[ci] Add a workflow to import images to AWS EC2

Add a workflow to build and import the official iPXE images for AWS EC2. Treat this as a workflow that must be triggered manually, since importing is prone to failure for reasons unrelated to the state of the codebase (e.g. the creation of new regions, or an explosion at a data centre) and so should not result in CI failures being reported against specific commits. Signed-off-by: Michael Brown <mcb30@ipxe.org>
2026-05-04 03:03:43 +03:00 · 2026-03-07 23:32:03 +00:00
parent c44d5f96e9
commit e9b80ee545
1 changed files with 104 additions and 0 deletions
@@ -0,0 +1,104 @@
+name: AWS Import
+
+on:
+  push:
+    branches:
+      - awstest
+  workflow_dispatch:
+
+env:
+  MAKEFLAGS: "-j4 GITVERSION=${{ github.sha }}"
+
+jobs:
+
+  build:
+    name: Build / ${{ matrix.arch }}
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - arch: arm64
+            platform: efi
+          - arch: x86_64
+            platform: pcbios
+    container:
+      image: ghcr.io/ipxe/ipxe-builder-${{ matrix.arch }}
+    env:
+      bindir: bin-${{ matrix.arch }}-${{ matrix.platform }}
+    steps:
+
+      - name: Check out code
+        uses: actions/checkout@v6
+
+      - name: Build
+        working-directory: src
+        run: |
+          make CONFIG=cloud EMBED=config/cloud/aws.ipxe \
+               ${{ env.bindir }}/ipxe.usb
+
+      - name: Upload
+        uses: actions/upload-artifact@v6
+        with:
+          name: ${{ env.bindir }}
+          if-no-files-found: error
+          path: |
+            src/${{ env.bindir }}/ipxe.usb
+
+  import:
+    name: Import
+    runs-on: ubuntu-latest
+    needs:
+      - build
+    container:
+      image: ghcr.io/ipxe/ipxe-builder-cloud
+    env:
+      amilist: >-
+        ${{ github.ref == 'refs/heads/awstest' &&
+            'ipxetest-amilist.txt' || 'amilist.txt' }}
+      binaries: >-
+        bin-arm64-efi/ipxe.usb
+        bin-x86_64-pcbios/ipxe.usb
+      bucket: ${{ vars.AWS_BUCKET }}
+      family: ${{ github.ref == 'refs/heads/awstest' && '--family ipxetest' }}
+      retain: ${{ github.ref == 'refs/heads/awstest' && '0' || '3' }}
+    environment: aws-import
+    permissions:
+      id-token: write
+      contents: read
+    steps:
+
+      - name: Check out code
+        uses: actions/checkout@v6
+
+      - name: Download
+        uses: actions/download-artifact@v7
+        with:
+          path: src
+          pattern: "bin-*"
+
+      - name: Log in
+        uses: aws-actions/configure-aws-credentials@v6
+        with:
+          role-to-assume: ${{ vars.AWS_ROLE }}
+          aws-region: ${{ vars.AWS_REGION }}
+
+      - name: Import
+        working-directory: src
+        run: |
+          ../contrib/cloud/aws-import \
+              --public \
+              --overwrite \
+              --retain ${{ env.retain }} \
+              --wiki ${{ env.amilist }} \
+              --bucket ${{ env.bucket }} \
+              ${{ env.family }} \
+              ${{ env.binaries }}
+
+      - name: Upload
+        uses: actions/upload-artifact@v6
+        with:
+          name: amilist
+          if-no-files-found: error
+          path: |
+            src/${{ env.amilist }}