Packer #72
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Packer | |
on: | |
workflow_dispatch: # Allow running on-demand | |
pull_request: | |
# see: https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#running-your-workflow-based-on-the-head-or-base-branch-of-a-pull-request | |
branches: | |
- master | |
paths-ignore: | |
- ".github/**/*" | |
- README.md | |
push: | |
branches: | |
- master | |
tags: | |
- v2*.** | |
paths-ignore: | |
- ".github/**/*" | |
- README.md | |
release: | |
types: [published] | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
environment: packer | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Use latest Packer # see: https://github.com/marketplace/actions/setup-packer | |
uses: hashicorp-contrib/setup-packer@v3 | |
with: | |
packer-version: 1.11.2 | |
- name: Validate configuration files | |
run: | | |
git describe --tags --always > git_info.txt | |
echo "========================= Packer build =========================" | |
packer init . | |
packer validate . | |
- name: Build image from template | |
run: | | |
packer build aws-ubuntu.pkr.hcl | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} | |
- name: "Upload Artifact" | |
uses: actions/upload-artifact@v4 | |
with: | |
name: packer-build-results | |
path: manifest.json | |
retention-days: 1 | |
cleanup_ami: | |
# if: ${GITHUB_REF##*/} =! "master" | |
if: github.ref == 'refs/heads/master' | |
needs: [build] | |
runs-on: ubuntu-latest | |
environment: packer | |
steps: | |
- name: Download a single artifact | |
uses: actions/download-artifact@v4 | |
with: | |
name: packer-build-results | |
- name: Cleanup an ami | |
run: | | |
AMI_ID=$(jq -r '.builds[-1].artifact_id' manifest.json | cut -d ":" -f2) | |
echo $AMI_ID | |
aws ec2 deregister-image --image-id $AMI_ID | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} |