
||||
sriov_support = true
|
||||
ssh_username = "ubuntu"
|
||||
tags = {
|
||||
Type = "GitLab Community Edition (ARM64)"
|
||||
Version = "${var.version}"
|
||||
}
|
||||
ami_regions = "${var.ami_regions}"
|
||||
}
|
||||
|
||||
build {
|
||||
sources = ["source.amazon-ebs.base_ami"]
|
||||
|
||||
provisioner "file" {
|
||||
destination = "/home/ubuntu/ami-startup-script.sh"
|
||||
source = "./ami-startup-script.sh"
|
||||
}
|
||||
|
||||
provisioner "shell" {
|
||||
environment_vars = ["DOWNLOAD_URL=${var.download_url}"]
|
||||
script = "update-script-ce.sh"
|
||||
}
|
||||
|
||||
post-processor "manifest" {
|
||||
output = "manifests/ce-arm64-manifest.json"
|
||||
custom_data = {
|
||||
name: "${var.ami_prefix}GitLab CE ${var.version} (ARM64)"
|
||||
}
|
||||
}
|
||||
}
|
|
@ -0,0 +1,134 @@
|
|||
# aws_access_key is the AWS PAT public key.
|
||||
variable "aws_access_key" {
|
||||
type = string
|
||||
}
|
||||
|
||||
# aws_access_key is the AWS PAT private key.
|
||||
variable "aws_secret_key" {
|
||||
type = string
|
||||
}
|
||||
|
||||
# download_url is the URL used to download the Ubuntu Focal GitLab Omnibus
|
||||
# debian package.
|
||||
variable "download_url" {
|
||||
type = string
|
||||
}
|
||||
|
||||
# license_file, somewhat of a misnomer, is the contents of the license to
|
||||
# install on the image. Due to the size of the license contents, it is usually
|
||||
# better to use a shell variable to hold the contents and then use the variable
|
||||
# reference on the command line, e.g.,
|
||||
#
|
||||
# GITLAB_LICENSE="eyJkYXRhIjoicEoy..." packer build ... -var
|
||||
# "license_file=$GITLAB_LICENSE" ...
|
||||
#
|
||||
# Note: Licenses are not needed for the Community Edition. Leave this variable
|
||||
# set to the default.
|
||||
variable "license_file" {
|
||||
type = string
|
||||
default = ""
|
||||
}
|
||||
|
||||
# version is the version to use in the image name, description, and tag. It does
|
||||
# not affect the installed version which is determined by the downloaded GitLab
|
||||
# Omnibus deb).
|
||||
variable "version" {
|
||||
type = string
|
||||
default = "99.99.99"
|
||||
}
|
||||
|
||||
# ami_regions are a list of regions to copy the resulting AMI to (copied from
|
||||
# the 'us-east-1' region). For local develoment builds use -var "ami_regions=[]"
|
||||
# so no copying is done.
|
||||
variable "ami_regions" {
|
||||
type = list(string)
|
||||
default = [
|
||||
"af-south-1",
|
||||
"ap-northeast-1",
|
||||
"ap-northeast-2",
|
||||
"ap-northeast-3",
|
||||
"ap-south-1",
|
||||
"ap-southeast-1",
|
||||
"ap-southeast-2",
|
||||
"ca-central-1",
|
||||
"eu-central-1",
|
||||
"eu-north-1",
|
||||
"eu-south-1",
|
||||
"eu-west-1",
|
||||
"eu-west-2",
|
||||
"eu-west-3",
|
||||
"me-south-1",
|
||||
"sa-east-1",
|
||||
"us-east-2",
|
||||
"us-west-1",
|
||||
"us-west-2",
|
||||
]
