Deploy a windows azure image and scan it with cnspec version > 9.
==> azure-arm.windows: Waiting for WinRM to become available...
2024/01/26 07:03:15 packer-plugin-azure_v2.0.2_x5.0_linux_amd64 plugin: 2024/01/26 07:03:15 [INFO] Attempting WinRM connection...
2024/01/26 07:03:15 packer-plugin-azure_v2.0.2_x5.0_linux_amd64 plugin: 2024/01/26 07:03:15 [DEBUG] connecting to remote shell using WinRM
2024/01/26 07:03:28 packer-plugin-azure_v2.0.2_x5.0_linux_amd64 plugin: 2024/01/26 07:03:28 Checking that WinRM is connected with: 'powershell.exe -EncodedCommand JABQAHIAbwBnAHIAZQBzAHMAUAByAGUAZgBlAHIAZQBuAGMAZQAgAD0AIAAnAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAJwA7AGkAZgAgACgAVABlAHMAdAAtAFAAYQB0AGgAIAB2AGEAcgBpAGEAYgBsAGUAOgBnAGwAbwBiAGEAbAA6AFAAcgBvAGcAcgBlAHMAcwBQAHIAZQBmAGUAcgBlAG4AYwBlACkAewAkAFAAcgBvAGcAcgBlAHMAcwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJwBTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACcAfQA7ACAAZQBjAGgAbwAgACIAVwBpAG4AUgBNACAAYwBvAG4AbgBlAGMAdABlAGQALgAiAA=='
2024/01/26 07:03:28 packer-plugin-azure_v2.0.2_x5.0_linux_amd64 plugin: 2024/01/26 07:03:28 [INFO] starting remote command: powershell.exe -EncodedCommand JABQAHIAbwBnAHIAZQBzAHMAUAByAGUAZgBlAHIAZQBuAGMAZQAgAD0AIAAnAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAJwA7AGkAZgAgACgAVABlAHMAdAAtAFAAYQB0AGgAIAB2AGEAcgBpAGEAYgBsAGUAOgBnAGwAbwBiAGEAbAA6AFAAcgBvAGcAcgBlAHMAcwBQAHIAZQBmAGUAcgBlAG4AYwBlACkAewAkAFAAcgBvAGcAcgBlAHMAcwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJwBTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACcAfQA7ACAAZQBjAGgAbwAgACIAVwBpAG4AUgBNACAAYwBvAG4AbgBlAGMAdABlAGQALgAiAA==
azure-arm.windows: WinRM connected.
2024/01/26 07:03:38 packer-plugin-azure_v2.0.2_x5.0_linux_amd64 plugin: 2024/01/26 07:03:38 [INFO] command 'powershell.exe -EncodedCommand JABQAHIAbwBnAHIAZQBzAHMAUAByAGUAZgBlAHIAZQBuAGMAZQAgAD0AIAAnAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAJwA7AGkAZgAgACgAVABlAHMAdAAtAFAAYQB0AGgAIAB2AGEAcgBpAGEAYgBsAGUAOgBnAGwAbwBiAGEAbAA6AFAAcgBvAGcAcgBlAHMAcwBQAHIAZQBmAGUAcgBlAG4AYwBlACkAewAkAFAAcgBvAGcAcgBlAHMAcwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJwBTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACcAfQA7ACAAZQBjAGgAbwAgACIAVwBpAG4AUgBNACAAYwBvAG4AbgBlAGMAdABlAGQALgAiAA==' exited with code: 0
2024/01/26 07:03:38 packer-plugin-azure_v2.0.2_x5.0_linux_amd64 plugin: 2024/01/26 07:03:38 Connected to machine
==> azure-arm.windows: Connected to WinRM!
2024/01/26 07:03:38 packer-plugin-azure_v2.0.2_x5.0_linux_amd64 plugin: 2024/01/26 07:03:38 Running the provision hook
2024/01/26 07:03:38 [INFO] (telemetry) Starting provisioner cnspec
==> azure-arm.windows: Running cnspec packer provisioner by Mondoo (Version: 9.14.0, Build: 3105bc6)
azure-arm.windows: detected packer build via winrm
azure-arm.windows: load config from detected MONDOO_CONFIG_BASE64
azure-arm.windows: using service account credentials
azure-arm.windows: scan packer build
==> azure-arm.windows: Provisioning step had errors: Running the cleanup provisioner, if present...
2024/01/26 07:03:38 packer-plugin-cnspec_v9.14.0_x5.0_linux_amd64 plugin: goroutine 26 [running]:
2024/01/26 07:03:38 packer-plugin-cnspec_v9.14.0_x5.0_linux_amd64 plugin: go.mondoo.com/cnquery/v9/providers.(*Runtime).DetectProvider(0x3087c20?, 0xc000126000?)
