add packer files for building Orka images

ansible/packer/README.md

@@ -0,0 +1,47 @@
+# Packer Configuration for Virtual Machine Images
+
+This repository contains two Packer configuration files used for building virtual machine images for MacStadium Orka environments. These configurations are specifically tailored to set up environments with necessary tools like Homebrew, Ansible, and Xcode.
+
+## Configuration Files
+
+1. Base Image Creation (`orka-base.pkr.hcl`): This file is used to create a base image for sonoma-arm64 VMs. It installs Homebrew, Ansible, and specific versions of Xcode.
+
+1. Adoptium Image Creation (`orka.pkr.hcl`): This configuration builds upon the base image to create an Adoptium Sonoma ARM64 and Intel image, with a full Ansible playbook run excluding certain tags.
+
+## Prerequisites
+
+- [Packer](https://www.packer.io/downloads) installed on your system.
+- Access to a MacStadium Orka environment (via VPN).
+- Required environment variables set (`ORKA_TOKEN`, `XCode11_7_SAS_TOKEN`, `XCode15_0_1_SAS_TOKEN`).
+
+## Setup and Usage
+
+### Setting Environment Variables
+
+Set the necessary environment variables:
+
+```bash
+export ORKA_TOKEN="your-orka-token"
+export XCode11_7_SAS_TOKEN="your-xcode11.7-token"
+export XCode15_0_1_SAS_TOKEN="your-xcode15.0.1-token"
+```
+
+### Running the Packer Builds
+
+1. Building the Base image
+
+```bash
+packer init .
+packer build orka-base.pkr.hcl
+```
+
+This will create the base image for sonoma-arm64 and somoma-intel VMs. The base step has a pause which allows users to manually make any required changes and then resume the build.
+
+1. Building the Adoptium image
+
+The Adoptium image depends on the base image. This generates the images that we use in Jenkins and contains the full set of dependencies.
+
+```bash
+packer init .
+packer build orka.pkr.hcl
+```

ansible/packer/orka-base.pkr.hcl

@@ -0,0 +1,98 @@
+packer {
+  required_plugins {
+    macstadium-orka = {
+      source  = "github.com/macstadium/macstadium-orka"
+      version = "~>3"
+    }
+    ansible = {
+      source  = "github.com/hashicorp/ansible"
+      version = "~> 1"
+    }
+  }
+}
+
+variable "ORKA_TOKEN" {
+  default = env("ORKA_TOKEN")
+}
+
+variable "ORKA_ENDPOINT" {
+  default = "http://10.221.188.20"
+}
+
+variable "XCode11_7_SAS_TOKEN" {
+  default = env("XCode11_7_SAS_TOKEN")
+}
+
+variable "XCode15_0_1_SAS_TOKEN" {
+  default = env("XCode15_0_1_SAS_TOKEN")
+}
+
+source "macstadium-orka" "sonoma-arm64" {
+  source_image = "sonoma-90gb-orka3-arm"
+  image_name = "sonoma-arm64-base"
+  image_description = "Base image with sudoers setup and xcode/brew/ansible installed"
+  image_force_overwrite = true
+  orka_endpoint = var.ORKA_ENDPOINT
+  orka_auth_token = var.ORKA_TOKEN
+  orka_vm_builder_name = "sonoma-arm64-builder"
+}
+
+source "macstadium-orka" "sonoma-intel" {
+  source_image = "90gbsonomassh.img"
+  image_name = "sonoma-intel-base"
+  image_description = "Base image with sudoers setup and brew/ansible installed"
+  image_force_overwrite = true
+  orka_endpoint = var.ORKA_ENDPOINT
+  orka_auth_token = var.ORKA_TOKEN
+  orka_vm_builder_name = "sonoma-intel-builder"
+}
+
+# Generate the base image for the sonoma-arm64 VMs which we will use to run the ansible playbook
+build {
+  sources = [
+    "macstadium-orka.sonoma-arm64",
+    "macstadium-orka.sonoma-intel"
+  ]
+
+  # set sudoers to allow passwordless sudo
+  provisioner "shell" {
+    inline = [
+      "echo admin | sudo -S sh -c 'echo \"%admin ALL=(ALL) NOPASSWD:ALL\" >> /etc/sudoers'",
+    ]
+  }
+
+  # Pause the provisioner until user interacts (for install Xcode etc)
+  provisioner "breakpoint" {}
+
+  # Install homebrew and ansible
+  provisioner "shell" {
+    inline = [<<EOF
+      /bin/bash -c '\
+        curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install.sh | bash; \
+        ARCH=$(uname -m); \
+        if [ "$ARCH" = "x86_64" ]; then \
+          BREW_PATH=/usr/local/bin; \
+        else \
+          BREW_PATH=/opt/homebrew/bin; \
+        fi; \
+        echo eval "$($BREW_PATH/brew shellenv)" >> /Users/admin/.zprofile; \
+        eval "$($BREW_PATH/brew shellenv)"; \
+        echo export PATH="$BREW_PATH:$PATH" >> /Users/admin/.zprofile; \
+        brew install ansible;'
+EOF
+    ]
+  }
+
+  # Install Xcode
+  provisioner "ansible-local" {
+    playbook_file = "../playbooks/AdoptOpenJDK_Unix_Playbook/main.yml"
+    playbook_dir = "../playbooks/AdoptOpenJDK_Unix_Playbook"
+    extra_arguments = [
+      "--extra-vars", "ansible_user=admin",
+      "--extra-vars", "XCode11_7_SAS_TOKEN=\"${var.XCode11_7_SAS_TOKEN}\"",
+      "--extra-vars", "XCode15_0_1_SAS_TOKEN=\"${var.XCode15_0_1_SAS_TOKEN}\"",
+      "--tags", "xcode11,xcode15"
+    ]
+    command = "source /Users/admin/.zprofile; ansible-playbook"
+  }
+}

