Testing new workflow #2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Pre-CI | |
| on: | |
| push: | |
| pull_request_target: | |
| # branches: | |
| # - main # The workflow would be run based on the workflow file of the base branch to protect against malicious workflow in the PR. | |
| env: | |
| LCOW_ARTIFACT_PROJECT: "ContainerPlatform" | |
| LCOW_ARTIFACT_FEED: "ContainerPlat-Dev" | |
| LCOW_ARTIFACT_NAME: "azurelinux-uvm" | |
| LCOW_ARTIFACT_VERSION: "*.*.*" | |
| LINUX_BOOT_FILES_PATH: ${{ github.workspace }}/LinuxBootFiles | |
| jobs: | |
| # This job downloads the Linux boot files from the Azure Artifact feed and | |
| # create the rootfs containing the local Linux-GCS. It needs to be run on | |
| # the 1ES github runner pool in order to access the Azure Artifact feed. | |
| donwload-linux-boot-files: | |
| runs-on: | |
| - ubuntu-latest | |
| # - self-hosted | |
| # - 1ES.Pool=containerplat-github-runner-pool-east-us-2 | |
| # - 1ES.ImageOverride=github-mms-ubuntu-22 | |
| permissions: | |
| id-token: write # This is required for OIDC login (azure/login) to succeed | |
| contents: read # This is required for actions/checkout to succeed | |
| steps: | |
| - name: Check access | |
| if: ${{ github.event.pull_request.author_association != 'COLLABORATOR' && github.event.pull_request.author_association != 'OWNER' }} | |
| run: | | |
| echo "Author association: ${{ github.event.pull_request.author_association }}" | |
| echo "Pull Request: ${{ github.event.pull_request }}" | |
| echo "Event not triggered by a collaborator. Will not continue CI." | |
| exit 1 | |
| # - name: Checkout hcsshim | |
| # uses: actions/checkout@v4 | |
| # with: | |
| # show-progress: false | |
| # Install Azure CLI and login to Azure | |
| - name: Azure OIDC Login | |
| uses: azure/login@v2 | |
| with: | |
| client-id: "930a0428-2b45-4cf9-9afe-b81bde516504" | |
| tenant-id: "72f988bf-86f1-41af-91ab-2d7cd011db47" | |
| allow-no-subscriptions: true | |
| - name: Download Linux artifact from feed | |
| uses: azure/cli@v2 | |
| with: | |
| azcliversion: latest | |
| inlineScript: | | |
| az extension add --name azure-devops | |
| export DOTNET_SYSTEM_GLOBALIZATION_INVARIANT=1 | |
| az artifacts universal download \ | |
| --organization "https://msazure.visualstudio.com/" \ | |
| --project ${{ env.LCOW_ARTIFACT_PROJECT }} \ | |
| --scope project \ | |
| --feed ${{ env.LCOW_ARTIFACT_FEED }} \ | |
| --name ${{ env.LCOW_ARTIFACT_NAME }} \ | |
| --version ${{ env.LCOW_ARTIFACT_VERSION }} \ | |
| --path ./downloaded_artifacts | |
| - name: Show downloaded lcow artifacts | |
| run: find ./downloaded_artifacts -maxdepth 3 -ls | |
| - name: Create directory for storing linux artifacts | |
| run: | | |
| mkdir -p ./linux_artifacts/ | |
| - name: Copy Linux kernel and rootfs tar files | |
| run: | | |
| mv ./downloaded_artifacts/LinuxBootFiles/kernel ./linux_artifacts/ | |
| mv ./downloaded_artifacts/LinuxBootFiles/vmlinux ./linux_artifacts/ | |
| mv ./downloaded_artifacts/rootfs-*.tar.gz ./linux_artifacts/ | |
| # This is a workaround to overcome the limitation of actions/upload-artifact@v4 used in later jobs. | |
| # See https://github.com/actions/upload-artifact/tree/v4/?tab=readme-ov-file#permission-loss. | |
| - name: Tar the files to preserve file permissions prior to upload | |
| run: | | |
| cd linux_artifacts | |
| tar -cvf linux_artifacts.tar . | |
| # Upload the Linux boot files so that they can be used in later jobs. | |
| - name: Upload Linux artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: linux_artifact | |
| path: linux_artifact.tar | |
| if-no-files-found: error | |
| overwrite: true | |
| retention-days: 1 |