2024/01/26 07:03:38 packer-plugin-cnspec_v9.14.0_x5.0_linux_amd64 plugin: /home/runner/go/pkg/mod/go.mondoo.com/cnquery/[email protected]/providers/runtime.go:172 +0x29
2024/01/26 07:03:38 packer-plugin-cnspec_v9.14.0_x5.0_linux_amd64 plugin: go.mondoo.com/cnquery/v9/providers.(*coordinator).RuntimeFor(0x3087c20, 0xc000460280, 0x0?)
2024/01/26 07:03:38 packer-plugin-cnspec_v9.14.0_x5.0_linux_amd64 plugin: /home/runner/go/pkg/mod/go.mondoo.com/cnquery/[email protected]/providers/coordinator.go:383 +0x165
2024/01/26 07:03:38 packer-plugin-cnspec_v9.14.0_x5.0_linux_amd64 plugin: go.mondoo.com/cnspec/v9/policy/scan.createAssetCandidateList({0x2265e78, 0x30b9a60}, 0x0?, 0xc00041f200, {0x2267420, 0x30b9a60})
2024/01/26 07:03:38 packer-plugin-cnspec_v9.14.0_x5.0_linux_amd64 plugin: /home/runner/go/pkg/mod/go.mondoo.com/cnspec/[email protected]/policy/scan/local_scanner.go:238 +0x30a
2024/01/26 07:03:38 packer-plugin-cnspec_v9.14.0_x5.0_linux_amd64 plugin: go.mondoo.com/cnspec/v9/policy/scan.(*LocalScanner).distributeJob(0xc000772380, 0xc000772230, {0x2265e78?, 0x30b9a60}, 0xc00041f200)
2024/01/26 07:03:38 packer-plugin-cnspec_v9.14.0_x5.0_linux_amd64 plugin: /home/runner/go/pkg/mod/go.mondoo.com/cnspec/[email protected]/policy/scan/local_scanner.go:304 +0x45c
2024/01/26 07:03:38 packer-plugin-cnspec_v9.14.0_x5.0_linux_amd64 plugin: go.mondoo.com/cnspec/v9/policy/scan.(*LocalScanner).Run(0xc000772380, {0x2265e78, 0x30b9a60}, 0xc000772230)
2024/01/26 07:03:38 packer-plugin-cnspec_v9.14.0_x5.0_linux_amd64 plugin: /home/runner/go/pkg/mod/go.mondoo.com/cnspec/[email protected]/policy/scan/local_scanner.go:164 +0x127
2024/01/26 07:03:38 packer-plugin-cnspec_v9.14.0_x5.0_linux_amd64 plugin: go.mondoo.com/packer-plugin-cnspec/provisioner.(*Provisioner).executeCnspec(0xc000698900, {0x2268938, 0xc0004b98f0}, {0xc000698b00?, 0xc00079e908?})
2024/01/26 07:03:38 packer-plugin-cnspec_v9.14.0_x5.0_linux_amd64 plugin: /home/runner/_work/packer-plugin-cnspec/packer-plugin-cnspec/provisioner/provisioner.go:559 +0x1e8e
2024/01/26 07:03:38 packer-plugin-cnspec_v9.14.0_x5.0_linux_amd64 plugin: go.mondoo.com/packer-plugin-cnspec/provisioner.(*Provisioner).Provision(0xc000698900, {0x30b9a60?, 0x0?}, {0x2268938, 0xc0004b98f0}, {0x2267460?, 0xc00079b7e0}, 0xc0004b9740)
2024/01/26 07:03:38 packer-plugin-cnspec_v9.14.0_x5.0_linux_amd64 plugin: /home/runner/_work/packer-plugin-cnspec/packer-plugin-cnspec/provisioner/provisioner.go:300 +0x7b9
2024/01/26 07:03:38 packer-plugin-cnspec_v9.14.0_x5.0_linux_amd64 plugin: github.com/hashicorp/packer-plugin-sdk/rpc.(*ProvisionerServer).Provision(0xc00071af80, 0xc000467ce0, 0x1?)
