Publish Snapshot AWS Nitro EIFs #139

Workflow file for this run

.github/workflows/publish-aws-nitro-eif.yaml at e21574c

	name: Publish AWS Nitro EIFs
	run-name: ${{ format('Publish {0} AWS Nitro EIFs', inputs.release_type) }}
	on:
	workflow_dispatch:
	inputs:
	release_type:
	type: choice
	description: The type of release
	options:
	- Snapshot
	- Patch
	- Minor
	- Major
	version_number_input:
	description: If set, the version number will not be incremented and the given number will be used.
	type: string
	default: ''
	workflow_call:
	inputs:
	release_type:
	description: The type of version number to return. Must be one of [Snapshot, Patch, Minor or Major]
	required: true
	type: string
	version_number_input:
	description: If set, the version number will not be incremented and the given number will be used.
	type: string
	default: ''
	commit_sha:
	description: The commit SHA for committing the new version for pom.xml.
	type: string
	default: ''

	env:
	ENCLAVE_PROTOCOL: aws-nitro
	ARTIFACTS_BASE_OUTPUT_DIR: ${{ github.workspace }}/deployment-artifacts

	jobs:
	start:
	name: Update Operator Version
	runs-on: ubuntu-latest
	steps:
	- name: Show Context
	shell: bash
	run: \|
	printenv
	echo "$GITHUB_CONTEXT"
	echo "Commit SHA:" $COMMIT_SHA
	env:
	GITHUB_CONTEXT: ${{ toJson(github) }}

	- name: Update Operator Version
	id: update_version
	uses: IABTechLab/uid2-operator/.github/actions/update_operator_version@cbc-UID2-4553-replace-vsock-with-gvisor
	with:
	release_type: ${{ inputs.release_type }}
	version_number_input: ${{ inputs.version_number_input }}
	image_tag_suffix: ${{ env.ENCLAVE_PROTOCOL }}
	commit_sha: ${{ inputs.commit_sha }}

	outputs:
	new_version: ${{ steps.update_version.outputs.new_version }}
	is_release: ${{ steps.update_version.outputs.is_release }}
	image_tag: ${{ steps.update_version.outputs.image_tag }}
	commit_sha: ${{ steps.update_version.outputs.commit_sha }}

	buildUID2EIF:
	name: Build UID2 EIF
	runs-on: ubuntu-latest
	needs: start
	steps:
	- name: Free disk space
	run: \|
	sudo docker rmi $(docker image ls -aq) >/dev/null 2>&1 \|\| true
	sudo rm -rf \
	/usr/share/dotnet /usr/local/lib/android /opt/ghc \
	/usr/local/share/powershell /usr/share/swift /usr/local/.ghcup \|\| true
	echo "some directories deleted"
	sudo apt install aptitude -y >/dev/null 2>&1
	sudo aptitude purge aria2 ansible azure-cli shellcheck rpm xorriso zsync \
	esl-erlang firefox gfortran-8 gfortran-9 google-chrome-stable \
	google-cloud-sdk imagemagick \
	libmagickcore-dev libmagickwand-dev libmagic-dev ant ant-optional kubectl \
	mercurial apt-transport-https mono-complete libmysqlclient \
	unixodbc-dev yarn chrpath libssl-dev libxft-dev \
	libfreetype6 libfreetype6-dev libfontconfig1 libfontconfig1-dev \
	snmp pollinate libpq-dev postgresql-client powershell ruby-full \
	sphinxsearch subversion mongodb-org azure-cli microsoft-edge-stable \
	-y -f >/dev/null 2>&1
	sudo aptitude purge google-cloud-sdk -f -y >/dev/null 2>&1
	sudo aptitude purge microsoft-edge-stable -f -y >/dev/null 2>&1 \|\| true
	sudo apt purge microsoft-edge-stable -f -y >/dev/null 2>&1 \|\| true
	sudo aptitude purge '~n ^mysql' -f -y >/dev/null 2>&1
	sudo aptitude purge '~n ^php' -f -y >/dev/null 2>&1
	sudo aptitude purge '~n ^dotnet' -f -y >/dev/null 2>&1
	sudo apt-get autoremove -y >/dev/null 2>&1
	sudo apt-get autoclean -y >/dev/null 2>&1
	echo "some packages purged"
	- name: Build UID2 AWS EIF
	id: build_uid2_eif
	uses: IABTechLab/uid2-operator/.github/actions/build_aws_eif@cbc-UID2-4553-replace-vsock-with-gvisor
	with:
	identity_scope: uid2
	artifacts_base_output_dir: ${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/uid2
	amazonlinux_dockerfile: ./scripts/aws/pipeline/amazonlinux2023.Dockerfile
	makefile: Makefile.eif
	version_number_input: ${{ needs.start.outputs.new_version }}
	commit_sha: ${{ needs.start.outputs.commit_sha }}

	- name: Check disk usage
	shell: bash
	run: \|
	df -h

	- name: Save UID2 eif artifact
	uses: actions/upload-artifact@v4
	with:
	name: aws-uid2-deployment-files-${{ needs.start.outputs.new_version }}
	path: ${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/uid2
	if-no-files-found: error

