Add comment to create a test PR #14
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow is used to download the Linux boot files from the Azure Artifact feed | |
# and upload them as artifacts so that they can be used in the proceeding workflow for running Linux UVM tests. | |
# The workflow runs under previledged mode to allow authentication with Azure. | |
# Note that the workflow is run based on the workflow file of the base branch to protect against malicious workflow in the PR. | |
name: Pre-CI | |
on: | |
pull_request_target: | |
branches: | |
- jiechen3/github_runner | |
env: | |
LCOW_ARTIFACT_PROJECT: "ContainerPlatform" | |
LCOW_ARTIFACT_FEED: "ContainerPlat-Dev" | |
LCOW_ARTIFACT_NAME: "azurelinux-uvm" | |
LCOW_ARTIFACT_VERSION: "*.*.*" | |
jobs: | |
# This job downloads the Linux boot files from the Azure Artifact feed and | |
# create the rootfs containing the local Linux-GCS. It needs to be run on | |
# the 1ES github runner pool in order to access the Azure Artifact feed. | |
download-linux-boot-files: | |
runs-on: | |
- self-hosted | |
- 1ES.Pool=containerplat-github-runner-pool-east-us-2 | |
- 1ES.ImageOverride=github-mms-ubuntu-22 | |
permissions: | |
id-token: write # This is required for OIDC login (azure/login) to succeed | |
contents: read # This is required for actions/checkout to succeed | |
steps: | |
- name: Check access | |
if: ${{ | |
github.event.pull_request.author_association != 'COLLABORATOR' && | |
github.event.pull_request.author_association != 'OWNER' && | |
github.event.pull_request.author_association != 'CONTRIBUTOR' | |
}} | |
run: | | |
echo "Author association: ${{ github.event.pull_request.author_association }}" | |
echo "Event not triggered by an owner/collaborator/contributor. Will not continue CI." | |
exit 1 | |
# Install Azure CLI and login to Azure | |
- name: Azure OIDC Login | |
uses: azure/login@v2 | |
with: | |
client-id: "930a0428-2b45-4cf9-9afe-b81bde516504" | |
tenant-id: "72f988bf-86f1-41af-91ab-2d7cd011db47" | |
allow-no-subscriptions: true | |
- name: Download LCOW artifact from feed | |
uses: azure/cli@v2 | |
with: | |
azcliversion: latest | |
inlineScript: | | |
az extension add --name azure-devops | |
export DOTNET_SYSTEM_GLOBALIZATION_INVARIANT=1 | |
az artifacts universal download \ | |
--organization "https://msazure.visualstudio.com/" \ | |
--project ${{ env.LCOW_ARTIFACT_PROJECT }} \ | |
--scope project \ | |
--feed ${{ env.LCOW_ARTIFACT_FEED }} \ | |
--name ${{ env.LCOW_ARTIFACT_NAME }} \ | |
--version ${{ env.LCOW_ARTIFACT_VERSION }} \ | |
--path ./downloaded_artifacts | |
- name: Show downloaded LCOW artifacts | |
run: find ./downloaded_artifacts -maxdepth 3 -ls | |
- name: Create directory for storing LCOW artifacts | |
run: | | |
mkdir -p ./linux_boot_files/ | |
- name: Copy Linux kernel and rootfs tar files | |
run: | | |
mv ./downloaded_artifacts/LinuxBootFiles/kernel ./linux_boot_files/ | |
mv ./downloaded_artifacts/LinuxBootFiles/vmlinux ./linux_boot_files/ | |
mv ./downloaded_artifacts/rootfs-*.tar.gz ./linux_boot_files/ | |
# This is a workaround to overcome the limitation of actions/upload-artifact@v4 used in later jobs. | |
# See https://github.com/actions/upload-artifact/tree/v4/?tab=readme-ov-file#permission-loss. | |
- name: Tar the files to preserve file permissions prior to upload | |
run: | | |
tar -cvf linux_boot_files.tar -C ./linux_boot_files . | |
# Upload the Linux boot files so that they can be used in later jobs. | |
- name: Upload LCOW artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: lcow_artifacts | |
path: linux_boot_files.tar | |
if-no-files-found: error | |
overwrite: true | |
retention-days: 1 |