-
Notifications
You must be signed in to change notification settings - Fork 3
99 lines (87 loc) · 2.9 KB
/
pull-request.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
name: Pull Request
on:
workflow_dispatch: {}
pull_request:
branches:
- main
jobs:
terraform:
name: Terraform
runs-on: ubuntu-latest
permissions:
contents: "read"
id-token: "write"
steps:
- uses: actions/checkout@v3
- id: "gcp-auth"
name: "Authenticate to Google Cloud"
uses: "google-github-actions/auth@v0"
with:
create_credentials_file: true
workload_identity_provider: "projects/76410834219/locations/global/workloadIdentityPools/github-actions/providers/github-actions"
service_account: "ghapr-vjftw-cloud-desktops@vjp-github-actions.iam.gserviceaccount.com"
- name: Create infrastructure
if: success()
run: |-
./pleasew -p -v2 run ///third_party/repo/org-infra//build/ci/github:terraform_workspace -- \
apply \
--workspace_name="pr" \
--please_target="//deployment/packer:packer"
build:
runs-on: ubuntu-latest
needs: [terraform]
permissions:
contents: "read"
id-token: "write"
strategy:
fail-fast: false
matrix:
flavour:
- arch:xfce4
- debian:xfce4
- debian/kali:xfce4
name: ${{ matrix.flavour }}
steps:
- name: check out code
uses: actions/checkout@v3
- id: "gcp-auth"
name: "Authenticate to Google Cloud"
uses: "google-github-actions/auth@v0"
with:
create_credentials_file: true
workload_identity_provider: "projects/76410834219/locations/global/workloadIdentityPools/github-actions/providers/github-actions"
service_account: "ghapr-vjftw-cloud-desktops@vjp-github-actions.iam.gserviceaccount.com"
- name: run packer build
run: ./pleasew run "//flavours/${{ matrix.flavour }}_build"
continue-on-error: true
env:
GCP_PROJECT_ID: vjp-cloud-desktops-pr
- uses: actions/upload-artifact@v2
continue-on-error: true
with:
name: packer-manifests
path: plz-out/**/packer-manifest.json
clean_up:
if: always()
needs: build
runs-on: ubuntu-latest
permissions:
contents: "read"
id-token: "write"
steps:
- name: check out code
uses: actions/checkout@v3
- id: "gcp-auth"
name: "Authenticate to Google Cloud"
uses: "google-github-actions/auth@v0"
with:
create_credentials_file: true
workload_identity_provider: "projects/76410834219/locations/global/workloadIdentityPools/github-actions/providers/github-actions"
service_account: "ghapr-vjftw-cloud-desktops@vjp-github-actions.iam.gserviceaccount.com"
- uses: actions/download-artifact@v2
with:
path: plz-out/
- name: Cleanup images created in PR
run: ./pleasew run //build:pr_cleanup
env:
GCP_PROJECT_ID: vjp-cloud-desktops-pr