	- name: Check disk usage
	shell: bash
	run: \|
	df -h

	outputs:
	uid2_enclave_id: ${{ steps.build_uid2_eif.outputs.enclave_id }}

	buildEUIDEIF:
	name: Build EUID EIF
	runs-on: ubuntu-latest
	needs: [start, buildUID2EIF]
	steps:
	- name: Free disk space
	run: \|
	sudo docker rmi $(docker image ls -aq) >/dev/null 2>&1 \|\| true
	sudo rm -rf \
	/usr/share/dotnet /usr/local/lib/android /opt/ghc \
	/usr/local/share/powershell /usr/share/swift /usr/local/.ghcup \|\| true
	echo "some directories deleted"
	sudo apt install aptitude -y >/dev/null 2>&1
	sudo aptitude purge aria2 ansible azure-cli shellcheck rpm xorriso zsync \
	esl-erlang firefox gfortran-8 gfortran-9 google-chrome-stable \
	google-cloud-sdk imagemagick \
	libmagickcore-dev libmagickwand-dev libmagic-dev ant ant-optional kubectl \
	mercurial apt-transport-https mono-complete libmysqlclient \
	unixodbc-dev yarn chrpath libssl-dev libxft-dev \
	libfreetype6 libfreetype6-dev libfontconfig1 libfontconfig1-dev \
	snmp pollinate libpq-dev postgresql-client powershell ruby-full \
	sphinxsearch subversion mongodb-org azure-cli microsoft-edge-stable \
	-y -f >/dev/null 2>&1
	sudo aptitude purge google-cloud-sdk -f -y >/dev/null 2>&1
	sudo aptitude purge microsoft-edge-stable -f -y >/dev/null 2>&1 \|\| true
	sudo apt purge microsoft-edge-stable -f -y >/dev/null 2>&1 \|\| true
	sudo aptitude purge '~n ^mysql' -f -y >/dev/null 2>&1
	sudo aptitude purge '~n ^php' -f -y >/dev/null 2>&1
	sudo aptitude purge '~n ^dotnet' -f -y >/dev/null 2>&1
	sudo apt-get autoremove -y >/dev/null 2>&1
	sudo apt-get autoclean -y >/dev/null 2>&1
	echo "some packages purged"
	- name: Build EUID AWS EIF
	id: build_euid_eif
	uses: IABTechLab/uid2-operator/.github/actions/build_aws_eif@cbc-UID2-4553-replace-vsock-with-gvisor
	with:
	identity_scope: euid
	artifacts_base_output_dir: ${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/euid
	amazonlinux_dockerfile: ./scripts/aws/pipeline/amazonlinux2023.Dockerfile
	makefile: Makefile.eif
	version_number_input: ${{ needs.start.outputs.new_version }}
	commit_sha: ${{ needs.start.outputs.commit_sha }}

	- name: Check disk usage
	shell: bash
	run: \|
	df -h

	- name: Save EUID eif artifact
	uses: actions/upload-artifact@v4
	with:
	name: aws-euid-deployment-files-${{ needs.start.outputs.new_version }}
	path: ${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/euid
	if-no-files-found: error

	- name: Check disk usage
	shell: bash
	run: \|
	df -h

	outputs:
	euid_enclave_id: ${{ steps.build_euid_eif.outputs.enclave_id }}

	cleanup:
	name: Cleanup Building AWS Image
	runs-on: ubuntu-latest
	needs: [start, buildUID2EIF, buildEUIDEIF]
	steps:
	- name: Check disk usage
	shell: bash
	run: \|
	df -h

	- name: Download UID2 artifacts
	uses: actions/download-artifact@v4
	with:
	path: ${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/uid2

	- name: Download EUID artifacts
	uses: actions/download-artifact@v4
	with:
	path: ${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/euid

	- name: Save Enclave Ids
	run: \|
	mkdir -p ${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/manifests
	echo ${{ needs.buildUID2EIF.outputs.uid2_enclave_id }} >> ${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/manifests/aws-uid2-enclave-id-${{ needs.start.outputs.new_version }}.txt
	echo ${{ needs.buildEUIDEIF.outputs.euid_enclave_id }} >> ${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/manifests/aws-euid-enclave-id-${{ needs.start.outputs.new_version }}.txt

	- name: Save Manifests as build artifacts
	uses: actions/upload-artifact@v4
	with:
	name: aws-eif-enclave-ids-${{ needs.start.outputs.new_version }}
	path: ${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/manifests
	if-no-files-found: error

	- name: Build changelog
	id: github_release
	if: ${{ inputs.version_number_input == '' && needs.start.outputs.is_release == 'true' }}
	uses: mikepenz/release-changelog-builder-action@v4
	with:
	configurationJson: \|
	{
	"template": "#{{CHANGELOG}}\n## Installation\n```\See [AWS Marketplace](https://unifiedid.com/docs/guides/operator-guide-aws-marketplace) for details\n```\n\n## Changelog\n#{{UNCATEGORIZED}}",
	"pr_template": " - #{{TITLE}} - ( PR: ##{{NUMBER}} )"
	}
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	- name: Create release
	if: ${{ inputs.version_number_input == '' && needs.start.outputs.is_release == 'true' }}
	uses: softprops/action-gh-release@v2
	with:
	name: ${{ needs.start.outputs.new_version }}
	body: ${{ steps.github_release.outputs.changelog }}
	draft: true
	files: \|
	${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/aws-uid2-deployment-artifacts-${{ needs.start.outputs.new_version }}.zip
	${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/aws-euid-deployment-artifacts-${{ needs.start.outputs.new_version }}.zip
	${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/manifests/aws-uid2-enclave-id-${{ needs.start.outputs.new_version }}.txt
	${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/manifests/aws-euid-enclave-id-${{ needs.start.outputs.new_version }}.txt

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Publish Snapshot AWS Nitro EIFs #139

Workflow file

Publish Snapshot AWS Nitro EIFs #139

Jobs

Run details

Workflow file for this run