我有以下 HCL 模板,用于在 azure 中生成自定义图像
required_plugins {
azure = {
version = ">= 1.0.0"
source = "github.com/hashicorp/azure"
}
}
}
source "azure-arm" "example" {
managed_image_name = "MT-Image"
managed_image_resource_group_name = "cg"
location = "eastus"
# Using Azure CLI for authentication
use_azure_cli_auth = true
image_offer = "visualstudio2022"
image_publisher = "microsoftvisualstudio"
image_sku = "20_04-lts-gen2"
os_type = "Windows"
vm_size = "Standard_E2b_v5"
os_disk_size_gb = 64
shared_image_gallery_destination {
resource_group = "cg"
gallery_name = "gallery1"
image_name = "newimage"
image_version = "1.0.1"
replication_regions = ["eastus"]
storage_account_type = "Standard_LRS"
}
}
build {
sources = [
"source.azure-arm.example"
]
provisioner "powershell" {
inline = [
"Remove-WindowsFeature Web-Server",
"while ((Get-Service RdAgent).Status -ne 'Running') { Start-Sleep -s 5 }",
"while ((Get-Service WindowsAzureGuestAgent).Status -ne 'Running') { Start-Sleep -s 5 }",
"& $env:SystemRoot\\System32\\Sysprep\\Sysprep.exe /oobe /generalize /quiet /quit",
"while($true) { $imageState = Get-ItemProperty HKLM:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Setup\\State | Select ImageState; if($imageState.ImageState -ne 'IMAGE_STATE_GENERALIZE_RESEAL_TO_OOBE') { Write-Output $imageState.ImageState; Start-Sleep -s 10 } else { break } }"
]
}
}我的要求是使用 OIDC 身份验证,您能否提供我应该修改哪些更改和步骤才能使用 OIDC 身份验证?
我在下面的博客中发现了 https://www.hashicorp.com/blog/version-2-packer-azure-plugin-now-available
我猜您想通过 Packer 和 Github Actions 构建 Azure VM 映像
首先您需要配置OIDC:
在您的 HCL 文件中:
use_azure_cli_auth = truesource "azure-arm" "example" {client_id = "${var.arm_client_id}"
client_jwt = "${var.arm_oidc_token}"
subscription_id = "${var.subscription_id}"
variable "arm_client_id" {
type = string
default = "${env("ARM_CLIENT_ID")}"
}
variable "arm_oidc_token" {
type = string
default = "${env("ARM_OIDC_TOKEN")}"
}
variable "subscription_id" {
type = string
default = "${env("ARM_SUBSCRIPTION_ID")}"
}
请参阅文档中的其他详细信息和示例: