Add Atomic Red Team, Poll Packet for Provisioning, Fixes

ci/build_machine_bootstrap.sh

@@ -28,8 +28,12 @@ fi
 
 echo "Args: $ARGS"
 
+# Disable IPv6 - may help with the vagrant-reload plugin: https://github.com/hashicorp/vagrant/issues/8795#issuecomment-468945063
+echo "[$(date +%H:%M:%S)]: net.ipv6.conf.all.disable_ipv6=1" >> /etc/sysctl.conf
+sysctl -p /etc/sysctl.conf
+
 if [[ "$VAGRANT_ONLY" -eq 1 ]] && [[ "$PACKER_ONLY" -eq 1 ]]; then
-  echo "Somehow this build is configured as both packer-only and vagrant-only. This means something has gone horribly wrong."
+  echo "[$(date +%H:%M:%S)]: Somehow this build is configured as both packer-only and vagrant-only. This means something has gone horribly wrong."
   exit 1
 fi
 
@@ -37,9 +41,9 @@ fi
 echo "deb http://download.virtualbox.org/virtualbox/debian xenial contrib" >> /etc/apt/sources.list
 sed -i "2ideb mirror://mirrors.ubuntu.com/mirrors.txt xenial main restricted universe multiverse\ndeb mirror://mirrors.ubuntu.com/mirrors.txt xenial-updates main restricted universe multiverse\ndeb mirror://mirrors.ubuntu.com/mirrors.txt xenial-backports main restricted universe multiverse\ndeb mirror://mirrors.ubuntu.com/mirrors.txt xenial-security main restricted universe multiverse" /etc/apt/sources.list
 wget -q https://www.virtualbox.org/download/oracle_vbox_2016.asc -O- | sudo apt-key add -
-echo "Running apt-get update..."
+echo "[$(date +%H:%M:%S)]: Running apt-get update..."
 apt-get -qq update
-echo "Running apt-get install..."
+echo "[$(date +%H:%M:%S)]: Running apt-get install..."
 apt-get -qq install -y linux-headers-"$(uname -r)" virtualbox-5.2 build-essential unzip git ufw apache2
 
 echo "building" > /var/www/html/index.html
@@ -52,15 +56,17 @@ ufw --force enable
 
 if [ "$PACKER_ONLY" -eq 0 ]; then
   # Install Vagrant
+  echo "[$(date +%H:%M:%S)]: Installing vagrant..."
   mkdir /opt/vagrant
   cd /opt/vagrant || exit 1
   wget --progress=bar:force https://releases.hashicorp.com/vagrant/2.2.4/vagrant_2.2.4_x86_64.deb
   dpkg -i vagrant_2.2.4_x86_64.deb
+  echo "[$(date +%H:%M:%S)]: Installing vagrant-reload plugin..."
   vagrant plugin install vagrant-reload
 
   # Make sure the plugin installed correctly. Retry if not.
   if [ "$(vagrant plugin list | grep -c vagrant-reload)" -ne "1" ]; then
-    echo "The first attempt to install the vagrant-reload plugin failed. Trying again."
+    echo "[$(date +%H:%M:%S)]: The first attempt to install the vagrant-reload plugin failed. Trying again."
     vagrant plugin install vagrant-reload
   fi
 
@@ -70,6 +76,7 @@ if [ "$PACKER_ONLY" -eq 0 ]; then
 fi
 
 if [ "$VAGRANT_ONLY" -eq 0 ]; then
+  echo "[$(date +%H:%M:%S)]: Installing Packer..."
   # Install Packer
   mkdir /opt/packer
   cd /opt/packer || exit 1

ci/circle_workflows/vagrant_changes.sh

@@ -8,26 +8,31 @@ if [ ! -d "/tmp/artifacts" ]; then
 fi
 
 ## Provision a Type1 baremetal Packet.net server
-echo "Provisioning a server on Packet.net"
+echo "[$(date +%H:%M:%S)]: Provisioning a server on Packet.net"
 DEVICE_ID=$(curl -s -X POST --header 'Accept: application/json' --header 'Content-Type: application/json' --header 'X-Auth-Token: '"$PACKET_API_TOKEN" -d '{ "facility": "sjc1", "plan": "baremetal_1", "hostname": "detectionlab", "description": "testing", "billing_cycle": "hourly", "operating_system": "ubuntu_16_04", "userdata": "", "locked": "false", "project_ssh_keys": ["315a9565-d5b1-41b6-913d-fcf022bb89a6", "755b134a-f63c-4fc5-9103-c1b63e65fdfc"] }' 'https://api.packet.net/projects/0b3f4f2e-ff05-41a8-899d-7923f620ca85/devices' | jq ."id" | tr -d '"')
 # Make sure the device ID is sane.
 # TODO: maybe make this a regex
 if [ "$(echo -n $DEVICE_ID | wc -c)" -ne 36 ]; then
-  echo "Server may have failed provisionining. Device ID is set to: $DEVICE_ID"
-  echo "This usually happens if there are no servers available in the selected datacenter."
-  echo "Attempting to retry in another datacenter..."
+  echo "[$(date +%H:%M:%S)]: Server may have failed provisionining. Device ID is set to: $DEVICE_ID"
+  echo "[$(date +%H:%M:%S)]: This usually happens if there are no servers available in the selected datacenter."
+  echo "[$(date +%H:%M:%S)]: Attempting to retry in another datacenter..."
   DEVICE_ID=$(curl -s -X POST --header 'Accept: application/json' --header 'Content-Type: application/json' --header 'X-Auth-Token: '"$PACKET_API_TOKEN" -d '{ "facility": "ewr1", "plan": "baremetal_1", "hostname": "detectionlab", "description": "testing", "billing_cycle": "hourly", "operating_system": "ubuntu_16_04", "userdata": "", "locked": "false", "project_ssh_keys": ["315a9565-d5b1-41b6-913d-fcf022bb89a6", "755b134a-f63c-4fc5-9103-c1b63e65fdfc"] }' 'https://api.packet.net/projects/0b3f4f2e-ff05-41a8-899d-7923f620ca85/devices' | jq ."id" | tr -d '"')
   if [ "$(echo -n $DEVICE_ID | wc -c)" -ne 36 ]; then
-    echo "This script was still unable to successfully provision a server. Exiting."
+    echo "[$(date +%H:%M:%S)]: This script was still unable to successfully provision a server. Exiting."
     exit 1
   fi
 fi
-echo "Server successfully provisioned with ID: $DEVICE_ID"
+echo "[$(date +%H:%M:%S)]: Server successfully created with ID: $DEVICE_ID"
 
