-
Notifications
You must be signed in to change notification settings - Fork 8
133 lines (116 loc) · 6.58 KB
/
raspberrypi-image-build-needed.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
name: raspberrypi-image
# Images are need for QA / tests on a real car
# Waiting for them to build automatically when someone wants to make a full test/review
# is too long. That's why we are building them on pull requests and on push / merge on main (latest stable).
on:
pull_request_target: # Allow from forks, but a condition limit where the forks comes from on the sensitive job
paths:
- ansible/**
- packer/**
push:
branches:
- main
paths:
- ansible/**
- packer/**
jobs:
build:
# Check the PR if it comes from a fork is a trusted fork or not
# We also need to check if it's not ourself as pull_request_target is also used for PR coming from origin branches
if: ${{ github.event_name != 'pull_request_target' || github.event_name == 'pull_request_target' && ( github.event.pull_request.head.repo.owner.login == 'mdl29' || github.event.pull_request.head.repo.owner.login == 'viandoxdev' || github.event.pull_request.head.repo.owner.login == 'benvii' || github.event.pull_request.head.repo.owner.login == 'yannis-mlgrn' || github.event.pull_request.head.repo.owner.login == 'ritorizo' ) }}
concurrency: # Run only one workflow by branch, cancel already running ones for new ones
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} # head_ref defined on pull_request and pull_request_target events
cancel-in-progress: true
runs-on: ubuntu-latest
env:
COMMIT_SHA: ${{ github.event.pull_request.head.sha || github.sha }}
BRANCH_NAME: ${{ github.head_ref || github.ref_name }}
BUCKET_PUBLIC_URL: https://storage.googleapis.com/md-lph-doneycar
BUCKET_ARCHIVE_FOLDER: ${{github.run_number}}
IMAGE_BASE_FILENAME: #Defined by first step, represent the filename without extension
ARCHIVE_FILENAME: #Defined by first step, represent the archive filename
PUBLIC_URL_ARCHIVE_FILE: #Defined by first step, full public URL of the archive file containing the current build result
steps:
- name: Setting some env
run: |
# Making manipulations on environement variables
IMAGE_BASE_FILENAME="${{ env.COMMIT_SHA }}-${{ env.BRANCH_NAME }}"
ARCHIVE_FILENAME="$IMAGE_BASE_FILENAME.tar.gz"
PUBLIC_URL_ARCHIVE_FILE="${{ env.BUCKET_PUBLIC_URL }}/${{ env.BUCKET_ARCHIVE_FOLDER }}/$ARCHIVE_FILENAME"
# Saving it to Github environement variables
echo "IMAGE_BASE_FILENAME=$IMAGE_BASE_FILENAME" >> ${{ github.env }}
echo "ARCHIVE_FILENAME=$ARCHIVE_FILENAME" >> ${{ github.env }}
echo "PUBLIC_URL_ARCHIVE_FILE=$PUBLIC_URL_ARCHIVE_FILE" >> ${{ github.env }}
- name: Checkout current repository
uses: actions/checkout@v3
with:
ref: ${{github.event.pull_request.head.ref}}
repository: ${{github.event.pull_request.head.repo.full_name}}
- name: Install packer from apt # This step will install latest packer version on the VM
run: |
curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -
sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"
sudo apt-get update && sudo apt-get install packer
- name: Check packer version # Displaying the version, might help for debugging
run: packer -v
- name: Packer init
run: |
cd packer/
packer init donkeycar.pkr.hcl
- name: Packer build # Build the full image
run: |
cd packer/ # otherwise it doesn't found relative path to ansible playbook
sudo packer build donkeycar.pkr.hcl
- name: Compressing the output image # Rename the image output file and compress it
run: |
IMAGE_FILE="${{ env.IMAGE_BASE_FILENAME }}.img"
# Renaming file so that after extraction it as a comprehensive file name with commit hash
sudo mv "packer/output-raspbian/image" "packer/output-raspbian/$IMAGE_FILE"
sudo tar zcvf "packer/output-raspbian/${{ env.ARCHIVE_FILENAME }}" "packer/output-raspbian/$IMAGE_FILE"
sudo rm "packer/output-raspbian/$IMAGE_FILE"
- name: Google Authentication
id: 'auth'
uses: 'google-github-actions/auth@v0'
with:
credentials_json: '${{ secrets.GCP_CREDENTIALS }}'
- name: Upload donkeycar image to Google Cloud Storage
uses: 'google-github-actions/upload-cloud-storage@v0'
id: 'upload-file'
with:
path: 'packer/output-raspbian/${{ env.ARCHIVE_FILENAME }}'
destination: 'md-lph-doneycar/${{github.run_number}}/'
- name: Display image location
run: echo "Image stored at $PUBLIC_URL_ARCHIVE_FILE"
- name: Post comment on PR with build URL # It it's a PR sending a message on it with link to the image
if: github.event_name == 'pull_request_target'
uses: marocchino/sticky-pull-request-comment@v2
with:
append: true
message: |
Build for ${{ env.COMMIT_SHA }} is here :
[${{ env.ARCHIVE_FILENAME }}](${{ env.PUBLIC_URL_ARCHIVE_FILE }})
# AWS S3 old stuff
# - name: Upload result to S3 # Upload the build to S3
# uses: jakejarvis/s3-sync-action@master
# env:
# AWS_S3_BUCKET: 'donkeycar-lph-packer-builds'
# AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
# AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
# AWS_REGION: 'eu-west-3'
# SOURCE_DIR: 'packer/output-raspbian'
# DEST_DIR: ${{github.run_number}}
# - name: Display image location # Print the image location
# run: |
# echo "Download this build here :"
# echo "https://donkeycar-lph-packer-builds.s3.eu-west-3.amazonaws.com/"$GITHUB_RUN_NB"/"$IMAGE_FILENAME".tar.gz"
# env:
# IMAGE_FILENAME: '${{ github.event.pull_request.head.sha || github.sha }}-${{ github.head_ref || github.ref }}.img'
# GITHUB_RUN_NB: ${{github.run_number}}
# - name: Post comment on PR with build URL # It it's a PR sending a message on it with link to the image
# if: github.event_name == 'pull_request_target'
# uses: marocchino/sticky-pull-request-comment@v2
# with:
# append: true
# message: |
# Build for ${{ github.event.pull_request.head.sha }} is here :
# [${{ github.head_ref || github.ref }}.img.tar.gz](https://donkeycar-lph-packer-builds.s3.eu-west-3.amazonaws.com/${{ github.run_number }}/${{ github.event.pull_request.head.sha || github.sha }}-${{ github.head_ref || github.ref }}.img.tar.gz)