From 54790a5dc67f99e09bdac90fab31ae2252b95706 Mon Sep 17 00:00:00 2001 From: Cody Constine Date: Tue, 3 Sep 2024 13:30:20 -0600 Subject: [PATCH] adding back in EUID --- .github/actions/build_dev_ami/action.yaml | 30 ++++ .github/workflows/build-uid2-dev-ami.yaml | 179 ++++++++-------------- scripts/aws/uid2-dev-ami/vars.pkr.hcl | 2 +- 3 files changed, 91 insertions(+), 120 deletions(-) diff --git a/.github/actions/build_dev_ami/action.yaml b/.github/actions/build_dev_ami/action.yaml index b363517e1..c33e30bae 100644 --- a/.github/actions/build_dev_ami/action.yaml +++ b/.github/actions/build_dev_ami/action.yaml @@ -38,6 +38,36 @@ runs: env: GITHUB_CONTEXT: ${{ toJson(github) }} + - name: Run amazonlinux Docker image + shell: bash + run: | + docker build -t amazonlinux -f scripts/aws/pipeline/amazonlinux2023.Dockerfile . + docker run -d --privileged --name amazonlinux amazonlinux:latest + + - name: Setup Artifacts + id: setupArtifacts + shell: bash + run: | + ARTIFACTS_OUTPUT_DIR="./scripts/aws/uid2-dev-ami/artifacts" + + echo "${{ inputs.identity_scope }}" > ${ARTIFACTS_OUTPUT_DIR}/identity_scope.txt + cp ./scripts/aws/proxies.host.yaml ${ARTIFACTS_OUTPUT_DIR}/ + cp ./scripts/aws/sockd.conf ${ARTIFACTS_OUTPUT_DIR}/ + cp ./scripts/aws/uid2operator.service ${ARTIFACTS_OUTPUT_DIR}/ + cp ./scripts/aws/syslog-ng/syslog-ng-server.conf ${ARTIFACTS_OUTPUT_DIR}/ + cp ./scripts/aws/syslog-ng/server_al_2023/ivykis-0.43-1.amzn2023.x86_64.rpm ${ARTIFACTS_OUTPUT_DIR}/ + cp ./scripts/aws/syslog-ng/server_al_2023/libnet-1.2-2.amzn2023.0.2.x86_64.rpm ${ARTIFACTS_OUTPUT_DIR}/ + cp ./scripts/aws/syslog-ng/server_al_2023/pubkey.gpg ${ARTIFACTS_OUTPUT_DIR}/ + cp ./scripts/aws/syslog-ng/server_al_2023/syslog-ng-4.7.1.104.gcc5a7d9-1.amzn2023.x86_64.rpm ${ARTIFACTS_OUTPUT_DIR}/ + cp ./scripts/aws/syslog-ng/server_al_2023/syslog-ng-logrotate-4.7.1.104.gcc5a7d9-1.amzn2023.x86_64.rpm ${ARTIFACTS_OUTPUT_DIR}/ + cp ./scripts/aws/logrotate/operator-logrotate.conf ${ARTIFACTS_OUTPUT_DIR}/ + cp ./scripts/aws/logrotate/logrotate ${ARTIFACTS_OUTPUT_DIR}/ + cp ./scripts/aws/logrotate/logrotateDaily ${ARTIFACTS_OUTPUT_DIR}/ + cp -r ./scripts/aws/config-server ${ARTIFACTS_OUTPUT_DIR}/ + + docker cp amazonlinux:/sockd ${ARTIFACTS_OUTPUT_DIR}/ + docker cp amazonlinux:/vsockpx ${ARTIFACTS_OUTPUT_DIR}/ + - name: Configure UID2 AWS credentials uses: aws-actions/configure-aws-credentials@v4 if: ${{ inputs.identity_scope == 'uid2' }} diff --git a/.github/workflows/build-uid2-dev-ami.yaml b/.github/workflows/build-uid2-dev-ami.yaml index 09dcbf9ce..9e8cd69b7 100644 --- a/.github/workflows/build-uid2-dev-ami.yaml +++ b/.github/workflows/build-uid2-dev-ami.yaml @@ -32,36 +32,6 @@ jobs: - name: Checkout repo uses: actions/checkout@v4 - - name: Run amazonlinux Docker image - shell: bash - run: | - docker build -t amazonlinux -f scripts/aws/pipeline/amazonlinux2023.Dockerfile . - docker run -d --privileged --name amazonlinux amazonlinux:latest - - - name: Setup Artifacts - id: setupArtifacts - shell: bash - run: | - ARTIFACTS_OUTPUT_DIR="./scripts/aws/uid2-dev-ami/artifacts" - - echo "uid2" > ${ARTIFACTS_OUTPUT_DIR}/identity_scope.txt - cp ./scripts/aws/proxies.host.yaml ${ARTIFACTS_OUTPUT_DIR}/ - cp ./scripts/aws/sockd.conf ${ARTIFACTS_OUTPUT_DIR}/ - cp ./scripts/aws/uid2operator.service ${ARTIFACTS_OUTPUT_DIR}/ - cp ./scripts/aws/syslog-ng/syslog-ng-server.conf ${ARTIFACTS_OUTPUT_DIR}/ - cp ./scripts/aws/syslog-ng/server_al_2023/ivykis-0.43-1.amzn2023.x86_64.rpm ${ARTIFACTS_OUTPUT_DIR}/ - cp ./scripts/aws/syslog-ng/server_al_2023/libnet-1.2-2.amzn2023.0.2.x86_64.rpm ${ARTIFACTS_OUTPUT_DIR}/ - cp ./scripts/aws/syslog-ng/server_al_2023/pubkey.gpg ${ARTIFACTS_OUTPUT_DIR}/ - cp ./scripts/aws/syslog-ng/server_al_2023/syslog-ng-4.7.1.104.gcc5a7d9-1.amzn2023.x86_64.rpm ${ARTIFACTS_OUTPUT_DIR}/ - cp ./scripts/aws/syslog-ng/server_al_2023/syslog-ng-logrotate-4.7.1.104.gcc5a7d9-1.amzn2023.x86_64.rpm ${ARTIFACTS_OUTPUT_DIR}/ - cp ./scripts/aws/logrotate/operator-logrotate.conf ${ARTIFACTS_OUTPUT_DIR}/ - cp ./scripts/aws/logrotate/logrotate ${ARTIFACTS_OUTPUT_DIR}/ - cp ./scripts/aws/logrotate/logrotateDaily ${ARTIFACTS_OUTPUT_DIR}/ - cp -r ./scripts/aws/config-server ${ARTIFACTS_OUTPUT_DIR}/ - - docker cp amazonlinux:/sockd ${ARTIFACTS_OUTPUT_DIR}/ - docker cp amazonlinux:/vsockpx ${ARTIFACTS_OUTPUT_DIR}/ - - name: Build UID2 Dev AMI id: buildAMI uses: IABTechLab/uid2-operator/.github/actions/build_dev_ami@cbc-UID2-4015-develoment-ami @@ -73,94 +43,65 @@ jobs: euid_aws_role: ${{ env.EUID_AWS_ROLE }} euid_aws_region: ${{ env.EUID_AWS_REGION }} -# buildEUID: -# name: EUID Operator AMI -# runs-on: ubuntu-latest -# permissions: -# id-token: write -# outputs: -# version_number: ${{ steps.buildAMI.outputs.version_number }} -# steps: -# - name: Checkout repo -# uses: actions/checkout@v4 -# -## - name: Pre-cleanup -## shell: bash -## working-directory: ${{ github.workspace }} -## run: | -## echo "Cleaning up previous run" -## sudo rm -rf * || true -## docker stop $(docker ps -aq) || true -## docker rm $(docker ps -aq) || true -## docker rmi $(docker images -q) || true -# -# - name: Run amazonlinux Docker image + buildEUID: + name: EUID Operator AMI + runs-on: ubuntu-latest + permissions: + id-token: write + outputs: + version_number: ${{ steps.buildAMI.outputs.version_number }} + steps: + - name: Checkout repo + uses: actions/checkout@v4 + +# - name: Pre-cleanup # shell: bash +# working-directory: ${{ github.workspace }} # run: | -# docker build -t amazonlinux -f scripts/aws/pipeline/amazonlinux2023.Dockerfile . -# docker run -d --privileged --name amazonlinux amazonlinux:latest -# -# - name: Setup Artifacts -# id: setupArtifacts -# run: | -# ARTIFACTS_OUTPUT_DIR="scripts/aws/uid2-dev-ami/artifacts" -# -# echo "euid" ${ARTIFACTS_OUTPUT_DIR}/identity_scope.txt -# cp ./scripts/aws/proxies.host.yaml ${ARTIFACTS_OUTPUT_DIR}/ -# cp ./scripts/aws/sockd.conf ${ARTIFACTS_OUTPUT_DIR}/ -# cp ./scripts/aws/uid2operator.service ${ARTIFACTS_OUTPUT_DIR}/ -# cp ./scripts/aws/syslog-ng/syslog-ng-server.conf ${ARTIFACTS_OUTPUT_DIR}/ -# cp ./scripts/aws/syslog-ng/server_al_2023/ivykis-0.43-1.amzn2023.x86_64.rpm ${ARTIFACTS_OUTPUT_DIR}/ -# cp ./scripts/aws/syslog-ng/server_al_2023/libnet-1.2-2.amzn2023.0.2.x86_64.rpm ${ARTIFACTS_OUTPUT_DIR}/ -# cp ./scripts/aws/syslog-ng/server_al_2023/pubkey.gpg ${ARTIFACTS_OUTPUT_DIR}/ -# cp ./scripts/aws/syslog-ng/server_al_2023/syslog-ng-4.7.1.104.gcc5a7d9-1.amzn2023.x86_64.rpm ${ARTIFACTS_OUTPUT_DIR}/ -# cp ./scripts/aws/syslog-ng/server_al_2023/syslog-ng-logrotate-4.7.1.104.gcc5a7d9-1.amzn2023.x86_64.rpm ${ARTIFACTS_OUTPUT_DIR}/ -# cp ./scripts/aws/logrotate/operator-logrotate.conf ${ARTIFACTS_OUTPUT_DIR}/ -# cp ./scripts/aws/logrotate/logrotate ${ARTIFACTS_OUTPUT_DIR}/ -# cp ./scripts/aws/logrotate/logrotateDaily ${ARTIFACTS_OUTPUT_DIR}/ -# cp -r ./scripts/aws/config-server ${ARTIFACTS_OUTPUT_DIR}/ -# -# docker cp amazonlinux:/sockd ${ARTIFACTS_OUTPUT_DIR}/ -# docker cp amazonlinux:/vsockpx ${ARTIFACTS_OUTPUT_DIR}/ -# -# - name: Build EUID Operator AMI -# id: buildAMI -# uses: IABTechLab/uid2-operator/.github/actions/build_dev_ami@cbc-UID2-4015-develoment-ami -# with: -# identity_scope: euid -# save_ami: ${{ inputs.save_ami }} -# uid2_aws_role: ${{ env.UID2_AWS_ROLE }} -# uid2_aws_region: ${{ env.UID2_AWS_REGION }} -# euid_aws_role: ${{ env.EUID_AWS_ROLE }} -# euid_aws_region: ${{ env.EUID_AWS_REGION }} -# -# collectAllArtifacts: -# name: Collect All Artifacts -# if: ${{ inputs.save_ami }} -# runs-on: ubuntu-latest -# needs: [buildUID2, buildEUID] -# steps: -# - name: Download UID2 artifacts -# uses: actions/download-artifact@v4 -# with: -# name: uid2_AMI_measurement -# path: ./artifacts -# -# - name: Download EUID artifacts -# uses: actions/download-artifact@v4 -# with: -# name: euid_AMI_measurement -# path: ./artifacts -# -# - name: Delete staging artifacts -# uses: geekyeggo/delete-artifact@v5 -# with: -# name: | -# uid2_AMI_measurement -# euid_AMI_measurement -# -# - name: Upload artifacts -# uses: actions/upload-artifact@v4 -# with: -# name: uid2-operator-release-${{ needs.buildUID2.outputs.version_number }}-aws -# path: ./artifacts/ +# echo "Cleaning up previous run" +# sudo rm -rf * || true +# docker stop $(docker ps -aq) || true +# docker rm $(docker ps -aq) || true +# docker rmi $(docker images -q) || true + + - name: Build EUID Operator AMI + id: buildAMI + uses: IABTechLab/uid2-operator/.github/actions/build_dev_ami@cbc-UID2-4015-develoment-ami + with: + identity_scope: euid + save_ami: ${{ inputs.save_ami }} + uid2_aws_role: ${{ env.UID2_AWS_ROLE }} + uid2_aws_region: ${{ env.UID2_AWS_REGION }} + euid_aws_role: ${{ env.EUID_AWS_ROLE }} + euid_aws_region: ${{ env.EUID_AWS_REGION }} + + collectAllArtifacts: + name: Collect All Artifacts + if: ${{ inputs.save_ami }} + runs-on: ubuntu-latest + needs: [buildUID2, buildEUID] + steps: + - name: Download UID2 artifacts + uses: actions/download-artifact@v4 + with: + name: uid2_AMI_measurement + path: ./artifacts + + - name: Download EUID artifacts + uses: actions/download-artifact@v4 + with: + name: euid_AMI_measurement + path: ./artifacts + + - name: Delete staging artifacts + uses: geekyeggo/delete-artifact@v5 + with: + name: | + uid2_AMI_measurement + euid_AMI_measurement + + - name: Upload artifacts + uses: actions/upload-artifact@v4 + with: + name: uid2-operator-release-${{ needs.buildUID2.outputs.version_number }}-aws + path: ./artifacts/ diff --git a/scripts/aws/uid2-dev-ami/vars.pkr.hcl b/scripts/aws/uid2-dev-ami/vars.pkr.hcl index a76f6dcdc..a0580c1e3 100644 --- a/scripts/aws/uid2-dev-ami/vars.pkr.hcl +++ b/scripts/aws/uid2-dev-ami/vars.pkr.hcl @@ -10,7 +10,7 @@ variable "identity_scope" { variable "service" { description = "distinct name for the service" - default = "operator" + default = "dev-image" } variable "region" {