box.yaml

#
# WARP
# CI Pipeline
# Build Box Image
#

name: CI Pipeline
on:
  push:
    paths:
      - .github/workflows/box.yaml
      - "box/**"
      - makefile
      - requirements.txt
      - requirements.yaml
  create: {}
env:
  PYTHON_VERSION: "3.11"
  PACKER_VERSION: 1.8.5
  # make ansible output human readable logs
  ANSIBLE_STDOUT_CALLBACK: debug
  # box image build timeout in minutes
  BUILD_TIMEOUT: 90
jobs:
  build-box-gcp:
    runs-on: ubuntu-22.04
    steps:
    - name: Checkout code
      uses: actions/checkout@v4
      with:
        # required to fetch git branch info
        fetch-depth: "0"

    - name: Install Python
      uses: actions/setup-python@v5
      with:
        python-version: ${{ env.PYTHON_VERSION }}

    - name: Install Python Tooling
      run: sudo pip3 install -r requirements.txt

    - name: Install Packer
      uses: hashicorp-contrib/setup-packer@v3
      with:
        packer-version: ${{ env.PACKER_VERSION }}

    - name: Configure image name based on branch name
      run: |
        case '${{ github.ref_name }}' in
          main)
            SUFFIX=""
          ;;
          *)
            SUFFIX="-$(printf '${{ github.ref_name }}' | tr '[:punct:]' '-')"
          ;;
        esac
        echo "PKR_VAR_image_suffix=${SUFFIX}" >> $GITHUB_ENV

    - name: Build WARP Box with Packer on GCP
      env:
        GOOGLE_APPLICATION_CREDENTIALS: "/tmp/gcp_packer_key.json"
        KEY_BASE64: ${{ secrets.GCP_PACKER_KEY_BASE64 }}
        PKR_VAR_web_term_password: ${{ secrets.BOX_WEB_TERM_PASSWORD }}
        PACKER_GITHUB_API_TOKEN: ${{ github.token }}
      uses: nick-fields/retry@v2
      with:
        timeout_minutes: ${{ env.BUILD_TIMEOUT }}
        max_attempts: 2
        retry_wait_seconds: 30
        command: |
          # decode base64 & write key to disk
          echo "$KEY_BASE64" | base64 -d >$GOOGLE_APPLICATION_CREDENTIALS
          make box-gcp