Merge pull request #3702 from Microsoft/users/biprasad/packerBuild1

Initial changes for packer build task

Tasks/PackerBuild/DefaultTemplates/default.windows.template.json

@@ -0,0 +1,77 @@
+{
+  "variables": {
+    "client_id": "",
+    "client_secret": "",
+    "subscription_id": "",
+    "tenant_id": "",
+    "object_id": "",
+    "resource_group": "",
+    "storage_account": "",
+    "image_publisher": "",
+    "image_offer": "",
+    "image_sku": "",
+    "location": "",
+    "script_path": "",
+    "script_name": "",
+    "package_path": "",
+    "package_name": "",
+    "capture_name_prefix": ""
+  },
+  "builders": [{
+        "type": "azure-arm",
+        "client_id": "{{user `client_id`}}",
+        "client_secret": "{{user `client_secret`}}",
+        "resource_group_name": "{{user `resource_group`}}",
+        "storage_account": "{{user `storage_account`}}",
+        "subscription_id": "{{user `subscription_id`}}",
+        "tenant_id": "{{user `tenant_id`}}",
+        "object_id": "{{user `object_id`}}",
+
+        "os_type": "Windows",
+        "image_publisher": "{{user `image_publisher`}}",
+        "image_offer": "{{user `image_offer`}}",
+        "image_sku": "{{user `image_sku`}}",
+        "location": "{{user `location`}}",
+        "vm_size": "Standard_D3_v2",
+
+        "communicator": "winrm",
+        "winrm_use_ssl": "true",
+        "winrm_insecure": "true",
+        "winrm_timeout": "15m",
+        "winrm_username": "packer",
+
+        "capture_container_name": "vsts-buildimagetask",
+        "capture_name_prefix": "{{user `capture_name_prefix`}}"
+    }],
+    "provisioners": [{
+            "type": "windows-shell",
+            "inline": [
+                "cmd /c \"if exist c:\\\\DeployTemp rd /s /q c:\\\\DeployTemp\"",
+                "cmd /c \"mkdir c:\\\\DeployTemp\""
+            ]
+        },
+        {
+            "type": "file",
+            "source": "{{user `script_path`}}",
+            "destination": "c:\\DeployTemp\\{{user `script_name`}}"
+        },
+        {
+            "type": "file",
+            "source": "{{user `package_path`}}",
+            "destination": "c:\\DeployTemp\\{{user `package_name`}}"
+        },
+        {
+            "type": "powershell",
+            "inline": [
+                "ls \"C:\\DeployTemp\"",
+                "C:\\DeployTemp\\{{user `script_name`}}"
+            ]
+        },
+        {
+            "type": "powershell",
+            "inline": [
+                "if( Test-Path $Env:SystemRoot\\windows\\system32\\Sysprep\\unattend.xml ){ rm $Env:SystemRoot\\windows\\system32\\Sysprep\\unattend.xml -Force}",
+                "& $Env:SystemRoot\\System32\\Sysprep\\Sysprep.exe /oobe /generalize /quit /quiet"
+            ]
+        }]
+}

