我正在使用Google Compute Builder创建打包器映像:
source "googlecompute" "github-runner" {
image_name = "github-runner-${replace(var.runner_version, ".", "-")}-v${var.custom_version}"
image_family = "github-runner"
project_id = "xxx"
source_image_family = "ubuntu-2004-lts"
ssh_username = "packer"
use_internal_ip = true
zone = "europe-west4-c"
}
build {
sources = [
"source.googlecompute.github-runner"
]
}
然而,由于云初始化,所有项目用户都可以在构建器VM中进行配置,因此也可以在最终映像中进行配置。
是否有任何选项可以跳过在构建器VM上创建项目的用户?
因此,解决方案是将block-project-ssh-keys = "true"添加到元数据中。最终申报:
source "googlecompute" "github-runner" {
image_name = "github-runner-${replace(var.runner_version, ".", "-")}-v${var.custom_version}"
image_family = "github-runner"
project_id = "xxx"
source_image_family = "ubuntu-2004-lts"
ssh_username = "packer"
use_internal_ip = true
zone = "europe-west4-c"
metadata = {
block-project-ssh-keys = "true"
}
}
build {
sources = [
"source.googlecompute.github-runner"
]
}