gateway ami 1

Author: t-aleksander

.github/workflows/release.yml

@@ -1,88 +1,97 @@
 name: Publish
 on:
   push:
-    tags:
-      - v*.*.*
+    # tags:
+    #   - v*.*.*
+    branches:
+      - gateway-ami
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
 
 jobs:
-  build-docker-release:
-    # Ignore tags with -, like v1.0.0-alpha
-    # This job will build the docker container with the "latest" tag which
-    # is a tag used in production, thus it should only be run for full releases.
-    if: startsWith(github.ref, 'refs/tags/') && !contains(github.ref, '-')
-    name: Build Release Docker image
-    uses: ./.github/workflows/build-docker.yml
-    with:
-      tags: |
-        type=raw,value=latest
-        type=semver,pattern={{version}}
-        type=semver,pattern={{major}}.{{minor}}
-        type=sha
-
-  build-docker-prerelease:
-    # Only build tags with -, like v1.0.0-alpha
-    if: startsWith(github.ref, 'refs/tags/') && contains(github.ref, '-')
-    name: Build Pre-release Docker image
-    uses: ./.github/workflows/build-docker.yml
-    with:
-      tags: |
-        type=raw,value=pre-release
-        type=semver,pattern={{version}}
-        type=sha
-      # Explicitly disable latest tag. It will be added otherwise.
-      flavor: |
-        latest=false
-
-  create-release:
-    name: create-release
-    runs-on: self-hosted
-    outputs:
-      upload_url: ${{ steps.release.outputs.upload_url }}
-    steps:
-      - name: Create GitHub release
-        id: release
-        uses: softprops/action-gh-release@v1
-        if: startsWith(github.ref, 'refs/tags/')
-        with:
-          draft: true
-          generate_release_notes: true
+  # build-docker-release:
+  #   # Ignore tags with -, like v1.0.0-alpha
+  #   # This job will build the docker container with the "latest" tag which
+  #   # is a tag used in production, thus it should only be run for full releases.
+  #   if: startsWith(github.ref, 'refs/tags/') && !contains(github.ref, '-')
+  #   name: Build Release Docker image
+  #   uses: ./.github/workflows/build-docker.yml
+  #   with:
+  #     tags: |
+  #       type=raw,value=latest
+  #       type=semver,pattern={{version}}
+  #       type=semver,pattern={{major}}.{{minor}}
+  #       type=sha
+
+  # build-docker-prerelease:
+  #   # Only build tags with -, like v1.0.0-alpha
+  #   if: startsWith(github.ref, 'refs/tags/') && contains(github.ref, '-')
+  #   name: Build Pre-release Docker image
+  #   uses: ./.github/workflows/build-docker.yml
+  #   with:
+  #     tags: |
+  #       type=raw,value=pre-release
+  #       type=semver,pattern={{version}}
+  #       type=sha
+  #     # Explicitly disable latest tag. It will be added otherwise.
+  #     flavor: |
+  #       latest=false
+
+  # create-release:
+  #   name: create-release
+  #   runs-on: self-hosted
+  #   outputs:
+  #     upload_url: ${{ steps.release.outputs.upload_url }}
+  #   steps:
+  #     - name: Create GitHub release
+  #       id: release
+  #       uses: softprops/action-gh-release@v1
+  #       if: startsWith(github.ref, 'refs/tags/')
+  #       with:
+  #         draft: true
+  #         generate_release_notes: true
 
