Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Create and upload packer generated images | |
on: | |
push: | |
branches: | |
- 'main' | |
- 'lma/release/tags' | |
env: | |
PACKER_VERSION: "latest" | |
AWS_ROLE_ARN: "arn:aws:iam::192549843005:role/github-devops-cd" | |
permissions: | |
id-token: write | |
contents: read | |
jobs: | |
update-observability-version: | |
runs-on: ubuntu-latest | |
env: | |
ENV_FILE_PATH: .github/shared-variables/.env | |
steps: | |
- name: Checkout Code | |
uses: actions/checkout@v4 | |
- name: Load and Increment OBSERVABILITY_VERSION | |
run: | | |
OBSERVABILITY_VERSION=$(grep -E '^OBSERVABILITY_VERSION=' ${{ env.ENV_FILE_PATH }} | cut -d '=' -f2) | |
if [ -z "$OBSERVABILITY_VERSION" ]; then | |
echo "OBSERVABILITY_VERSION not found in .${{ env.ENV_FILE_PATH }}!" | |
exit 1 | |
fi | |
NEW_VERSION=$(printf "%05d" $((10#$OBSERVABILITY_VERSION + 1))) | |
sed -i "s/^OBSERVABILITY_VERSION=.*/OBSERVABILITY_VERSION=${NEW_VERSION}/" .env | |
echo::notice::"OBSERVABILITY_VERSION=${NEW_VERSION}" | |
- name: Commit and Push Changes | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
git config user.name "github-actions[bot]" | |
git config user.email "github-actions[bot]@users.noreply.github.com" | |
git commit -am "Increment OBSERVABILITY_VERSION to ${NEW_VERSION}" | |
git push origin HEAD | |
release-observability-image: | |
runs-on: ubuntu-latest | |
environment: release-node-images | |
needs: [update-observability-version] | |
strategy: | |
matrix: | |
cloud_provider: ['gcp', 'aws'] | |
defaults: | |
run: | |
working-directory: ./packer | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Load common variables | |
run: cat ../.github/shared-variables/.env >> $GITHUB_ENV | |
- name: Configure Cloud Credentials | |
if: matrix.cloud_provider == 'gcp' | |
uses: google-github-actions/auth@v2 | |
with: | |
project_id: concordium-mgmt-0 | |
workload_identity_provider: projects/761241104197/locations/global/workloadIdentityPools/github/providers/concordium | |
service_account: [email protected] | |
- name: Configure AWS Credentials | |
if: matrix.cloud_provider == 'aws' | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-region: ${{ env.OBSERVABILITY_AWS_REGION }} | |
role-to-assume: ${{ env.AWS_ROLE_ARN }} | |
role-session-name: ReleaseObservabilityImageSession | |
- name: Setup Packer | |
uses: hashicorp/setup-packer@main | |
id: setup | |
with: | |
version: ${{ env.PACKER_VERSION }} | |
- name: Initialize Packer | |
run: packer init observability | |
- name: Determine Image Name | |
run: echo "IMAGE_NAME=concordium-observability-node-${{ env.OBSERVABILITY_VERSION }}-${{ matrix.cloud_provider == 'gcp' && 'x86-64' || 'x86_64' }}" >> $GITHUB_ENV | |
- name: Check if Image Already Exists | |
run: | | |
if [ "${{ matrix.cloud_provider }}" == "gcp" ]; then | |
IMAGE_ID=$(gcloud compute images list --project="concordium-mgmt-0" --filter="name=(${IMAGE_NAME})" --format="value(name)") | |
elif [ "${{ matrix.cloud_provider }}" == "aws" ]; then | |
IMAGE_ID=$(aws ec2 describe-images --filters Name=name,Values=$IMAGE_NAME --query 'Images[*].ImageId' --output text) | |
else | |
echo "Unknown cloud provider: ${{ matrix.cloud_provider }}" | |
exit 1 | |
fi | |
echo "IMAGE_ID=$IMAGE_ID" >> $GITHUB_ENV | |
- name: Setup subnet id | |
if: ${{ matrix.cloud_provider == 'aws' }} | |
run: | | |
VALUE=$(echo '${{ env.REGION_TO_SUBNET }}' | jq -r --arg key "${{ env.OBSERVABILITY_AWS_REGION }}" '.[$key]') | |
if [[ $VALUE == "null" ]]; then | |
echo "Key '${{ env.AWS_ENVIRONMENT_REGION }}' not found in ${{ env.REGION_TO_SUBNET }}" | |
exit 1 | |
fi | |
echo "AWS_SUBNET_ID=$VALUE" >> $GITHUB_ENV | |
- name: Set variables | |
if: ${{ env.IMAGE_ID == '' }} | |
run: | | |
export AMI_USERS='["727113945353"]' | |
export CLOUD_PROVIDER=${{ matrix.cloud_provider }} | |
export TARGET_AWS_REGIONS=$(echo '${{ env.ENVIRONMENT_TO_AWS_REGION }}' | jq -r -c --arg region "$AWS_REGION" '[..|strings]|unique | map(select(. != $region))') | |
envsubst < observability/variables.pkrvars.hcl.template > variables.pkrvars.hcl | |
- name: Build Image | |
if: ${{ env.IMAGE_ID == '' }} | |
run: | | |
set -eo pipefail | |
packer build -machine-readable -var-file=./variables.pkrvars.hcl observability | tee build-output.log |