Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-07-31 11:08:50 -04:00
Code Issues Projects Releases Packages Wiki Activity

Make AMI public on creation (#426)

Browse source
This commit is contained in:
Malte Poll 2022-11-03 15:22:51 +01:00 committed by GitHub
parent 7ad55af07c
commit 4a7024c469
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 15 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
.github/workflows/build-os-image.yml vendored
View file

@ -97,6 +97,7 @@ jobs:
image-raw-manifest-gcp-sha256: ${{ steps.collect-hashes.outputs.image-raw-manifest-gcp-sha256 }}
image-raw-manifest-qemu-sha256: ${{ steps.collect-hashes.outputs.image-raw-manifest-qemu-sha256 }}
strategy:
fail-fast: false
matrix:
csp: [aws, azure, gcp, qemu]
steps:
@ -195,6 +196,7 @@ jobs:
id-token: write
contents: read
strategy:
fail-fast: false
matrix:
csp: [aws, azure, gcp]
upload-variant: [""]
@ -376,6 +378,7 @@ jobs:
needs: [make-os-image]
runs-on: ubuntu-22.04
strategy:
fail-fast: false
matrix:
csp: [aws, azure, gcp, qemu]
steps:

13
image/upload/upload_aws.sh
View file

@ -83,6 +83,15 @@ tag_ami_with_backing_snapshot() {
--tags "Key=Name,Value=${AWS_IMAGE_NAME}"
}
make_ami_public() {
local ami_id=$1
local region=$2
aws ec2 modify-image-attribute \
--region "${region}" \
--image-id "${ami_id}" \
--launch-permission "Add=[{Group=all}]"
}
create_ami_from_raw_disk() {
echo "Uploading raw disk image to S3"
aws s3 cp "${AWS_IMAGE_PATH}" "s3://${AWS_BUCKET}/${AWS_IMAGE_FILENAME}" --no-progress
@ -116,6 +125,7 @@ create_ami_from_raw_disk() {
IMAGE_ID=$(echo $REGISTER_OUT | jq -r '.ImageId')
AMI_FOR_REGION=( ["${AWS_REGION}"]="${IMAGE_ID}")
tag_ami_with_backing_snapshot "${IMAGE_ID}" "${AWS_REGION}"
make_ami_public "${IMAGE_ID}" "${AWS_REGION}"
echo "Imported initial AMI as ${IMAGE_ID} in ${AWS_REGION}"
}
@ -138,9 +148,10 @@ create_ami_from_raw_disk
for region in ${AWS_REPLICATION_REGIONS}; do
replicate_ami "${region}"
done
# wait for all images to be available and tag them
# wait for all images to be available and tag + publish them
for region in ${AWS_REPLICATION_REGIONS}; do
tag_ami_with_backing_snapshot "${AMI_FOR_REGION[${region}]}" "${region}"
make_ami_public "${AMI_FOR_REGION[${region}]}" "${region}"
done
echo -n "{\"${AWS_REGION}\": \"${AMI_FOR_REGION[${AWS_REGION}]}\"" > "${AMI_OUTPUT}"
for region in ${AWS_REPLICATION_REGIONS}; do