|
||||
}
|
||||
|
||||
# ami_prefix is used to preface the the AMI description and name with something
|
||||
# useful to differentiate a local development build image from a production
|
||||
# build. Set it to something useful when doing local build testing. Example:
|
||||
#
|
||||
# -var "ami_prefix=Sally G Test".
|
||||
#
|
||||
# would create an image with the AMI name and description of "Sally G Test
|
||||
# <version> ...".
|
||||
variable "ami_prefix" {
|
||||
type = string
|
||||
default = ""
|
||||
}
|
||||
|
||||
data "amazon-ami" "base_ami" {
|
||||
access_key = "${var.aws_access_key}"
|
||||
filters = {
|
||||
name = "ubuntu/images/*ubuntu-focal-20.04-amd64-server-*"
|
||||
root-device-type = "ebs"
|
||||
virtualization-type = "hvm"
|
||||
}
|
||||
most_recent = true
|
||||
owners = ["099720109477"]
|
||||
region = "us-east-1"
|
||||
secret_key = "${var.aws_secret_key}"
|
||||
}
|
||||
|
||||
source "amazon-ebs" "base_ami" {
|
||||
access_key = "${var.aws_access_key}"
|
||||
ami_description = "${var.ami_prefix}GitLab CE ${var.version} AMI. https://about.gitlab.com/"
|
||||
ami_name = "${var.ami_prefix}GitLab CE ${var.version}"
|
||||
ami_groups = ["all"]
|
||||
ami_users = ["684062674729", "679593333241"]
|
||||
ena_support = true
|
||||
instance_type = "m3.medium"
|
||||
region = "us-east-1"
|
||||
secret_key = "${var.aws_secret_key}"
|
||||
snapshot_users = ["684062674729", "679593333241"]
|
||||
source_ami = "${data.amazon-ami.base_ami.id}"
|
||||
sriov_support = true
|
||||
ssh_username = "ubuntu"
|
||||
tags = {
|
||||
Type = "GitLab Community Edition"
|
||||
Version = "${var.version}"
|
||||
}
|
||||
ami_regions = "${var.ami_regions}"
|
||||
}
|
||||
|
||||
build {
|
||||
sources = ["source.amazon-ebs.base_ami"]
|
||||
|
||||
provisioner "file" {
|
||||
destination = "/home/ubuntu/ami-startup-script.sh"
|
||||
source = "./ami-startup-script.sh"
|
||||
}
|
||||
|
||||
provisioner "shell" {
|
||||
environment_vars = ["DOWNLOAD_URL=${var.download_url}"]
|
||||
script = "update-script-ce.sh"
|
||||
}
|
||||
|
||||
post-processor "manifest" {
|
||||
output = "manifests/ce-manifest.json"
|
||||
custom_data = {
|
||||
name: "${var.ami_prefix}GitLab CE ${var.version}"
|
||||
}
|
||||
}
|
||||
}
|
|
@ -0,0 +1,131 @@
|
|||
# aws_access_key is the AWS PAT public key.
|
||||
variable "aws_access_key" {
|
||||
type = string
|
||||
}
|
||||
|
||||
# aws_access_key is the AWS PAT private key.
|
||||
variable "aws_secret_key" {
|
||||
type = string
|
||||
}
|
||||
|
||||
# download_url is the URL used to download the Ubuntu Focal GitLab Omnibus
|
||||
# debian package.
|
||||
variable "download_url" {
|
||||
type = string
|
||||
}
|
||||
|
||||
# license_file, somewhat of a misnomer, is the contents of the license to
|
||||
# install on the image. Due to the size of the license contents, it is usually
|
||||
# better to use a shell variable to hold the contents and then use the variable
|
||||
# reference on the command line, e.g.,
|
||||
#
|
||||
# GITLAB_LICENSE="eyJkYXRhIjoicEoy..."
|
||||
# packer build ... -var "license_file=$GITLAB_LICENSE" ...
|
||||
variable "license_file" {
|
||||
type = string
|
||||
default = ""
|
||||
}
|
||||
|
||||
# version is the version to use in the image name, description, and tag. It does
|
||||
# not affect the installed version which is determined by the downloaded GitLab
|
||||
# Omnibus deb).
|
||||
variable "version" {
|
||||
type = string
|
||||
default = "99.99.99"
|
||||
}
|
||||
|
||||
# ami_regions are a list of regions to copy the resulting AMI to (copied from
|
||||
# the 'us-east-1' region). For local develoment builds use -var "ami_regions=[]"
|
||||
# so no copying is done.
|
||||
variable "ami_regions" {
|
||||
type = list(string)
|
||||
default = [
|
||||
"af-south-1",
|
||||
"ap-northeast-1",
|
||||
"ap-northeast-2",
|
||||
"ap-northeast-3",
|
||||
"ap-south-1",
|
||||
"ap-southeast-1",
|
||||
"ap-southeast-2",
|
||||
"ca-central-1",
|
||||
"eu-central-1",
|
||||
"eu-north-1",
|
||||
"eu-south-1",
|
||||
"eu-west-1",
|
||||
"eu-west-2",
|
||||
"eu-west-3",
|
||||
"me-south-1",
|
||||
"sa-east-1",
|
||||
"us-east-2",
|
||||
"us-west-1",
|
||||
"us-west-2",
|
||||
]
