From 81632830b20740518f9b55ffb887b1565bb2af5d Mon Sep 17 00:00:00 2001
From: Thanh Ha <thanh.ha@linuxfoundation.org>
Date: Tue, 26 Jun 2018 18:25:00 -0400
Subject: [PATCH] Add Windows Server 2016 builder

This provides a basic "hello world" of sorts and successfully
boots a Windows builder and lists the C:\ directory.

Issue: RELENG-939 RELENG-999
Change-Id: I539afdc08676e3317d823292f0692361ca9c6825
Signed-off-by: Thanh Ha <thanh.ha@linuxfoundation.org>
---
 provision/windows-user_data.ps1 | 31 ++++++++++++++++++++++++++
 templates/windows-builder.json  | 48 +++++++++++++++++++++++++++++++++++++++++
 vars/windows-server-2016.json   |  6 ++++++
 3 files changed, 85 insertions(+)
 create mode 100644 provision/windows-user_data.ps1
 create mode 100644 templates/windows-builder.json
 create mode 100644 vars/windows-server-2016.json

diff --git a/provision/windows-user_data.ps1 b/provision/windows-user_data.ps1
new file mode 100644
index 0000000..fd23495
--- /dev/null
+++ b/provision/windows-user_data.ps1
@@ -0,0 +1,31 @@
+<powershell>
+net user Administrator W!nRMB00tStrap.
+wmic useraccount where "name='Administrator'" set PasswordExpires=FALSE
+
+# First, make sure WinRM can not be connected to
+netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" new enable=yes action=block
+
+# Delete any existing WinRM listeners
+winrm delete winrm/config/listener?Address=*+Transport=HTTP  2>$Null
+winrm delete winrm/config/listener?Address=*+Transport=HTTPS 2>$Null
+
+# Create a new WinRM listener and configure
+winrm create winrm/config/listener?Address=*+Transport=HTTP
+winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="0"}'
+winrm set winrm/config '@{MaxTimeoutms="7200000"}'
+winrm set winrm/config/service '@{AllowUnencrypted="true"}'
+winrm set winrm/config/service '@{MaxConcurrentOperationsPerUser="12000"}'
+winrm set winrm/config/service/auth '@{Basic="true"}'
+winrm set winrm/config/client/auth '@{Basic="true"}'
+
+# Configure UAC to allow privilege elevation in remote shells
+$Key = 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System'
+$Setting = 'LocalAccountTokenFilterPolicy'
+Set-ItemProperty -Path $Key -Name $Setting -Value 1 -Force
+
+# Configure and restart the WinRM Service; Enable the required firewall exception
+Stop-Service -Name WinRM
+Set-Service -Name WinRM -StartupType Automatic
+netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" new action=allow localip=any remoteip=any
+Start-Service -Name WinRM
+</powershell>
diff --git a/templates/windows-builder.json b/templates/windows-builder.json
new file mode 100644
index 0000000..c993408
--- /dev/null
+++ b/templates/windows-builder.json
@@ -0,0 +1,48 @@
+{
+  "variables": {
+    "ansible_roles_path": ".galaxy",
+    "base_image": null,
+    "distro": null,
+    "cloud_auth_url": null,
+    "cloud_user": null,
+    "cloud_pass": null,
+    "cloud_network": null,
+    "cloud_tenant": null,
+    "cloud_user_data": null
+  },
+  "builders": [
+    {
+      "name": "vexxhost",
+      "image_name": "{{user `distro`}} - win-builder - {{isotime \"20060102-150405.000\"}}",
+      "instance_name": "{{user `distro`}}-win-builder-{{uuid}}",
+      "source_image_name": "{{user `base_image`}}",
+      "type": "openstack",
+      "identity_endpoint": "{{user `cloud_auth_url`}}",
+      "username": "{{user `cloud_user`}}",
+      "password": "{{user `cloud_pass`}}",
+      "tenant_name": "{{user `cloud_tenant`}}",
+      "domain_name": "Default",
+      "region": "ca-ymq-1",
+      "availability_zone": "ca-ymq-2",
+      "networks": [
+        "{{user `cloud_network`}}"
+      ],
+      "user_data_file": "{{user `cloud_user_data`}}",
+      "flavor": "v1-standard-4",
+      "communicator": "winrm",
+      "winrm_insecure": true,
+      "winrm_use_ssl": true,
+      "winrm_timeout": "3600s",
+      "winrm_username": "Administrator",
+      "winrm_password": "W!nRMB00tStrap."
+    }
+  ],
+  "provisioners": [
+    {
+      "type": "powershell",
+      "inline": [
+        "dir c:\\"
+      ]
+    }
+  ]
+}
diff --git a/vars/windows-server-2016.json b/vars/windows-server-2016.json
new file mode 100644
index 0000000..298121f
--- /dev/null
+++ b/vars/windows-server-2016.json
@@ -0,0 +1,6 @@
+{
+  "base_image": "Windows Server Standard 2016 [2017-02-20]",
+  "distro": "Windows 2016",
+  "ssh_user": "admin",
+  "cloud_user_data": "common-packer/provision/windows-user_data.ps1"
+}
-- 
2.16.6