build: automate VM image build (#2)

aquasecurity · Jun 18, 2023 · 6359bad · 6359bad
1 parent 625cbea
commit 6359bad
Show file tree

Hide file tree

Showing 3 changed files with 92 additions and 0 deletions.
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
@@ -0,0 +1,55 @@
+name: Build
+on:
+ push:
+ branches:
+ - main
+jobs:
+ test:
+ name: Build VM images
+ runs-on: macos-latest
+ steps:
+ - uses: actions/checkout@v3
+
+ - name: Install tools
+ run: brew install qemu oras
+
+ # Docker doesn't work on macos-latest
+ # cf. https://github.com/docker/login-action/issues/93
+ - name: Login to GitHub Container Registry
+ run: oras login -u ${{ github.actor }} -p ${{ secrets.GITHUB_TOKEN }} ghcr.io
+
+ - name: Build Ubuntu 22.04
+ run: |
+ packer build -force templates/ubuntu-2204.json
+ mkdir ubuntu-2204
+ tar xvf output-vagrant/package.box -C ubuntu-2204
+ qemu-img convert -O raw ubuntu-2204/box-disk001.vmdk ubuntu-2204/ubuntu-2204.img
+
+ - name: Push Ubuntu 22.04
+ run: |
+ mv ubuntu-2204/box-disk001.vmdk ubuntu-2204/ubuntu-2204.vmdk
+ cd ubuntu-2204
+ gzip ubuntu-2204.img ubuntu-2204.vmdk
+ oras push ghcr.io/${{ github.repository_owner }}/trivy-test-vm-images:ubuntu-2204 \
+ --artifact-type application/vnd.aquasec.trivy.config \
+ ubuntu-2204.img.gz:application/vnd.aquasec.trivy.vm.image.v1+gzip \
+ ubuntu-2204.vmdk.gz:application/vnd.aquasec.trivy.vm.vmdk.v1+gzip
+ cd .. && rm -rf ubuntu-2204
+
+ - name: Build Amazon Linux 2
+ run: |
+ packer build -force templates/amazonlinux-2.json
+ mkdir amazonlinux-2
+ tar xvf output-vagrant/package.box -C amazonlinux-2
+ qemu-img convert -O raw amazonlinux-2/box-disk001.vmdk amazonlinux-2/amazon-2.img
+
+ - name: Push Amazon Linux 2
+ run: |
+ mv amazonlinux-2/box-disk001.vmdk amazonlinux-2/amazon-2.vmdk
+ cd amazonlinux-2
+ gzip amazon-2.img amazon-2.vmdk
+ oras push ghcr.io/${{ github.repository_owner }}/trivy-test-vm-images:amazon-2 \
+ --artifact-type application/vnd.aquasec.trivy.config \
+ amazon-2.img.gz:application/vnd.aquasec.trivy.vm.image.v1+gzip \
+ amazon-2.vmdk.gz:application/vnd.aquasec.trivy.vm.vmdk.v1+gzip
+ cd .. && rm -rf amazonlinux-2
diff --git a/templates/amazonlinux-2.json b/templates/amazonlinux-2.json
@@ -0,0 +1,18 @@
+{
+ "builders": [
+ {
+ "communicator": "ssh",
+ "source_path": "bento/amazonlinux-2",
+ "box_version": "v1.3",
+ "provider": "virtualbox",
+ "add_force": true,
+ "type": "vagrant"
+ }
+ ],
+ "provisioners": [{
+ "type": "shell",
+ "inline": [
+ "sudo yum -y install httpd git"
+ ]
+ }]
+}
diff --git a/templates/ubuntu-2204.json b/templates/ubuntu-2204.json
@@ -0,0 +1,19 @@
+{
+ "builders": [
+ {
+ "communicator": "ssh",
+ "source_path": "ubuntu/jammy64",
+ "box_version": "v20230608.0.0",
+ "provider": "virtualbox",
+ "add_force": true,
+ "type": "vagrant"
+ }
+ ],
+ "provisioners": [{
+ "type": "shell",
+ "inline": [
+ "sudo apt-get -y update",
+ "sudo apt-get -y install git"
+ ]
+ }]
+}