add top level workflow for pushing AMIs

NixOS · Jun 5, 2023 · 1a20608 · 1a20608
1 parent 4c44c09
commit 1a20608
Show file tree

Hide file tree

Showing 6 changed files with 46 additions and 36 deletions.
diff --git a/.github/workflows/create-amis.yml b/.github/workflows/create-amis.yml
@@ -14,10 +14,7 @@ on:
       build_nr:
         required: true
         type: number
-
-permissions:
-  id-token: write
-  contents: read
+        description: hydra.nixos.org image build number
 
 env:
   AWS_REGION: "eu-west-1"
@@ -43,11 +40,14 @@ jobs:
       - working-directory: amis
         id: get-store-path
         run: |
-            echo ${{steps.get-build.outputs.build_json}} \
+            echo '${{steps.get-build.outputs.build_json}}' \
               | nix develop --command jq '.buildoutputs|.out|"store_path=\(.path)"' -r > "$GITHUB_OUTPUT"
       - run: nix-store -r ${{steps.get-store-path.outputs.store_path}}
       - run: nix develop --command jq -f regions.jq regions.json > copy.tf.json
         working-directory: amis
+      - run: |
+          nix develop --command terraform init
+        working-directory: amis
       - run: |
           nix develop --command \
             terraform workspace select -or-create \
@@ -56,3 +56,4 @@ jobs:
       - run: |
           nix develop --command \
             terraform plan -var image_store_path=${{steps.get-store-path.outputs.store_path}}
+        working-directory: amis
diff --git a/.github/workflows/release-amis.yml b/.github/workflows/release-amis.yml
@@ -0,0 +1,25 @@
+name: Push current NixOS release AMIs
+
+on:
+  workflow_dispatch:
+  # TODO: just for testing, switch to workflow_dispatch only
+  push:
+    branches: ["terraform-create-amis"]
+
+permissions:
+    id-token: write
+    contents: read
+
+jobs:
+  x86_64-amis:
+    uses: ./.github/workflows/create-amis.yml
+    with:
+      build_nr: 222822268
+      architecture: x86_64
+      release: "23.05"
+  aarch64-amis:
+    uses: ./.github/workflows/create-amis.yml
+    with:
+      build_nr: 222822272 
+      architecture: aarch64
+      release: "23.05"
diff --git a/.gitignore b/.gitignore
@@ -2,7 +2,6 @@
 
 # Terraform
 .terraform*
-!.terraform.lock.hcl
 *tfstate
 *tfstate.backup
 *.aarch64.*.tfvars

diff --git a/amis/.terraform.lock.hcl b/amis/.terraform.lock.hcl
diff --git a/amis/Makefile b/amis/Makefile
@@ -2,11 +2,12 @@
 
 arch=x86_64
 version=23.05
+build-nr=
 
 tfvarsFile=$(version).$(arch).current.tfvars
 
 $(tfvarsFile) .current-workspace:
-	./pull-latest $(version) $(arch)
+	./pull-latest $(version) $(arch) $(build-nr)
 
 copy.tf.json: regions.jq regions.json
 	@jq -f regions.jq regions.json > copy.tf.json

diff --git a/amis/pull-latest b/amis/pull-latest
@@ -1,14 +1,22 @@
 #! /usr/bin/env bash
 #
 
-version="$1"
-arch="$2"
 hydraJob="nixos.amazonImage"
 baseUrl="https://hydra.nixos.org/job/nixos"
 
-build=$(curl -sL \
-  -H 'Content-type: application/json' \
-  "${baseUrl}/release-${version}-small/${hydraJob}.${arch}-linux/latest")
+version="$1"
+arch="$2"
+buildNr="$3"
+
+if [[ -z "$buildNr" ]]
+then
+  buildUrl="${baseUrl}/release-${version}-small/${hydraJob}.${arch}-linux/latest"
+else
+  buildUrl="${baseUrl}/build/${buildNr}"
+fi
+
+
+build=$(curl -sL -H 'Content-type: application/json' "$buildUrl")
 
 storePath=$(echo "$build" | jq '.buildoutputs|.out|.path' -r)
 buildId=$(echo "$build" | jq .id -r)