ipxe/.github/workflows/aws-import.yml

name: AWS Import

on:
  push:
    branches:
      - awstest
  workflow_dispatch:

env:
  MAKEFLAGS: "-j4 GITVERSION=${{ github.sha }}"

jobs:

  build:
    name: Build / ${{ matrix.arch }}
    runs-on: ubuntu-latest
    strategy:
      fail-fast: false
      matrix:
        include:
          - arch: arm64
            platform: efi
          - arch: x86_64
            platform: pcbios
    container:
      image: ghcr.io/ipxe/ipxe-builder-${{ matrix.arch }}
    env:
      bindir: bin-${{ matrix.arch }}-${{ matrix.platform }}
    steps:

      - name: Check out code
        uses: actions/checkout@v6

      - name: Build
        working-directory: src
        run: |
          make CONFIG=cloud EMBED=config/cloud/aws.ipxe \
               ${{ env.bindir }}/ipxe.usb

      - name: Upload
        uses: actions/upload-artifact@v6
        with:
          name: ${{ env.bindir }}
          if-no-files-found: error
          path: |
            src/${{ env.bindir }}/ipxe.usb

  import:
    name: Import
    runs-on: ubuntu-latest
    needs:
      - build
    container:
      image: ghcr.io/ipxe/ipxe-builder-cloud
    env:
      amilist: >-
        ${{ github.ref == 'refs/heads/awstest' &&
            'ipxetest-amilist.txt' || 'amilist.txt' }}
      binaries: >-
        bin-arm64-efi/ipxe.usb
        bin-x86_64-pcbios/ipxe.usb
      bucket: ${{ vars.AWS_BUCKET }}
      family: ${{ github.ref == 'refs/heads/awstest' && '--family ipxetest' }}
      retain: ${{ github.ref == 'refs/heads/awstest' && '0' || '3' }}
    environment: aws-import
    permissions:
      id-token: write
      contents: read
    steps:

      - name: Check out code
        uses: actions/checkout@v6

      - name: Download
        uses: actions/download-artifact@v7
        with:
          path: src
          pattern: "bin-*"

      - name: Log in
        uses: aws-actions/configure-aws-credentials@v6
        with:
          role-to-assume: ${{ vars.AWS_ROLE }}
          aws-region: ${{ vars.AWS_REGION }}

      - name: Import
        working-directory: src
        run: |
          ../contrib/cloud/aws-import \
              --public \
              --overwrite \
              --retain ${{ env.retain }} \
              --wiki ${{ env.amilist }} \
              --bucket ${{ env.bucket }} \
              ${{ env.family }} \
              ${{ env.binaries }}

      - name: Upload
        uses: actions/upload-artifact@v6
        with:
          name: amilist
          if-no-files-found: error
          path: |
            src/${{ env.amilist }}