|
||||
}
|
||||
|
||||
# ami_prefix is used to preface the the AMI description and name with something
|
||||
# useful to differentiate a local development build image from a production
|
||||
# build. Set it to something useful when doing local build testing. Example:
|
||||
#
|
||||
# -var "ami_prefix=Sally G Test".
|
||||
#
|
||||
# would create an image with the AMI name and description of "Sally G Test
|
||||
# <version> ...".
|
||||
variable "ami_prefix" {
|
||||
type = string
|
||||
default = ""
|
||||
}
|
||||
|
||||
data "amazon-ami" "base_ami" {
|
||||
access_key = "${var.aws_access_key}"
|
||||
filters = {
|
||||
name = "ubuntu/images/*ubuntu-focal-20.04-arm64-server-*"
|
||||
root-device-type = "ebs"
|
||||
virtualization-type = "hvm"
|
||||
}
|
||||
most_recent = true
|
||||
owners = ["099720109477"]
|
||||
region = "us-east-1"
|
||||
secret_key = "${var.aws_secret_key}"
|
||||
}
|
||||
|
||||
source "amazon-ebs" "base_ami" {
|
||||
access_key = "${var.aws_access_key}"
|
||||
ami_description = "${var.ami_prefix}GitLab EE ${var.version} (ARM64) AMI. https://about.gitlab.com/"
|
||||
ami_name = "${var.ami_prefix}GitLab EE ${var.version} (ARM64)"
|
||||
ami_groups = ["all"]
|
||||
ami_users = ["684062674729", "679593333241"]
|
||||
ena_support = true
|
||||
instance_type = "m6g.medium"
|
||||
region = "us-east-1"
|
||||
secret_key = "${var.aws_secret_key}"
|
||||
snapshot_users = ["684062674729", "679593333241"]
|
||||
source_ami = "${data.amazon-ami.base_ami.id}"
|
||||
sriov_support = true
|
||||
ssh_username = "ubuntu"
|
||||
tags = {
|
||||
Type = "GitLab Enterprise Edition (ARM64)"
|
||||
Version = "${var.version}"
|
||||
}
|
||||
ami_regions = "${var.ami_regions}"
|
||||
}
|
||||
|
||||
build {
|
||||
sources = ["source.amazon-ebs.base_ami"]
|
||||
|
||||
provisioner "file" {
|
||||
destination = "/home/ubuntu/ami-startup-script.sh"
|
||||
source = "./ami-startup-script.sh"
|
||||
}
|
||||
|
||||
provisioner "shell" {
|
||||
environment_vars = ["DOWNLOAD_URL=${var.download_url}"]
|
||||
script = "update-script-ee.sh"
|
||||
}
|
||||
|
||||
post-processor "manifest" {
|
||||
output = "manifests/ee-arm64-manifest.json"
|
||||
custom_data = {
|
||||
name: "${var.ami_prefix}GitLab EE ${var.version} (ARM64)"
|
||||
}
|
||||
}
|
||||
}
|
|
@ -0,0 +1,130 @@
|
|||
# aws_access_key is the AWS PAT public key.
|
||||
variable "aws_access_key" {
|
||||
type = string
|
||||
}
|
||||
|
||||
# aws_access_key is the AWS PAT private key.
|
||||
variable "aws_secret_key" {
|
||||
type = string
|
||||
}
|
||||
|
||||
# download_url is the URL used to download the Ubuntu Focal GitLab Omnibus
|
||||
# debian package.
|
||||
variable "download_url" {
|
||||
type = string
|
||||
}
|
||||
|
||||
# license_file, somewhat of a misnomer, is the contents of the license to
|
||||
# install on the image. Due to the size of the license contents, it is usually
|
||||
# better to use a shell variable to hold the contents and then use the variable
|
||||
# reference on the command line, e.g.,
|
||||
#
|
||||
# GITLAB_LICENSE="eyJkYXRhIjoicEoy..."
|
||||
# packer build ... -var "license_file=$GITLAB_LICENSE" ...
|
||||
variable "license_file" {
|
||||
type = string
|
||||
default = ""
|
||||
}
|
||||
|
||||
# version is the version to use in the image name, description, and tag. It does
|
||||
# not affect the installed version which is determined by the downloaded GitLab
|
||||
# Omnibus deb).
|
||||
variable "version" {
|
||||
type = string
|
||||
default = "99.99.99"
