mirror of
https://github.com/nmasur/dotfiles
synced 2024-11-22 11:05:37 +00:00
switch to uploading image to s3 without tf
This commit is contained in:
parent
de766b6893
commit
e561d5984b
17
.github/workflows/arrow-aws.yml
vendored
17
.github/workflows/arrow-aws.yml
vendored
@ -67,25 +67,18 @@ jobs:
|
|||||||
- name: Install Nix
|
- name: Install Nix
|
||||||
if: inputs.rebuild && inputs.action != 'destroy'
|
if: inputs.rebuild && inputs.action != 'destroy'
|
||||||
uses: cachix/install-nix-action@v20
|
uses: cachix/install-nix-action@v20
|
||||||
with:
|
|
||||||
extra_nix_config: |
|
|
||||||
substituters = s3://${{ secrets.NIX_CACHE_BUCKET }} https://cache.nixos.org/
|
|
||||||
trusted-public-keys = ${{ secrets.NIX_CACHE_BUCKET }}:KJLT83NgyLjjX+YOJxFNflmw3/IPwW+y21cpgVv+Kwc= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
|
|
||||||
|
|
||||||
# Build the image
|
# Build the image
|
||||||
- name: Build Image
|
- name: Build Image
|
||||||
if: inputs.rebuild && inputs.action != 'destroy'
|
if: inputs.rebuild && inputs.action != 'destroy'
|
||||||
run: nix build .#arrow-aws
|
run: nix build .#arrow-aws
|
||||||
|
|
||||||
# Copy the image to S3
|
- name: Upload Image to S3
|
||||||
- name: Upload Image to Cache
|
if: inputs.rebuild && inputs.action != 'destroy'
|
||||||
env:
|
|
||||||
NIX_CACHE_PRIVATE_KEY: ${{ secrets.NIX_CACHE_PRIVATE_KEY }}
|
|
||||||
run: |
|
run: |
|
||||||
echo "$NIX_CACHE_PRIVATE_KEY" > cache.key
|
aws s3 cp \
|
||||||
nix store sign --key-file cache.key $(readlink result)
|
result/nixos-amazon-image-*.vhd \
|
||||||
nix copy --to s3://${{ secrets.NIX_CACHE_BUCKET }} $(readlink result)
|
s3://${{ secrets.IMAGES_BUCKET }}/arrow.vhd \
|
||||||
rm cache.key
|
|
||||||
|
|
||||||
# Installs the Terraform binary and some other accessory functions.
|
# Installs the Terraform binary and some other accessory functions.
|
||||||
- name: Setup Terraform
|
- name: Setup Terraform
|
||||||
|
@ -17,7 +17,7 @@ data "aws_vpc" "vpc" {
|
|||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_security_group" "instance" {
|
resource "aws_security_group" "instance" {
|
||||||
name = "t2-aws-nixos-test"
|
name = "aws-nixos"
|
||||||
description = "Allow SSH and HTTPS"
|
description = "Allow SSH and HTTPS"
|
||||||
vpc_id = data.aws_vpc.vpc.id
|
vpc_id = data.aws_vpc.vpc.id
|
||||||
|
|
||||||
|
@ -1,13 +1,19 @@
|
|||||||
locals {
|
# locals {
|
||||||
image_file = one(fileset(path.root, "../../../result/nixos-amazon-image-*.vhd"))
|
# image_file = one(fileset(path.root, "../../../result/nixos-amazon-image-*.vhd"))
|
||||||
}
|
# }
|
||||||
|
#
|
||||||
|
# # Upload image to S3
|
||||||
|
# resource "aws_s3_object" "image" {
|
||||||
|
# bucket = var.images_bucket
|
||||||
|
# key = basename(local.image_file)
|
||||||
|
# source = local.image_file
|
||||||
|
# etag = filemd5(local.image_file)
|
||||||
|
# }
|
||||||
|
|
||||||
# Upload image to S3
|
# Use existing image in S3
|
||||||
resource "aws_s3_object" "image" {
|
data "aws_s3_object" "image" {
|
||||||
bucket = var.images_bucket
|
bucket = var.images_bucket
|
||||||
key = basename(local.image_file)
|
key = "arrow.vhd"
|
||||||
source = local.image_file
|
|
||||||
etag = filemd5(local.image_file)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
# Setup IAM access for the VM Importer
|
# Setup IAM access for the VM Importer
|
||||||
@ -29,8 +35,8 @@ data "aws_iam_policy_document" "vmimport" {
|
|||||||
"s3:ListBucket",
|
"s3:ListBucket",
|
||||||
]
|
]
|
||||||
resources = [
|
resources = [
|
||||||
"arn:aws:s3:::${aws_s3_object.image.bucket}",
|
"arn:aws:s3:::${data.aws_s3_object.image.bucket}",
|
||||||
"arn:aws:s3:::${aws_s3_object.image.bucket}/*",
|
"arn:aws:s3:::${data.aws_s3_object.image.bucket}/*",
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
statement {
|
statement {
|
||||||
@ -58,8 +64,8 @@ resource "aws_ebs_snapshot_import" "image" {
|
|||||||
disk_container {
|
disk_container {
|
||||||
format = "VHD"
|
format = "VHD"
|
||||||
user_bucket {
|
user_bucket {
|
||||||
s3_bucket = aws_s3_object.image.bucket
|
s3_bucket = data.aws_s3_object.image.bucket
|
||||||
s3_key = aws_s3_object.image.key
|
s3_key = data.aws_s3_object.image.key
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user