dontlaugh · March 23, 2024 23:47
diff --git a/raku-doc-ci.pkr.hcl b/raku-doc-ci.pkr.hcl
 packer {
  required_plugins {
    lxd = {
      version = ">=1.0.0"
      source  = "github.com/hashicorp/lxd"
    }
  }
 }

 variable "buildkite_token" {}
 variable "quay_username" {
  default = "colemanx+colemanx_raku_robot"
 }
 variable "quay_password" {}
 variable "ssh_key_path" {
  default = ".secrets/raku-doc-website-ssh-deploy-private-key.txt"
 }


 locals {
  buildkite_url = "https://github.com/buildkite/agent/releases/download/v3.43.1/buildkite-agent-linux-amd64-3.43.1.tar.gz"
  buildkite_tkn = var.buildkite_token
  quay_username = var.quay_username
  quay_password = var.quay_password

  doc_ssh_key = file("${var.ssh_key_path}")
  ci_email    = "[email protected]"
  ci_user     = "ci"
  git_script  = "/tmp/git-script.sh"
  ts          = formatdate("YYYYMMDDhhmmss", timestamp())
 }

 source "lxd" "ubuntu_2204" {
  image = "images:ubuntu/22.04/cloud"
 }

 build {

  source "lxd.ubuntu_2204" {
    name           = "raku-doc-ci"
    output_image   = "raku-doc-ci"
    container_name = "raku-doc-ci-${local.ts}"
  }

  # Install common packages
  provisioner "shell" {
    inline = [
      "sleep 5",
      "apt-get update -y",
      "apt-get install -y kitty-terminfo git curl wget graphviz make build-essential libssl-dev libarchive-dev htop kakoune buildah podman skopeo",
    ]
  }


  # install node
  provisioner "shell" {
    environment_vars = ["VERSION=v16.15.0", "DISTRO=linux-x64"]
    script           = "scripts/install_nodejs.sh"
  }


  provisioner "file" {
    source      = "scripts/git-script.sh"
    destination = "${local.git_script}"
  }

  provisioner "file" {
    source      = "scripts/install_moarvm.sh"
    destination = "/tmp/install_moarvm.sh"
  }

  provisioner "file" {
    source      = "scripts/install_nqp.sh"
    destination = "/tmp/install_nqp.sh"
  }

  provisioner "file" {
    source      = "scripts/install_rakudo.sh"
    destination = "/tmp/install_rakudo.sh"
  }

  provisioner "file" {
    source      = "scripts/install_zef.sh"
    destination = "/tmp/install_zef.sh"
  }

  provisioner "file" {
    source      = "scripts/install_raku-pod-render.sh"
    destination = "/tmp/install_raku-pod-render.sh"
  }

  # Create builder user, chown/chmod the uploaded scripts
  provisioner "shell" {
    inline = [
      "groupadd -g 2000 builder",
      "useradd -s /bin/bash --uid 2000 --gid 2000 -m builder",
      "chmod +x /tmp/install_moarvm.sh",
      "chmod +x /tmp/install_nqp.sh",
      "chmod +x /tmp/install_rakudo.sh",
      "chmod +x /tmp/install_zef.sh",
      "chmod +x /tmp/install_raku-pod-render.sh",
      "chmod +x ${local.git_script}",
      "chown builder:builder ${local.git_script}",
      "chown builder:builder /tmp/install_moarvm.sh",
      "chown builder:builder /tmp/install_nqp.sh",
      "chown builder:builder /tmp/install_rakudo.sh",
      "chown builder:builder /tmp/install_zef.sh",
      "chown builder:builder /tmp/install_raku-pod-render.sh",
    ]
  }

  # Install buildkite-agent
  provisioner "shell" {
    environment_vars = [
      "BUILDKITE_DOWNLOAD_URL=${local.buildkite_url}",
      "BUILDKITE_TOKEN=${local.buildkite_tkn}",
      "BUILDKITE_AGENT_TAGS=queue=raku-doc,container_image=${source.name}",
      "QUAY_USERNAME=${local.quay_username}",
      "QUAY_PASSWORD=${local.quay_password}",
    ]
    script = "scripts/install_buildkite.sh"
  }