Tasks/PackerBuild/README.md

@@ -0,0 +1,86 @@
+# Azure Resource Group Deployment Task
+
+### Overview
+
+This task is used to create or update a resource group in Azure using the [Azure Resource Manager templates](https://azure.microsoft.com/en-in/documentation/articles/resource-group-template-deploy/). The task is also used to start, stop, restart and delete virtual machines in a Resource Group, or to delete a resource group, including all the resources within the resource group.
+
+### Contact Information
+
+Please contact the alias RM\_Customer\_Queries at microsoft dot com, if you are facing problems in making this task work. Also, if you would like to share feedback about the task like, what more functionality should be added to the task, what other tasks you would like to have, then do send an email to the alias.
+
+### Prerequisite for the task
+
+##### Azure Subscription
+
+To deploy to Azure, an Azure subscription has to be linked to Team Foundation Server or to Visual Studio Team Services using the Services tab in the Account Administration section. Add the Azure subscription to use in the Build or Release Management definition by opening the Account Administration screen (gear icon on the top-right of the screen) and then click on the Services Tab. 
+
+ - For Azure Classic resources use 'Azure' endpoint type with Certificate or Credentials based authentication. If you are using credentials based auth, ensure that the credentials are for a [**work account**](https://azure.microsoft.com/en-in/pricing/member-offers/msdn-benefits-details/work-accounts-faq/) because Microsoft accounts like [**[email protected]**](https://github.com/Microsoft/vsts-tasks/blob/master/Tasks/DeployAzureResourceGroup) or [**[email protected]**](https://github.com/Microsoft/vsts-tasks/blob/master/Tasks/DeployAzureResourceGroup) are not supported. 
+
+ - For [ARM](https://azure.microsoft.com/en-in/documentation/articles/resource-group-overview/), use 'Azure Resource Manager' endpoint type, for more details follow the steps listed in the link [here](https://go.microsoft.com/fwlink/?LinkID=623000&clcid=0x409).
+
+ - **Note** that this tasks creates or updates a resource group using [resource manager](https://azure.microsoft.com/en-us/documentation/articles/virtual-machines-windows-tutorial/) APIs. Actions like starting, stopping, restarting, or deleting resource groups only work on VMs that have been created using the [resource manager](https://azure.microsoft.com/en-us/documentation/articles/virtual-machines-windows-tutorial/) APIs. These tasks do not work with the VMs that have been created using the [classic](https://azure.microsoft.com/en-us/documentation/articles/virtual-machines-windows-tutorial-classic-portal/) APIs, e.g. in the [old Azure](https://manage,windowsazure.com/) portal.
+
+ - If you are using 'Azure' endpoint type with Certificate based authentication or 'Azure Resource Manager' endpoint, the task automatically filters appropriate fields viz. Cloud Service/Resource Groups respectively & its Virtual Machines. 'Azure' endpoint with Credentials based authentication doesn't filter the Resource Group/Cloud Service, and Virtual Machine fields yet. 
+
+For Azure MSDN accounts, one can either use a [Service Principal](https://go.microsoft.com/fwlink/?LinkID=623000&clcid=0x409) or a work account. It's easy to create a work account as shown below:
+
+1. Create an user in the Azure Active Directory from the [portal](https://msdn.microsoft.com/en-us/library/azure/hh967632.aspx) (this is the old Azure portal). After adding the account, the following two things need to be done to use the account in Team Services:
+  - Add the Active Directory account to the co-administrators in the subscription. Go to the Settings and then click on administrators and add the account as a co-admin like, [[email protected]](mailto:[email protected])
+  - Login to the portal with this Active Directory account wiz. [[email protected]](mailto:[email protected]), and change the password. Initially a temporary password is created and that needs to be changed at the first login.
+2. Add that user and password in the service connections in Team Services and deployments will work with that account.
+
+##### Azure PowerShell
+
+The task needs the Azure PowerShell version to be installed on the automation agent, and that can be done easily using the [Azure PowerShell Installer v1.0.2] (https://github.com/Azure/azure-powershell/releases/tag/v1.0.2-December2015). Refer to "Supported Azure and AzureRM module versions" section below for recommended versions.
+
+### Parameters of the task:
+
+The parameters of the task are described in details, including examples, to show how to input the parameters. The parameters listed with a \* are required parameters for the task:
+
+ * **Azure Connection Type**\*: Specify Azure endpoint type, for Azure Classic resources use 'Azure' endpoint, for Azure ARM resources use 'Azure Resource Manager' endpoint.
+
+ * **Azure Subscription**\*: Select the Azure Subscription where the Resource Group will be created/updated, or where the resource group is located for starting/stopping/restarting/deleting virtual machines in it, or for deleting the resource group. Currently only 'Select' action is supported upon selecting Azure Classic subscription.
+
+ * **Action**\*: Select the action to be performed on the resource group. Following actions are available:
+    - Create or Update Resource Group: creates a new resource group or to update an existing one (using [Azure Resource Manager templates](https://azure.microsoft.com/en-in/documentation/articles/resource-group-template-deploy/)).
+    - Select Resource Group: reads the Resource Group information from Azure and creates an Output Variable with the VMs in the Resource Group. Read more about Output Variables [here](#output-variables).
+    - Start, Stop, Restart, Delete Virtual Machines
+    - Delete Resource Group
+
+ * **Resource Group**\*: Enter the name of the resource group. If this is an existing resource group, and the selected action is to create or update the resource group, then the task will update the resource group with the resources specified in the Azure template. If no Resource Group with the name exists in the subscription, then a new one will be created.
+
+The following parameters are shown when the selected action is to create or update a resource group:
+
+ * **Location**: The location where the resource group will be created. If an existing resource group is updated, then this parameter will be ignored.
