From d893c8ddb245d1bcbaf9459222a2b571db616d6d Mon Sep 17 00:00:00 2001 From: Yasar Hussain Date: Fri, 22 Sep 2023 11:28:36 -0700 Subject: [PATCH 01/12] feat: add windows 10 machines for testing --- test_code/AZURE_MACHINES/variables.tf | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/test_code/AZURE_MACHINES/variables.tf b/test_code/AZURE_MACHINES/variables.tf index c02362e8..c33697da 100644 --- a/test_code/AZURE_MACHINES/variables.tf +++ b/test_code/AZURE_MACHINES/variables.tf @@ -87,6 +87,22 @@ variable "AZURE_MACHINE_CONFIGS" { sleep = 120 } + WIN_10_ENT_21H2 = { + recreate = "changethistorecreate1" + machine_type = "Standard_DS1_v2" + description = "Windows 10 Enterprise 21H2" + default_user = "test-user" + wait = "120" + user_data = "user_data/windows.ps" + source_image_reference = { + publisher = "Microsoft" + offer = "Windows-10" + sku = "win10-21h2-ent-g2" + version = "latest" + } + sleep = 120 + + } } } From 1d430903ab11a9592e096947bae0e50e7847209d Mon Sep 17 00:00:00 2001 From: Yasar Hussain Date: Fri, 22 Sep 2023 11:35:13 -0700 Subject: [PATCH 02/12] fix: update version for W10 test --- test_code/AZURE_MACHINES/variables.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test_code/AZURE_MACHINES/variables.tf b/test_code/AZURE_MACHINES/variables.tf index c33697da..4b322228 100644 --- a/test_code/AZURE_MACHINES/variables.tf +++ b/test_code/AZURE_MACHINES/variables.tf @@ -98,7 +98,7 @@ variable "AZURE_MACHINE_CONFIGS" { publisher = "Microsoft" offer = "Windows-10" sku = "win10-21h2-ent-g2" - version = "latest" + version = "19044.3086.230609" } sleep = 120 From 68b8119c2e0847065166cf26ff5b0fe49c6711b7 Mon Sep 17 00:00:00 2001 From: Yasar Hussain Date: Fri, 22 Sep 2023 11:37:26 -0700 Subject: [PATCH 03/12] fix: update publisher for W10 test --- test_code/AZURE_MACHINES/variables.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test_code/AZURE_MACHINES/variables.tf b/test_code/AZURE_MACHINES/variables.tf index 4b322228..8d4f11b2 100644 --- a/test_code/AZURE_MACHINES/variables.tf +++ b/test_code/AZURE_MACHINES/variables.tf @@ -95,7 +95,7 @@ variable "AZURE_MACHINE_CONFIGS" { wait = "120" user_data = "user_data/windows.ps" source_image_reference = { - publisher = "Microsoft" + publisher = "MicrosoftWindowsDesktop" offer = "Windows-10" sku = "win10-21h2-ent-g2" version = "19044.3086.230609" From 075818c466dafa6a28d3353aa94b5f94e9c9afd1 Mon Sep 17 00:00:00 2001 From: Yasar Hussain Date: Fri, 22 Sep 2023 11:50:08 -0700 Subject: [PATCH 04/12] fix: update terraform to create windows machines --- test_code/AZURE_MACHINES/main.tf | 37 ++++++++++++++++++++-- test_code/AZURE_MACHINES/security_group.tf | 6 ++-- test_code/AZURE_MACHINES/variables.tf | 27 ++++++++++------ 3 files changed, 55 insertions(+), 15 deletions(-) diff --git a/test_code/AZURE_MACHINES/main.tf b/test_code/AZURE_MACHINES/main.tf index f9646009..ea4209e4 100644 --- a/test_code/AZURE_MACHINES/main.tf +++ b/test_code/AZURE_MACHINES/main.tf @@ -5,6 +5,11 @@ locals { compute_instances = { for key, value in var.AZURE_MACHINE_CONFIGS : key => value if contains(var.AZURE_COMPUTE_FILTER, key) || length(var.AZURE_COMPUTE_FILTER) == 0 } + win_instances = { for key, value in var.AZURE_WIN_MACHINE_CONFIGS : + key => value if contains(var.AZURE_COMPUTE_FILTER, key) || length(var.AZURE_COMPUTE_FILTER) == 0 } + + combined_instances = merge(local.compute_instances, local.win_instances) + } resource "azurerm_resource_group" "linux_host_test" { @@ -18,7 +23,8 @@ resource "azurerm_linux_virtual_machine" "linux_host_test" { azurerm_network_interface_security_group_association.linux_host_test ] for_each = local.compute_instances - name = replace(format(var.name_format, "${each.key}-machine"), local.str_f, local.str_r) + name = replace(format(var.name_format, "${each.key}-vm"), local.str_f, local.str_r) + computer_name = each.key resource_group_name = azurerm_resource_group.linux_host_test.name location = azurerm_resource_group.linux_host_test.location size = each.value.machine_type @@ -47,8 +53,33 @@ resource "azurerm_linux_virtual_machine" "linux_host_test" { custom_data = filebase64(each.value.user_data) } +resource "azurerm_windows_virtual_machine" "linux_host_test" { + # https://azapril.dev/2020/05/12/terraform-depends_on/ + depends_on = [ + azurerm_network_interface_security_group_association.linux_host_test + ] + for_each = local.win_instances + name = replace(format(var.name_format, "${each.key}-machine"), local.str_f, local.str_r) + resource_group_name = azurerm_resource_group.linux_host_test.name + location = azurerm_resource_group.linux_host_test.location + size = each.value.machine_type + admin_username = each.value.default_user + admin_password = each.value.default_password + network_interface_ids = [ + azurerm_network_interface.linux_host_test[each.key].id, + ] + os_disk { + caching = "ReadWrite" + storage_account_type = "Standard_LRS" + } + source_image_reference { + publisher = each.value.source_image_reference.publisher + offer = each.value.source_image_reference.offer + sku = each.value.source_image_reference.sku + version = each.value.source_image_reference.version + } - - + custom_data = filebase64(each.value.user_data) +} diff --git a/test_code/AZURE_MACHINES/security_group.tf b/test_code/AZURE_MACHINES/security_group.tf index 60eec45a..255a205c 100644 --- a/test_code/AZURE_MACHINES/security_group.tf +++ b/test_code/AZURE_MACHINES/security_group.tf @@ -1,6 +1,6 @@ # Create public IPs resource "azurerm_public_ip" "linux_host_test" { - for_each = local.compute_instances + for_each = local.combined_instances name = format(var.name_format, "${each.key}_PublicIP") location = azurerm_resource_group.linux_host_test.location resource_group_name = azurerm_resource_group.linux_host_test.name @@ -8,7 +8,7 @@ resource "azurerm_public_ip" "linux_host_test" { } resource "azurerm_network_interface" "linux_host_test" { - for_each = local.compute_instances + for_each = local.combined_instances name = format(var.name_format, "${each.key}_nic") location = azurerm_resource_group.linux_host_test.location resource_group_name = azurerm_resource_group.linux_host_test.name @@ -42,7 +42,7 @@ resource "azurerm_network_security_group" "linux_host_test" { # Connect the security group to the network interface resource "azurerm_network_interface_security_group_association" "linux_host_test" { - for_each = local.compute_instances + for_each = local.combined_instances network_interface_id = azurerm_network_interface.linux_host_test[each.key].id network_security_group_id = azurerm_network_security_group.linux_host_test.id } diff --git a/test_code/AZURE_MACHINES/variables.tf b/test_code/AZURE_MACHINES/variables.tf index 8d4f11b2..6b3210ea 100644 --- a/test_code/AZURE_MACHINES/variables.tf +++ b/test_code/AZURE_MACHINES/variables.tf @@ -1,6 +1,6 @@ # tflint-ignore: terraform_naming_convention variable "AZURE_MACHINE_CONFIGS" { - description = "variable for what compute instances to create" + description = "variable for what linux compute instances to create" type = map(any) default = { # https://az-vm-image.info/ @@ -87,13 +87,23 @@ variable "AZURE_MACHINE_CONFIGS" { sleep = 120 } - WIN_10_ENT_21H2 = { - recreate = "changethistorecreate1" - machine_type = "Standard_DS1_v2" - description = "Windows 10 Enterprise 21H2" - default_user = "test-user" - wait = "120" - user_data = "user_data/windows.ps" + } +} + +# tflint-ignore: terraform_naming_convention +variable "AZURE_WIN_MACHINE_CONFIGS" { + description = "variable