release: generate deployment files for all platforms

edgelesssys · Aug 19, 2024 · e260b21 · e260b21
1 parent b1159fc
commit e260b21
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 14 deletions.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -291,17 +291,20 @@ jobs:
         with:
           name: image-replacements.txt
           path: ./image-replacements.txt
-      - name: Create portable coordinator resource definitions
+      - name: Create coordinator resource definitions
         run: |
           mkdir -p workspace
-          nix run .#scripts.write-coordinator-yaml -- "${coordinatorImgTagged}" > workspace/coordinator.yml
-          nix shell .#contrast --command resourcegen --image-replacements ./image-replacements.txt --platform AKS-CLH-SNP \
-            --namespace kube-system runtime > workspace/runtime.yml
-          nix shell .#contrast --command resourcegen --image-replacements ./image-replacements.txt --platform AKS-CLH-SNP \
-            --add-load-balancers emojivoto-sm-ingress > workspace/emojivoto-demo.yml
+          for platform in AKS-CLH-SNP K3s-QEMU-TDX K3s-QEMU-SNP RKE2-QEMU-TDX
+          do
+            nix run .#scripts.write-coordinator-yaml -- "${coordinatorImgTagged}" "${platform}" > workspace/coordinator-$platform.yml
+            nix shell .#contrast --command resourcegen --image-replacements ./image-replacements.txt --platform $platform \
+              --namespace kube-system runtime > workspace/runtime-$platform.yml
+            nix shell .#contrast --command resourcegen --image-replacements ./image-replacements.txt --platform $platform \
+              --add-load-balancers emojivoto-sm-ingress > workspace/emojivoto-demo-$platform.yml
+          done
       - name: Update coordinator policy hash
         run: |
-          yq < workspace/coordinator.yml \
+          yq < workspace/coordinator-AKS-CLH-SNP.yml \
             'select(.kind == "StatefulSet") | .spec.template.metadata.annotations["io.katacontainers.config.agent.policy"]' |
             base64 -d | sha256sum | cut -d " " -f1 > cli/cmd/assets/coordinator-policy-hash
 
@@ -321,9 +324,9 @@ jobs:
           name: contrast-release-artifacts
           path: |
             result-cli/bin/contrast
-            workspace/coordinator.yml
-            workspace/runtime.yml
-            workspace/emojivoto-demo.yml
+            workspace/coordinator-*.yml
+            workspace/runtime-*.yml
+            workspace/emojivoto-demo-*.yml
       - name: Create draft release
         uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 # v2.0.8
         with:
@@ -334,9 +337,9 @@ jobs:
           fail_on_unmatched_files: true
           files: |
             result-cli/bin/contrast
-            workspace/coordinator.yml
-            workspace/runtime.yml
-            workspace/emojivoto-demo.yml
+            workspace/coordinator-*.yml
+            workspace/runtime-*.yml
+            workspace/emojivoto-demo-*.yml
       - name: Reset temporary changes
         run: |
           git reset --hard ${{ needs.process-inputs.outputs.WORKING_BRANCH }}

diff --git a/packages/scripts.nix b/packages/scripts.nix
@@ -160,12 +160,13 @@
     ];
     text = ''
       imageRef=$1
+      platform=$2
 
       tmpdir=$(mktemp -d)
       trap 'rm -rf $tmpdir' EXIT
 
       echo "ghcr.io/edgelesssys/contrast/coordinator:latest=$imageRef" > "$tmpdir/image-replacements.txt"
-      resourcegen --platform AKS-CLH-SNP --image-replacements "$tmpdir/image-replacements.txt" --add-load-balancers coordinator > "$tmpdir/coordinator_base.yml"
+      resourcegen --platform "$platform" --image-replacements "$tmpdir/image-replacements.txt" --add-load-balancers coordinator > "$tmpdir/coordinator_base.yml"
 
       pushd "$tmpdir" >/dev/null
       cp ${pkgs.microsoft.genpolicy.rules-coordinator}/genpolicy-rules.rego rules.rego