-echo "Sleeping 10 minutes to wait for Packet server to be provisioned"
-sleep 300
-echo "Sleeping 5 more minutes (CircleCI Keepalive)"
-sleep 300
+echo "[$(date +%H:%M:%S)]: Waiting for server to finish provisioning..."
+# Continue to poll the API until the state of the host is "active"
+STATE="provisioning"
+while [ "$STATE" != "active" ]; do
+  sleep 10
+  echo "[$(date +%H:%M:%S)]: Sleeping for 10 seconds. Server is still $STATE."
+  STATE="$(curl -s --header 'Accept: application/json' --header 'Content-Type: application/json' --header 'X-Auth-Token: '"$PACKET_API_TOKEN" "https://api.packet.net/devices/$DEVICE_ID" | jq .state | tr -d '"')"
+done
+echo "[$(date +%H:%M:%S)]: Device with ID $DEVICE_ID has finished provisioning! Onto the build process..."
 
 ## Recording the IP address of the newly provisioned Packet server
 IP_ADDRESS=$(curl -s -X GET --header 'Accept: application/json' --header 'X-Auth-Token: '"$PACKET_API_TOKEN" "https://api.packet.net/devices/$DEVICE_ID/ips" | jq ."ip_addresses[0].address" | tr -d '"')
@@ -45,7 +50,7 @@ MINUTES_PAST=0
 while [ "$MINUTES_PAST" -lt 180 ]; do
   STATUS=$(curl $IP_ADDRESS)
   if [ "$STATUS" == "building" ]; then
-    echo "$STATUS"
+    echo "[$(date +%H:%M:%S)]: $STATUS"
     scp -q -i ~/.ssh/id_rsa root@"$IP_ADDRESS":/opt/DetectionLab/Vagrant/vagrant_up_*.log /tmp/artifacts/ || echo "Vagrant log not yet present"
     sleep 300
     ((MINUTES_PAST += 5))
@@ -54,7 +59,7 @@ while [ "$MINUTES_PAST" -lt 180 ]; do
     break
   fi
   if [ "$MINUTES_PAST" -gt 180 ]; then
-    echo "Serer timed out. Uptime: $MINUTES_PAST minutes."
+    echo "[$(date +%H:%M:%S)]: Serer timed out. Uptime: $MINUTES_PAST minutes."
     scp -q -i ~/.ssh/id_rsa root@"$IP_ADDRESS":/opt/DetectionLab/Vagrant/vagrant_up_*.log /tmp/artifacts/
     curl -s -X DELETE --header 'Accept: application/json' --header 'X-Auth-Token: '"$PACKET_API_TOKEN" 'https://api.packet.net/devices/'"$DEVICE_ID"
     exit 1
@@ -62,13 +67,13 @@ while [ "$MINUTES_PAST" -lt 180 ]; do
 done
 
 ## Recording the build results
-echo $STATUS
+echo "[$(date +%H:%M:%S)]: $STATUS"
 if [ "$STATUS" != "success" ]; then
   scp -q -i ~/.ssh/id_rsa root@"$IP_ADDRESS":/opt/DetectionLab/Vagrant/vagrant_up_*.log /tmp/artifacts/
   echo "Build failed. Cleaning up server with ID $DEVICE_ID"
   curl -s -X DELETE --header 'Accept: application/json' --header 'X-Auth-Token: '"$PACKET_API_TOKEN" 'https://api.packet.net/devices/'"$DEVICE_ID"
   exit 1
 fi
-echo "Build was successful. Cleaning up server with ID $DEVICE_ID"
+echo "[$(date +%H:%M:%S)]: Build was successful. Cleaning up server with ID $DEVICE_ID"
 curl -s -X DELETE --header 'Accept: application/json' --header 'X-Auth-Token: '"$PACKET_API_TOKEN" 'https://api.packet.net/devices/'"$DEVICE_ID"
 exit 0