  # Ensure builder owns the buildkite config
  provisioner "shell" {
    inline = [
      "chown builder:builder -R /home/builder/.buildkite-agent",
    ]
  }

  provisioner "shell-local" {
    # The target of exec must be constructed like the source's "container_name"
    inline = [
      "lxc exec ${source.name}-${local.ts} --env HOME=/home/builder --cwd /home/builder --user 2000 --group 2000 -- mkdir /home/builder/.ssh",
      "lxc exec ${source.name}-${local.ts} --env HOME=/home/builder --env GIT_EMAIL=${local.ci_email} --env GIT_USER=${local.ci_user} --cwd /home/builder --user 2000 --group 2000 -- ${local.git_script}",
    ]
  }

  provisioner "file" {
    content     = "${local.doc_ssh_key}\n"
    destination = "/home/builder/.ssh/id_ed25519"
  }

  provisioner "shell" {
    inline = [
      "chown builder:builder /home/builder/.ssh/id_ed25519",
      "chmod 0600 /home/builder/.ssh/id_ed25519",
    ]
  }

  provisioner "shell-local" {
    inline = [
      # install moarvm to $HOME/MoarVM/install
      "lxc exec ${source.name}-${local.ts} --env HOME=/home/builder --cwd /home/builder --user 2000 --group 2000 -- bash /tmp/install_moarvm.sh",
      # install nqp, pointing it at MoarVM's install dir
      "lxc exec ${source.name}-${local.ts} --env HOME=/home/builder --cwd /home/builder --user 2000 --group 2000 -- bash /tmp/install_nqp.sh",
      # install rakudo, pointing it at MoarVM's install dir
      "lxc exec ${source.name}-${local.ts} --env HOME=/home/builder --cwd /home/builder --user 2000 --group 2000 -- bash /tmp/install_rakudo.sh",
      # install zef, PATH is manipulated within this script
      "lxc exec ${source.name}-${local.ts} --env HOME=/home/builder --cwd /home/builder --user 2000 --group 2000 -- bash /tmp/install_zef.sh",
      # install raku-pod-render and highlighting tools, PATH is manipulated within this script
      "lxc exec ${source.name}-${local.ts} --env HOME=/home/builder --cwd /home/builder --user 2000 --group 2000 -- bash /tmp/install_raku-pod-render.sh",
    ]
  }

 }
	packer {
	required_plugins {
	lxd = {
	version = ">=1.0.0"
	source = "github.com/hashicorp/lxd"
	}
	}
	}

	variable "buildkite_token" {}
	variable "quay_username" {
	default = "colemanx+colemanx_raku_robot"
	}
	variable "quay_password" {}
	variable "ssh_key_path" {
	default = ".secrets/raku-doc-website-ssh-deploy-private-key.txt"
	}


	locals {
	buildkite_url = "https://github.com/buildkite/agent/releases/download/v3.43.1/buildkite-agent-linux-amd64-3.43.1.tar.gz"
	buildkite_tkn = var.buildkite_token
	quay_username = var.quay_username
	quay_password = var.quay_password

	doc_ssh_key = file("${var.ssh_key_path}")
	ci_email = "[email protected]"
	ci_user = "ci"
	git_script = "/tmp/git-script.sh"
	ts = formatdate("YYYYMMDDhhmmss", timestamp())
	}

	source "lxd" "ubuntu_2204" {
	image = "images:ubuntu/22.04/cloud"
	}

	build {

	source "lxd.ubuntu_2204" {
	name = "raku-doc-ci"
	output_image = "raku-doc-ci"
	container_name = "raku-doc-ci-${local.ts}"
	}

	# Install common packages
	provisioner "shell" {
	inline = [
	"sleep 5",
	"apt-get update -y",
	"apt-get install -y kitty-terminfo git curl wget graphviz make build-essential libssl-dev libarchive-dev htop kakoune buildah podman skopeo",
	]
	}


	# install node
	provisioner "shell" {
	environment_vars = ["VERSION=v16.15.0", "DISTRO=linux-x64"]
	script = "scripts/install_nodejs.sh"
	}


	provisioner "file" {
	source = "scripts/git-script.sh"
	destination = "${local.git_script}"
	}

	provisioner "file" {
	source = "scripts/install_moarvm.sh"
	destination = "/tmp/install_moarvm.sh"
	}

	provisioner "file" {
	source = "scripts/install_nqp.sh"
	destination = "/tmp/install_nqp.sh"
	}

	provisioner "file" {
	source = "scripts/install_rakudo.sh"
	destination = "/tmp/install_rakudo.sh"
	}

	provisioner "file" {
	source = "scripts/install_zef.sh"
	destination = "/tmp/install_zef.sh"
	}

	provisioner "file" {
	source = "scripts/install_raku-pod-render.sh"
	destination = "/tmp/install_raku-pod-render.sh"
	}

	# Create builder user, chown/chmod the uploaded scripts
	provisioner "shell" {
	inline = [
	"groupadd -g 2000 builder",
	"useradd -s /bin/bash --uid 2000 --gid 2000 -m builder",
	"chmod +x /tmp/install_moarvm.sh",
	"chmod +x /tmp/install_nqp.sh",
	"chmod +x /tmp/install_rakudo.sh",
	"chmod +x /tmp/install_zef.sh",
	"chmod +x /tmp/install_raku-pod-render.sh",
	"chmod +x ${local.git_script}",
	"chown builder:builder ${local.git_script}",
	"chown builder:builder /tmp/install_moarvm.sh",
	"chown builder:builder /tmp/install_nqp.sh",
	"chown builder:builder /tmp/install_rakudo.sh",
	"chown builder:builder /tmp/install_zef.sh",
	"chown builder:builder /tmp/install_raku-pod-render.sh",
	]
	}

	# Install buildkite-agent
	provisioner "shell" {
	environment_vars = [
	"BUILDKITE_DOWNLOAD_URL=${local.buildkite_url}",
	"BUILDKITE_TOKEN=${local.buildkite_tkn}",
	"BUILDKITE_AGENT_TAGS=queue=raku-doc,container_image=${source.name}",
	"QUAY_USERNAME=${local.quay_username}",
	"QUAY_PASSWORD=${local.quay_password}",
	]
	script = "scripts/install_buildkite.sh"
	}


	# Ensure builder owns the buildkite config
	provisioner "shell" {
	inline = [
	"chown builder:builder -R /home/builder/.buildkite-agent",
	]
	}

	provisioner "shell-local" {
	# The target of exec must be constructed like the source's "container_name"
	inline = [
	"lxc exec ${source.name}-${local.ts} --env HOME=/home/builder --cwd /home/builder --user 2000 --group 2000 -- mkdir /home/builder/.ssh",
	"lxc exec ${source.name}-${local.ts} --env HOME=/home/builder --env GIT_EMAIL=${local.ci_email} --env GIT_USER=${local.ci_user} --cwd /home/builder --user 2000 --group 2000 -- ${local.git_script}",
	]
	}

	provisioner "file" {
	content = "${local.doc_ssh_key}\n"
	destination = "/home/builder/.ssh/id_ed25519"
	}

	provisioner "shell" {
	inline = [
	"chown builder:builder /home/builder/.ssh/id_ed25519",
	"chmod 0600 /home/builder/.ssh/id_ed25519",
	]
	}

	provisioner "shell-local" {
	inline = [
	# install moarvm to $HOME/MoarVM/install
	"lxc exec ${source.name}-${local.ts} --env HOME=/home/builder --cwd /home/builder --user 2000 --group 2000 -- bash /tmp/install_moarvm.sh",
	# install nqp, pointing it at MoarVM's install dir
	"lxc exec ${source.name}-${local.ts} --env HOME=/home/builder --cwd /home/builder --user 2000 --group 2000 -- bash /tmp/install_nqp.sh",
	# install rakudo, pointing it at MoarVM's install dir
	"lxc exec ${source.name}-${local.ts} --env HOME=/home/builder --cwd /home/builder --user 2000 --group 2000 -- bash /tmp/install_rakudo.sh",
	# install zef, PATH is manipulated within this script
	"lxc exec ${source.name}-${local.ts} --env HOME=/home/builder --cwd /home/builder --user 2000 --group 2000 -- bash /tmp/install_zef.sh",
	# install raku-pod-render and highlighting tools, PATH is manipulated within this script
	"lxc exec ${source.name}-${local.ts} --env HOME=/home/builder --cwd /home/builder --user 2000 --group 2000 -- bash /tmp/install_raku-pod-render.sh",
	]
	}

	}