|
637 | 637 | --prefix PATH : ${pkgs.nushell}/bin |
638 | 638 | ''; |
639 | 639 | # Script to run the AMI build and tests locally |
640 | | - build-test-ami = pkgs.runCommand "build-test-ami" |
641 | | - { |
642 | | - buildInputs = with pkgs; [ |
643 | | - packer |
644 | | - awscli2 |
645 | | - yq |
646 | | - jq |
647 | | - openssl |
648 | | - git |
649 | | - coreutils |
650 | | - aws-vault |
651 | | - ]; |
652 | | - } '' |
653 | | - mkdir -p $out/bin |
654 | | - cat > $out/bin/build-test-ami << 'EOL' |
655 | | - #!/usr/bin/env bash |
656 | | - set -euo pipefail |
| 640 | + build-test-ami = pkgs.writeScriptBin "build-test-ami" '' |
| 641 | + #!/usr/bin/env bash |
| 642 | + set -euo pipefail |
657 | 643 |
|
658 | | - show_help() { |
659 | | - cat << EOF |
660 | | - Usage: build-test-ami [--help] <postgres-version> |
| 644 | + show_help() { |
| 645 | + cat << EOF |
| 646 | + Usage: build-test-ami [--help] <postgres-version> |
661 | 647 |
|
662 | | - Build AMI images for PostgreSQL testing. |
| 648 | + Build AMI images for PostgreSQL testing. |
663 | 649 |
|
664 | | - This script will: |
665 | | - 1. Check for required tools and AWS authentication |
666 | | - 2. Build two AMI stages using Packer |
667 | | - 3. Clean up any temporary instances |
668 | | - 4. Output the final AMI name for use with run-testinfra |
| 650 | + This script will: |
| 651 | + 1. Check for required tools and AWS authentication |
| 652 | + 2. Build two AMI stages using Packer |
| 653 | + 3. Clean up any temporary instances |
| 654 | + 4. Output the final AMI name for use with run-testinfra |
669 | 655 |
|
670 | | - Arguments: |
671 | | - postgres-version PostgreSQL major version to build (required) |
| 656 | + Arguments: |
| 657 | + postgres-version PostgreSQL major version to build (required) |
672 | 658 |
|
673 | | - Options: |
674 | | - --help Show this help message and exit |
| 659 | + Options: |
| 660 | + --help Show this help message and exit |
675 | 661 |
|
676 | | - Requirements: |
677 | | - - AWS Vault profile must be set in AWS_VAULT environment variable |
678 | | - - Packer, AWS CLI, yq, jq, and OpenSSL must be installed |
679 | | - - Must be run from a git repository |
| 662 | + Requirements: |
| 663 | + - AWS Vault profile must be set in AWS_VAULT environment variable |
| 664 | + - Packer, AWS CLI, yq, jq, and OpenSSL must be installed |
| 665 | + - Must be run from a git repository |
680 | 666 |
|
681 | | - Example: |
682 | | - aws-vault exec <profile-name> -- nix run .#build-test-ami 15 |
683 | | - EOF |
684 | | - } |
685 | | -
|
686 | | - # Handle help flag |
687 | | - if [[ "$#" -gt 0 && "$1" == "--help" ]]; then |
688 | | - show_help |
689 | | - exit 0 |
690 | | - fi |
| 667 | + Example: |
| 668 | + aws-vault exec <profile-name> -- nix run .#build-test-ami 15 |
| 669 | + EOF |
| 670 | + } |
691 | 671 |
|
692 | | - export PATH="${pkgs.lib.makeBinPath (with pkgs; [ |
693 | | - packer |
694 | | - awscli2 |
695 | | - yq |
696 | | - jq |
697 | | - openssl |
698 | | - git |
699 | | - coreutils |
700 | | - aws-vault |
701 | | - ])}:$PATH" |
| 672 | + # Handle help flag |
| 673 | + if [[ "$#" -gt 0 && "$1" == "--help" ]]; then |
| 674 | + show_help |
| 675 | + exit 0 |
| 676 | + fi |
702 | 677 |
|
703 | | - # Check for required tools |
704 | | - for cmd in packer aws-vault yq jq openssl; do |
705 | | - if ! command -v $cmd &> /dev/null; then |
706 | | - echo "Error: $cmd is required but not found" |
707 | | - exit 1 |
708 | | - fi |
709 | | - done |
| 678 | + export PATH="${pkgs.lib.makeBinPath (with pkgs; [ |
| 679 | + packer |
| 680 | + awscli2 |
| 681 | + yq |
| 682 | + jq |
| 683 | + openssl |
| 684 | + git |
| 685 | + coreutils |
| 686 | + aws-vault |
| 687 | + ])}:$PATH" |
710 | 688 |
|
711 | | - # Check AWS Vault profile |
712 | | - if [ -z "''${AWS_VAULT:-}" ]; then |
713 | | - echo "Error: AWS_VAULT environment variable must be set with the profile name" |
714 | | - echo "Usage: aws-vault exec <profile-name> -- nix run .#build-test-ami <postgres-version>" |
| 689 | + # Check for required tools |
| 690 | + for cmd in packer aws-vault yq jq openssl; do |
| 691 | + if ! command -v $cmd &> /dev/null; then |
| 692 | + echo "Error: $cmd is required but not found" |
715 | 693 | exit 1 |
716 | 694 | fi |
| 695 | + done |
717 | 696 |
|
718 | | - # Set values |
719 | | - REGION="ap-southeast-1" |
720 | | - POSTGRES_VERSION="$1" |
721 | | - RANDOM_STRING=$(openssl rand -hex 8) |
722 | | - GIT_SHA=$(git rev-parse HEAD) |
723 | | - RUN_ID=$(date +%s) |
724 | | -
|
725 | | - # Generate common-nix.vars.pkr.hcl |
726 | | - PG_VERSION=$(yq -r ".postgres_release[\"postgres$POSTGRES_VERSION\"]" ansible/vars.yml) |
727 | | - echo "postgres-version = \"$PG_VERSION\"" > common-nix.vars.pkr.hcl |
728 | | -
|
729 | | - # Build AMI Stage 1 |
730 | | - packer init amazon-arm64-nix.pkr.hcl |
731 | | - packer build \ |
732 | | - -var "git-head-version=$GIT_SHA" \ |
733 | | - -var "packer-execution-id=$RUN_ID" \ |
734 | | - -var-file="development-arm.vars.pkr.hcl" \ |
735 | | - -var-file="common-nix.vars.pkr.hcl" \ |
736 | | - -var "ansible_arguments=" \ |
737 | | - -var "postgres-version=$RANDOM_STRING" \ |
738 | | - -var "region=$REGION" \ |
739 | | - -var 'ami_regions=["'"$REGION"'"]' \ |
740 | | - -var "force-deregister=true" \ |
741 | | - -var "ansible_arguments=-e postgresql_major=$POSTGRES_VERSION" \ |
742 | | - amazon-arm64-nix.pkr.hcl |
743 | | -
|
744 | | - # Build AMI Stage 2 |
745 | | - packer init stage2-nix-psql.pkr.hcl |
746 | | - packer build \ |
747 | | - -var "git-head-version=$GIT_SHA" \ |
748 | | - -var "packer-execution-id=$RUN_ID" \ |
749 | | - -var "postgres_major_version=$POSTGRES_VERSION" \ |
750 | | - -var-file="development-arm.vars.pkr.hcl" \ |
751 | | - -var-file="common-nix.vars.pkr.hcl" \ |
752 | | - -var "postgres-version=$RANDOM_STRING" \ |
753 | | - -var "region=$REGION" \ |
754 | | - -var 'ami_regions=["'"$REGION"'"]' \ |
755 | | - -var "force-deregister=true" \ |
756 | | - -var "git_sha=$GIT_SHA" \ |
757 | | - stage2-nix-psql.pkr.hcl |
758 | | -
|
759 | | - # Cleanup instances from AMI builds |
760 | | - cleanup_instances() { |
761 | | - echo "Terminating EC2 instances with tag testinfra-run-id=$RUN_ID..." |
762 | | - aws ec2 --region $REGION describe-instances \ |
763 | | - --filters "Name=tag:testinfra-run-id,Values=$RUN_ID" \ |
764 | | - --query "Reservations[].Instances[].InstanceId" \ |
765 | | - --output text | xargs -r aws ec2 terminate-instances \ |
766 | | - --region $REGION --instance-ids || true |
767 | | - } |
768 | | -
|
769 | | - # Set up traps for various signals to ensure cleanup |
770 | | - trap cleanup_instances EXIT HUP INT QUIT TERM |
771 | | -
|
772 | | - # Create and activate virtual environment |
773 | | - VENV_DIR=$(mktemp -d) |
774 | | - trap 'rm -rf "$VENV_DIR"' EXIT HUP INT QUIT TERM |
775 | | - python3 -m venv "$VENV_DIR" |
776 | | - source "$VENV_DIR/bin/activate" |
777 | | -
|