   build-release:
     name: Release ${{ matrix.build }}
-    needs: [create-release]
+    # needs: [create-release]
     runs-on:
       - self-hosted
       - ${{ matrix.os }}
       - X64
     strategy:
       fail-fast: false
       matrix:
-        build: [linux, linux-arm64, freebsd]
+        # build: [linux, linux-arm64, freebsd]
+        build: [linux]
         include:
           - build: linux
             arch: amd64
             os: Linux
             asset_name: defguard-gateway-linux-x86_64
             target: x86_64-unknown-linux-gnu
-          - build: linux-arm64
-            arch: arm64
-            os: Linux
-            asset_name: defguard-gateway-linux-arm64
-            target: aarch64-unknown-linux-gnu
-          - build: freebsd
-            arch: amd64
-            os: Linux
-            asset_name: defguard-gateway-freebsd-x86_64
-            target: x86_64-unknown-freebsd
+          # - build: linux-arm64
+          #   arch: arm64
+          #   os: Linux
+          #   asset_name: defguard-gateway-linux-arm64
+          #   target: aarch64-unknown-linux-gnu
+          # - build: freebsd
+          #   arch: amd64
+          #   os: Linux
+          #   asset_name: defguard-gateway-freebsd-x86_64
+          #   target: x86_64-unknown-freebsd
     steps:
       # Store the version, stripping any v-prefix
+      # - name: Write release version
+      #   run: |
+      #     VERSION=${GITHUB_REF_NAME#v}
+      #     echo Version: $VERSION
+      #     echo "VERSION=$VERSION" >> $GITHUB_ENV
+
       - name: Write release version
         run: |
-          VERSION=${GITHUB_REF_NAME#v}
+          VERSION=1.5.0
           echo Version: $VERSION
           echo "VERSION=$VERSION" >> $GITHUB_ENV
 
@@ -98,6 +107,10 @@ jobs:
           target: ${{ matrix.target }}
           override: true
 
+      - name: Setup `packer`
+        uses: hashicorp/setup-packer@main
+        id: setup
+
       - name: Build release binary
         uses: actions-rs/cargo@v1
         with:
@@ -116,15 +129,15 @@ jobs:
             ${{ matrix.asset_name }}-${{ github.ref_name }}
           outPath: ${{ matrix.asset_name }}-${{ github.ref_name }}-${{ matrix.target }}.tar.gz
 
-      - name: Upload release archive
-        uses: actions/upload-release-asset@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          upload_url: ${{ needs.create-release.outputs.upload_url }}
-          asset_path: ${{ matrix.asset_name }}-${{ github.ref_name }}-${{ matrix.target }}.tar.gz
-          asset_name: ${{ matrix.asset_name }}-${{ github.ref_name }}-${{ matrix.target }}.tar.gz
-          asset_content_type: application/octet-stream
+      # - name: Upload release archive
+      #   uses: actions/upload-release-asset@v1
+      #   env:
+      #     GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      #   with:
+      #     upload_url: ${{ needs.create-release.outputs.upload_url }}
+      #     asset_path: ${{ matrix.asset_name }}-${{ github.ref_name }}-${{ matrix.target }}.tar.gz
+      #     asset_name: ${{ matrix.asset_name }}-${{ github.ref_name }}-${{ matrix.target }}.tar.gz
+      #     asset_content_type: application/octet-stream
 
       - name: Build DEB package
         if: matrix.build != 'freebsd'
@@ -133,77 +146,94 @@ jobs:
           fpm_args: "${{ matrix.asset_name }}-${{ github.ref_name }}=/usr/sbin/defguard-gateway defguard-gateway.service=/usr/lib/systemd/system/defguard-gateway.service example-config.toml=/etc/defguard/gateway.toml.sample"
           fpm_opts: "--architecture ${{ matrix.arch }} --debug --output-type deb --version ${{ env.VERSION }} --package defguard-gateway_${{ env.VERSION }}_${{ matrix.target }}.deb --after-install after-install.sh"
 