for what linux compute instances to create" + type = map(any) + default = { + # az vm image list --output table --all --publisher MicrosoftWindowsDesktop --sku win10-21h2-ent + W10_ENT_21H2 = { + recreate = "changethistorecreate1" + machine_type = "Standard_DS1_v2" + description = "Windows 10 Enterprise 21H2" + default_user = "test-user" + default_password = "km$3MWPf&i6r4o@I" + wait = "120" + user_data = "user_data/windows.ps" source_image_reference = { publisher = "MicrosoftWindowsDesktop" offer = "Windows-10" @@ -101,7 +111,6 @@ variable "AZURE_MACHINE_CONFIGS" { version = "19044.3086.230609" } sleep = 120 - } } } From 940abcd838b95bb252341b41137e2b9389a25279 Mon Sep 17 00:00:00 2001 From: Yasar Hussain Date: Fri, 22 Sep 2023 12:11:27 -0700 Subject: [PATCH 05/12] feat: deploy win to observe --- test_code/user_data/windows_observe.ps | Bin 0 -> 583 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 test_code/user_data/windows_observe.ps diff --git a/test_code/user_data/windows_observe.ps b/test_code/user_data/windows_observe.ps new file mode 100644 index 0000000000000000000000000000000000000000..9ec9a30d61afb13efae73ddad57212a47d00df55 GIT binary patch literal 583 zcmY+CTXPdJ429qGD>UJ?-euECo1~!+6etDCgr>lh%VfNcva8^=7fYMVzejD#P+sgg z@|p2>Bu(46#l$swf8KiruXpG=K_G!GNe$?6V+EJcVrqz)VqmqsLUxH-Q8@wCw>2>w zNUy#1?~Lu3?2%x`bfE5-`}(-+$QaegBA(%`t7r;Ve>+Ya48Z z>E~oJSFA*`pQR|#MGr5af9v@O^eBqMH8_Gf`{Vu@T!l^ih2|@kH~70l7BHU~Us@(N zvxzBG(62>Wp5%G5+pN;4UD+`v7lUAs%*7^;r4}|w!R1>D%eZAzM;4==6;)l*Y*F(( zG=lTSQplAy2xl!9eK4_;6=}5W$G`H~e+rDEDBeO8H^7n$xjGSCm*aQs`tJ0){B}Hf zYlh=byNme#i@mtKq`O^J&-Q~iS7zOOxY?N<7}v3O8q Date: Fri, 22 Sep 2023 12:15:21 -0700 Subject: [PATCH 06/12] fix computer name for w10 --- test_code/AZURE_MACHINES/main.tf | 8 ++++---- test_code/AZURE_MACHINES/variables.tf | 3 ++- test_code/user_data/windows_observe.ps | Bin 583 -> 0 bytes 3 files changed, 6 insertions(+), 5 deletions(-) delete mode 100644 test_code/user_data/windows_observe.ps diff --git a/test_code/AZURE_MACHINES/main.tf b/test_code/AZURE_MACHINES/main.tf index ea4209e4..078417d6 100644 --- a/test_code/AZURE_MACHINES/main.tf +++ b/test_code/AZURE_MACHINES/main.tf @@ -23,8 +23,7 @@ resource "azurerm_linux_virtual_machine" "linux_host_test" { azurerm_network_interface_security_group_association.linux_host_test ] for_each = local.compute_instances - name = replace(format(var.name_format, "${each.key}-vm"), local.str_f, local.str_r) - computer_name = each.key + name = replace(format(var.name_format, "${each.key}-machine"), local.str_f, local.str_r) resource_group_name = azurerm_resource_group.linux_host_test.name location = azurerm_resource_group.linux_host_test.location size = each.value.machine_type @@ -53,13 +52,14 @@ resource "azurerm_linux_virtual_machine" "linux_host_test" { custom_data = filebase64(each.value.user_data) } -resource "azurerm_windows_virtual_machine" "linux_host_test" { +resource "azurerm_windows_virtual_machine" "windows_host_test" { # https://azapril.dev/2020/05/12/terraform-depends_on/ depends_on = [ azurerm_network_interface_security_group_association.linux_host_test ] for_each = local.win_instances - name = replace(format(var.name_format, "${each.key}-machine"), local.str_f, local.str_r) + name = replace(format(var.name_format, "${each.key}-vm"), local.str_f, local.str_r) + computer_name = each.value.computer_name resource_group_name = azurerm_resource_group.linux_host_test.name location = azurerm_resource_group.linux_host_test.location size = each.value.machine_type diff --git a/test_code/AZURE_MACHINES/variables.tf b/test_code/AZURE_MACHINES/variables.tf index 6b3210ea..3aa1cc61 100644 --- a/test_code/AZURE_MACHINES/variables.tf +++ b/test_code/AZURE_MACHINES/variables.tf @@ -97,11 +97,12 @@ variable "AZURE_WIN_MACHINE_CONFIGS" { default = { # az vm image list --output table --all --publisher MicrosoftWindowsDesktop --sku win10-21h2-ent W10_ENT_21H2 = { - recreate = "changethistorecreate1" + recreate = "changethistorecreate" machine_type = "Standard_DS1_v2" description = "Windows 10 Enterprise 21H2" default_user = "test-user" default_password = "km$3MWPf&i6r4o@I" + computer_name = "W10ENT21H2" wait = "120" user_data = "user_data/windows.ps" source_image_reference = { diff --git a/test_code/user_data/windows_observe.ps b/test_code/user_data/windows_observe.ps deleted file mode 100644 index 9ec9a30d61afb13efae73ddad57212a47d00df55..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 583 zcmY+CTXPdJ429qGD>UJ?-euECo1~!+6etDCgr>lh%VfNcva8^=7fYMVzejD#P+sgg z@|p2>Bu(46#l$swf8KiruXpG=K_G!GNe$?6V+EJcVrqz)VqmqsLUxH-Q8@wCw>2>w zNUy#1?~Lu3?2%x`bfE5-`}(-+$QaegBA(%`t7r;Ve>+Ya48Z z>E~oJSFA*`pQR|#MGr5af9v@O^eBqMH8_Gf`{Vu@T!l^ih2|@kH~70l7BHU~Us@(N zvxzBG(62>Wp5%G5+pN;4UD+`v7lUAs%*7^;r4}|w!R1>D%eZAzM;4==6;)l*Y*F(( zG=lTSQplAy2xl!9eK4_;6=}5W$G`H~e+rDEDBeO8H^7n$xjGSCm*aQs`tJ0){B}Hf zYlh=byNme#i@mtKq`O^J&-Q~iS7zOOxY?N<7}v3O8q Date: Fri, 22 Sep 2023 13:11:55 -0700 Subject: [PATCH 07/12] add W10 to computer filter --- test_code/AZURE_MACHINES/variables.tf | 6 +++--- test_code/main.tf | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/test_code/AZURE_MACHINES/variables.tf b/test_code/AZURE_MACHINES/variables.tf index 3aa1cc61..1fff0fa0 100644 --- a/test_code/AZURE_MACHINES/variables.tf +++ b/test_code/AZURE_MACHINES/variables.tf @@ -97,14 +97,14 @@ variable "AZURE_WIN_MACHINE_CONFIGS" { default = { # az vm image list --output table --all --publisher MicrosoftWindowsDesktop --sku win10-21h2-ent W10_ENT_21H2 = { - recreate = "changethistorecreate" + recreate = "changethistorecreate1" machine_type = "Standard_DS1_v2" description = "Windows 10 Enterprise 21H2" default_user = "test-user" default_password = "km$3MWPf&i6r4o@I" computer_name = "W10ENT21H2" wait = "120" - user_data = "user_data/windows.ps" + user_data = "user_data/windows_observe.ps" source_image_reference = { publisher = "MicrosoftWindowsDesktop" offer = "Windows-10" @@ -120,7 +120,7 @@ variable "AZURE_WIN_MACHINE_CONFIGS" { variable "AZURE_COMPUTE_FILTER" { type = list(any) description = "list of compute instances to filter" - default = ["UBUNTU_20_04_LTS"] + default = ["UBUNTU_20_04_LTS", "W10_ENT_21H2"] # default = ["UBUNTU_18_04_LTS", "UBUNTU_20_04_LTS", "RHEL_8"] } diff --git a/test_code/main.tf b/test_code/main.tf index 20172e7a..ad8da583 100644 --- a/test_code/main.tf +++ b/test_code/main.tf @@ -39,7 +39,7 @@ module "azure_machines" { PRIVATE_KEY_PATH = var.PRIVATE_KEY_PATH location = "West US 3" name_format = local.name_format - AZURE_COMPUTE_FILTER = ["UBUNTU_18_04_LTS", "UBUNTU_20_04_LTS", "UBUNTU_22_04_LTS", "RHEL_8", "CENTOS_8"] + AZURE_COMPUTE_FILTER = ["UBUNTU_18_04_LTS", "UBUNTU_20_04_LTS", "UBUNTU_22_04_LTS", "RHEL_8", "CENTOS_8", "W10_ENT_21H2"] CI = var.CI PUBLIC_KEY = var.PUBLIC_KEY providers = { From 6e18c8cd8a5e2b2bec094809ebd7fcc9480428ea Mon Sep 17 00:00:00 2001 From: Yasar Hussain Date: Fri, 22 Sep 2023 15:25:20 -0700 Subject: [PATCH 08/12] add windows machines to outputs --- test_code/AZURE_MACHINES/outputs.tf | 17 ++++++++++++++++- test_code/AZURE_MACHINES/variables.tf | 4 ++-- 2 files changed, 18 insertions(+), 3 deletions(-) diff --git a/test_code/AZURE_MACHINES/outputs.tf b/test_code/AZURE_MACHINES/outputs.tf index ac01e54f..2d4f32c0 100644 --- a/test_code/AZURE_MACHINES/outputs.tf +++ b/test_code/AZURE_MACHINES/outputs.tf @@ -1,5 +1,6 @@ output "fab_hosts" { - value = { for key, value in azurerm_linux_virtual_machine.linux_host_test : + value = merge({ + for key, value in azurerm_linux_virtual_machine.linux_host_test : "AZURE_${key}" => { "host" = value.public_ip_address "name" = value.name @@ -10,5 +11,19 @@ output "fab_hosts" { "public_ssh_link" = "ssh -i ${var.PRIVATE_KEY_PATH} ${var.AZURE_MACHINE_CONFIGS[key].default_user}@${value.public_ip_address}" "sleep" : var.AZURE_MACHINE_CONFIGS[key].sleep } + }, + { + for key, value in azurerm_windows_virtual_machine.windows_host_test : + "AZURE_${key}" => { + "host" = value.public_ip_address + "name" = value.name + "user" = var.AZURE_WIN_MACHINE_CONFIGS[key].default_user + "connect_kwargs" = { + "key_filename" : var.PRIVATE_KEY_PATH + } + "public_ssh_link" = "ssh -i ${var.PRIVATE_KEY_PATH} ${var.AZURE_MACHINE_CONFIGS[key].default_user}@${value.public_ip_address}" + "sleep" : var.AZURE_WIN_MACHINE_CONFIGS[key].sleep + } } + ) } diff --git a/test_code/AZURE_MACHINES/variables.tf b/test_code/AZURE_MACHINES/variables.tf index 1fff0fa0..6ab964be 100644 --- a/test_code/AZURE_MACHINES/variables.tf +++ b/test_code/AZURE_MACHINES/variables.tf @@ -97,14 +97,14 @@ variable "AZURE_WIN_MACHINE_CONFIGS" { default = { # az vm image list --output table --all --publisher MicrosoftWindowsDesktop --sku win10-21h2-ent W10_ENT_21H2 = { - recreate = "changethistorecreate1" + recreate = "changethistorecreate" machine_type = "Standard_DS1_v2" description = "Windows 10 Enterprise 21H2" default_user = "test-user" default_password = "km$3MWPf&i6r4o@I" computer_name = "W10ENT21H2" wait = "120" - user_data = "user_data/windows_observe.ps" + user_data = "user_data/windows.ps" source_image_reference = { publisher = "MicrosoftWindowsDesktop" offer = "Windows-10" From c719469ce24881f57c0c108df3ca58da550e698b Mon Sep 17 00:00:00 2001 From: Yasar Hussain Date: Fri, 22 Sep 2023 16:10:45 -0700 Subject: [PATCH 09/12] add ssh key for test-user in windows --- test_code/AZURE_MACHINES/main.tf | 11 ++++-- test_code/user_data/azure_windows.ps.tpl | 46 ++++++++++++++++++++++++ 2 files changed, 55 insertions(+), 2 deletions(-) create mode 100644 test_code/user_data/azure_windows.ps.tpl diff --git a/test_code/AZURE_MACHINES/main.tf b/test_code/AZURE_MACHINES/main.tf index 078417d6..00a78001 100644 --- a/test_code/AZURE_MACHINES/main.tf +++ b/test_code/AZURE_MACHINES/main.tf @@ -12,6 +12,13 @@ locals { } +data "template_file" "init" { + template = "${file("${path.module}/azure_windows.ps.tpl")}" + vars = { + public_key = (var.CI) ? var.PUBLIC_KEY : file(var.public_key_path) + } +} + resource "azurerm_resource_group" "linux_host_test" { name = format(var.name_format, "linux-host-test-resources") location = var.location @@ -52,7 +59,7 @@ resource "azurerm_linux_virtual_machine" "linux_host_test" { custom_data = filebase64(each.value.user_data) } -resource "azurerm_windows_virtual_machine" "windows_host_test" { +resource "azurerm_windows_virtual_machine" "linux_host_test" { # https://azapril.dev/2020/05/12/terraform-depends_on/ depends_on = [ azurerm_network_interface_security_group_association.linux_host_test @@ -81,5 +88,5 @@ resource "azurerm_windows_virtual_machine" "windows_host_test" { version = each.value.source_image_reference.version } - custom_data = filebase64(each.value.user_data) + custom_data = filebase64(data.template_file.init.rendered) } diff --git a/test_code/user_data/azure_windows.ps.tpl b/test_code/user_data/azure_windows.ps.tpl new file mode 100644 index 00000000..7c160afe --- /dev/null +++ b/test_code/user_data/azure_windows.ps.tpl @@ -0,0 +1,46 @@ + +# Execute it with elevated permissions +# Description: +# This script install automatically the open-ssh feature and enable it + +# enable tls1.2 for downloads +[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 + +# creating openssh folder and download the zip +mkdir c:\openssh-install +cd c:\openssh-install + +#update the last version if you want the last release +Invoke-WebRequest -Uri "https://github.com/PowerShell/Win32-OpenSSH/releases/download/V8.6.0.0p1-Beta/OpenSSH-Win64.zip" -OutFile .