marketplace_image #351
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# Copyright (c) Microsoft Corporation | |
# Licensed under the MIT License. | |
# | |
name : marketplace_image | |
# Allow only a single instance of this workflow to run at a time | |
concurrency: ${{ github.workflow }} | |
on: | |
pull_request: | |
types: [ closed ] | |
branches: | |
- main | |
paths: | |
- 'packer/**' | |
workflow_dispatch: | |
inputs: | |
publish: | |
description: 'Publish images on the marketplace' | |
required: false | |
default: 'false' # use it with ${{ github.event.inputs.publish }} | |
env: | |
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }} | |
ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }} | |
ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }} | |
ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }} | |
AZHOP_STATE_CONTAINER: environments | |
AZHOP_STATE_ACCOUNT: azhopstates | |
RESOURCE_GROUP: azhop_build_images | |
defaults: | |
run: | |
shell: bash | |
jobs: | |
set_image_list: | |
name: set_image_list | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
container: | |
image: azhop.azurecr.io/hpcrover:latest | |
credentials: | |
username: ${{ env.ARM_CLIENT_ID }} | |
password: ${{ env.ARM_CLIENT_SECRET }} | |
options: --user 0 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Login azure | |
run: | | |
source /miniconda/bin/activate | |
az login --service-principal -u '${{ env.ARM_CLIENT_ID }}' -p '${{ env.ARM_CLIENT_SECRET }}' --tenant '${{ env.ARM_TENANT_ID }}' | |
az account set -s ${{ env.ARM_SUBSCRIPTION_ID }} | |
- name: list all images to be built | |
id: set-image-matrix | |
run: | | |
source /miniconda/bin/activate | |
RESOURCE_GROUP=${{ env.RESOURCE_GROUP }} | |
rg_exists=$(az group exists -n $RESOURCE_GROUP) | |
if [ "$rg_exists" = "true" ]; then | |
./azhop_state.sh download ${{ env.AZHOP_STATE_ACCOUNT }} ${{ env.AZHOP_STATE_CONTAINER }} $RESOURCE_GROUP | |
else | |
echo "Resource group $RESOURCE_GROUP does not exist" | |
exit 1 | |
fi | |
# Build the list of images from the config file | |
images=$(yq eval ".images[].name" config.yml | jq -cRn '[inputs]') | |
echo "matrix=$images" >> $GITHUB_OUTPUT | |
# save the list into the outputs | |
outputs: | |
matrix: ${{ steps.set-image-matrix.outputs.matrix }} | |
build_image: | |
name: build_image | |
runs-on: self-hosted | |
permissions: | |
contents: read | |
continue-on-error: true | |
needs: [set_image_list] | |
strategy: | |
fail-fast: false | |
matrix: | |
images: ${{ fromJson(needs.set_image_list.outputs.matrix) }} | |
container: | |
image: azhop.azurecr.io/hpcrover:latest | |
credentials: | |
username: ${{ env.ARM_CLIENT_ID }} | |
password: ${{ env.ARM_CLIENT_SECRET }} | |
options: --user 0 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Login azure | |
run: | | |
source /miniconda/bin/activate | |
az login --service-principal -u '${{ env.ARM_CLIENT_ID }}' -p '${{ env.ARM_CLIENT_SECRET }}' --tenant '${{ env.ARM_TENANT_ID }}' | |
az account set -s ${{ env.ARM_SUBSCRIPTION_ID }} | |
- name: Build Images | |
run: | | |
source /miniconda/bin/activate | |
RESOURCE_GROUP=${{ env.RESOURCE_GROUP }} | |
./azhop_state.sh download ${{ env.AZHOP_STATE_ACCOUNT }} ${{ env.AZHOP_STATE_CONTAINER }} $RESOURCE_GROUP | |
cd packer | |
./build_image.sh -i ${{matrix.images}}.json -k | |
copy_disk: | |
name: copy_disk | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
continue-on-error: true | |
if: inputs.publish == 'true' | |
needs: [set_image_list, build_image] | |
strategy: | |
fail-fast: false | |
matrix: | |
images: ${{ fromJson(needs.set_image_list.outputs.matrix) }} | |