|
||||
}
|
||||
|
||||
# ami_regions are a list of regions to copy the resulting AMI to (copied from
|
||||
# the 'us-east-1' region). For local develoment builds use -var "ami_regions=[]"
|
||||
# so no copying is done.
|
||||
variable "ami_regions" {
|
||||
type = list(string)
|
||||
default = [
|
||||
"af-south-1",
|
||||
"ap-northeast-1",
|
||||
"ap-northeast-2",
|
||||
"ap-northeast-3",
|
||||
"ap-south-1",
|
||||
"ap-southeast-1",
|
||||
"ap-southeast-2",
|
||||
"ca-central-1",
|
||||
"eu-central-1",
|
||||
"eu-north-1",
|
||||
"eu-south-1",
|
||||
"eu-west-1",
|
||||
"eu-west-2",
|
||||
"eu-west-3",
|
||||
"me-south-1",
|
||||
"sa-east-1",
|
||||
"us-east-2",
|
||||
"us-west-1",
|
||||
"us-west-2",
|
||||
]
|
||||
}
|
||||
|
||||
# ami_prefix is used to preface the the AMI description and name with something
|
||||
# useful to differentiate a local development build image from a production
|
||||
# build. Set it to something useful when doing local build testing. Example:
|
||||
#
|
||||
# -var "ami_prefix=Sally G Test".
|
||||
#
|
||||
# would create an image with the AMI name and description of "Sally G Test
|
||||
# <version> ...".
|
||||
variable "ami_prefix" {
|
||||
type = string
|
||||
default = ""
|
||||
}
|
||||
|
||||
data "amazon-ami" "base_ami" {
|
||||
access_key = "${var.aws_access_key}"
|
||||
filters = {
|
||||
name = "ubuntu/images/*ubuntu-focal-20.04-amd64-server-*"
|
||||
root-device-type = "ebs"
|
||||
virtualization-type = "hvm"
|
||||
}
|
||||
most_recent = true
|
||||
owners = ["099720109477"]
|
||||
region = "us-east-1"
|
||||
secret_key = "${var.aws_secret_key}"
|
||||
}
|
||||
|
||||
source "amazon-ebs" "base_ami" {
|
||||
access_key = "${var.aws_access_key}"
|
||||
ami_description = "${var.ami_prefix}GitLab EE ${var.version} AMI with Premium license. https://about.gitlab.com/"
|
||||
ami_name = "${var.ami_prefix}GitLab EE ${var.version} Premium"
|
||||
ami_users = ["684062674729", "679593333241"]
|
||||
ena_support = true
|
||||
instance_type = "m3.medium"
|
||||
region = "us-east-1"
|
||||
secret_key = "${var.aws_secret_key}"
|
||||
snapshot_users = ["684062674729", "679593333241"]
|
||||
source_ami = "${data.amazon-ami.base_ami.id}"
|
||||
sriov_support = true
|
||||
ssh_username = "ubuntu"
|
||||
tags = {
|
||||
Type = "GitLab Enterprise Edition Premium"
|
||||
Version = "${var.version}"
|
||||
}
|
||||
ami_regions = "${var.ami_regions}"
|
||||
}
|
||||
|
||||
build {
|
||||
sources = ["source.amazon-ebs.base_ami"]
|
||||
|
||||
provisioner "file" {
|
||||
destination = "/home/ubuntu/ami-startup-script.sh"
|
||||
source = "./ami-startup-script.sh"
|
||||
}
|
||||
|
||||
provisioner "shell" {
|
||||
environment_vars = ["DOWNLOAD_URL=${var.download_url}", "GITLAB_LICENSE_FILE=${var.license_file}"]
|
||||
script = "update-script-ee-premium.sh"
|
||||
}
|
||||
|
||||
post-processor "manifest" {
|
||||
output = "manifests/ee-premium-manifest.json"
|
||||
custom_data = {
|
||||
name: "${var.ami_prefix}GitLab EE ${var.version} Premium"
