Skip to content
Pack Virtual Machine Images

Pack Virtual Machine Images #82

Sign in to view logs

Pack Virtual Machine Images

Pack Virtual Machine Images #82

Workflow file for this run

.github/workflows/packMachines.yml at 857f8f4
name: Pack Virtual Machine Images
on:
push:
branches:
- main
repository_dispatch:
types: [trigger-workflow]
workflow_dispatch:
inputs:
service:
required: true
description: 'The service to build'
type: choice
options:
- dibbs-ecr-viewer
- dibbs-query-connector
version:
required: true
type: string
description: 'The version of the service to build'
default: 'main'
concurrency:
group: packerMachines
cancel-in-progress: false
permissions:
contents: read
jobs:
workflow_changes:
with:
what_to_check: ./.github
uses: ./.github/workflows/checkForChanges.yml
packer_changes:
with:
what_to_check: ./packer
uses: ./.github/workflows/checkForChanges.yml
docs_build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/build-docs
packer_build_changes:
# has changes, or push on main and not a workflow_dispatch or repository_dispatch
if: (needs.workflow_changes.outputs.has_changes == 'true' || needs.packer_changes.outputs.has_changes == 'true' || github.ref == 'refs/heads/main') && (github.event_name != 'workflow_dispatch' || github.event_name != 'repository_dispatch')
runs-on: ubuntu-latest
needs: [ docs_build ]
strategy:
matrix:
service: ['dibbs-ecr-viewer', 'dibbs-query-connector']
steps:
- uses: actions/checkout@v4
# AWS Authentication
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Authenticate to Azure
uses: azure/login@v2
with:
creds: '{"clientId":"${{ secrets.AZURE_CLIENT_ID }}","clientSecret":"${{ secrets.AZURE_CLIENT_SECRET }}","subscriptionId":"${{ secrets.AZURE_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.AZURE_TENANT_ID }}"}'
- name: Set up Azure authentication for Packer
run: |
echo "ARM_CLIENT_ID=${{ secrets.AZURE_CLIENT_ID }}" >> $GITHUB_ENV
echo "ARM_CLIENT_SECRET=${{ secrets.AZURE_CLIENT_SECRET }}" >> $GITHUB_ENV
echo "ARM_SUBSCRIPTION_ID=${{ secrets.AZURE_SUBSCRIPTION_ID }}" >> $GITHUB_ENV
echo "ARM_TENANT_ID=${{ secrets.AZURE_TENANT_ID }}" >> $GITHUB_ENV
shell: bash
- name: Install Supporting Packages
run: sudo apt-get update && sudo apt-get install -y qemu-system-x86 openssl whois
- name: Generate random password and hash
id: generate_password
run: |
plain_pass=$(openssl rand -base64 12)
hashed_pass=$(mkpasswd --method=SHA-512 "$plain_pass")
echo "ssh_password=$plain_pass" >> $GITHUB_OUTPUT
echo "password_hash=$hashed_pass" >> $GITHUB_OUTPUT
- name: Render cloud-init user-data with password hash
working-directory: ./packer/ubuntu-server/http
run: |
sed "s|{{password_hash}}|${{ steps.generate_password.outputs.password_hash }}|" user-data-template.yaml > user-data
- name: Set up Packer
uses: hashicorp/setup-packer@1aa358be5cf73883762b302a3a03abd66e75b232
with:
version: 1.11.2
- name: Run `packer init`
working-directory: ./packer/ubuntu-server
run: packer init .
- name: Run `packer validate`
working-directory: ./packer/ubuntu-server
run: packer validate --var dibbs_service=${{ matrix.service }} --var dibbs_version=main --var ssh_password='${{ steps.generate_password.outputs.ssh_password }}' .
- name: Run `packer build`
working-directory: ./packer/ubuntu-server
run: packer build --var dibbs_service=${{ matrix.service }} --var dibbs_version=main --var ssh_password='${{ steps.generate_password.outputs.ssh_password }}' .
packer_build_repository_dispatch:
if: github.event_name == 'repository_dispatch'
runs-on: ubuntu-latest
needs: [ docs_build ]
steps:
- uses: actions/checkout@v4
# AWS Authentication
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
- name: login into Azure
uses: azure/login@v2
with:
