0

Currently we are deploying images with packer (In a build pipeline which is located in Azure DevOps) within our AWS domain with success. Now we want to take this a step further and we're trying to configure a couple of user for future Ansible maintenance. So we're written a script and tried it as an inline Powershell script but both of the options do not seem to pick up the variable which is set in the variable group in Azure DevOps, all the other variables are being used with success. My code is as follows:

{
"variables": {
    "build_version": "{{isotime \"2006.01.02.150405\"}}",
    "aws_access_key": "$(aws_access_key)",
    "aws_secret_key": "$(aws_secret_key)",
    "region": "$(region)",
    "vpc_id": "$(vpc_id)",
    "subnet_id": "$(subnet_id)",
    "security_group_id": "$(security_group_id)",
    "VagrantUserpassword": "$(VagrantUserPassword)"
},
"builders": [
    {
        "type": "amazon-ebs",
        "access_key": "{{user `aws_access_key`}}",
        "secret_key": "{{user `aws_secret_key`}}",
        "region": "{{user `region`}}",
        "vpc_id": "{{user `vpc_id`}}",
        "subnet_id": "{{user `subnet_id`}}",
        "security_group_id": "{{user `security_group_id`}}",
        "source_ami_filter": {
            "filters": {
                "name": "Windows_Server-2016-English-Full-Base-*",
                "root-device-type": "ebs",
                "virtualization-type": "hvm"
            },
            "most_recent": true,
            "owners": [
                "801119661308"
            ]
        },
        "ami_name": "WIN2016-CUSTOM-{{user `build_version`}}",
        "instance_type": "t3.xlarge",
        "user_data_file": "userdata.ps1",
        "associate_public_ip_address": true,
        "communicator": "winrm",
        "winrm_username": "Administrator",
        "winrm_timeout": "15m",
        "winrm_use_ssl": true,
        "winrm_insecure": true,
        "ssh_interface": "private_ip"
    }
], 
"provisioners": [
        {
            "type": "powershell",
            "environment_vars": ["VagrantUserPassword={{user `VagrantUserPassword`}}"],
            "inline": [
                "Install-WindowsFeature web-server,web-webserver,web-http-logging,web-stat-compression,web-dyn-compression,web-asp-net,web-mgmt-console,web-asp-net45",
                "New-LocalUser -UserName 'Vagrant' -Description 'User is responsible for Ansible connection.' -Password '$(VagrantUserPassword)'"
            ]
        },
        {
            "type": "powershell",
            "environment_vars": ["VagrantUserPassword={{user `VagrantUserPassword`}}"],
            "scripts": [
                "scripts/DisableUAC.ps1",
                "scripts/iiscompression.ps1",
                "scripts/ChocoPackages.ps1",
                "scripts/PrepareAnsibleUser.ps1"
            ]
        },
        
        {
            "type": "windows-restart",
            "restart_check_command": "powershell -command \"& {Write-Output 'Machine restarted.'}\""
        },
        {
            "type": "powershell",
            "inline": [
                "C:\\ProgramData\\Amazon\\EC2-Windows\\Launch\\Scripts\\InitializeInstance.ps1 -Schedule",
                "C:\\ProgramData\\Amazon\\EC2-Windows\\Launch\\Scripts\\SysprepInstance.ps1 -NoShutdown"
            ]
        }
    ]

}

The "VagrantUserpassword": "$(VagrantUserPassword)" is what is not working, we've tried multiple options but none of them seem to be working.

Any idea's?

Kind regards,

Rick.

Rick
  • 71
  • 1
  • 2
  • 10
  • Check this ticket:https://stackoverflow.com/questions/44673408/how-to-use-user-variables-with-file-provisioner-in-packer/44678145. It seems that your environment variable format is correct. Could you please share the output of the script and the variable settings in azure devops? – Kevin Lu-MSFT Aug 12 '20 at 07:45
  • Yea exactly, that is what i figured as well. The output is as follows: ==> amazon-ebs: New-LocalUser : Cannot validate argument on parameter 'Password'. The argument is null. Provide a valid value for the ==> amazon-ebs: argument, and then try running the command again. ==> amazon-ebs: At C:\Windows\Temp\script-5f33b8c5-509b-ddd1-2ecb-0338b6eca6b5.ps1:2 char:185 ==> amazon-ebs: + ... ion 'User is responsible for Ansible connection.' -Password $Password With other words, it is not filling the variable for some reason. – Rick Aug 12 '20 at 11:39
  • Hi @Rick. Please refer to my answer. The Pipeline variable couldn't be passed to the powershell env. I have shared the workaround to solve this issue. And it seems that you sample Json file has some issues. You could also check the information in my answer. Thanks. – Kevin Lu-MSFT Aug 14 '20 at 09:25

1 Answers1

0

Based on my test, the pipeline variables indeed couldn't pass to the powershell environment variable.

Workaround:

You could try to use the Replace Token task to pass the pipeline value to Json file.

Here are the steps:

1.Set the value in Json file.

{
  "variables": {
....
  "VagrantUserpassword": "#{VagrantUserPassword}#"
},
  1. Use Replace Token task before the script task.

enter image description here

  1. Set the value in Pipeline variables.

enter image description here

Then the value could be set successfully.

enter image description here

On the other hand, I also find some issues in your sample file.

  1. "environment_vars": ["VagrantUserPassword={{user VagrantUserPassword}}"], The VagrantUserPassword need to be replaced with VagrantUserpassword(["VagrantUserPassword={{user VagrantUserpassword}}"]).

Note: This is case sensitive.

  1. You need to use $Env:VagrantUserPassword to replace the $(VagrantUserPassword)

For example:

  "inline": [
    "Write-Host \"Automatically generated aws password is: $Env:VagrantUserPassword\"",
    "Write-Host \"Automatically generated aws password is: $Env:VAR5\""


  ]
Kevin Lu-MSFT
  • 20,786
  • 3
  • 19
  • 28