feat: add rhsm_enabled to enable or disable Red Hat

Closes vmware-samples#977 without Red Hat Subscription Manager, you needs additionnal yum repository. Added variables - rhsm_enable - yum_repositories - rpm_gpg_keys Signed-off-by: Fabien SEISEN <[email protected]>
nesies · Nov 21, 2024 · 8189ef3 · 8189ef3
1 parent fb37d5e
commit 8189ef3
Show file tree

Hide file tree

Showing 12 changed files with 123 additions and 2 deletions.
diff --git a/ansible/roles/base/tasks/redhat.yml b/ansible/roles/base/tasks/redhat.yml
@@ -7,7 +7,9 @@
     msg: "OS: {{ ansible_distribution }} {{ ansible_distribution_version }}"
 
 - name: Checking the Red Hat Subscription Manager status.
-  when: ansible_distribution == 'RedHat'
+  when:
+    - ansible_distribution == 'RedHat'
+    - rhsm_enabled
   ansible.builtin.command:
     cmd: subscription-manager status
   register: result

diff --git a/ansible/roles/configure/tasks/redhat.yml b/ansible/roles/configure/tasks/redhat.yml
@@ -5,7 +5,9 @@
 - name: Disconnecting from Red Hat Subscription Manager.
   community.general.redhat_subscription:
     state: absent
-  when: ansible_distribution == 'RedHat'
+  when:
+    - ansible_distribution == 'RedHat'
+    - rhsm_enabled
 
 # Tasks for configuring SSH for public key authentication.
 - name: Configuring SSH for Public Key Authentication without cloud-init.

diff --git a/builds/linux/rhel/8/data/ks.pkrtpl.hcl b/builds/linux/rhel/8/data/ks.pkrtpl.hcl
@@ -53,6 +53,11 @@ timezone ${vm_guest_os_timezone}
 ### Partitioning
 ${storage}
 
+### Additional yum repositories
+%{ for repo in yum_repositories ~}
+repo --name ${repo.name} --baseurl ${repo.url} %{ if repo.install }--install%{ endif }
+%{ endfor ~}
+
 ### Modifies the default set of services that will run under the default runlevel.
 services --enabled=NetworkManager,sshd
 
@@ -67,8 +72,15 @@ skipx
 
 ### Post-installation commands.
 %post
+%{ for gpg_key in rpm_gpg_keys ~}
+rpm --import ${gpg_key}
+%{ endfor ~}
+%{ if rhsm_enabled ~}
 /usr/sbin/subscription-manager register --username ${rhsm_username} --password ${rhsm_password} --autosubscribe --force
 /usr/sbin/subscription-manager repos --enable "codeready-builder-for-rhel-8-x86_64-rpms"
+%{ else ~}
+dnf remove --assumeyes subscription-manager
+%{ endif ~}
 dnf install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
 dnf makecache
 dnf install -y sudo open-vm-tools perl

diff --git a/builds/linux/rhel/8/linux-rhel.pkr.hcl b/builds/linux/rhel/8/linux-rhel.pkr.hcl
@@ -54,6 +54,7 @@ locals {
       build_username           = var.build_username
       build_password           = var.build_password
       build_password_encrypted = var.build_password_encrypted
+      rhsm_enabled             = var.rhsm_enabled
       rhsm_username            = var.rhsm_username
       rhsm_password            = var.rhsm_password
       vm_guest_os_language     = var.vm_guest_os_language
@@ -74,6 +75,8 @@ locals {
         lvm        = var.vm_disk_lvm
       })
       additional_packages = join(" ", var.additional_packages)
+      rpm_gpg_keys = var.rpm_gpg_keys
+      yum_repositories = var.yum_repositories
     })
   }
   http_ks_command = "inst.ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/ks.cfg"
@@ -231,6 +234,7 @@ build {
       "--extra-vars", "ansible_username=${var.ansible_username}",
       "--extra-vars", "ansible_key='${var.ansible_key}'",
       "--extra-vars", "enable_cloudinit=${var.vm_guest_os_cloudinit}",
+      "--extra-vars", "{\"rhsm_enabled\": ${var.rhsm_enabled}}",
     ]
   }
 

diff --git a/builds/linux/rhel/8/linux-rhel.pkrvars.hcl.example b/builds/linux/rhel/8/linux-rhel.pkrvars.hcl.example
@@ -21,3 +21,20 @@ vm_firmware              = "efi-secure"
 iso_datastore_path       = "iso/linux/rhel"
 iso_content_library_item = "rhel-8.9-x86_64-dvd"
 iso_file                 = "rhel-8.9-x86_64-dvd.iso"
+
+rpm_gpg_keys = [
+  "/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release"
+]
+
+yum_repositories = [
+  {
+    "name": "baseos",
+    "url": "http://url/path/to/repo",
+    "install": true
+  },
+  {
+    "name": "appstream",
+    "url": "http://url/path/to/repo",
+    "install": true
+  }
+]
diff --git a/builds/linux/rhel/8/variables.pkr.hcl b/builds/linux/rhel/8/variables.pkr.hcl
@@ -12,6 +12,11 @@
 