|
||||
}
|
||||
}
|
||||
}
|
|
@ -0,0 +1,130 @@
|
|||
# aws_access_key is the AWS PAT public key.
|
||||
variable "aws_access_key" {
|
||||
type = string
|
||||
}
|
||||
|
||||
# aws_access_key is the AWS PAT private key.
|
||||
variable "aws_secret_key" {
|
||||
type = string
|
||||
}
|
||||
|
||||
# download_url is the URL used to download the Ubuntu Focal GitLab Omnibus
|
||||
# debian package.
|
||||
variable "download_url" {
|
||||
type = string
|
||||
}
|
||||
|
||||
# license_file, somewhat of a misnomer, is the contents of the license to
|
||||
# install on the image. Due to the size of the license contents, it is usually
|
||||
# better to use a shell variable to hold the contents and then use the variable
|
||||
# reference on the command line, e.g.,
|
||||
#
|
||||
# GITLAB_LICENSE="eyJkYXRhIjoicEoy..."
|
||||
# packer build ... -var "license_file=$GITLAB_LICENSE" ...
|
||||
variable "license_file" {
|
||||
type = string
|
||||
default = ""
|
||||
}
|
||||
|
||||
# version is the version to use in the image name, description, and tag. It does
|
||||
# not affect the installed version which is determined by the downloaded GitLab
|
||||
# Omnibus deb).
|
||||
variable "version" {
|
||||
type = string
|
||||
default = "99.99.99"
|
||||
}
|
||||
|
||||
# ami_regions are a list of regions to copy the resulting AMI to (copied from
|
||||
# the 'us-east-1' region). For local develoment builds use -var "ami_regions=[]"
|
||||
# so no copying is done.
|
||||
variable "ami_regions" {
|
||||
type = list(string)
|
||||
default = [
|
||||
"af-south-1",
|
||||
"ap-northeast-1",
|
||||
"ap-northeast-2",
|
||||
"ap-northeast-3",
|
||||
"ap-south-1",
|
||||
"ap-southeast-1",
|
||||
"ap-southeast-2",
|
||||
"ca-central-1",
|
||||
"eu-central-1",
|
||||
"eu-north-1",
|
||||
"eu-south-1",
|
||||
"eu-west-1",
|
||||
"eu-west-2",
|
||||
"eu-west-3",
|
||||
"me-south-1",
|
||||
"sa-east-1",
|
||||
"us-east-2",
|
||||
"us-west-1",
|
||||
"us-west-2",
|
||||
]
|
||||
}
|
||||
|
||||
# ami_prefix is used to preface the the AMI description and name with something
|
||||
# useful to differentiate a local development build image from a production
|
||||
# build. Set it to something useful when doing local build testing. Example:
|
||||
#
|
||||
# -var "ami_prefix=Sally G Test".
|
||||
#
|
||||
# would create an image with the AMI name and description of "Sally G Test
|
||||
# <version> ...".
|
||||
variable "ami_prefix" {
|
||||
type = string
|
||||
default = ""
|
||||
}
|
||||
|
||||
data "amazon-ami" "base_ami" {
|
||||
access_key = "${var.aws_access_key}"
|
||||
filters = {
|
||||
name = "ubuntu/images/*ubuntu-focal-20.04-amd64-server-*"
|
||||
root-device-type = "ebs"
|
||||
virtualization-type = "hvm"
|
||||
}
|
||||
most_recent = true
|
||||
owners = ["099720109477"]
|
||||
region = "us-east-1"
|
||||
secret_key = "${var.aws_secret_key}"
|
||||
}
|
||||
|
||||
source "amazon-ebs" "base_ami" {
|
||||
access_key = "${var.aws_access_key}"
|
||||
ami_description = "${var.ami_prefix}GitLab EE ${var.version} AMI with Ultimate license. https://about.gitlab.com/"
|
||||
ami_name = "${var.ami_prefix}GitLab EE ${var.version} Ultimate"
|
||||
ami_users = ["684062674729", "679593333241"]
|
||||
ena_support = true
|
||||
instance_type = "m3.medium"
|
||||
region = "us-east-1"
|
||||
secret_key = "${var.aws_secret_key}"
|
||||
snapshot_users = ["684062674729", "679593333241"]
|
||||
source_ami = "${data.amazon-ami.base_ami.id}"
|
||||
sriov_support = true
|
||||
ssh_username = "ubuntu"
|
||||
tags = {
|
||||
Type = "GitLab Enterprise Edition Ultimate"
|
||||
Version = "${var.version}"
|
||||
}
|
||||
ami_regions = "${var.ami_regions}"
|
||||
}
|
||||
|
||||
build {
|
||||
sources = ["source.amazon-ebs.base_ami"]
|
||||
|
||||
provisioner "file" {
|
||||
destination = "/home/ubuntu/ami-startup-script.sh"
|
||||
source = "./ami-startup-script.sh"
|
||||
}
|
||||
|
||||
provisioner "shell" {
|
||||
environment_vars = ["DOWNLOAD_URL=${var.download_url}", "GITLAB_LICENSE_FILE=${var.license_file}"]
|
||||
script = "update-script-ee-ultimate.sh"
|
||||
}
|
||||
|
||||
post-processor "manifest" {
|
||||
output = "manifests/ee-ultimate-manifest.json"
|
||||
custom_data = {
|
||||
name: "${var.ami_prefix}GitLab EE ${var.version} Ultimate"