-      - name: Upload DEB
-        if: matrix.build != 'freebsd'
-        uses: actions/upload-release-asset@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          upload_url: ${{ needs.create-release.outputs.upload_url }}
-          asset_path: defguard-gateway_${{ env.VERSION }}_${{ matrix.target }}.deb
-          asset_name: defguard-gateway_${{ env.VERSION }}_${{ matrix.target }}.deb
-          asset_content_type: application/octet-stream
-
-      - name: Build RPM package
-        if: matrix.build == 'linux'
-        uses: defGuard/fpm-action@main
-        with:
-          fpm_args: "${{ matrix.asset_name }}-${{ github.ref_name }}=/usr/sbin/defguard-gateway defguard-gateway.service=/usr/lib/systemd/system/defguard-gateway.service example-config.toml=/etc/defguard/gateway.toml.sample"
-          fpm_opts: "--architecture ${{ matrix.arch }} --debug --output-type rpm --version ${{ env.VERSION }} --package defguard-gateway_${{ env.VERSION }}_${{ matrix.target }}.rpm --after-install after-install.sh"
-
-      - name: Upload RPM
-        if: matrix.build == 'linux'
-        uses: actions/upload-release-asset@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          upload_url: ${{ needs.create-release.outputs.upload_url }}
-          asset_path: defguard-gateway_${{ env.VERSION }}_${{ matrix.target }}.rpm
-          asset_name: defguard-gateway_${{ env.VERSION }}_${{ matrix.target }}.rpm
-          asset_content_type: application/octet-stream
-
-      - name: Build FreeBSD package
-        if: matrix.build == 'freebsd'
-        uses: defGuard/fpm-action@main
-        with:
-          fpm_args:
-            "${{ matrix.asset_name }}-${{ github.ref_name }}=/usr/local/sbin/defguard-gateway
-            defguard-gateway.service.freebsd=/usr/local/etc/rc.d/defguard_gateway
-            example-config.toml=/etc/defguard/gateway.toml.sample
-            defguard-rc.conf=/etc/rc.conf.d/defguard_gateway"
-          fpm_opts: "--architecture ${{ matrix.arch }} --debug --output-type freebsd --version ${{ env.VERSION }} --package defguard-gateway_${{ env.VERSION }}_${{ matrix.target }}.pkg --freebsd-osversion '*'"
-
-      - name: Upload FreeBSD
-        if: matrix.build == 'freebsd'
-        uses: actions/upload-release-asset@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          upload_url: ${{ needs.create-release.outputs.upload_url }}
-          asset_path: defguard-gateway_${{ env.VERSION }}_${{ matrix.target }}.pkg
-          asset_name: defguard-gateway_${{ env.VERSION }}_${{ matrix.target }}.pkg
-          asset_content_type: application/octet-stream
-
-      - name: Build OPNsense package
-        if: matrix.build == 'freebsd'
-        uses: defGuard/fpm-action@main
-        with:
-          fpm_args:
-            "${{ matrix.asset_name }}-${{ github.ref_name }}=/usr/local/sbin/defguard-gateway
-            defguard-gateway.service.freebsd=/usr/local/etc/rc.d/defguard_gateway
-            example-config.toml=/etc/defguard/gateway.toml.sample
-            defguard-rc.conf=/etc/rc.conf.d/defguard_gateway
-            opnsense/src/etc/=/usr/local/etc/
-            opnsense/src/opnsense/=/usr/local/opnsense/"
-          fpm_opts: "--architecture ${{ matrix.arch }} --debug --output-type freebsd --version ${{ env.VERSION }} --package defguard-gateway_${{ env.VERSION }}_x86_64-unknown-opnsense.pkg --freebsd-osversion '*'"
-
-      - name: Upload OPNsense package
-        if: matrix.build == 'freebsd'
-        uses: actions/upload-release-asset@v1
+      # - name: Upload DEB
+      #   if: matrix.build != 'freebsd'
+      #   uses: actions/upload-release-asset@v1
+      #   env:
+      #     GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      #   with:
+      #     upload_url: ${{ needs.create-release.outputs.upload_url }}
+      #     asset_path: defguard-gateway_${{ env.VERSION }}_${{ matrix.target }}.deb
+      #     asset_name: defguard-gateway_${{ env.VERSION }}_${{ matrix.target }}.deb
+      #     asset_content_type: application/octet-stream
+
+      - name: Run `packer init`
+        if: matrix.build == 'linux' && matrix.arch == 'amd64'
+        id: init
+        run: "packer init ./images/ami/gateway.pkr.hcl"
+
+      - name: Run `packer validate`
+        if: matrix.build == 'linux' && matrix.arch == 'amd64'
+        id: validate