creds: '{"clientId":"${{ secrets.AZURE_CLIENT_ID }}","clientSecret":"${{ secrets.AZURE_CLIENT_SECRET }}","subscriptionId":"${{ secrets.AZURE_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.AZURE_TENANT_ID }}"}'
- name: Set up Azure authentication for Packer
run: |
echo "ARM_CLIENT_ID=${{ secrets.AZURE_CLIENT_ID }}" >> $GITHUB_ENV
echo "ARM_CLIENT_SECRET=${{ secrets.AZURE_CLIENT_SECRET }}" >> $GITHUB_ENV
echo "ARM_SUBSCRIPTION_ID=${{ secrets.AZURE_SUBSCRIPTION_ID }}" >> $GITHUB_ENV
echo "ARM_TENANT_ID=${{ secrets.AZURE_TENANT_ID }}" >> $GITHUB_ENV
shell: bash
- name: Set up Packer
uses: hashicorp/setup-packer@1aa358be5cf73883762b302a3a03abd66e75b232
with:
version: 1.11.2
- name: Install QEMU
run: sudo apt-get update && sudo apt-get install -y qemu-system-x86
- name: Run `packer init ${{ github.event.client_payload.service }}`
working-directory: ./packer/ubuntu-server
run: packer init .
- name: Run `packer validate ${{ github.event.client_payload.service }}`
working-directory: ./packer/ubuntu-server
run: packer validate --var dibbs_service=${{ github.event.client_payload.service }} --var dibbs_version=${{ github.event.client_payload.version }} .
- name: Run `packer build ${{ github.event.client_payload.service }}`
working-directory: ./packer/ubuntu-server
run: packer build --var dibbs_service=${{ github.event.client_payload.service }} --var dibbs_version=${{ github.event.client_payload.version }} .
packer_build_workflow_dispatch:
if: github.event_name == 'workflow_dispatch'
needs: [ docs_build ]
runs-on: ubuntu-latest
strategy:
matrix:
include:
- provisioners: ${{ inputs.provisioners }}
steps:
- uses: actions/checkout@v4
# AWS Authentication
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
- name: login into Azure
uses: azure/login@v2
with:
creds: '{"clientId":"${{ secrets.AZURE_CLIENT_ID }}","clientSecret":"${{ secrets.AZURE_CLIENT_SECRET }}","subscriptionId":"${{ secrets.AZURE_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.AZURE_TENANT_ID }}"}'
- name: Set up Azure authentication for Packer
run: |
echo "ARM_CLIENT_ID=${{ secrets.AZURE_CLIENT_ID }}" >> $GITHUB_ENV
echo "ARM_CLIENT_SECRET=${{ secrets.AZURE_CLIENT_SECRET }}" >> $GITHUB_ENV
echo "ARM_SUBSCRIPTION_ID=${{ secrets.AZURE_SUBSCRIPTION_ID }}" >> $GITHUB_ENV
echo "ARM_TENANT_ID=${{ secrets.AZURE_TENANT_ID }}" >> $GITHUB_ENV
shell: bash
- name: Install QEMU
run: sudo apt-get update && sudo apt-get install -y qemu-system-x86 openssl whois
- name: Generate user-data with hashed password
working-directory: ./packer/ubuntu-server
run: |
sudo apt-get update && sudo apt-get install -y whois
plain_pass=$(openssl rand -base64 12)
echo "Random password: $plain_pass"
echo "PLAIN_PASSWORD=$plain_pass" >> $GITHUB_ENV
hashed_pass=$(mkpasswd --method=SHA-512 "$plain_pass")
sed -i "s|{{password_hash}}|$hashed_pass|" ./packer/ubuntu-server/http/user-data
echo "user-data file is ready with hashed password."
- name: Set up Packer
uses: hashicorp/setup-packer@1aa358be5cf73883762b302a3a03abd66e75b232
with:
version: 1.11.2
- name: Run `packer init ${{ inputs.service }}`
working-directory: ./packer/ubuntu-server
run: packer init .
- name: Run `packer validate ${{ inputs.service }}`
working-directory: ./packer/ubuntu-server
run: packer validate --var dibbs_service=${{ inputs.service }} --var dibbs_version=${{ inputs.version }} --var ssh_password='${{ steps.generate_password.outputs.ssh_password }}' .
- name: Run `packer build ${{ inputs.service }}`
working-directory: ./packer/ubuntu-server
run: packer build --var dibbs_service=${{ inputs.service }} --var dibbs_version=${{ inputs.version }} --var ssh_password='${{ steps.generate_password.outputs.ssh_password }}' .
## TODO: Decide how to export artifact.