IaC - Gold Image as Code: A DevOps approach to building base images efficiently!

The fun stuff. Building the packer template

We can break down this template in 2 parts: The builder and the provisioner

The Builder breakdown in 4 areas:

1. We are building in Azure so our builder is azure-arm, to instruct Azure where to place the resources we add our subscription id and tenant id.
   1. Leave the client ID and secret empty since it is not a good practice to have clear text password and we will be using Azure Vault for secrets management.
2. Earlier we looked for the image sku, packer will be doing the same when you run your build. Add the values for the publisher, offer and sku as seen below. The managed image name will be the name of your image after all is completed and it needs to go in a resource group that’s already created in your subscription.
3. The third area is how packer will be connecting to the VM to provision. Leave the defaults for WinRM, you might want to increase the timeout if your reboots take longer.
4. You can add tags to keep track of your image. The location and vm size are to spin up a machine and build. The bigger specs for VM size the faster your build will complete.

The Provisioner breakdown in 3 areas

1. We are mostly building with type: powershell for native windows support so the first step is to install chocolatey and we can do that as an inline command.
   1. After chocolatey is installed we can just run the one liners to get our apps installed like choco install something. This saves a ton of time.
2. If all the software you need to install for your use case is in chocolatey then you are one of the lucky ones. Skip the second block if that is your case. We will go into the details of downloading and installing the packages with powershell in the next page.
3. The last steps before you seal the image is usually running sysprep but you can add things like disabling services or printing reports before the image is sealed.

Since not all applications are in chocolatey, in the next page we go over creating an Azure Blob to upload installers, msis and executables and create urls so we can call them from the pipeline steps later.