|
||||
}
|
||||
}
|
||||
}
|
|
@ -0,0 +1,131 @@
|
|||
# aws_access_key is the AWS PAT public key.
|
||||
variable "aws_access_key" {
|
||||
type = string
|
||||
}
|
||||
|
||||
# aws_access_key is the AWS PAT private key.
|
||||
variable "aws_secret_key" {
|
||||
type = string
|
||||
}
|
||||
|
||||
# download_url is the URL used to download the Ubuntu Focal GitLab Omnibus
|
||||
# debian package.
|
||||
variable "download_url" {
|
||||
type = string
|
||||
}
|
||||
|
||||
# license_file, somewhat of a misnomer, is the contents of the license to
|
||||
# install on the image. Due to the size of the license contents, it is usually
|
||||
# better to use a shell variable to hold the contents and then use the variable
|
||||
# reference on the command line, e.g.,
|
||||
#
|
||||
# GITLAB_LICENSE="eyJkYXRhIjoicEoy..."
|
||||
# packer build ... -var "license_file=$GITLAB_LICENSE" ...
|
||||
variable "license_file" {
|
||||
type = string
|
||||
default = ""
|
||||
}
|
||||
|
||||
# version is the version to use in the image name, description, and tag. It does
|
||||
# not affect the installed version which is determined by the downloaded GitLab
|
||||
# Omnibus deb).
|
||||
variable "version" {
|
||||
type = string
|
||||
default = "99.99.99"
|
||||
}
|
||||
|
||||
# ami_regions are a list of regions to copy the resulting AMI to (copied from
|
||||
# the 'us-east-1' region). For local develoment builds use -var "ami_regions=[]"
|
||||
# so no copying is done.
|
||||
variable "ami_regions" {
|
||||
type = list(string)
|
||||
default = [
|
||||
"af-south-1",
|
||||
"ap-northeast-1",
|
||||
"ap-northeast-2",
|
||||
"ap-northeast-3",
|
||||
"ap-south-1",
|
||||
"ap-southeast-1",
|
||||
"ap-southeast-2",
|
||||
"ca-central-1",
|
||||
"eu-central-1",
|
||||
"eu-north-1",
|
||||
"eu-south-1",
|
||||
"eu-west-1",
|
||||
"eu-west-2",
|
||||
"eu-west-3",
|
||||
"me-south-1",
|
||||
"sa-east-1",
|
||||
"us-east-2",
|
||||
"us-west-1",
|
||||
"us-west-2",
|
||||
]
|
||||
}
|
||||
|
||||
# ami_prefix is used to preface the the AMI description and name with something
|
||||
# useful to differentiate a local development build image from a production
|
||||
# build. Set it to something useful when doing local build testing. Example:
|
||||
#
|
||||
# -var "ami_prefix=Sally G Test".
|
||||
#
|
||||
# would create an image with the AMI name and description of "Sally G Test
|
||||
# <version> ...".
|
||||
variable "ami_prefix" {
|
||||
type = string
|
||||
default = ""
|
||||
}
|
||||
|
||||
data "amazon-ami" "base_ami" {
|
||||
access_key = "${var.aws_access_key}"
|
||||
filters = {
|
||||
name = "ubuntu/images/*ubuntu-focal-20.04-amd64-server-*"
|
||||
root-device-type = "ebs"
|
||||
virtualization-type = "hvm"
|
||||
}
|
||||
most_recent = true
|
||||
owners = ["099720109477"]
|
||||
region = "us-east-1"
|
||||
secret_key = "${var.aws_secret_key}"
|
||||
}
|
||||
|
||||
source "amazon-ebs" "base_ami" {
|
||||
access_key = "${var.aws_access_key}"
|
||||
ami_description = "${var.ami_prefix}GitLab EE ${var.version} AMI. https://about.gitlab.com/"
|
||||
ami_name = "${var.ami_prefix}GitLab EE ${var.version}"
|
||||
ami_groups = ["all"]
|
||||
ami_users = ["684062674729", "679593333241"]
|
||||
ena_support = true
|
||||
instance_type = "m3.medium"
|
||||
region = "us-east-1"
|
||||
secret_key = "${var.aws_secret_key}"
|
||||
snapshot_users = ["684062674729", "679593333241"]
|
||||
source_ami = "${data.amazon-ami.base_ami.id}"
|
