.

Author: darora

.github/workflows/qemu-image-build.yml

@@ -126,24 +126,24 @@ jobs:
           docker push "$REGISTRY/$REPOSITORY:$IMAGE_TAG"
 
       # TODO (darora): temporarily also push to prod account from here - add a guard to only publish proper tagged releases to prod?
-      - name: configure aws credentials - prod
-        uses: aws-actions/configure-aws-credentials@v4
-        with:
-          role-to-assume: ${{ secrets.CONTROL_PLANE_PROD_ROLE }}
-          aws-region: "us-east-1"
-
-      - name: Login to Amazon ECR
-        id: login-ecr-private-prod
-        uses: aws-actions/amazon-ecr-login@v2
-
-      - name: Push docker image to Amazon ECR
-        env:
-          REGISTRY: 156470330064.dkr.ecr.us-east-1.amazonaws.com
-          REPOSITORY: postgres-vm-image
-          IMAGE_TAG: ${{ steps.process_release_version.outputs.version }}
-        run: |
-          docker tag "postgres:$IMAGE_TAG" "$REGISTRY/$REPOSITORY:$IMAGE_TAG"
-          docker push "$REGISTRY/$REPOSITORY:$IMAGE_TAG"
+      # - name: configure aws credentials - prod
+      #   uses: aws-actions/configure-aws-credentials@v4
+      #   with:
+      #     role-to-assume: ${{ secrets.CONTROL_PLANE_PROD_ROLE }}
+      #     aws-region: "us-east-1"
+
+      # - name: Login to Amazon ECR
+      #   id: login-ecr-private-prod
+      #   uses: aws-actions/amazon-ecr-login@v2
+
+      # - name: Push docker image to Amazon ECR
+      #   env:
+      #     REGISTRY: 156470330064.dkr.ecr.us-east-1.amazonaws.com
+      #     REPOSITORY: postgres-vm-image
+      #     IMAGE_TAG: ${{ steps.process_release_version.outputs.version }}
+      #   run: |
+      #     docker tag "postgres:$IMAGE_TAG" "$REGISTRY/$REPOSITORY:$IMAGE_TAG"
+      #     docker push "$REGISTRY/$REPOSITORY:$IMAGE_TAG"
 
       - name: Cleanup resources after build
         if: ${{ always() }}

qemu-arm64-nix.pkr.hcl

@@ -84,7 +84,7 @@ source "qemu" "cloudimg" {
     ["-device", "virtio-gpu-pci"],
     ["-drive", "if=pflash,format=raw,id=ovmf_code,readonly=on,file=/usr/share/AAVMF/AAVMF_CODE.fd"],
     ["-drive", "if=pflash,format=raw,id=ovmf_vars,file=AAVMF_VARS.fd"],
-    ["-drive", "file=output-cloudimg/packer-cloudimg,format=qcow2"],
+    ["-drive", "file=output-cloudimg/packer-cloudimg,format=qcow2,unmap=discard,detect-zeroes=unmap"],
     ["-drive", "file=seeds-cloudimg.iso,format=raw"],
     ["--enable-kvm"]
   ]

scripts/90-cleanup-qemu.sh

@@ -48,7 +48,6 @@ elif [ -n "$(command -v apt-get)" ]; then
 
   apt remove -y --purge libc6-dev linux-libc-dev libevent-dev libpcre3-dev libsystemd-dev packagekit multipath-tools unattended-upgrades plymouth gnupg open-vm-tools xauth lxd-installer publicsuffix libclang-cpp18 python3-twisted python-babel-localedata libicu74 python3-pygments fonts-dejavu* python3-botocore
 
-
   # remove old kernels
   CURRENT_KERNEL="$(uname -r | sed 's/-generic//')"
   INSTALLED_KERNELS=$(dpkg -l | awk '{print $2}' | grep -Eo 'linux-(image|headers|modules|tools)-[0-9]+' | sed -E 's/linux-(image|headers|modules|tools)-//' | sort -Vu)
@@ -82,3 +81,4 @@ chmod 600 /etc/ssh/revoked_keys
 
 cat /dev/null > /var/log/lastlog
 cat /dev/null > /var/log/wtmp
+fstrim /