+ * **Template and its Parameters**: The templates and the templates parameters file are the Azure templates available at [GitHub](https://github.com/Azure/azure-quickstart-templates) or in the [Azure gallery](https://azure.microsoft.com/en-in/documentation/articles/powershell-azure-resource-manager/). To get started immediately use [this](https://aka.ms/sampletemplate) template that is available on GitHub. These files can be either checked in the Version Control of they can be part of the build itself. If the files are part of the Build, use the pre-defined [system variables](https://msdn.microsoft.com/Library/vs/alm/Build/scripts/variables) provided by the Build to specify their location. The variables to use are $(Build.Repository.LocalPath), if the templates are checked-in but are not built, or $(Agent.BuildDirectory), if the templates are built as part of the solution. Be sure to specify the full path like $(Build.Repository.LocalPath)\Azure Templates\AzureRGDeploy.json. Wildcards like \*\*\\\*.json or \*\*\\*.param.json are also supported and there needs to be only one file that matches the search pattern at the location. If more than one file matches the search pattern, then the task will error out.
+
+ **NOTE**: Follow the Azure Naming guidelines while specifying parameters, few important one mentioned in below table_
+
+|         Kind         | Length | Casing           | Valid Chars                                                                           | Globally Unique |
+|:--------------------:|--------|------------------|---------------------------------------------------------------------------------------|:---------------:|
+| Storage Account      | 3-24   | lowercase        | alphanumeric                                                                          | Yes             |
+| Azure Resource Group | 2-64   | case-insensitive | alphanumeric periods, underscores, hyphens and parenthesis and cannot end in a period | No              |
+| Azure KeyVault       | 3-24   | case-insensitive | alphanumeric                                                                          | Yes             |
+| Azure DNS Name       | 3-63   | lowercase        | alphanumeric and hyphens                                                              | Yes             |
+
+ * **Override Template Parameters**: The Override template parameters is used to override the parameters, like -storageAcctName azurerg -Username $(vmusername) -azureKeyVaultName $(fabrikamFibre). To override a secure string like Password please use following format: -Password (ConvertTo-SecureString -String '$(password)' -AsPlainText -Force).
+ * **Deployment Mode**: This specifies the [deployment mode](https://azure.microsoft.com/en-us/documentation/articles/resource-group-template-deploy) in which the Azure resources specified in the template have to be deployed. Incremental mode handles deployments as incremental updates to the resource group . It leaves unchanged resources that exist in the resource group but are not specified in the template. Complete mode deletes resources that are not in your template. [Validate mode](https://msdn.microsoft.com/en-us/library/azure/dn790547.aspx) enables you to find syntactical problems with the template before creating actual resources. By default, incremental mode is used. 
+ * **Enable Deployment Prerequisites**: Enabling this option configures Windows Remote Management (WinRM) listener over HTTPS protocol on port 5986, using a self-signed certificate. This configuration is required for performing deployment operation on Azure machines. If the target Virtual Machines are backed by a Load balancer, ensure Inbound NAT rules are configured for target port (5986). If the target Virtual Machines are associated with a Network security group (NSG), configure Inbound security rules for Destination port (5986).
+
+### Output variables:
+ Create/update action of the Azure Resource Group task now produces an output variable during execution. The output variable can be used to refer to the resource group object in the subsequent tasks. For example "PowerShell on Target Machine" task can now refer to resource group output variable as '$(variableName)' so that it can execute the powershell script on the resource group VM targets. 
+
+ Limitation: Output variable produced during execution will have details about VM hostname(s) and (public) ports, if any. Credentials to connect to the VM host(s) are to be provided explicitly in the subsequent tasks.
+
+### Setting up a virtual machine for WinRM HTTPS using Azure Templates:
+
+Tasks like Azure File Copy, PowerShell on Target Machines, Visual Studio Test Agent Deployment run on the automation agent machine and copy files or deploy apps to Azure VMs using the WinRM HTTPS protocol. For these tasks to work properly, the WinRM HTTPS port (default port is 5986) needs to be opened and configured properly on the virtual machines. Opening the ports and configuring them with the certificates is done using the Azure templates. The [sample template](https://aka.ms/sampletemplate) uploaded on GitHub shows how to enable the WinRM HTTPS protocol on Azure virtual machines and map them to a Public IP using the Azure resource providers' wiz. Network Interfaces, Load Balancers and Virtual Machines. In addition, it also shows how to specify the Azure Key Vault and its secret, and to download and install the certificate on the virtual machine.
+
+### Supported Azure and AzureRM module versions:
+|  VSTS/TFS Release  |  Recommended Azure Version  |  Other Supported Versions |
+|:------------------:|:---------------------------:|:-------------------------:|
+|  VSTS              |  [v1.3.2] (https://github.com/Azure/azure-powershell/releases/tag/v1.3.2-April2016)  |  [v0.9.8] (https://github.com/Azure/azure-powershell/releases/tag/v0.9.8-September2015)  |
+|  TFS 2015 Update 3  | [v1.3.2] (https://github.com/Azure/azure-powershell/releases/tag/v1.3.2-April2016)  |  [v0.9.8] (https://github.com/Azure/azure-powershell/releases/tag/v0.9.8-September2015)  |
+|  TFS 2015 Update 2  | [v1.0.2] (https://github.com/Azure/azure-powershell/releases/tag/v1.0.2-December2015)  |  [v0.9.8] (https://github.com/Azure/azure-powershell/releases/tag/v0.9.8-September2015)  |
+|  TFS 2015 Update 1  | [v0.9.8] (https://github.com/Azure/azure-powershell/releases/tag/v0.9.8-September2015)  |  |
+|  TFS 2015 RTM       | [v0.9.8] (https://github.com/Azure/azure-powershell/releases/tag/v0.9.8-September2015)  |  |

