Publish Snapshot AWS Nitro EIFs #72
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Publish AWS Nitro EIFs | |
run-name: ${{ format('Publish {0} AWS Nitro EIFs', inputs.release_type) }} | |
on: | |
workflow_dispatch: | |
inputs: | |
release_type: | |
type: choice | |
description: The type of release | |
options: | |
- Snapshot | |
- Patch | |
- Minor | |
- Major | |
version_number_input: | |
description: If set, the version number will not be incremented and the given number will be used. | |
type: string | |
default: '' | |
workflow_call: | |
inputs: | |
release_type: | |
description: The type of version number to return. Must be one of [Snapshot, Patch, Minor or Major] | |
required: true | |
type: string | |
version_number_input: | |
description: If set, the version number will not be incremented and the given number will be used. | |
type: string | |
default: '' | |
commit_sha: | |
description: The commit SHA for committing the new version for pom.xml. | |
type: string | |
default: '' | |
env: | |
ENCLAVE_PROTOCOL: aws-nitro | |
ARTIFACTS_BASE_OUTPUT_DIR: ${{ github.workspace }}/deployment-artifacts | |
jobs: | |
start: | |
name: Update Operator Version | |
runs-on: ubuntu-latest | |
steps: | |
- name: Show Context | |
shell: bash | |
run: | | |
printenv | |
echo "$GITHUB_CONTEXT" | |
echo "Commit SHA:" $COMMIT_SHA | |
env: | |
GITHUB_CONTEXT: ${{ toJson(github) }} | |
- name: Update Operator Version | |
id: update_version | |
uses: IABTechLab/uid2-operator/.github/actions/update_operator_version@main | |
with: | |
release_type: ${{ inputs.release_type }} | |
version_number_input: ${{ inputs.version_number_input }} | |
image_tag_suffix: ${{ env.ENCLAVE_PROTOCOL }} | |
commit_sha: ${{ inputs.commit_sha }} | |
outputs: | |
new_version: ${{ steps.update_version.outputs.new_version }} | |
is_release: ${{ steps.update_version.outputs.is_release }} | |
image_tag: ${{ steps.update_version.outputs.image_tag }} | |
commit_sha: ${{ steps.update_version.outputs.commit_sha }} | |
buildUID2EIF: | |
name: Build UID2 EIF | |
runs-on: ubuntu-latest | |
needs: start | |
steps: | |
- name: Build UID2 AWS EIF | |
id: build_uid2_eif | |
uses: IABTechLab/uid2-operator/.github/actions/build_aws_eif@main | |
with: | |
identity_scope: uid2 | |
artifacts_base_output_dir: ${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/uid2 | |
amazonlinux_dockerfile: ./scripts/aws/pipeline/amazonlinux2023.Dockerfile | |
makefile: Makefile.eif | |
version_number_input: ${{ needs.start.outputs.new_version }} | |
commit_sha: ${{ needs.start.outputs.commit_sha }} | |
- name: Check disk usage | |
shell: bash | |
run: | | |
df -h | |
- name: Save UID2 eif artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: aws-uid2-deployment-files-${{ needs.start.outputs.new_version }} | |
path: ${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/uid2 | |
if-no-files-found: error | |
- name: Check disk usage | |
shell: bash | |
run: | | |
df -h | |
outputs: | |
uid2_enclave_id: ${{ steps.build_uid2_eif.outputs.enclave_id }} | |
buildEUIDEIF: | |
name: Build EUID EIF | |
runs-on: ubuntu-latest | |
needs: start | |
steps: | |
- name: Build EUID AWS EIF | |
id: build_euid_eif | |
uses: IABTechLab/uid2-operator/.github/actions/build_aws_eif@main | |
with: | |
identity_scope: euid | |
artifacts_base_output_dir: ${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/euid | |
amazonlinux_dockerfile: ./scripts/aws/pipeline/amazonlinux2023.Dockerfile | |
makefile: Makefile.eif | |
version_number_input: ${{ needs.start.outputs.new_version }} | |
commit_sha: ${{ needs.start.outputs.commit_sha }} | |
- name: Check disk usage | |
shell: bash | |
run: | | |
df -h | |
- name: Save EUID eif artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: aws-euid-deployment-files-${{ needs.start.outputs.new_version }} | |
path: ${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/euid | |
if-no-files-found: error | |
- name: Check disk usage | |
shell: bash | |
run: | | |
df -h | |
outputs: | |
euid_enclave_id: ${{ steps.build_euid_eif.outputs.enclave_id }} | |
cleanup: | |
name: Cleanup Building AWS Image | |
runs-on: ubuntu-latest | |
needs: [start, buildUID2EIF, buildEUIDEIF] | |
steps: | |
- name: Check disk usage | |
shell: bash | |
run: | | |
df -h | |
- name: Download UID2 artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
path: ${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/uid2 | |
- name: Download EUID artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
path: ${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/euid | |
- name: Save Enclave Ids | |
run: | | |
mkdir -p ${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/manifests | |
echo ${{ needs.buildUID2EIF.outputs.uid2_enclave_id }} >> ${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/manifests/aws-uid2-enclave-id-${{ needs.start.outputs.new_version }}.txt | |
echo ${{ needs.buildEUIDEIF.outputs.euid_enclave_id }} >> ${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/manifests/aws-euid-enclave-id-${{ needs.start.outputs.new_version }}.txt | |
- name: Save Manifests as build artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: aws-eif-enclave-ids-${{ needs.start.outputs.new_version }} | |
path: ${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/manifests | |
if-no-files-found: error | |
- name: Build changelog | |
id: github_release | |
if: ${{ inputs.version_number_input == '' && needs.start.outputs.is_release == 'true' }} | |
uses: mikepenz/release-changelog-builder-action@v4 | |
with: | |
configurationJson: | | |
{ | |
"template": "#{{CHANGELOG}}\n## Installation\n```\See [AWS Marketplace](https://unifiedid.com/docs/guides/operator-guide-aws-marketplace) for details\n```\n\n## Changelog\n#{{UNCATEGORIZED}}", | |
"pr_template": " - #{{TITLE}} - ( PR: ##{{NUMBER}} )" | |
} | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Create release | |
if: ${{ inputs.version_number_input == '' && needs.start.outputs.is_release == 'true' }} | |
uses: softprops/action-gh-release@v2 | |
with: | |
name: ${{ needs.start.outputs.new_version }} | |
body: ${{ steps.github_release.outputs.changelog }} | |
draft: true | |
files: | | |
${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/aws-uid2-deployment-artifacts-${{ needs.start.outputs.new_version }}.zip | |
${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/aws-euid-deployment-artifacts-${{ needs.start.outputs.new_version }}.zip | |
${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/manifests/aws-uid2-enclave-id-${{ needs.start.outputs.new_version }}.txt | |
${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/manifests/aws-euid-enclave-id-${{ needs.start.outputs.new_version }}.txt |