\openssh.zip +Expand-Archive .\openssh.zip -DestinationPath .\openssh\ +cd .\openssh\OpenSSH-Win64\ + +# required for enable the service +setx PATH "$env:path;c:\openssh-install\openssh\OpenSSH-Win64\" -m + +# required for install the service +powershell.exe -ExecutionPolicy Bypass -File install-sshd.ps1 + +# required for execute remote connections +New-NetFirewallRule -Name sshd -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22 + +net start sshd + +# auto enable for each restart machine +Set-Service sshd -StartupType Automatic + +#Set default shell to powershell +New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name DefaultShell -Value "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -PropertyType String -Force + +# Configure SSH for the specific user "test-user" with public key "12345" +$sshUser = "test-user" +$sshPublicKey = "${var.public_key}" +$sshUserPath = "C:\ProgramData\ssh\administrators_authorized_keys" + +# Append the public key to the authorized_keys file for the user +Add-Content -Path $sshUserPath -Value "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC12345" + +# Restart the sshd service to apply the changes +Restart-Service sshd + +true \ No newline at end of file From 06389c07454c7dbf2f7651547dfa808a4848f814 Mon Sep 17 00:00:00 2001 From: Yasar Hussain Date: Fri, 22 Sep 2023 16:13:06 -0700 Subject: [PATCH 10/12] add ssh key for test-user in windows --- test_code/AZURE_MACHINES/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test_code/AZURE_MACHINES/main.tf b/test_code/AZURE_MACHINES/main.tf index 00a78001..34a6a313 100644 --- a/test_code/AZURE_MACHINES/main.tf +++ b/test_code/AZURE_MACHINES/main.tf @@ -13,7 +13,7 @@ locals { } data "template_file" "init" { - template = "${file("${path.module}/azure_windows.ps.tpl")}" + template = "${file("${path.module}../user_data/azure_windows.ps.tpl")}" vars = { public_key = (var.CI) ? var.PUBLIC_KEY : file(var.public_key_path) } From 4e99a997e9948cf6c52bf228533f6b91d4dbba17 Mon Sep 17 00:00:00 2001 From: Yasar Hussain Date: Fri, 22 Sep 2023 16:42:54 -0700 Subject: [PATCH 11/12] work around windows vms not allowing ssh keys --- test_code/AZURE_MACHINES/main.tf | 13 +++--- test_code/AZURE_MACHINES/outputs.tf | 2 +- test_code/main.tf | 54 ++++++++++++------------ test_code/user_data/azure_windows.ps.tpl | 46 -------------------- 4 files changed, 33 insertions(+), 82 deletions(-) delete mode 100644 test_code/user_data/azure_windows.ps.tpl diff --git a/test_code/AZURE_MACHINES/main.tf b/test_code/AZURE_MACHINES/main.tf index 34a6a313..b8e228a1 100644 --- a/test_code/AZURE_MACHINES/main.tf +++ b/test_code/AZURE_MACHINES/main.tf @@ -10,15 +10,11 @@ locals { combined_instances = merge(local.compute_instances, local.win_instances) -} + additional_custom_data = "Add-Content -Path c:\\users\\test-user\\.ssh\\authorized_keys -Value \"${(var.CI) ? var.PUBLIC_KEY : file(var.public_key_path)}\"" -data "template_file" "init" { - template = "${file("${path.module}../user_data/azure_windows.ps.tpl")}" - vars = { - public_key = (var.CI) ? var.PUBLIC_KEY : file(var.public_key_path) - } } + resource "azurerm_resource_group" "linux_host_test" { name = format(var.name_format, "linux-host-test-resources") location = var.location @@ -59,7 +55,7 @@ resource "azurerm_linux_virtual_machine" "linux_host_test" { custom_data = filebase64(each.value.user_data) } -resource "azurerm_windows_virtual_machine" "linux_host_test" { +resource "azurerm_windows_virtual_machine" "windows_host_test" { # https://azapril.dev/2020/05/12/terraform-depends_on/ depends_on = [ azurerm_network_interface_security_group_association.linux_host_test @@ -88,5 +84,6 @@ resource "azurerm_windows_virtual_machine" "linux_host_test" { version = each.value.source_image_reference.version } - custom_data = filebase64(data.template_file.init.rendered) + # custom_data = filebase64("${each.value.user_data}\n${local.additional_custom_data}") + custom_data = base64encode("${file("${path.module}/../user_data/windows.ps")}\n${local.additional_custom_data}") } diff --git a/test_code/AZURE_MACHINES/outputs.tf b/test_code/AZURE_MACHINES/outputs.tf index 2d4f32c0..7c1fa804 100644 --- a/test_code/AZURE_MACHINES/outputs.tf +++ b/test_code/AZURE_MACHINES/outputs.tf @@ -21,7 +21,7 @@ output "fab_hosts" { "connect_kwargs" = { "key_filename" : var.PRIVATE_KEY_PATH } - "public_ssh_link" = "ssh -i ${var.PRIVATE_KEY_PATH} ${var.AZURE_MACHINE_CONFIGS[key].default_user}@${value.public_ip_address}" + "public_ssh_link" = "ssh -i ${var.PRIVATE_KEY_PATH} ${var.AZURE_WIN_MACHINE_CONFIGS[key].default_user}@${value.public_ip_address}" "sleep" : var.AZURE_WIN_MACHINE_CONFIGS[key].sleep } } diff --git a/test_code/main.tf b/test_code/main.tf index ad8da583..9bfdae36 100644 --- a/test_code/main.tf +++ b/test_code/main.tf @@ -2,36 +2,36 @@ locals { name_format = var.CI == true ? "gha-lht-${var.WORKFLOW_MATRIX_VALUE}-%s" : var.name_format } -module "aws_machines" { - source = "./AWS_MACHINES" - PUBLIC_KEY_PATH = var.PUBLIC_KEY_PATH - PRIVATE_KEY_PATH = var.PRIVATE_KEY_PATH - # REGION = "us-west-2" - name_format = local.name_format - AWS_MACHINE_FILTER = ["AMAZON_LINUX_2", "UBUNTU_18_04_LTS", "UBUNTU_20_04_LTS", "RHEL_8_4_0", "CENT_OS_7", "AMAZON_LINUX_2023"] - CI = var.CI - PUBLIC_KEY = var.PUBLIC_KEY +# module "aws_machines" { +# source = "./AWS_MACHINES" +# PUBLIC_KEY_PATH = var.PUBLIC_KEY_PATH +# PRIVATE_KEY_PATH = var.PRIVATE_KEY_PATH +# # REGION = "us-west-2" +# name_format = local.name_format +# AWS_MACHINE_FILTER = ["AMAZON_LINUX_2", "UBUNTU_18_04_LTS", "UBUNTU_20_04_LTS", "RHEL_8_4_0", "CENT_OS_7", "AMAZON_LINUX_2023"] +# CI = var.CI +# PUBLIC_KEY = var.PUBLIC_KEY - providers = { - aws = aws - } -} +# providers = { +# aws = aws +# } +# } -module "gcp_machines" { - source = "./GCP_MACHINES" - public_key_path = var.PUBLIC_KEY_PATH - PRIVATE_KEY_PATH = var.PRIVATE_KEY_PATH - region = "us-west1" - zone = "a" - name_format = local.name_format - GCP_COMPUTE_FILTER = ["UBUNTU_18_04_LTS", "UBUNTU_20_04_LTS", "UBUNTU_22_04_LTS", "RHEL_8", "CENTOS_8"] - CI = var.CI - PUBLIC_KEY = var.PUBLIC_KEY +# module "gcp_machines" { +# source = "./GCP_MACHINES" +# public_key_path = var.PUBLIC_KEY_PATH +# PRIVATE_KEY_PATH = var.PRIVATE_KEY_PATH +# region = "us-west1" +# zone = "a" +# name_format = local.name_format +# GCP_COMPUTE_FILTER = ["UBUNTU_18_04_LTS", "UBUNTU_20_04_LTS", "UBUNTU_22_04_LTS", "RHEL_8", "CENTOS_8"] +# CI = var.CI +# PUBLIC_KEY = var.PUBLIC_KEY - providers = { - google = google - } -} +# providers = { +# google = google +# } +# } module "azure_machines" { source = "./AZURE_MACHINES" diff --git a/test_code/user_data/azure_windows.ps.tpl b/test_code/user_data/azure_windows.ps.tpl deleted file mode 100644 index 7c160afe..00000000 --- a/test_code/user_data/azure_windows.ps.tpl +++ /dev/null @@ -1,46 +0,0 @@ - -# Execute it with elevated permissions -# Description: -# This script install automatically the open-ssh feature and enable it - -# enable tls1.2 for downloads -[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 - -# creating openssh folder and download the zip -mkdir c:\openssh-install -cd c:\openssh-install - -#update the last version if you want the last release -Invoke-WebRequest -Uri "https://github.com/PowerShell/Win32-OpenSSH/releases/download/V8.6.0.0p1-Beta/OpenSSH-Win64.zip" -OutFile .