+        run: packer validate --var "package_version=${{ env.VERSION }}" ./images/ami/gateway.pkr.hcl
+
+      - name: Build AMI image
+        if: matrix.build == 'linux' && matrix.arch == 'amd64'
+        run: packer build -color=false -on-error=abort --var "package_version=${{ env.VERSION }}" ./images/ami/gateway.pkr.hcl
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          upload_url: ${{ needs.create-release.outputs.upload_url }}
-          asset_path: defguard-gateway_${{ env.VERSION }}_x86_64-unknown-opnsense.pkg
-          asset_name: defguard-gateway_${{ env.VERSION }}_x86_64-unknown-opnsense.pkg
-          asset_content_type: application/octet-stream
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+
+      # - name: Build RPM package
+      #   if: matrix.build == 'linux'
+      #   uses: defGuard/fpm-action@main
+      #   with:
+      #     fpm_args: "${{ matrix.asset_name }}-${{ github.ref_name }}=/usr/sbin/defguard-gateway defguard-gateway.service=/usr/lib/systemd/system/defguard-gateway.service example-config.toml=/etc/defguard/gateway.toml.sample"
+      #     fpm_opts: "--architecture ${{ matrix.arch }} --debug --output-type rpm --version ${{ env.VERSION }} --package defguard-gateway_${{ env.VERSION }}_${{ matrix.target }}.rpm --after-install after-install.sh"
+
+      # - name: Upload RPM
+      #   if: matrix.build == 'linux'
+      #   uses: actions/upload-release-asset@v1
+      #   env:
+      #     GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      #   with:
+      #     upload_url: ${{ needs.create-release.outputs.upload_url }}
+      #     asset_path: defguard-gateway_${{ env.VERSION }}_${{ matrix.target }}.rpm
+      #     asset_name: defguard-gateway_${{ env.VERSION }}_${{ matrix.target }}.rpm
+      #     asset_content_type: application/octet-stream
+
+      # - name: Build FreeBSD package
+      #   if: matrix.build == 'freebsd'
+      #   uses: defGuard/fpm-action@main
+      #   with:
+      #     fpm_args:
+      #       "${{ matrix.asset_name }}-${{ github.ref_name }}=/usr/local/sbin/defguard-gateway
+      #       defguard-gateway.service.freebsd=/usr/local/etc/rc.d/defguard_gateway
+      #       example-config.toml=/etc/defguard/gateway.toml.sample
+      #       defguard-rc.conf=/etc/rc.conf.d/defguard_gateway"
+      #     fpm_opts: "--architecture ${{ matrix.arch }} --debug --output-type freebsd --version ${{ env.VERSION }} --package defguard-gateway_${{ env.VERSION }}_${{ matrix.target }}.pkg --freebsd-osversion '*'"
+
+      # - name: Upload FreeBSD
+      #   if: matrix.build == 'freebsd'
+      #   uses: actions/upload-release-asset@v1
+      #   env:
+      #     GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      #   with:
+      #     upload_url: ${{ needs.create-release.outputs.upload_url }}
+      #     asset_path: defguard-gateway_${{ env.VERSION }}_${{ matrix.target }}.pkg
+      #     asset_name: defguard-gateway_${{ env.VERSION }}_${{ matrix.target }}.pkg
+      #     asset_content_type: application/octet-stream
+
+      # - name: Build OPNsense package
+      #   if: matrix.build == 'freebsd'
+      #   uses: defGuard/fpm-action@main
+      #   with:
+      #     fpm_args:
+      #       "${{ matrix.asset_name }}-${{ github.ref_name }}=/usr/local/sbin/defguard-gateway
+      #       defguard-gateway.service.freebsd=/usr/local/etc/rc.d/defguard_gateway
+      #       example-config.toml=/etc/defguard/gateway.toml.sample
+      #       defguard-rc.conf=/etc/rc.conf.d/defguard_gateway
+      #       opnsense/src/etc/=/usr/local/etc/
+      #       opnsense/src/opnsense/=/usr/local/opnsense/"
+      #     fpm_opts: "--architecture ${{ matrix.arch }} --debug --output-type freebsd --version ${{ env.VERSION }} --package defguard-gateway_${{ env.VERSION }}_x86_64-unknown-opnsense.pkg --freebsd-osversion '*'"
+
+      # - name: Upload OPNsense package
+      #   if: matrix.build == 'freebsd'
+      #   uses: actions/upload-release-asset@v1
+      #   env:
+      #     GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      #   with:
+      #     upload_url: ${{ needs.create-release.outputs.upload_url }}
+      #     asset_path: defguard-gateway_${{ env.VERSION }}_x86_64-unknown-opnsense.pkg
+      #     asset_name: defguard-gateway_${{ env.VERSION }}_x86_64-unknown-opnsense.pkg
+      #     asset_content_type: application/octet-stream