Also in addition CircleCI docker image details below; 90e6981e9781:/usr/local/bin# uname -a Linux 90e6981e9781 4.15.0-1052-aws #54-Ubuntu SMP Tue Oct 1 15:43:26 UTC 2019 x86_64 Linux 90e6981e9781:/usr/local/bin# cat /etc/os-release NAME="Alpine Linux" ID=alpine VERSION_ID=3.7.0 PRETTY_NAME="Alpine Linux v3.7" HOME_URL="http://alpinelinux.org"; BUG_REPORT_URL="http://bugs.alpinelinux.org"; 90e6981e9781:/usr/local/bin# 90e6981e9781:/usr/local/bin# packer --version 1.2.4 90e6981e9781:/usr/local/bin#
Sagar On Tuesday, 28 April 2020 18:34:51 UTC+5:30, Sagar Jadhav wrote: > > Hi, > > I am using packer version 1.2.4 > > Sagar > > On Tuesday, 28 April 2020 13:59:20 UTC+5:30, Sylvia Moss wrote: >> >> Hi! Which Packer version are you using? >> >> segunda-feira, 27 de Abril de 2020 às 16:57:17 UTC+2, Sagar Jadhav >> escreveu: >>> >>> Hi, >>> >>> I am trying to build a packer using CIS Benchmark 2016 hardened windows >>> image from AWS market place using docker container running ansible >>> integrated with CircleCi tool. I had referred the code >>> https://gist.github.com/SwampDragons/a0044e88c614a507a533ee9323cf8e0c >>> provided >>> here https://github.com/hashicorp/packer/issues/9003 >>> >>> I tested this code locally on Macbook and found it is working where >>> WinRM is able to established a connection with packer however, when I run >>> the same code using my github account which is integrated with CircleCi >>> running on docker container, WinRM is just simply failed to connect to >>> packer instance with an error "*WinRM connection err: http response >>> error: 401 - invalid content type*" . >>> Also I wondered when i had built packer using below packer userdata >>> locally on my macbook and ran "winrm get winrm/config" it doesn't even >>> make any changes to "AllowUnencrypted" and "basic" auth for client and >>> service config. The winrm output shows those parameters are blocked by >>> [Source="GPO"]. I am not sure how it works locally but it works? >>> >>> Well, my problem is WinRM failed to connect on docker container using >>> ansible which is integrated with CirccleCi. >>> >>> *Eg:- WinRM Output of packer instance ran locally on machine:-* >>> Client >>> NetworkDelayms = 5000 >>> URLPrefix = wsman >>> *AllowUnencrypted = false [Source="GPO"]* >>> Auth >>> *Basic = false [Source="GPO"]* >>> >>> *Note:- The above output can been seen on packer instance built by >>> CircleCi docker container.* >>> >>> *packer userdata is :-* >>> >>> <powershell> >>> >>> # MAKE SURE IN YOUR PACKER CONFIG TO SET: >>> >>> # "winrm_username": "Administrator", >>> # "winrm_insecure": true, >>> # "winrm_use_ssl": true, >>> # >>> >>> write-output "Running User Data Script" >>> write-host "(host) Running User Data Script" >>> >>> Set-ExecutionPolicy Unrestricted -Scope LocalMachine -Force -ErrorAction >>> Ignore >>> >>> # Don't set this before Set-ExecutionPolicy as it throws an error >>> $ErrorActionPreference = "stop" >>> >>> # Remove HTTP listener >>> Remove-Item -Path WSMan:\Localhost\listener\listener* -Recurse >>> >>> # Create a self-signed certificate to let ssl work >>> $Cert = New-SelfSignedCertificate -CertstoreLocation >>> Cert:\LocalMachine\My -DnsName "packer" >>> New-Item -Path WSMan:\LocalHost\Listener -Transport HTTPS -Address * >>> -CertificateThumbPrint $Cert.Thumbprint -Force >>> >>> # WinRM >>> write-output "Setting up WinRM" >>> write-host "(host) setting up WinRM" >>> >>> winrm quickconfig -q >>> winrm set "winrm/config" '@{MaxTimeoutms="1800000"}' >>> winrm set "winrm/config/winrs" '@{MaxMemoryPerShellMB="1024"}' >>> winrm set "winrm/config/service" '@{AllowUnencrypted="true"}' >>> winrm set "winrm/config/client" '@{AllowUnencrypted="true"}' >>> winrm set "winrm/config/service/auth" '@{Basic="true"}' >>> winrm set "winrm/config/client/auth" '@{Basic="true"}' >>> winrm set "winrm/config/service/auth" '@{CredSSP="true"}' >>> winrm set "winrm/config/listener?Address=*+Transport=HTTPS" >>> "@{Port=`"5986`";Hostname=`"packer`";CertificateThumbprint=`"$($Cert.Thumbprint)`"}" >>> netsh advfirewall firewall set rule group="remote administration" new >>> enable=yes >>> netsh firewall add portopening TCP 5986 "Port 5986" >>> stop-service winrm >>> set-service -name winrm -startuptype Automatic >>> start-service winrm >>> >>> </powershell> >>> >>> I have also attached *packer.json and packer *inventory file which is >>> being referred by an ansible. Can someone review the attached files and let >>> me know if I am missing something here? >>> >>> Appreciate your inputs. Thanks. >>> >>> Regards, >>> Sagar >>> >>> >>> >>> -- This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list. GitHub Issues: https://github.com/mitchellh/packer/issues IRC: #packer-tool on Freenode --- You received this message because you are subscribed to the Google Groups "Packer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/7ed76d0a-68f4-4184-9fd2-05950169e6e4%40googlegroups.com.
