mirror of
https://github.com/nmasur/dotfiles
synced 2024-11-22 05:15:38 +00:00
switch to uploading image to s3 without tf
This commit is contained in:
parent
de766b6893
commit
e561d5984b
17
.github/workflows/arrow-aws.yml
vendored
17
.github/workflows/arrow-aws.yml
vendored
@ -67,25 +67,18 @@ jobs:
|
||||
- name: Install Nix
|
||||
if: inputs.rebuild && inputs.action != 'destroy'
|
||||
uses: cachix/install-nix-action@v20
|
||||
with:
|
||||
extra_nix_config: |
|
||||
substituters = s3://${{ secrets.NIX_CACHE_BUCKET }} https://cache.nixos.org/
|
||||
trusted-public-keys = ${{ secrets.NIX_CACHE_BUCKET }}:KJLT83NgyLjjX+YOJxFNflmw3/IPwW+y21cpgVv+Kwc= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
|
||||
|
||||
# Build the image
|
||||
- name: Build Image
|
||||
if: inputs.rebuild && inputs.action != 'destroy'
|
||||
run: nix build .#arrow-aws
|
||||
|
||||
# Copy the image to S3
|
||||
- name: Upload Image to Cache
|
||||
env:
|
||||
NIX_CACHE_PRIVATE_KEY: ${{ secrets.NIX_CACHE_PRIVATE_KEY }}
|
||||
- name: Upload Image to S3
|
||||
if: inputs.rebuild && inputs.action != 'destroy'
|
||||
run: |
|
||||
echo "$NIX_CACHE_PRIVATE_KEY" > cache.key
|
||||
nix store sign --key-file cache.key $(readlink result)
|
||||
nix copy --to s3://${{ secrets.NIX_CACHE_BUCKET }} $(readlink result)
|
||||
rm cache.key
|
||||
aws s3 cp \
|
||||
result/nixos-amazon-image-*.vhd \
|
||||
s3://${{ secrets.IMAGES_BUCKET }}/arrow.vhd \
|
||||
|
||||
# Installs the Terraform binary and some other accessory functions.
|
||||
- name: Setup Terraform
|
||||
|
@ -17,7 +17,7 @@ data "aws_vpc" "vpc" {
|
||||
}
|
||||
|
||||
resource "aws_security_group" "instance" {
|
||||
name = "t2-aws-nixos-test"
|
||||
name = "aws-nixos"
|
||||
description = "Allow SSH and HTTPS"
|
||||
vpc_id = data.aws_vpc.vpc.id
|
||||
|
||||
|
@ -1,13 +1,19 @@
|
||||
locals {
|
||||
image_file = one(fileset(path.root, "../../../result/nixos-amazon-image-*.vhd"))
|
||||
}
|
||||
# locals {
|
||||
# image_file = one(fileset(path.root, "../../../result/nixos-amazon-image-*.vhd"))
|
||||
# }
|
||||
#
|
||||
# # Upload image to S3
|
||||
# resource "aws_s3_object" "image" {
|
||||
# bucket = var.images_bucket
|
||||
# key = basename(local.image_file)
|
||||
# source = local.image_file
|
||||
# etag = filemd5(local.image_file)
|
||||
# }
|
||||
|
||||
# Upload image to S3
|
||||
resource "aws_s3_object" "image" {
|
||||
# Use existing image in S3
|
||||
data "aws_s3_object" "image" {
|
||||
bucket = var.images_bucket
|
||||
key = basename(local.image_file)
|
||||
source = local.image_file
|
||||
etag = filemd5(local.image_file)
|
||||
key = "arrow.vhd"
|
||||
}
|
||||
|
||||
# Setup IAM access for the VM Importer
|
||||
@ -29,8 +35,8 @@ data "aws_iam_policy_document" "vmimport" {
|
||||
"s3:ListBucket",
|
||||
]
|
||||
resources = [
|
||||
"arn:aws:s3:::${aws_s3_object.image.bucket}",
|
||||
"arn:aws:s3:::${aws_s3_object.image.bucket}/*",
|
||||
"arn:aws:s3:::${data.aws_s3_object.image.bucket}",
|
||||
"arn:aws:s3:::${data.aws_s3_object.image.bucket}/*",
|
||||
]
|
||||
}
|
||||
statement {
|
||||
@ -58,8 +64,8 @@ resource "aws_ebs_snapshot_import" "image" {
|
||||
disk_container {
|
||||
format = "VHD"
|
||||
user_bucket {
|
||||
s3_bucket = aws_s3_object.image.bucket
|
||||
s3_key = aws_s3_object.image.key
|
||||
s3_bucket = data.aws_s3_object.image.bucket
|
||||
s3_key = data.aws_s3_object.image.key
|
||||
}
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user