Update CI env, add some packer changes

2018-09-07 18:07:31 -07:00
parent 9a82f140f4
commit 6ad4dcf2b4
5 changed files with 90 additions and 81 deletions
--- a/Packer/scripts/debloat-windows.ps1
+++ b/Packer/scripts/debloat-windows.ps1
@@ -8,21 +8,27 @@ if ($env:PACKER_BUILDER_TYPE -And $($env:PACKER_BUILDER_TYPE).startsWith("hyperv
  (New-Object System.Net.WebClient).DownloadFile($url, "$env:TEMP\debloat.zip")
  Expand-Archive -Path $env:TEMP\debloat.zip -DestinationPath $env:TEMP -Force

-  #Write-Host Disable scheduled tasks
-  #. $env:TEMP\Debloat-Windows-10-master\utils\disable-scheduled-tasks.ps1
-  #Write-Host Block telemetry
-  #. $env:TEMP\Debloat-Windows-10-master\scripts\block-telemetry.ps1
-  #Write-Host Disable services
-  #. $env:TEMP\Debloat-Windows-10-master\scripts\disable-services.ps1
+  # Disable Windows Defender
  Write-host Disable Windows Defender
-  #. $env:TEMP\Debloat-Windows-10-master\scripts\disable-windows-defender.ps1
+  $os = (gwmi win32_operatingsystem).caption
+  if ($os -like "*Windows 10*") {
+    set-MpPreference -DisableRealtimeMonitoring $true
+  } else {
    Uninstall-WindowsFeature Windows-Defender-Features
+  }
+
+  # Optimize Windows Update
  Write-host Optimize Windows Update
  . $env:TEMP\Debloat-Windows-10-master\scripts\optimize-windows-update.ps1
-  #Write-host Disable Windows Update
-  #Set-Service wuauserv -StartupType Disabled
-  #Write-Host Remove OneDrive
-  #. $env:TEMP\Debloat-Windows-10-master\scripts\remove-onedrive.ps1
+  Write-host Disable Windows Update
+  Set-Service wuauserv -StartupType Disabled
+
+  # Turn off shutdown event tracking
+  if ( -Not (Test-Path 'registry::HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Reliability'))
+  {
+    New-Item -Path 'registry::HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT' -Name Reliability -Force
+  }
+  Set-ItemProperty -Path 'registry::HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Reliability' -Name ShutdownReasonOn -Value 0

  rm $env:TEMP\debloat.zip
  rm -recurse $env:TEMP\Debloat-Windows-10-master
--- a/Packer/windows_2016.json
+++ b/Packer/windows_2016.json
@@ -32,6 +32,7 @@
      "enable_secure_boot":true
    },
    {
+      "vm_name":"WindowsServer2016",
      "type": "vmware-iso",
      "communicator": "winrm",
      "iso_url": "{{user `iso_url`}}",
@@ -70,6 +71,7 @@
      }
    },
    {
+      "vm_name":"WindowsServer2016",
      "type": "virtualbox-iso",
      "communicator": "winrm",
      "iso_url": "{{user `iso_url`}}",
--- a/build.sh
+++ b/build.sh
@@ -8,7 +8,7 @@
 # https://github.com/clong/DetectionLab/issues

 print_usage() {
-  echo "Usage: ./build.sh <virtualbox|vmware_desktop>"
+  echo "Usage: ./build.sh <virtualbox | vmware_desktop>  <--vagrant-only | --packer-only>"
  exit 0
 }

--- a/ci/build_machine_bootstrap.sh
+++ b/ci/build_machine_bootstrap.sh
@@ -51,8 +51,8 @@ if [ "$PACKER_ONLY" -eq 0 ]; then
  # Install Vagrant
  mkdir /opt/vagrant
  cd /opt/vagrant || exit 1
-  wget https://releases.hashicorp.com/vagrant/2.1.2/vagrant_2.1.2_x86_64.deb
-  dpkg -i vagrant_2.1.2_x86_64.deb
+  wget https://releases.hashicorp.com/vagrant/2.1.4/vagrant_2.1.4_x86_64.deb
+  dpkg -i vagrant_2.1.4_x86_64.deb
  vagrant plugin install vagrant-reload

  # Make the Vagrant instances headless
@@ -64,8 +64,8 @@ if [ "$VAGRANT_ONLY" -eq 0 ]; then
  # Install Packer
  mkdir /opt/packer
  cd /opt/packer || exit 1
-  wget https://releases.hashicorp.com/packer/1.2.3/packer_1.2.3_linux_amd64.zip
-  unzip packer_1.2.3_linux_amd64.zip
+  wget https://releases.hashicorp.com/packer/1.2.5/packer_1.2.5_linux_amd64.zip
+  unzip packer_1.2.5_linux_amd64.zip
  cp packer /usr/local/bin/packer

  # Make the Packer images headless
--- a/ci/circle_workflows/vagrant_changes.sh
+++ b/ci/circle_workflows/vagrant_changes.sh
@@ -36,7 +36,7 @@ ssh -i ~/.ssh/id_rsa root@"$IP_ADDRESS" 'bash -s' -- < ci/build_machine_bootstra

 ## Waiting for Packet server to post build results
 MINUTES_PAST=0
-while [ "$MINUTES_PAST" -lt 120 ]; do
+while [ "$MINUTES_PAST" -lt 180 ]; do
  STATUS=$(curl $IP_ADDRESS)
  if [ "$STATUS" == "building" ]; then
    echo "$STATUS"
@@ -44,9 +44,10 @@ while [ "$MINUTES_PAST" -lt 120 ]; do
    sleep 300
    ((MINUTES_PAST += 5))
  else
+    scp -i ~/.ssh/id_rsa root@"$IP_ADDRESS":/opt/DetectionLab/Vagrant/vagrant_up_*.log /tmp/artifacts/ || echo "Vagrant log not yet present"
    break
  fi
-  if [ "$MINUTES_PAST" -gt 120 ]; then
+  if [ "$MINUTES_PAST" -gt 180 ]; then
    echo "Serer timed out. Uptime: $MINUTES_PAST minutes."
    scp -i ~/.ssh/id_rsa root@"$IP_ADDRESS":/opt/DetectionLab/Vagrant/vagrant_up_*.log /tmp/artifacts/
    curl -X DELETE --header 'Accept: application/json' --header 'X-Auth-Token: '"$PACKET_API_TOKEN" 'https://api.packet.net/devices/'"$DEVICE_ID"