||||
sriov_support = true
|
||||
ssh_username = "ubuntu"
|
||||
tags = {
|
||||
Type = "GitLab Enterprise Edition"
|
||||
Version = "${var.version}"
|
||||
}
|
||||
ami_regions = "${var.ami_regions}"
|
||||
}
|
||||
|
||||
build {
|
||||
sources = ["source.amazon-ebs.base_ami"]
|
||||
|
||||
provisioner "file" {
|
||||
destination = "/home/ubuntu/ami-startup-script.sh"
|
||||
source = "./ami-startup-script.sh"
|
||||
}
|
||||
|
||||
provisioner "shell" {
|
||||
environment_vars = ["DOWNLOAD_URL=${var.download_url}"]
|
||||
script = "update-script-ee.sh"
|
||||
}
|
||||
|
||||
post-processor "manifest" {
|
||||
output = "manifests/ee-manifest.json"
|
||||
custom_data = {
|
||||
name: "${var.ami_prefix}GitLab EE ${var.version}"
|
||||
}
|
||||
}
|
||||
}
|
|
@ -0,0 +1,19 @@
|
|||
#!/bin/bash
|
||||
|
||||
VERSION=$1
|
||||
TYPE=$2
|
||||
DOWNLOAD_URL=$3
|
||||
|
||||
# Expanding the variable to get actual license file contents
|
||||
if [ -n "$4" ]; then
|
||||
EE_LICENSE_FILE=${!4}
|
||||
fi
|
||||
|
||||
PACKER_PATH=$(pwd)/support/packer
|
||||
|
||||
cd $PACKER_PATH
|
||||
|
||||
# To store the post processor manifest file
|
||||
mkdir -p manifests
|
||||
|
||||
packer build -var "aws_access_key=$AWS_AMI_ACCESS_KEY_ID" -var "aws_secret_key=$AWS_AMI_SECRET_ACCESS_KEY" -var "version=$VERSION" -var "download_url=$DOWNLOAD_URL" -var "license_file=$EE_LICENSE_FILE" $PACKER_PATH/$TYPE.pkr.hcl
|
|
@ -0,0 +1,26 @@
|
|||
#!/bin/bash -x
|
||||
sleep 30
|
||||
|
||||
# Configuring repo for future updates
|
||||
sudo apt-get update
|
||||
sudo debconf-set-selections <<< 'postfix postfix/mailname string your.hostname.com'
|
||||
sudo debconf-set-selections <<< 'postfix postfix/main_mailer_type string "Internet Site"'
|
||||
sudo apt-get install -y curl openssh-server ca-certificates postfix libatomic1
|
||||
curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh | sudo bash
|
||||
|
||||
# Downloading package from S3 bucket
|
||||
curl -o gitlab.deb "$DOWNLOAD_URL"
|
||||
# Explicitly passing EXTERNAL_URL to prevent automatic EC2 IP detection.
|
||||
sudo EXTERNAL_URL="http://gitlab.example.com" dpkg -i gitlab.deb
|
||||
sudo rm gitlab.deb
|
||||
|
||||
# Set install type to aws
|
||||
echo "gitlab-aws-ami" | sudo tee /opt/gitlab/embedded/service/gitlab-rails/INSTALLATION_TYPE > /dev/null
|
||||
|
||||
# Cleanup
|
||||
sudo rm -rf /var/lib/apt/lists/*
|
||||
sudo find /root/.*history /home/*/.*history -exec rm -f {} \;
|
||||
sudo rm -f /home/ubuntu/.ssh/authorized_keys /root/.ssh/authorized_keys
|
||||
|
||||
sudo mv ~/ami-startup-script.sh /var/lib/cloud/scripts/per-instance/gitlab
|
||||
sudo chmod +x /var/lib/cloud/scripts/per-instance/gitlab
|
|
@ -0,0 +1,30 @@
|
|||
#!/bin/bash -x
|
||||
sleep 30
|
||||
|
||||
# Configuring repo for future updates
|
||||
sudo apt-get update
|
||||
sudo debconf-set-selections <<< 'postfix postfix/mailname string your.hostname.com'
|
||||
sudo debconf-set-selections <<< 'postfix postfix/main_mailer_type string "Internet Site"'
|
||||
sudo apt-get install -y curl openssh-server ca-certificates postfix
|
||||
curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/script.deb.sh | sudo bash
|
||||
|
||||
# Placing license file to be used during installation
|
||||
sudo mkdir -p /etc/gitlab
|
||||
echo "$GITLAB_LICENSE_FILE" | sudo tee /etc/gitlab/predefined.gitlab-license > /dev/null
|
||||
|
||||
# Downloading package from S3 bucket
|
||||
curl -o gitlab.deb "$DOWNLOAD_URL"