Tasks/PackerBuild/Strings/resources.resjson/en-US/resources.resjson

@@ -0,0 +1,43 @@
+{
+  "loc.friendlyName": "Build VMSS images using Packer",
+  "loc.helpMarkDown": "[More Information](https://aka.ms/argtaskreadme)",
+  "loc.description": "Build VMSS images using Packer",
+  "loc.instanceNameFormat": "Packer build",
+  "loc.group.displayName.Output": "Output",
+  "loc.input.label.ConnectedServiceName": "Azure subscription",
+  "loc.input.help.ConnectedServiceName": "Select the Azure Resource Manager subscription for the deployment.",
+  "loc.input.label.location": "Location",
+  "loc.input.help.location": "Location for storing the created VHD. This location will also be used to create a temporary VM for the purpose of capturing image. If the resource group already exists in the subscription, then this value will be ignored.",
+  "loc.input.label.azureStorageAccount": "Storage account",
+  "loc.input.help.azureStorageAccount": "Storage account for storing the created VHD. Storage account must exist prior to deployment.",
+  "loc.input.label.azureResourceGroup": "Resource group",
+  "loc.input.help.azureResourceGroup": "Enter or Select the Azure Resource group that contains the storage account specified above.",
+  "loc.input.label.baseImage": "Base image",
+  "loc.input.help.baseImage": "Base image to used fo creating VHD.",
+  "loc.input.label.packagePath": "Package or folder",
+  "loc.input.help.packagePath": "Specify the path to deployment package.",
+  "loc.input.label.deployScriptPath": "Deployment script",
+  "loc.input.help.deployScriptPath": "Specify the path to powershell or shell script which deploys application.",
+  "loc.input.label.imageUri": "Image URI",
+  "loc.input.help.imageUri": "Provide a name for the variable for output image URI.",
+  "loc.input.label.imageStorageAccount": "Image storage account location",
+  "loc.input.help.imageStorageAccount": "Provide a name for the variable for output image storage account location.",
+  "loc.messages.OSTypeNotSupported": "This OS type is not supported for image creation: %s. Please use either windows or linux.",
+  "loc.messages.CopyTemplateToTempFailed": "Could not copy built-in template from source %s to temp location %s",
+  "loc.messages.TaskNotFound": "Task.json file could not be found: %s",
+  "loc.messages.OriginalTemplateLocation": "Original template location: %s",
+  "loc.messages.CopyingTemplate": "Copying original template from %s to temporary location %s",
+  "loc.messages.TempTemplateLocation": "Copied template file to a temporary location: %s",
+  "loc.messages.CopySourceNotExists": "Source file path does not exist for copying: %s",
+  "loc.messages.CreatingDestinationDir": "Destination for copying does not exist. Creating: %s",
+  "loc.messages.CreatedDestinationDir": "Created destination directory for copying: %s",
+  "loc.messages.ExecutingPackerFix": "Running packer fix command",
+  "loc.messages.ExecutingPackerValidate": "Running packer validate command to ensure template is valid",
+  "loc.messages.ExecutingPackerBuild": "Running packer build command. Waiting for it to finish...",
+  "loc.messages.PackerBuildCompleted": "packer build completed.",
+  "loc.messages.ImageURIOutputVariableNotFound": "Could not get vhd image URI from packer execution. Output variable will not be set.",
+  "loc.messages.StorageAccountLocationOutputVariableNotFound": "Could not get vhd image storage account location from packer execution. Output variable will not be set.",
+  "loc.messages.BuiltInTemplateNotFoundErrorMessagePathName": "Built-in template for OS type: %s ",
+  "loc.messages.CouldNotDeleteTemporaryTemplateDirectory": "Could not delete temporary template directory %s. Please delete manually.",
+  "loc.messages.TaskParametersConstructorFailed": "Error happened while initializing task: %s."
+}