forked from google/go-tpm-tools
-
Notifications
You must be signed in to change notification settings - Fork 0
/
cloudbuild.yaml
48 lines (45 loc) · 1.57 KB
/
cloudbuild.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
substitutions:
'_BASE_IMAGE': 'cos-dev-101-17154-0-0'
'_BASE_IMAGE_PROJECT': 'cos-cloud'
'_OUTPUT_IMAGE_SUFFIX': ''
'_IMAGE_ENV': 'debug'
'_BUCKET_NAME': '${PROJECT_ID}_cloudbuild'
steps:
- name: golang:1.18
entrypoint: /bin/bash
args:
- -c
- |
cd launcher
go build -o image/launcher
- name: 'gcr.io/cos-cloud/cos-customizer'
args: ['start-image-build',
'-build-context=launcher/image',
'-gcs-bucket=${_BUCKET_NAME}',
'-gcs-workdir=customizer-${BUILD_ID}',
'-image-name=${_BASE_IMAGE}',
'-image-project=${_BASE_IMAGE_PROJECT}']
- name: 'gcr.io/cos-cloud/cos-customizer'
args: ['run-script',
'-script=preload.sh',
'-env=IMAGE_ENV=${_IMAGE_ENV}']
- name: 'gcr.io/cos-cloud/cos-customizer'
args: ['seal-oem']
- name: 'gcr.io/cos-cloud/cos-customizer'
args: ['run-script',
'-script=fixup_oem.sh']
- name: 'gcr.io/cos-cloud/cos-customizer'
args: ['finish-image-build',
'-oem-size=500M',
'-disk-size-gb=11',
'-image-name=confidential-space-${_OUTPUT_IMAGE_SUFFIX}',
'-image-family=confidential-space-dev',
'-image-project=${PROJECT_ID}',
'-licenses=projects/confidential-space-images/global/licenses/confidential-space',
'-licenses=projects/confidential-space-images/global/licenses/ek-certificate-license',
'-zone=us-central1-a',
'-project=${PROJECT_ID}']
timeout: '3000s'
options:
logging: CLOUD_LOGGING_ONLY
dynamic_substitutions: true