container: | |
image: azhop.azurecr.io/hpcrover:latest | |
credentials: | |
username: ${{ env.ARM_CLIENT_ID }} | |
password: ${{ env.ARM_CLIENT_SECRET }} | |
options: --user 0 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Login azure | |
run: | | |
source /miniconda/bin/activate | |
az login --service-principal -u '${{ env.ARM_CLIENT_ID }}' -p '${{ env.ARM_CLIENT_SECRET }}' --tenant '${{ env.ARM_TENANT_ID }}' | |
az account set -s ${{ env.ARM_SUBSCRIPTION_ID }} | |
- name: Copy Disk | |
run: | | |
source /miniconda/bin/activate | |
set -e | |
RESOURCE_GROUP=${{ env.RESOURCE_GROUP }} | |
ANSIBLE_VARIABLES=./playbooks/group_vars/all.yml | |
CONFIG_FILE=config.yml | |
image_name=${{matrix.images}} | |
./azhop_state.sh download ${{ env.AZHOP_STATE_ACCOUNT }} ${{ env.AZHOP_STATE_CONTAINER }} $RESOURCE_GROUP | |
key_vault_name=$(yq eval ".key_vault" $ANSIBLE_VARIABLES) | |
echo "key_vault_name=$key_vault_name" | |
eval_str=".images[] | select(.name == "\"$image_name"\") | .offer" | |
offer=$(yq eval "$eval_str" $CONFIG_FILE) | |
eval_str=".images[] | select(.name == "\"$image_name"\") | .publisher" | |
publisher=$(yq eval "$eval_str" $CONFIG_FILE) | |
eval_str=".images[] | select(.name == "\"$image_name"\") | .sku" | |
sku=$(yq eval "$eval_str" $CONFIG_FILE) | |
echo "offer=$offer" | |
echo "publisher=$publisher" | |
echo "sku=$sku" | |
cd ./marketplace | |
./copyosdisk.sh ${offer}-${sku} $RESOURCE_GROUP | |
put_offer: | |
name: put_offer | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
continue-on-error: true | |
if: inputs.publish == 'true' | |
needs: [set_image_list, copy_disk] | |
strategy: | |
max-parallel: 1 | |
fail-fast: false | |
matrix: | |
images: ${{ fromJson(needs.set_image_list.outputs.matrix) }} | |
container: | |
image: azhop.azurecr.io/hpcrover:latest | |
credentials: | |
username: ${{ env.ARM_CLIENT_ID }} | |
password: ${{ env.ARM_CLIENT_SECRET }} | |
options: --user 0 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Login azure | |
run: | | |
source /miniconda/bin/activate | |
az login --service-principal -u '${{ env.ARM_CLIENT_ID }}' -p '${{ env.ARM_CLIENT_SECRET }}' --tenant '${{ env.ARM_TENANT_ID }}' | |
az account set -s ${{ env.ARM_SUBSCRIPTION_ID }} | |
- name: Push Offer Update | |
run: | | |
source /miniconda/bin/activate | |
set -e | |
RESOURCE_GROUP=${{ env.RESOURCE_GROUP }} | |
ANSIBLE_VARIABLES=./playbooks/group_vars/all.yml | |
CONFIG_FILE=config.yml | |
image_name=${{matrix.images}} | |
./azhop_state.sh download ${{ env.AZHOP_STATE_ACCOUNT }} ${{ env.AZHOP_STATE_CONTAINER }} $RESOURCE_GROUP | |
key_vault_name=$(yq eval ".key_vault" $ANSIBLE_VARIABLES) | |
echo "key_vault_name=$key_vault_name" | |
eval_str=".images[] | select(.name == "\"$image_name"\") | .offer" | |
offer=$(yq eval "$eval_str" $CONFIG_FILE) | |
eval_str=".images[] | select(.name == "\"$image_name"\") | .publisher" | |
publisher=$(yq eval "$eval_str" $CONFIG_FILE) | |
eval_str=".images[] | select(.name == "\"$image_name"\") | .sku" | |
sku=$(yq eval "$eval_str" $CONFIG_FILE) | |
echo "offer=$offer" | |
echo "publisher=$publisher" | |
echo "sku=$sku" | |
cd ./marketplace | |
. auth.sh $key_vault_name | |
echo "authenticate_legacy" | |
authenticate_legacy | |
echo "get_offer_by_id" | |
get_offer_by_id $publisher $offer > $image_name.json | |
ls -alt | |
cat $image_name.json | |
echo "build_offer_file" | |
rm -f $image_name-final.json | |
./build_offer_file.sh $offer $sku | |
if [ -e $image_name-final.json ]; then | |
echo "New version added, push the new offer" | |
put_offer $publisher $offer $image_name-final.json | |
get_offer_by_id $publisher $offer | |
fi |