Now that the official AMI was set to a non-zero price as a means to support VyOS development, we need to make sure the AMI build scripts are as straightforward to use as possible. Not only it will save the maintainers some time, user's choice to not support VyOS development this way should be respected as well: the scripts should not be made harder to use than it's necessary.
There are multiple issues:
- The README is not always correct, not always complete, and is full of irrelevant details
AWS users are usually well familiar with awscli and ansible is now an immensely popular tool.
What people really need from the README is how to use this particular playbook.
- SSH to the instance asks to type yes.
This makes it harder to run the scripts unattended, and is of little value since a freshly created host is quite unlikely to be a target of a MitM attack, and if all your SSH traffic is subject to a MitM attack, then you are already deep in trouble.
- Scripts rely on specific setting of awscli output format setting.
This is plain sloppy since awscli provides an easy way to specify it for every command call.
- Playbooks require a GPG signature associated with the image, and expect it to be in the same dir as the image on the server.
This limits the usefulness to release images only.
- There are quite a few ansible warnings.
In particular, there are now modules for touch in mount while our playbooks still run touch and mount commands.
- Playbooks are not capable of building 1.2.0 images.
Some package names and file locations need adjustments.
- Apparently there are a few non-functional files, e.g. for nightly builds.
- The playbooks are hardcoded to use aging Ubuntu Precise for the "host" instance