We have the build packer ami job, which tests daily that we can build AMIs, but we still have to manually kick off the job when we want to create AMIs. We should create a wrapper job that calls build packer ami with the parameters necessary to keep the resulting AMIs long term, and have it get triggered somewhere in the weekly-ish range. It would be sweet if it could create PRs to actually update the AMIs in our repos as well.
Things to consider:
can packer give us the ami id or do we need to extract it from logs?
make a PR into a private repo. Any concerns?
should we have multiple instances of this job, one for each worker type, so that injecting new amis into the testeng-secure yaml is cleaner?