diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 740c2778c..d996c24e8 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -170,7 +170,7 @@ jobs: - name: Create portable coordinator resource definitions run: | mkdir -p workspace - nix run .#scripts.write-coordinator-yaml -- "${container_registry}/nunki/coordinator" > workspace/coordinator.yaml + nix run .#scripts.write-coordinator-yaml -- "${container_registry}/nunki/coordinator:${{ inputs.version }}" > workspace/coordinator.yaml - name: Update coordinator policy hash run: | yq < workspace/coordinator.yaml \ diff --git a/packages/genpolicy_msft_rules_coordinator.patch b/packages/by-name/genpolicy-msft/genpolicy_msft_rules_coordinator.patch similarity index 100% rename from packages/genpolicy_msft_rules_coordinator.patch rename to packages/by-name/genpolicy-msft/genpolicy_msft_rules_coordinator.patch diff --git a/packages/scripts.nix b/packages/scripts.nix index 2ef2e7b4c..60fbcce63 100644 --- a/packages/scripts.nix +++ b/packages/scripts.nix @@ -147,10 +147,10 @@ with pkgs; name = "write-coordinator-policy"; runtimeInputs = [ yq-go - genpolicy + genpolicy-msft ]; text = '' - imageRef=$1:v${version} + imageRef=$1 tmpdir=$(mktemp -d) trap 'rm -rf $tmpdir' EXIT @@ -162,8 +162,8 @@ with pkgs; (select(.kind == \"Service\") | .spec.type) = \"LoadBalancer\" " pushd "$tmpdir" >/dev/null - # TODO(burgerdev): this should not be dev, but there are unknown env vars - cp ${genpolicy.settings}/genpolicy-settings.json . + cp ${genpolicy-msft.rules-coordinator}/genpolicy-rules.rego rules.rego + cp ${genpolicy-msft.settings}/genpolicy-settings.json . genpolicy < "$tmpdir/coordinator.yml" popd >/dev/null '';