ansible/packer/orka.pkr.hcl

@@ -0,0 +1,71 @@
+packer {
+  required_plugins {
+    macstadium-orka = {
+      source  = "github.com/macstadium/macstadium-orka"
+      version = "~>3"
+    }
+    ansible = {
+      source  = "github.com/hashicorp/ansible"
+      version = "~> 1"
+    }
+  }
+}
+
+variable "ORKA_TOKEN" {
+  default = env("ORKA_TOKEN")
+}
+
+variable "ORKA_ENDPOINT" {
+  default = "http://10.221.188.20"
+}
+
+source "macstadium-orka" "sonoma-arm64" {
+  source_image = "sonoma-arm64-base"
+  image_name = "adoptium-sonoma-arm64"
+  image_description = "Adoptium Sonoma ARM64 image with full ansible playbook run"
+  image_force_overwrite = true
+  orka_endpoint = var.ORKA_ENDPOINT
+  orka_auth_token = var.ORKA_TOKEN
+  orka_vm_builder_name = "sonoma-arm64-builder"
+}
+
+source "macstadium-orka" "sonoma-intel" {
+  source_image = "sonoma-intel-base"
+  image_name = "adoptium-sonoma-intel"
+  image_description = "Base image with sudoers setup and brew/ansible installed"
+  image_force_overwrite = true
+  orka_endpoint = var.ORKA_ENDPOINT
+  orka_auth_token = var.ORKA_TOKEN
+  orka_vm_builder_name = "sonoma-intel-builder"
+}
+
+build {
+  sources = [
+    "macstadium-orka.sonoma-arm64",
+    "macstadium-orka.sonoma-intel"
+  ]
+
+  # Create /tmp/packer-provisioner-ansible-local
+  provisioner "shell" {
+    inline = [
+      "mkdir -p /tmp/packer-provisioner-ansible-local",
+    ]
+  }
+
+  # Copy playbooks/Supporting_Scripts to /tmp/packer-provisioner-ansible-local
+  provisioner "file" {
+    source = "../playbooks/Supporting_Scripts"
+    destination = "/tmp/packer-provisioner-ansible-local"
+  }
+
+  # Run ansible playbook
+  provisioner "ansible-local" {
+    playbook_file = "../playbooks/AdoptOpenJDK_Unix_Playbook/main.yml"
+    playbook_dir = "../playbooks/AdoptOpenJDK_Unix_Playbook"
+    extra_arguments = [
+      "--extra-vars", "ansible_user=admin",
+      "--skip-tags=hostname,brew_upgrade,brew_cu,core_dumps,crontab,kernel_tuning,adoptopenjdk,jenkins,nagios,superuser,swap_file,jck_tools"
+    ]
+    command = "source /Users/admin/.zprofile; ansible-playbook"
+  }
+}

ansible/playbooks/AdoptOpenJDK_Unix_Playbook/main.yml

@@ -72,11 +72,12 @@
       tags: [build_tools]
     - role: gcc_11                # JDK19+
       tags: [build_tools]
-    - role: Xcode
-      when: ansible_distribution == "MacOSX"
     - role: Xcode11
       when: ansible_distribution == "MacOSX" and ansible_architecture == "arm64"
-      tags: [xcode11]
+      tags: [xcode11] # JDK 8
+    - role: Xcode15
+      when: ansible_distribution == "MacOSX" and ansible_architecture == "arm64"
+      tags: [xcode15] # JDK 17+
     - role: cmake                 # OpenJ9 / OpenJFX
       when: ansible_distribution != "Solaris" # Compile fails on Solaris
       tags: [build_tools, build_tools_openj9, build_tools_openjfx]

ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Ant-Contrib/tasks/main.yml

@@ -88,6 +88,7 @@
   tags: ant-contrib
 
 - name: Move ant-contrib.jar to ant lib folder
+  become: true
   command: mv /tmp/ant-contrib/lib/ant-contrib.jar {{ ant_lib_dir }}
   when: not antcontrib_status.stat.exists
   tags: ant-contrib

ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Common/vars/MacOSX.yml

@@ -10,6 +10,7 @@ Build_Tool_Packages:
   - automake # for compiling freetype on JDK8u
   - cmake # OpenJ9
   - coreutils
+  - git
   - gnupg
   - gnu-sed
   - gnu-tar