 // Red Hat Subscription Manager Credentials
 
+variable "rhsm_enabled" {
+  type        = bool
+  description = "Enable Red Hat Subscription Manager."
+}
+
 variable "rhsm_username" {
   type        = string
   description = "The username to Red Hat Subscription Manager."
@@ -459,3 +464,21 @@ variable "additional_packages" {
   description = "Additional packages to install."
   default     = []
 }
+
+// Additional rpm gpg keys
+variable "rpm_gpg_keys" {
+  type        = list(string)
+  description = "Additional rpm gpg keys"
+  default = []
+}
+
+// Additional yum repositories
+variable "yum_repositories" {
+  type        = list(object({
+    name = string
+    url = string
+    install = bool
+  }))
+  description = "Additional yum repositories"
+  default = []
+}
diff --git a/builds/linux/rhel/9/data/ks.pkrtpl.hcl b/builds/linux/rhel/9/data/ks.pkrtpl.hcl
@@ -53,6 +53,11 @@ timezone ${vm_guest_os_timezone}
 ### Partitioning
 ${storage}
 
+### Additional yum repositories
+%{ for repo in yum_repositories ~}
+repo --name ${repo.name} --baseurl ${repo.url} %{ if repo.install }--install%{ endif }
+%{ endfor ~}
+
 ### Modifies the default set of services that will run under the default runlevel.
 services --enabled=NetworkManager,sshd
 
@@ -67,9 +72,17 @@ skipx
 
 ### Post-installation commands.
 %post
+%{ for gpg_key in rpm_gpg_keys ~}
+rpm --import ${gpg_key}
+%{ endfor ~}
+%{ if rhsm_enabled ~}
 /usr/sbin/subscription-manager register --username ${rhsm_username} --password ${rhsm_password} --autosubscribe --force
 /usr/sbin/subscription-manager repos --enable "codeready-builder-for-rhel-9-x86_64-rpms"
+%{ else ~}
+dnf remove --assumeyes subscription-manager
+%{ endif ~}
 dnf install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
+
 dnf makecache
 dnf install -y sudo open-vm-tools perl
 %{ if additional_packages != "" ~}

diff --git a/builds/linux/rhel/9/linux-rhel.pkr.hcl b/builds/linux/rhel/9/linux-rhel.pkr.hcl
@@ -54,6 +54,7 @@ locals {
       build_username           = var.build_username
       build_password           = var.build_password
       build_password_encrypted = var.build_password_encrypted
+      rhsm_enabled             = var.rhsm_enabled
       rhsm_username            = var.rhsm_username
       rhsm_password            = var.rhsm_password
       vm_guest_os_language     = var.vm_guest_os_language
@@ -74,6 +75,8 @@ locals {
         lvm        = var.vm_disk_lvm
       })
       additional_packages = join(" ", var.additional_packages)
+      rpm_gpg_keys = var.rpm_gpg_keys
+      yum_repositories = var.yum_repositories
     })
   }
   http_ks_command = "inst.ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/ks.cfg"
@@ -231,6 +234,7 @@ build {
       "--extra-vars", "ansible_username=${var.ansible_username}",
       "--extra-vars", "ansible_key='${var.ansible_key}'",
       "--extra-vars", "enable_cloudinit=${var.vm_guest_os_cloudinit}",
+      "--extra-vars", "{\"rhsm_enabled\": ${var.rhsm_enabled}}",
     ]
   }
 

diff --git a/builds/linux/rhel/9/linux-rhel.pkrvars.hcl.example b/builds/linux/rhel/9/linux-rhel.pkrvars.hcl.example
@@ -21,3 +21,20 @@ vm_firmware              = "efi-secure"
 iso_datastore_path       = "iso/linux/rhel"
 iso_content_library_item = "rhel-9.4-x86_64-dvd"
 iso_file                 = "rhel-9.4-x86_64-dvd.iso"
+
+rpm_gpg_keys = [
+  "/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release"
+]
+
+yum_repositories = [
+  {
+    "name": "baseos",
+    "url": "http://url/path/to/repo",
+    "install": true
+  },
+  {
+    "name": "appstream",
+    "url": "http://url/path/to/repo",
+    "install": true
+  }
+]
diff --git a/builds/linux/rhel/9/variables.pkr.hcl b/builds/linux/rhel/9/variables.pkr.hcl
@@ -12,6 +12,11 @@
 
 // Red Hat Subscription Manager Credentials
 
+variable "rhsm_enabled" {
+  type        = bool
+  description = "Enable Red Hat Subscription Manager."
+}
+
 variable "rhsm_username" {
   type        = string
   description = "The username to Red Hat Subscription Manager."
@@ -459,3 +464,21 @@ variable "additional_packages" {
   description = "Additional packages to install."
   default     = []
 }
+
+// Additional rpm gpg keys
+variable "rpm_gpg_keys" {
+  type        = list(string)
+  description = "Additional rpm gpg keys"
+  default = []
+}
+
+// Additional yum repositories
+variable "yum_repositories" {
+  type        = list(object({
+    name = string
+    url = string
+    install = bool
+  }))
+  description = "Additional yum repositories"
+  default = []
+}
diff --git a/builds/rhsm.pkrvars.hcl.example b/builds/rhsm.pkrvars.hcl.example
@@ -8,5 +8,7 @@
 */
 
 // Red Hat Subscription Manager Credentials
+
+rhsm_enabled   = true
 rhsm_username = "packer"
 rhsm_password = "VMw@re123!"
diff --git a/docs/getting-started/configure.md b/docs/getting-started/configure.md
@@ -256,6 +256,8 @@ additional_packages = ["git", "make", "vim"]
 Edit the `config/redhat.pkrvars.hcl` file to configure the credentials for your Red Hat Subscription
 Manager account.
 
+You can also disable Red Hat Subscription Manger by setting `rhsm_enabled = false`.
+
 ```hcl linenums="1" title="config/rhsm.pkrvars.hcl" hl_lines="1"
 --8<-- "./builds/rhsm.pkrvars.hcl.example:10:100"
 ```