Using packer to copy file from host to generated image without password
You should use the file
provisioner, something like:
"provisioners": [
{
"type": "file",
"source": "source_file",
"destination": "dest"
},
{
"type": "script",
"inline": [ "echo do something here" ]
}
]
See documentation: provisioners
ComputerScientist
Updated on June 16, 2022Comments
-
ComputerScientist almost 2 years
I am currently using packer to generate customized images from a given configuration. The packer
.json
file includes provisions, which are described in this packer tutorial.Instead of typing the commands there, I used the shell option in which I can write a bunch of
sudo apt-get install
commands to customize the images.The problem is that I need to copy a file from a computer I own to the images. To be clear, the computer I own is also the one I'm running the command
packer build example.json
.In the shell script, how can I do a secure copy so that from the perspective of the newly-created images, the image can securely copy the file from my computer to itself, without having to type a password? This is a shell script so I couldn't type one in if I wanted to.
I understand that to avoid typing in the password, I need public/private key authentication. In the shell script, I have:
sudo ssh-keygen -t rsa -b 2048 sudo scp ~/.ssh/id_rsa.pub [email protected]:/home/user/.ssh/uploaded_key.pub sudo ssh [email protected] "echo `cat ~/.ssh/uploaded_key.pub` >> ~/.ssh/authorized_keys"
(Taken from the example here and elsewhere. My understanding from this is that the image which is generated is running these commands.)
The problem with this and many approaches I see on StackOverflow, such as with this related question, is either one of two things.
- The first time this public/private authentication happens, it seems like a password is needed. However, this is done entirely in a shell script so I don't know how to avoid it.
- packer generates these images on the fly, so other approaches that require me to type in explicit AMI IDs for
ssh
orscp
do not seem to work.
A closely related question uses the "file" provision type, but I would like to do this with the "shell" type and I'm not sure how to use both the file and the shell options.
How may I resolve this?
-
ComputerScientist almost 7 yearsAh, I didn't realize we could have an array of those, I thought I remember reading somewhere that we could have only one. Let me try those, though I'll have to figure out what exactly goes in the source/dest arguments.