Build Jumpbox Image #390
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build Jumpbox Image | |
on: | |
schedule: | |
- cron: '0 10 * * *' # everyday at 10am | |
push: | |
branches: | |
- main | |
paths: | |
- 'packer/jumpbox/**' | |
- .github/workflows/build-jumpbox-image.yaml | |
pull_request: | |
branches: | |
- main | |
paths: | |
- 'packer/jumpbox/**' | |
- .github/workflows/build-jumpbox-image.yaml | |
jobs: | |
build_and_push_jumpbox: | |
name: Build Jumpbox GCP Compute Image | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Authenicate to Google Cloud | |
uses: google-github-actions/auth@v0 | |
with: | |
credentials_json: ${{ secrets.GCP_SERVICE_ACCOUNT_KEY }} | |
- name: Setup Google Cloud SDK | |
id: auth | |
uses: google-github-actions/setup-gcloud@v0 | |
with: | |
project_id: kots-field-labs | |
# initialize | |
- name: Initialize Packer | |
uses: hashicorp/packer-github-actions@master | |
with: | |
command: init | |
working_directory: ./packer | |
target: jumpbox | |
env: | |
PACKER_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# validate templates | |
- name: Validate Packer Template | |
uses: hashicorp/packer-github-actions@master | |
with: | |
command: validate | |
arguments: -syntax-only | |
working_directory: ./packer | |
target: jumpbox | |
env: | |
PACKER_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# build artifact for push/merge (use default name) | |
- name: Build VM Image | |
uses: hashicorp/packer-github-actions@master | |
if: ${{ github.event_name != 'pull_request' }} | |
with: | |
command: build | |
arguments: "-force" | |
working_directory: ./packer | |
target: jumpbox | |
env: | |
PACKER_LOG: 1 | |
PKR_VAR_service_account_key: ${{secrets.GCP_SERVICE_ACCOUNT_KEY}} | |
PKR_VAR_zone: europe-west1-b | |
PACKER_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# build artifact for PRs (need to assign image name) | |
- name: Build VM Image | |
uses: hashicorp/packer-github-actions@master | |
if: ${{ github.event_name == 'pull_request' }} | |
with: | |
command: build | |
arguments: "-force" | |
working_directory: ./packer | |
target: jumpbox | |
env: | |
PACKER_LOG: 1 | |
PKR_VAR_service_account_key: ${{secrets.GCP_SERVICE_ACCOUNT_KEY}} | |
PKR_VAR_image_name: airgap-jumpbox-${{github.sha}} | |
PACKER_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# delete built artifact for PRs (save storage costs) | |
- name: Delete VM Image | |
if: ${{ github.event_name == 'pull_request' }} | |
run: gcloud compute images delete --quiet airgap-jumpbox-${{github.sha}} | |
shell: bash |