Build and Publish Virtual Machine Images #210
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and Publish Virtual Machine Images | |
permissions: | |
id-token: write | |
contents: read | |
on: | |
pull_request: | |
types: | |
- closed | |
branches: | |
- main | |
paths: | |
- 'build/container/**' | |
- 'build/vmi/**' | |
- 'jenkins/**' | |
- 'src/**' | |
- 'tests/**' | |
workflow_dispatch: | |
env: | |
image_version: ${{ vars.major_version_number }}.${{ vars.minor_version_number }}.${{ github.run_number }} | |
# reference | |
# conditional steps: https://www.meziantou.net/executing-github-actions-jobs-or-steps-only-when-specific-files-change.htm | |
jobs: | |
build-publish-vmis: | |
if: (github.event.pull_request.merged == true) || (github.event_name == 'workflow_dispatch') | |
runs-on: ubuntu-latest | |
environment: dev | |
env: | |
PKR_VAR_client_id: ${{ secrets.PACKER_CLIENT_ID }} | |
PKR_VAR_client_secret: ${{ secrets.PACKER_CLIENT_SECRET }} | |
PKR_VAR_subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
PKR_VAR_tenant_id: ${{ secrets.AZURE_TENANT_ID }} | |
PKR_VAR_resource_group: ${{ vars.IMAGE_RESOURCE_GROUP }} | |
PKR_VAR_location: ${{ vars.location }} | |
PKR_VAR_image_gallery_name: ${{ vars.image_gallery_name }} | |
PKR_VAR_base_image_name: ${{ vars.base_image_name }} | |
PKR_VAR_build_resource_group_name: ${{ vars.build_resource_group_name }} | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: '100' | |
- name: Azure Login | |
uses: azure/login@v1 | |
with: | |
client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
# Give an id to the step, so we can reference it later | |
- name: Check If Base Image Should Be Built | |
id: check_base_changed | |
run: | | |
# Diff HEAD with the previous commit | |
diff=$(git diff --name-only HEAD^ HEAD) | |
echo "diff is $diff" | |
if [ "$(echo $diff | grep -c "^build/vmi/modm-base")" -ge 1 ]; then | |
echo "base_changed=true" >> "$GITHUB_OUTPUT" | |
else | |
echo "base_changed=false" >> "$GITHUB_OUTPUT" | |
fi | |
- name: Azure Login | |
uses: azure/login@v1 | |
with: | |
client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
- name: Install Packer | |
uses: hashicorp/packer-github-actions@master | |
with: | |
command: version | |
target: . | |
# only build the VMI base if the base files have changed in some way | |
# This guarantees that the base image image will be built first if there's | |
# changes made to it. | |
# | |
# Given that the modm vmi packer defaults to "latest" base image version, | |
# it will pick up the base VMI built here | |
- name: Build Base VMI | |
if: steps.check_base_changed.outputs.base_changed == 'true' | |
run: | | |
source ./build/vmi/scripts/nextversion.sh | |
echo "after sourcing nextversion.sh" | |
image_version=$(get_next_image_version \ | |
--image-name ${{ vars.base_image_name }} \ | |
--gallery-name ${{ vars.image_gallery_name }} \ | |
--resource-group ${{ vars.IMAGE_RESOURCE_GROUP }}) | |
./scripts/build-vmi.sh \ | |
--image-name ${{ vars.base_image_name }} \ | |
--image-version $image_version \ | |
--image-offer ${{ vars.base_image_offer }} | |
- name: Build VMI | |
run: | | |
./scripts/build-vmi.sh \ | |
--image-name ${{ vars.image_name }} \ | |
--image-version ${{ env.image_version }} \ | |
--image-offer ${{ vars.image_offer }} |