mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-10-01 01:36:09 -04:00
a7e81aef73
* Update all GitHub action runners to ubuntu-22.04 * Fix license checker script for grep >3.4
95 lines
3.9 KiB
YAML
95 lines
3.9 KiB
YAML
name: Generate measurements manually
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
inputs:
|
|
cloudProvider:
|
|
description: "Which cloud provider to use."
|
|
type: choice
|
|
options:
|
|
- "azure"
|
|
- "gcp"
|
|
default: "gcp"
|
|
required: true
|
|
osImage:
|
|
description: "OS image (full path). Examples are in internal/config/config.go."
|
|
type: string
|
|
required: true
|
|
isDebugImage:
|
|
description: "Is OS image a debug image?"
|
|
type: boolean
|
|
required: true
|
|
|
|
env:
|
|
ARM_CLIENT_ID: ${{ secrets.AZURE_E2E_CLIENT_ID }}
|
|
ARM_CLIENT_SECRET: ${{ secrets.AZURE_E2E_CLIENT_SECRET }}
|
|
ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_E2E_SUBSCRIPTION_ID }}
|
|
ARM_TENANT_ID: ${{ secrets.AZURE_E2E_TENANT_ID }}
|
|
|
|
jobs:
|
|
generate-measurements-manual:
|
|
runs-on: ubuntu-22.04
|
|
steps:
|
|
- name: Check out repository
|
|
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3.1.0
|
|
|
|
- name: Setup Go environment
|
|
uses: actions/setup-go@c4a742cab115ed795e34d4513e2cf7d472deb55f # tag=v3.3.1
|
|
with:
|
|
go-version: "1.19.3"
|
|
|
|
- name: Login to Azure
|
|
if: ${{ github.event.inputs.cloudProvider == 'azure' }}
|
|
uses: ./.github/actions/azure_login
|
|
with:
|
|
azure_credentials: ${{ secrets.AZURE_E2E_CREDENTIALS }}
|
|
|
|
- name: Create Azure resource group
|
|
id: az_resource_group_gen
|
|
if: ${{ github.event.inputs.cloudProvider == 'azure' }}
|
|
shell: bash
|
|
run: |
|
|
uuid=$(cat /proc/sys/kernel/random/uuid)
|
|
name=e2e-test-${uuid%%-*}
|
|
az group create --location westus --name $name --tags e2e
|
|
echo "res_group_name=$name" >> $GITHUB_OUTPUT
|
|
|
|
- name: Create Cluster & Generate Measurements
|
|
uses: ./.github/actions/generate_measurements
|
|
with:
|
|
cloudProvider: ${{ github.event.inputs.cloudProvider }}
|
|
gcpProject: ${{ secrets.GCP_E2E_PROJECT }}
|
|
gcp_service_account_json: ${{ secrets.GCP_SERVICE_ACCOUNT }}
|
|
gcpClusterServiceAccountKey: ${{ secrets.GCP_CLUSTER_SERVICE_ACCOUNT }}
|
|
azureSubscription: ${{ secrets.AZURE_E2E_SUBSCRIPTION_ID }}
|
|
azureTenant: ${{ secrets.AZURE_E2E_TENANT_ID }}
|
|
azureClientID: ${{ secrets.AZURE_E2E_CLIENT_ID }}
|
|
azureClientSecret: ${{ secrets.AZURE_E2E_CLIENT_SECRET }}
|
|
azureUserAssignedIdentity: ${{ secrets.AZURE_E2E_USER_ASSIGNED_IDENTITY }}
|
|
azureResourceGroup: ${{ steps.az_resource_group_gen.outputs.res_group_name }}
|
|
osImage: ${{ github.event.inputs.osImage }}
|
|
isDebugImage: ${{ github.event.inputs.isDebugImage }}
|
|
cosignPublicKey: ${{ startsWith(github.ref, 'refs/heads/release/v') && secrets.COSIGN_PUBLIC_KEY || secrets.COSIGN_DEV_PUBLIC_KEY }}
|
|
cosignPrivateKey: ${{ startsWith(github.ref, 'refs/heads/release/v') && secrets.COSIGN_PRIVATE_KEY || secrets.COSIGN_DEV_PRIVATE_KEY }}
|
|
cosignPassword: ${{ startsWith(github.ref, 'refs/heads/release/v') && secrets.COSIGN_PASSWORD || secrets.COSIGN_DEV_PASSWORD }}
|
|
awsAccessKeyID: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
|
awsSecretAccessKey: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
|
awsDefaultRegion: ${{ secrets.AWS_DEFAULT_REGION }}
|
|
awsBucketName: ${{ secrets.PUBLIC_BUCKET_NAME }}
|
|
|
|
- name: Always terminate cluster
|
|
if: always()
|
|
continue-on-error: true
|
|
uses: ./.github/actions/constellation_destroy
|
|
|
|
- name: Always destroy Azure resource group
|
|
if: ${{ always() && github.event.inputs.cloudProvider == 'azure' }}
|
|
shell: bash
|
|
run: |
|
|
az group delete \
|
|
--name ${{ steps.az_resource_group_gen.outputs.res_group_name }} \
|
|
--force-deletion-types Microsoft.Compute/virtualMachineScaleSets \
|
|
--force-deletion-types Microsoft.Compute/virtualMachines \
|
|
--no-wait \
|
|
--yes
|