mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-07-08 16:09:36 -04:00
Make AMI public on creation (#426)
This commit is contained in:
parent
7ad55af07c
commit
4a7024c469
2 changed files with 15 additions and 1 deletions
3
.github/workflows/build-os-image.yml
vendored
3
.github/workflows/build-os-image.yml
vendored
|
@ -97,6 +97,7 @@ jobs:
|
|||
image-raw-manifest-gcp-sha256: ${{ steps.collect-hashes.outputs.image-raw-manifest-gcp-sha256 }}
|
||||
image-raw-manifest-qemu-sha256: ${{ steps.collect-hashes.outputs.image-raw-manifest-qemu-sha256 }}
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
csp: [aws, azure, gcp, qemu]
|
||||
steps:
|
||||
|
@ -195,6 +196,7 @@ jobs:
|
|||
id-token: write
|
||||
contents: read
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
csp: [aws, azure, gcp]
|
||||
upload-variant: [""]
|
||||
|
@ -376,6 +378,7 @@ jobs:
|
|||
needs: [make-os-image]
|
||||
runs-on: ubuntu-22.04
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
csp: [aws, azure, gcp, qemu]
|
||||
steps:
|
||||
|
|
|
@ -83,6 +83,15 @@ tag_ami_with_backing_snapshot() {
|
|||
--tags "Key=Name,Value=${AWS_IMAGE_NAME}"
|
||||
}
|
||||
|
||||
make_ami_public() {
|
||||
local ami_id=$1
|
||||
local region=$2
|
||||
aws ec2 modify-image-attribute \
|
||||
--region "${region}" \
|
||||
--image-id "${ami_id}" \
|
||||
--launch-permission "Add=[{Group=all}]"
|
||||
}
|
||||
|
||||
create_ami_from_raw_disk() {
|
||||
echo "Uploading raw disk image to S3"
|
||||
aws s3 cp "${AWS_IMAGE_PATH}" "s3://${AWS_BUCKET}/${AWS_IMAGE_FILENAME}" --no-progress
|
||||
|
@ -116,6 +125,7 @@ create_ami_from_raw_disk() {
|
|||
IMAGE_ID=$(echo $REGISTER_OUT | jq -r '.ImageId')
|
||||
AMI_FOR_REGION=( ["${AWS_REGION}"]="${IMAGE_ID}")
|
||||
tag_ami_with_backing_snapshot "${IMAGE_ID}" "${AWS_REGION}"
|
||||
make_ami_public "${IMAGE_ID}" "${AWS_REGION}"
|
||||
echo "Imported initial AMI as ${IMAGE_ID} in ${AWS_REGION}"
|
||||
}
|
||||
|
||||
|
@ -138,9 +148,10 @@ create_ami_from_raw_disk
|
|||
for region in ${AWS_REPLICATION_REGIONS}; do
|
||||
replicate_ami "${region}"
|
||||
done
|
||||
# wait for all images to be available and tag them
|
||||
# wait for all images to be available and tag + publish them
|
||||
for region in ${AWS_REPLICATION_REGIONS}; do
|
||||
tag_ami_with_backing_snapshot "${AMI_FOR_REGION[${region}]}" "${region}"
|
||||
make_ami_public "${AMI_FOR_REGION[${region}]}" "${region}"
|
||||
done
|
||||
echo -n "{\"${AWS_REGION}\": \"${AMI_FOR_REGION[${AWS_REGION}]}\"" > "${AMI_OUTPUT}"
|
||||
for region in ${AWS_REPLICATION_REGIONS}; do
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue