vuls: init at 0.27.0
[NixPkgs.git] / nixos / maintainers / scripts / oci / upload-image.sh
blobe4870e94bf54c0271c748b73175c5499372ac38b
1 #! /usr/bin/env bash
3 set -euo pipefail
5 script_dir="$(dirname $(readlink -f $0))"
6 nixpkgs_root="$script_dir/../../../.."
7 export NIX_PATH="nixpkgs=$nixpkgs_root"
9 cat - <<EOF
10 This script will locally build a NixOS image and upload it as a Custom Image
11 using oci-cli. Make sure that an API key for the tenancy administrator has been
12 added to '~/.oci'.
13 For more info about configuring oci-cli, please visit
14 https://docs.cloud.oracle.com/iaas/Content/API/Concepts/apisigningkey.htm#Required_Keys_and_OCIDs
16 EOF
18 qcow="oci-image/nixos.qcow2"
19 if [ ! -f "$qcow" ]; then
20 echo "OCI image $qcow does not exist"
21 echo "Building image with create-image.sh for 'x86_64-linux'"
22 "$script_dir/create-image.sh" x86_64-linux
23 [ -f "$qcow" ] || { echo "Build failed: image not present after build"; exit 1; }
24 else
25 echo "Using prebuilt image $qcow"
28 cli="$(
29 nix-build '<nixpkgs>' \
30 --no-out-link \
31 -A oci-cli
34 PATH="$cli/bin:$PATH"
35 bucket="_TEMP_NIXOS_IMAGES_$RANDOM"
37 echo "Creating a temporary bucket"
38 root_ocid="$(
39 oci iam compartment list \
40 --all \
41 --compartment-id-in-subtree true \
42 --access-level ACCESSIBLE \
43 --include-root \
44 --raw-output \
45 --query "data[?contains(\"id\",'tenancy')].id | [0]"
47 bucket_ocid=$(
48 oci os bucket create \
49 -c "$root_ocid" \
50 --name "$bucket" \
51 --raw-output \
52 --query "data.id"
54 # Clean up bucket on script termination
55 trap 'echo Removing temporary bucket; oci os bucket delete --force --name "$bucket"' INT TERM EXIT
57 echo "Uploading image to temporary bucket"
58 oci os object put -bn "$bucket" --file "$qcow"
60 echo "Importing image as a Custom Image"
61 bucket_ns="$(oci os ns get --query "data" --raw-output)"
62 image_id="$(
63 oci compute image import from-object \
64 -c "$root_ocid" \
65 --namespace "$bucket_ns" \
66 --bucket-name "$bucket" \
67 --name nixos.qcow2 \
68 --operating-system NixOS \
69 --source-image-type QCOW2 \
70 --launch-mode PARAVIRTUALIZED \
71 --display-name NixOS \
72 --raw-output \
73 --query "data.id"
76 cat - <<EOF
77 Image created! Please mark all available shapes as compatible with this image by
78 visiting the following link and by selecting the 'Edit Details' button on:
79 https://cloud.oracle.com/compute/images/$image_id
80 EOF
82 # Workaround until https://github.com/oracle/oci-cli/issues/399 is addressed
83 echo "Sleeping for 15 minutes before cleaning up files in the temporary bucket"
84 sleep $((15 * 60))
86 echo "Deleting image from bucket"
87 par_id="$(
88 oci os preauth-request list \
89 --bucket-name "$bucket" \
90 --raw-output \
91 --query "data[0].id"
94 if [[ -n $par_id ]]; then
95 oci os preauth-request delete \
96 --bucket-name "$bucket" \
97 --par-id "$par_id"
100 oci os object delete -bn "$bucket" --object-name nixos.qcow2 --force