diff --git a/.github/workflows/ci-packer-image.yml b/.github/workflows/ci-packer-image.yml new file mode 100644 index 0000000000..734c3d75fb --- /dev/null +++ b/.github/workflows/ci-packer-image.yml @@ -0,0 +1,95 @@ +--- +# yamllint disable rule:truthy +name: Build Packer image + +on: + workflow_dispatch: + inputs: + publish: + type: boolean + description: Whether to publish the image as artifact + required: false + default: true + ref: + type: string + required: true + description: The GIT ref from which the image will be build + default: fac-golden-image + infrahub_version: + type: string + default: "0.11" + description: Infrahub version to use in the image + pull_request: + push: + branches: + - fac-golden-image + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +jobs: + build: + runs-on: ci-runner-huge03-ghrunner3 +#group: huge-runners + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + ref: ${{ inputs.ref }} + + - name: Checkout ansible playbooks + uses: actions/checkout@v4 + with: + repository: opsmill/terraform-config + ref: main + token: ${{ secrets.GH_INFRA_REPO_TOKEN }} + path: terraform-config + sparse-checkout: | + customer-bootstrap + common + + - name: Setup symlink towards playbook + run: ln -s ../../terraform-config/customer-bootstrap packaging/packer/ansible + + - name: "Setup environment" + run: | + pipx install poetry + poetry config virtualenvs.prefer-active-python true + + - name: Setup packer + uses: hashicorp/setup-packer@v3.0.0 + id: setup + with: + version: "1.10.1" + + - name: Packer init + working-directory: packaging/packer + run: packer init . + + - name: Packer build + working-directory: packaging/packer + run: packer build . + + # Disabled because GH artifacts are slow to download + # - name: Upload + # if: ${{ inputs.publish == 'true' }} + # uses: actions/upload-artifact@v4 + # with: + # name: image.qcow2 + # compression-level: 0 + # path: packaging/packer/output/* + + - name: Set up S3cmd cli tool + #if: ${{ inputs.publish == 'true' }} + uses: s3-actions/s3cmd@v1.5.0 + with: + provider: scaleway + region: 'gra' + access_key: ${{ secrets.ARTIFACTS_S3_ACCESS_KEY }} + secret_key: ${{ secrets.ARTIFACTS_S3_SECRET_KEY }} + + - name: Upload to S3 + #if: ${{ inputs.publish == 'true' }} + run: | + s3cmd sync --host https://s3.gra.io.cloud.ovh.net --host-bucket "" --recursive --acl-public packaging/packer/output/ s3://infrahub-artifacts/${{ github.run_id }}/