|
||||
# Explicitly passing EXTERNAL_URL to prevent automatic EC2 IP detection.
|
||||
sudo EXTERNAL_URL="http://gitlab.example.com" dpkg -i gitlab.deb
|
||||
sudo rm gitlab.deb
|
||||
|
||||
# Set install type to aws
|
||||
echo "gitlab-aws-marketplace-ami" | sudo tee /opt/gitlab/embedded/service/gitlab-rails/INSTALLATION_TYPE > /dev/null
|
||||
|
||||
# Cleanup
|
||||
sudo rm -rf /var/lib/apt/lists/*
|
||||
sudo find /root/.*history /home/*/.*history -exec rm -f {} \;
|
||||
sudo rm -f /home/ubuntu/.ssh/authorized_keys /root/.ssh/authorized_keys
|
||||
|
||||
sudo mv ~/ami-startup-script.sh /var/lib/cloud/scripts/per-instance/gitlab
|
||||
sudo chmod +x /var/lib/cloud/scripts/per-instance/gitlab
|
|
@ -0,0 +1,30 @@
|
|||
#!/bin/bash -x
|
||||
sleep 30
|
||||
|
||||
# Configuring repo for future updates
|
||||
sudo apt-get update
|
||||
sudo debconf-set-selections <<< 'postfix postfix/mailname string your.hostname.com'
|
||||
sudo debconf-set-selections <<< 'postfix postfix/main_mailer_type string "Internet Site"'
|
||||
sudo apt-get install -y curl openssh-server ca-certificates postfix
|
||||
curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/script.deb.sh | sudo bash
|
||||
|
||||
# Placing license file to be used during installation
|
||||
sudo mkdir -p /etc/gitlab
|
||||
echo "$GITLAB_LICENSE_FILE" | sudo tee /etc/gitlab/predefined.gitlab-license > /dev/null
|
||||
|
||||
# Downloading package from S3 bucket
|
||||
curl -o gitlab.deb "$DOWNLOAD_URL"
|
||||
# Explicitly passing EXTERNAL_URL to prevent automatic EC2 IP detection.
|
||||
sudo EXTERNAL_URL="http://gitlab.example.com" dpkg -i gitlab.deb
|
||||
sudo rm gitlab.deb
|
||||
|
||||
# Set install type to aws
|
||||
echo "gitlab-aws-marketplace-ami" | sudo tee /opt/gitlab/embedded/service/gitlab-rails/INSTALLATION_TYPE > /dev/null
|
||||
|
||||
# Cleanup
|
||||
sudo rm -rf /var/lib/apt/lists/*
|
||||
sudo find /root/.*history /home/*/.*history -exec rm -f {} \;
|
||||
sudo rm -f /home/ubuntu/.ssh/authorized_keys /root/.ssh/authorized_keys
|
||||
|
||||
sudo mv ~/ami-startup-script.sh /var/lib/cloud/scripts/per-instance/gitlab
|
||||
sudo chmod +x /var/lib/cloud/scripts/per-instance/gitlab
|
|
@ -0,0 +1,26 @@
|
|||
#!/bin/bash -x
|
||||
sleep 30
|
||||
|
||||
# Configuring repo for future updates
|
||||
sudo apt-get update
|
||||
sudo debconf-set-selections <<< 'postfix postfix/mailname string your.hostname.com'
|
||||
sudo debconf-set-selections <<< 'postfix postfix/main_mailer_type string "Internet Site"'
|
||||
sudo apt-get install -y curl openssh-server ca-certificates postfix libatomic1
|
||||
curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/script.deb.sh | sudo bash
|
||||
|
||||
# Downloading package from S3 bucket
|
||||
curl -o gitlab.deb "$DOWNLOAD_URL"
|
||||
# Explicitly passing EXTERNAL_URL to prevent automatic EC2 IP detection.
|
||||
sudo EXTERNAL_URL="http://gitlab.example.com" dpkg -i gitlab.deb
|
||||
sudo rm gitlab.deb
|
||||
|
||||
# Set install type to aws
|
||||
echo "gitlab-aws-ami" | sudo tee /opt/gitlab/embedded/service/gitlab-rails/INSTALLATION_TYPE > /dev/null
|
||||
|
||||
# Cleanup
|
||||
sudo rm -rf /var/lib/apt/lists/*
|
||||
sudo find /root/.*history /home/*/.*history -exec rm -f {} \;
|
||||
sudo rm -f /home/ubuntu/.ssh/authorized_keys /root/.ssh/authorized_keys
|
||||
|
||||
sudo mv ~/ami-startup-script.sh /var/lib/cloud/scripts/per-instance/gitlab
|
||||
sudo chmod +x /var/lib/cloud/scripts/per-instance/gitlab
|
Loading…
Reference in New Issue