Build UID2 and EUID AMIs for Operator Run Number: by abuabraham-ttd #164
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build UID2 and EUID AMIs | |
run-name: >- | |
${{ inputs.operator_release == '' && format('Build UID2 and EUID AMIs for Operator Run Number: {0} by {1}', inputs.operator_run_number, github.actor) || format('Build UID2 and EUID AMIs for Operator Release: {0} by {1}', inputs.operator_release, github.actor) }} | |
on: | |
workflow_dispatch: | |
inputs: | |
operator_release: | |
description: The Operator Release number that built the EIF files to use. | |
type: string | |
operator_run_number: | |
description: The Operator run number that built the EIFs to use. Ignored if Release Number specified. | |
type: string | |
workflow_call: | |
inputs: | |
operator_run_number: | |
description: The Operator run number that built the EIFs to use. Ignored if Release Number specified. | |
type: string | |
env: | |
REPO_OWNER: IABTechLab | |
REPO_NAME: uid2-operator | |
UID2_AWS_ROLE: arn:aws:iam::475720075663:role/github-runner-operator-runner | |
UID2_AWS_REGION: us-east-2 | |
EUID_AWS_ROLE: arn:aws:iam::618285103646:role/github-runner-operator-runner | |
EUID_AWS_REGION: eu-central-1 | |
jobs: | |
buildUID2: | |
name: UID2 Operator AMI | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write | |
outputs: | |
version_number: ${{ steps.buildAMI.outputs.version_number }} | |
ami_id: ${{ steps.buildAMI.outputs.ami_id }} | |
enclave_id: ${{ steps.buildAMI.outputs.enclave_id }} | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v4 | |
- name: Build UID2 Operator AMI | |
id: buildAMI | |
uses: IABTechLab/uid2-operator/.github/actions/build_ami@main | |
with: | |
identity_scope: uid2 | |
eif_repo_owner: ${{ env.REPO_OWNER }} | |
eif_repo_name: ${{ env.REPO_NAME }} | |
github_token: ${{ github.token }} | |
operator_release: ${{ inputs.operator_release }} | |
operator_run_number: ${{ inputs.operator_run_number }} | |
uid2_aws_role: ${{ env.UID2_AWS_ROLE }} | |
uid2_aws_region: ${{ env.UID2_AWS_REGION }} | |
euid_aws_role: ${{ env.EUID_AWS_ROLE }} | |
euid_aws_region: ${{ env.EUID_AWS_REGION }} | |
testUID2Ami: | |
name: E2E Tests UID2 AMI | |
uses: ./.github/workflows/run-e2e-tests-on-operator.yaml | |
needs: [buildUID2] | |
with: | |
operator_image_version: ${{ needs.buildUID2.outputs.version_number }} | |
operator_type: aws | |
identity_scope: UID2 | |
aws: '{ "region": "us-east-1", "ami": "${{ needs.buildUID2.outputs.ami_id }}", "pcr0": "${{ needs.buildUID2.outputs.enclave_id }}" }' | |
secrets: inherit | |
buildEUID: | |
name: EUID Operator AMI | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write | |
outputs: | |
version_number: ${{ steps.buildAMI.outputs.version_number }} | |
ami_id: ${{ steps.buildAMI.outputs.ami_id }} | |
enclave_id: ${{ steps.buildAMI.outputs.enclave_id }} | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v4 | |
- name: Pre-cleanup | |
shell: bash | |
working-directory: ${{ github.workspace }} | |
run: | | |
echo "Cleaning up previous run" | |
sudo rm -rf * || true | |
docker stop $(docker ps -aq) || true | |
docker rm $(docker ps -aq) || true | |
docker rmi $(docker images -q) || true | |
- name: Build EUID Operator AMI | |
id: buildAMI | |
uses: IABTechLab/uid2-operator/.github/actions/build_ami@main | |
with: | |
identity_scope: euid | |
eif_repo_owner: ${{ env.REPO_OWNER }} | |
eif_repo_name: ${{ env.REPO_NAME }} | |
github_token: ${{ github.token }} | |
operator_release: ${{ inputs.operator_release }} | |
operator_run_number: ${{ inputs.operator_run_number }} | |
uid2_aws_role: ${{ env.UID2_AWS_ROLE }} | |
uid2_aws_region: ${{ env.UID2_AWS_REGION }} | |
euid_aws_role: ${{ env.EUID_AWS_ROLE }} | |
euid_aws_region: ${{ env.EUID_AWS_REGION }} | |
testEUIDAmi: | |
name: E2E Tests EUID AMI | |
uses: ./.github/workflows/run-e2e-tests-on-operator.yaml | |
needs: [buildEUID] | |
with: | |
operator_image_version: ${{ needs.buildEUID.outputs.version_number }} | |
operator_type: aws | |
identity_scope: EUID | |
aws: '{ "region": "eu-central-1", "ami": "${{ needs.buildEUID.outputs.ami_id }}", "pcr0": "${{ needs.buildEUID.outputs.enclave_id }}" }' | |
secrets: inherit | |
collectAllArtifacts: | |
name: Collect All Artifacts | |
runs-on: ubuntu-latest | |
needs: [buildUID2, testUID2Ami, testEUIDAmi] | |
steps: | |
- name: Download UID2 artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
name: uid2_AMI_measurement | |
path: ./artifacts | |
- name: Download EUID artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
name: euid_AMI_measurement | |
path: ./artifacts | |
- name: Delete staging artifacts | |
uses: geekyeggo/delete-artifact@v5 | |
with: | |
name: | | |
uid2_AMI_measurement | |
euid_AMI_measurement | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: aws-ami-ids-${{ needs.buildUID2.outputs.version_number }} | |
path: ./artifacts/ |