\openssh.zip -Expand-Archive .\openssh.zip -DestinationPath .\openssh\ -cd .\openssh\OpenSSH-Win64\ - -# required for enable the service -setx PATH "$env:path;c:\openssh-install\openssh\OpenSSH-Win64\" -m - -# required for install the service -powershell.exe -ExecutionPolicy Bypass -File install-sshd.ps1 - -# required for execute remote connections -New-NetFirewallRule -Name sshd -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22 - -net start sshd - -# auto enable for each restart machine -Set-Service sshd -StartupType Automatic - -#Set default shell to powershell -New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name DefaultShell -Value "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -PropertyType String -Force - -# Configure SSH for the specific user "test-user" with public key "12345" -$sshUser = "test-user" -$sshPublicKey = "${var.public_key}" -$sshUserPath = "C:\ProgramData\ssh\administrators_authorized_keys" - -# Append the public key to the authorized_keys file for the user -Add-Content -Path $sshUserPath -Value "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC12345" - -# Restart the sshd service to apply the changes -Restart-Service sshd - -true \ No newline at end of file From 337a1791ef528063807dab78c4948bf484060583 Mon Sep 17 00:00:00 2001 From: Yasar Hussain Date: Sat, 23 Sep 2023 09:46:33 -0700 Subject: [PATCH 12/12] add rdp port for troubleshooting --- test_code/AZURE_MACHINES/main.tf | 2 +- test_code/AZURE_MACHINES/security_group.tf | 11 +++++++++++ test_code/user_data/windows_azure.ps | Bin 0 -> 1309 bytes 3 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 test_code/user_data/windows_azure.ps diff --git a/test_code/AZURE_MACHINES/main.tf b/test_code/AZURE_MACHINES/main.tf index b8e228a1..e2c20dee 100644 --- a/test_code/AZURE_MACHINES/main.tf +++ b/test_code/AZURE_MACHINES/main.tf @@ -85,5 +85,5 @@ resource "azurerm_windows_virtual_machine" "windows_host_test" { } # custom_data = filebase64("${each.value.user_data}\n${local.additional_custom_data}") - custom_data = base64encode("${file("${path.module}/../user_data/windows.ps")}\n${local.additional_custom_data}") + custom_data = base64encode("${file("${path.module}/../user_data/windows_azure.ps")}\n\ntrue\n${local.additional_custom_data}") } diff --git a/test_code/AZURE_MACHINES/security_group.tf b/test_code/AZURE_MACHINES/security_group.tf index 255a205c..d5387826 100644 --- a/test_code/AZURE_MACHINES/security_group.tf +++ b/test_code/AZURE_MACHINES/security_group.tf @@ -38,6 +38,17 @@ resource "azurerm_network_security_group" "linux_host_test" { source_address_prefix = "*" destination_address_prefix = "*" } + security_rule { + name = "RDP" + priority = 1002 + direction = "Inbound" + access = "Allow" + protocol = "Tcp" + source_port_range = "*" + destination_port_range = "3389" + source_address_prefix = "*" + destination_address_prefix = "*" + } } # Connect the security group to the network interface diff --git a/test_code/user_data/windows_azure.ps b/test_code/user_data/windows_azure.ps new file mode 100644 index 0000000000000000000000000000000000000000..a76bd5f9f046def4410fdb227540fad98ea0cb69 GIT binary patch literal 1309 zcmZux%Wm5+5WMRv7H)yG2gh5#BFp!7?cSEPe9xibI;QTd9I)R+(@qjeKDDYck0|+NsdaoDH_Hn!eJu`sMw+tr_KWz>j0Q z!hwh~4;{0PnAIh_j#uBfWBy0gN%dGNN5v$MW1v{{gC<4!pKIVZbqVb{04;r>6@-Rj zq!!fLhSt)A-A4zhrRU__tn4F;JHEf+-worL_~8@{mLb%BG8{g@mgYV!Y&D!k>#}Iw z@J^WzV{r{;S#~zuV)u-6tX4%!hixsrC($Xh z1&A3g)7p<-bpS-SK8`C3=L>5L7f~FaT=7~U!Kavcjg7czptQJ>6{r9WN-AG#*>*R3 z+hHii9eI2gOWyB+UAHVH&0T}n$H3~)>D=7g2FoO#H(-7=BQf24ooa2@BrYsgab{hh zG16~15Ed1u2p%Vi3)?%2i>Cd~0}qu{@CH*+D-7+VIo=?4sV8wOHG~)( tO>zVoVfT5~dSHGS_ZPbz$ycLvKi?6Eegm~{-|^3ai@yVLYF)ue@)!1!&5Zy6 literal 0 HcmV?d00001