Feature/packer jenkins (#31)

* packer jenkins update
2026-06-22 07:01:56 +03:00 · 2020-03-17 21:21:40 +01:00
parent 50df73f39a
commit ef34e41349
10 changed files with 99 additions and 37 deletions
@@ -0,0 +1,7 @@
+terraform {
+  backend "s3" {
+    bucket = "terraform-state-xx70dpnh"
+    key    = "terraform.tfstate"
+    region = "eu-west-1"
+  }
+}
@@ -0,0 +1,44 @@
+resource "aws_iam_role" "jenkins-role" {
+  name               = "jenkins-role"
+  assume_role_policy = <<EOF
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Action": "sts:AssumeRole",
+      "Principal": {
+        "Service": "ec2.amazonaws.com"
+      },
+      "Effect": "Allow",
+      "Sid": ""
+    }
+  ]
+}
+EOF
+
+}
+
+resource "aws_iam_instance_profile" "jenkins-role" {
+  name = "jenkins-role"
+  role = aws_iam_role.jenkins-role.name
+}
+
+resource "aws_iam_role_policy" "admin-policy" {
+  name = "jenkins-admin-role-policy"
+  role = aws_iam_role.jenkins-role.id
+
+  policy = <<-EOF
+  {
+    "Version": "2012-10-17",
+    "Statement": [
+      {
+        "Action": [
+          "*"
+        ],
+        "Effect": "Allow",
+        "Resource": "*"
+      }
+    ]
+  }
+  EOF
+}
@@ -1,5 +1,21 @@
+data "aws_ami" "ubuntu" {
+  most_recent = true
+
+  filter {
+    name   = "name"
+    values = ["ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-*"]
+  }
+
+  filter {
+    name   = "virtualization-type"
+    values = ["hvm"]
+  }
+
+  owners = ["099720109477"] # Canonical
+}
+
 resource "aws_instance" "jenkins-instance" {
-  ami           = var.AMIS[var.AWS_REGION]
+  ami           = data.aws_ami.ubuntu.id
  instance_type = "t2.small"

  # the VPC subnet
@@ -13,6 +29,9 @@ resource "aws_instance" "jenkins-instance" {

  # user data
  user_data = data.template_cloudinit_config.cloudinit-jenkins.rendered
+
+  # iam instance profile
+  iam_instance_profile = aws_iam_instance_profile.jenkins-role.name
 }

 resource "aws_ebs_volume" "jenkins-data" {
@@ -1,6 +1,6 @@
 resource "aws_key_pair" "mykeypair" {
  key_name   = "mykeypair"
-  public_key = file(var.PATH_TO_PUBLIC_KEY)
+  public_key = fileexists(var.PATH_TO_PUBLIC_KEY) ? file(var.PATH_TO_PUBLIC_KEY) : var.DUMMY_SSH_PUB_KEY
  lifecycle {
    ignore_changes = [public_key]
  }
@@ -6,3 +6,6 @@ output "app-ip" {
  value = [aws_instance.app-instance.*.public_ip]
 }

+output "s3-bucket" {
+  value = aws_s3_bucket.terraform-state.bucket
+}
@@ -1,5 +1,5 @@
 resource "aws_s3_bucket" "terraform-state" {
-  bucket = "terraform-state-a2b621f"
+  bucket = "terraform-state-${random_string.random.result}"
  acl    = "private"

  tags = {
@@ -7,3 +7,9 @@ resource "aws_s3_bucket" "terraform-state" {
  }
 }

+resource "random_string" "random" {
+  length  = 8
+  special = false
+  upper   = false
+}
+
@@ -1,14 +0,0 @@
-#!/bin/bash
-
-echo "Newer terraform versions have a new way of defining a backend. Copy paste the following code in a backend.tf file, modify the region/s3 bucket, and execute 'terraform init' to initialize the backend. You'll be asked to copy the data from the local backend to the s3 backend, which you can answer yes.
-"
-echo 'backend.tf
-==========
-terraform {
-  backend "s3" {
-    bucket = "terraform-state-a3c731f"
-    key    = "terraform.tfstate"
-    region = "eu-west-1"
-  }
-}
-'
@@ -30,18 +30,10 @@ echo "deb http://pkg.jenkins.io/debian-stable binary/" >> /etc/apt/sources.list
 apt-get update

 # install dependencies
-apt-get install -y python3 openjdk-8-jre
-update-java-alternatives --set java-1.8.0-openjdk-amd64
+apt-get install -y python3 openjdk-11-jdk awscli
 # install jenkins
 apt-get install -y jenkins=${JENKINS_VERSION} unzip

-# install pip
-wget -q https://bootstrap.pypa.io/get-pip.py
-python3 get-pip.py
-rm -f get-pip.py
-# install awscli
-pip install awscli
-
 # install terraform
 wget -q https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip \
 && unzip -o terraform_${TERRAFORM_VERSION}_linux_amd64.zip -d /usr/local/bin \
@@ -0,0 +1,10 @@
+#!/bin/bash
+set -ex
+AWS_REGION="eu-west-1"
+cd jenkins-packer-demo
+S3_BUCKET=`aws s3 ls --region $AWS_REGION |grep terraform-state |tail -n1 |cut -d ' ' -f3`
+sed -i 's/terraform-state-xx70dpnh/'${S3_BUCKET}'/' backend.tf
+sed -i 's/#//g' backend.tf
+aws s3 cp s3://${S3_BUCKET}/amivar.tf amivar.tf --region $AWS_REGION
+terraform init
+terraform apply -auto-approve -var APP_INSTANCE_COUNT=1 -target aws_instance.app-instance
@@ -10,28 +10,23 @@ variable "PATH_TO_PUBLIC_KEY" {
  default = "mykey.pub"
 }

-variable "AMIS" {
-  type = map(string)
-  default = {
-    us-east-1 = "ami-13be557e"
-    us-west-2 = "ami-06b94666"
-    eu-west-1 = "ami-0f630a3f40b1eb0b8"
-  }
-}
-
 variable "INSTANCE_DEVICE_NAME" {
  default = "/dev/xvdh"
 }

 variable "JENKINS_VERSION" {
-  default = "2.204.1"
+  default = "2.204.5"
 }

 variable "TERRAFORM_VERSION" {
-  default = "0.12.18"
+  default = "0.12.23"
 }

 variable "APP_INSTANCE_COUNT" {
  default = "0"
 }

+variable "DUMMY_SSH_PUB_KEY" {
+  description = "public ssh key to put in place if there's no public key defined - to avoid errors in jenkins if it doesn't have a public key"
+  default     = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCySrVgnlDjgO1O0xNj7KLQ8aFh6y3DMEoqpSgvk8pMaG4hqJmYOGLcYr9SNbRThqnalweFfzDQIbNGK6PQcEWKYfxUwogjsn65OOUHdD91MtqiNg5MW3bFk2wlpXs5T83ASqnafmcSbsU3AWFoTpS+4xFYbRUTQVwos85nkuxpVohIwfkGqyZXyPjVZku1OvXLTxI+AjPqPpFTlzTtGT7swklNTd76QSiQU7o4206/93JZKivedqrZAhgstG5jm8EwDeSbJzkm9W22hKT5Or7viyFasQruqYZ12FlzURVw5IvyqmNxr2ncEgSXFCcIFYOaxuQNbW0SeSg++dn0Cezl root@ubuntu-xenial"
+}