Skip to content

Commit 6f8b72d

Browse files
sjpbsjpb
committed
run only 1x build per matrix entry, & only builds required
1 parent e0a00d8 commit 6f8b72d

File tree

1 file changed

+21
-22
lines changed

1 file changed

+21
-22
lines changed

.github/workflows/fatimage.yml

Lines changed: 21 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -2,27 +2,26 @@
22
name: Build fat image
33
'on':
44
workflow_dispatch:
5-
inputs:
6-
use_RL8:
7-
required: true
8-
description: Include RL8 image build
9-
type: boolean
10-
default: false
115
concurrency:
12-
group: ${{ github.ref }}-{{ matrix.os_version }} # to branch/PR + OS
6+
group: ${{ github.ref }}-{{ matrix.os_version }}-{{ matrix.build }} # to branch/PR + OS + build
137
cancel-in-progress: true
148
jobs:
159
openstack:
1610
name: openstack-imagebuild
1711
runs-on: ubuntu-22.04
1812
strategy:
1913
matrix:
20-
os_version: [RL8, RL9]
21-
rl8_selected:
22-
- ${{ inputs.use_RL8 == true }} # only potentially true for workflow_dispatch
14+
os_version:
15+
- RL8
16+
- RL9
17+
build:
18+
- openstack.openhpc
19+
- openstack.openhpc-ofed
2320
exclude:
2421
- os_version: RL8
25-
rl8_selected: false
22+
build: openstack.openhpc-ofed
23+
- os_version: RL9
24+
build: openstack.openhpc
2625
env:
2726
ANSIBLE_FORCE_COLOR: True
2827
OS_CLOUD: openstack
@@ -63,23 +62,24 @@ jobs:
6362
. environments/.stackhpc/activate
6463
cd packer/
6564
packer init .
66-
PACKER_LOG=1 packer build -on-error=${{ vars.PACKER_ON_ERROR }} -except=openstack.openhpc-extra -var-file=$PKR_VAR_environment_root/${{ vars.CI_CLOUD }}.pkrvars.hcl openstack.pkr.hcl
65+
PACKER_LOG=1 packer build -on-error=${{ vars.PACKER_ON_ERROR }} -only={{ matrix.build }} -var-file=$PKR_VAR_environment_root/${{ vars.CI_CLOUD }}.pkrvars.hcl openstack.pkr.hcl
6766
env:
6867
PKR_VAR_os_version: ${{ matrix.os_version }}
6968

7069
- name: Get created image names from manifest
7170
id: manifest
7271
run: |
7372
. venv/bin/activate
74-
for IMAGE_ID in $(jq --raw-output '.builds[].artifact_id' packer/packer-manifest.json)
75-
do
76-
while ! openstack image show -f value -c name $IMAGE_ID; do
77-
sleep 5
78-
done
79-
IMAGE_NAME=$(openstack image show -f value -c name $IMAGE_ID)
80-
echo "image-name=${IMAGE_NAME}" >> "$GITHUB_OUTPUT"
81-
echo "image-id=$IMAGE_ID" >> "$GITHUB_OUTPUT"
73+
IMAGE_ID=$(jq --raw-output '.builds[-1].artifact_id' packer/packer-manifest.json)
74+
while ! openstack image show -f value -c name $IMAGE_ID; do
75+
sleep 5
8276
done
77+
IMAGE_NAME=$(openstack image show -f value -c name $IMAGE_ID)
78+
echo "image-name=${IMAGE_NAME}" >> "$GITHUB_OUTPUT"
79+
echo "image-id=$IMAGE_ID" >> "$GITHUB_OUTPUT"
80+
81+
- name: Download image
82+
run: openstack image save --file ${{ steps.manifest.outputs.image-name }}.qcow2 ${{ steps.manifest.outputs.image-name }}
8383

8484
- name: Set up QEMU
8585
uses: docker/setup-qemu-action@v3
@@ -95,7 +95,6 @@ jobs:
9595
- name: mount qcow2 file
9696
run: sudo guestmount -a ${{ steps.manifest.outputs.image-name }}.qcow2 -i --ro -o allow_other './${{ steps.manifest.outputs.image-name }}'
9797

98-
9998
- name: Run Trivy vulnerability scanner
10099
uses: aquasecurity/[email protected]
101100
with:
@@ -110,7 +109,7 @@ jobs:
110109
uses: github/codeql-action/upload-sarif@v3
111110
with:
112111
sarif_file: "${{ steps.manifest.outputs.image-name }}.sarif"
113-
category: "${{ matrix.os_version }}"
112+
category: "${{ matrix.os_version }}-${{ matrix.build }}"
114113

115114
- name: Fail if scan has CRITICAL vulnerabilities
116115
uses: aquasecurity/[email protected]

0 commit comments

Comments
 (0)