778 | | - # Install required Python packages |
779 | | - echo "Installing required Python packages..." |
780 | | - pip install boto3 boto3-stubs[essential] docker ec2instanceconnectcli pytest paramiko requests |
781 | | -
|
782 | | - # Run the tests with aws-vault |
783 | | - echo "Running tests for AMI: $RANDOM_STRING using AWS Vault profile: $AWS_VAULT_PROFILE" |
784 | | - aws-vault exec $AWS_VAULT_PROFILE -- pytest -vv -s testinfra/test_ami_nix.py |
| 697 | + # Check AWS Vault profile |
| 698 | + if [ -z "''${AWS_VAULT:-}" ]; then |
| 699 | + echo "Error: AWS_VAULT environment variable must be set with the profile name" |
| 700 | + echo "Usage: aws-vault exec <profile-name> -- nix run .#build-test-ami <postgres-version>" |
| 701 | + exit 1 |
| 702 | + fi |
785 | 703 |
|
786 | | - # Deactivate virtual environment (cleanup is handled by trap) |
787 | | - deactivate |
788 | | - EOL |
789 | | - chmod +x $out/bin/build-test-ami |
790 | | - ''; |
| 704 | + # Set values |
| 705 | + REGION="ap-southeast-1" |
| 706 | + POSTGRES_VERSION="$1" |
| 707 | + RANDOM_STRING=$(openssl rand -hex 8) |
| 708 | + GIT_SHA=$(git rev-parse HEAD) |
| 709 | + RUN_ID=$(date +%s) |
| 710 | +
|
| 711 | + # Generate common-nix.vars.pkr.hcl |
| 712 | + PG_VERSION=$(yq -r ".postgres_release[\"postgres$POSTGRES_VERSION\"]" ansible/vars.yml) |
| 713 | + echo "postgres-version = \"$PG_VERSION\"" > common-nix.vars.pkr.hcl |
| 714 | +
|
| 715 | + # Build AMI Stage 1 |
| 716 | + packer init amazon-arm64-nix.pkr.hcl |
| 717 | + packer build \ |
| 718 | + -var "git-head-version=$GIT_SHA" \ |
| 719 | + -var "packer-execution-id=$RUN_ID" \ |
| 720 | + -var-file="development-arm.vars.pkr.hcl" \ |
| 721 | + -var-file="common-nix.vars.pkr.hcl" \ |
| 722 | + -var "ansible_arguments=" \ |
| 723 | + -var "postgres-version=$RANDOM_STRING" \ |
| 724 | + -var "region=$REGION" \ |
| 725 | + -var 'ami_regions=["'"$REGION"'"]' \ |
| 726 | + -var "force-deregister=true" \ |
| 727 | + -var "ansible_arguments=-e postgresql_major=$POSTGRES_VERSION" \ |
| 728 | + amazon-arm64-nix.pkr.hcl |
| 729 | +
|
| 730 | + # Build AMI Stage 2 |
| 731 | + packer init stage2-nix-psql.pkr.hcl |
| 732 | + packer build \ |
| 733 | + -var "git-head-version=$GIT_SHA" \ |
| 734 | + -var "packer-execution-id=$RUN_ID" \ |
| 735 | + -var "postgres_major_version=$POSTGRES_VERSION" \ |
| 736 | + -var-file="development-arm.vars.pkr.hcl" \ |
| 737 | + -var-file="common-nix.vars.pkr.hcl" \ |
| 738 | + -var "postgres-version=$RANDOM_STRING" \ |
| 739 | + -var "region=$REGION" \ |
| 740 | + -var 'ami_regions=["'"$REGION"'"]' \ |
| 741 | + -var "force-deregister=true" \ |
| 742 | + -var "git_sha=$GIT_SHA" \ |
| 743 | + stage2-nix-psql.pkr.hcl |
| 744 | +
|
| 745 | + # Cleanup instances from AMI builds |
| 746 | + cleanup_instances() { |
| 747 | + echo "Terminating EC2 instances with tag testinfra-run-id=$RUN_ID..." |
| 748 | + aws ec2 --region $REGION describe-instances \ |
| 749 | + --filters "Name=tag:testinfra-run-id,Values=$RUN_ID" \ |
| 750 | + --query "Reservations[].Instances[].InstanceId" \ |
| 751 | + --output text | xargs -r aws ec2 terminate-instances \ |
| 752 | + --region $REGION --instance-ids || true |
| 753 | + } |
| 754 | +
|
| 755 | + # Set up traps for various signals to ensure cleanup |
| 756 | + trap cleanup_instances EXIT HUP INT QUIT TERM |
| 757 | + ''; |
791 | 758 |
|
792 | 759 | run-testinfra = pkgs.runCommand "run-testinfra" |
793 | 760 | { |
|
0 commit comments