2024/01/26 07:03:38 packer-plugin-cnspec_v9.14.0_x5.0_linux_amd64 plugin: /home/runner/go/pkg/mod/github.com/hashicorp/[email protected]/rpc/provisioner.go:91 +0x1c9
2024/01/26 07:03:38 packer-plugin-cnspec_v9.14.0_x5.0_linux_amd64 plugin: reflect.Value.call({0xc0007c2240?, 0xc00006b308?, 0x13?}, {0x1cf774b, 0x4}, {0xc0007c4ef8, 0x3, 0x3?})
2024/01/26 07:03:38 packer-plugin-cnspec_v9.14.0_x5.0_linux_amd64 plugin: /home/runner/_work/_tool/go/1.21.3/x64/src/reflect/value.go:596 +0xce7
2024/01/26 07:03:38 packer-plugin-cnspec_v9.14.0_x5.0_linux_amd64 plugin: reflect.Value.Call({0xc0007c2240?, 0xc00006b308?, 0x1a5bfe0?}, {0xc000086ef8?, 0xc000725cc0?, 0xc000086f50?})
2024/01/26 07:03:38 packer-plugin-cnspec_v9.14.0_x5.0_linux_amd64 plugin: /home/runner/_work/_tool/go/1.21.3/x64/src/reflect/value.go:380 +0xb9
2024/01/26 07:03:38 packer-plugin-cnspec_v9.14.0_x5.0_linux_amd64 plugin: net/rpc.(*service).call(0xc00071afc0, 0xc00079e240?, 0xb57f58?, 0xc000762f80, 0xc00077b800, 0x0?, {0x1911b60?, 0xc000467ce0?, 0xb55ea5?}, {0x19381c0, ...}, ...)
2024/01/26 07:03:38 packer-plugin-cnspec_v9.14.0_x5.0_linux_amd64 plugin: /home/runner/_work/_tool/go/1.21.3/x64/src/net/rpc/server.go:382 +0x214
2024/01/26 07:03:38 packer-plugin-cnspec_v9.14.0_x5.0_linux_amd64 plugin: created by net/rpc.(*Server).ServeCodec in goroutine 1
2024/01/26 07:03:38 packer-plugin-cnspec_v9.14.0_x5.0_linux_amd64 plugin: /home/runner/_work/_tool/go/1.21.3/x64/src/net/rpc/server.go:479 +0x410
2024/01/26 07:03:38 [INFO] (telemetry) ending cnspec
==> azure-arm.windows: Deleting Virtual Machine deployment and its attatched resources...
packer {
required_plugins {
azure = {
source = "github.com/hashicorp/azure"
version = ">= 2"
}
cnspec = {
version = ">= 8.23.1"
source = "github.com/mondoohq/cnspec"
}
}
}
locals {
random = uuidv4()
date = timestamp()
}
source "azure-arm" "windows" {
client_id = var.azureRmClientId
client_secret = var.azureRmClientSecret
subscription_id = var.subscriptionId
tenant_id = var.tenantId
os_type = "Windows"
image_publisher = "MicrosoftWindowsServer"
image_offer = "WindowsServer"
image_sku = "2019-Datacenter"
azure_tags = {
packer = "true",
build-id = "${local.random}"
}
shared_image_gallery_destination {
subscription = var.subscriptionId
resource_group = var.resourceGroup
gallery_name = var.galleryName
image_name = var.imageName
image_version = var.imageVersion
storage_account_type = "Standard_LRS"
}
location = var.location
vm_size = "Standard_B4ms"
communicator = "winrm"
winrm_use_ssl = "true"
winrm_insecure = "true"
winrm_timeout = "50m"
winrm_username = "packer"
}
build {
hcp_packer_registry {
bucket_name = var.imageName
}
sources = ["sources.azure-arm.windows"]
provisioner "cnspec" {
asset_name = "${var.imageName}-${var.imageVersion}"
score_threshold = 80
on_failure = "continue"
annotations = {
os-type = "WindowsServer"
os-version = "2019-Datacenter"
image-version = "${var.imageVersion}"
build-time = "${local.date}"
build-id = "${local.random}"
}
}
provisioner "powershell" {
inline = [
"# If Guest Agent services are installed, make sure that they have started.",
"foreach ($service in Get-Service -Name RdAgent, WindowsAzureTelemetryService, WindowsAzureGuestAgent -ErrorAction SilentlyContinue) { while ((Get-Service $service.Name).Status -ne 'Running') { Start-Sleep -s 5 } }",
"& $env:SystemRoot\\System32\\Sysprep\\Sysprep.exe /oobe /generalize /quiet /quit /mode:vm",
"while($true) { $imageState = Get-ItemProperty HKLM:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Setup\\State | Select ImageState; if($imageState.ImageState -ne 'IMAGE_STATE_GENERALIZE_RESEAL_TO_OOBE') { Write-Output $imageState.ImageState; Start-Sleep -s 10 } else { break } }"
]
}
}