-
Notifications
You must be signed in to change notification settings - Fork 0
/
build.sh
69 lines (56 loc) · 2.35 KB
/
build.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
#!/bin/bash
set -eu
AMI_OWNER="099720109477"
REGION="ap-northeast-1"
AMI_NAME_PREFIX="ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-"
TEMP_FILE=$(mktemp)
# get images
aws ec2 describe-images --owners "${AMI_OWNER}" --query 'sort_by(Images, &CreationDate)[-1]' --filters "Name=name,Values=${AMI_NAME_PREFIX}*" > "${TEMP_FILE}"
# Get snapshot-id
ORIGINAL_SNAPSHOT=$(<"${TEMP_FILE}" jq -r '.["BlockDeviceMappings"][0]["Ebs"]["SnapshotId"]')
ORIGINAL_NAME=$(<"${TEMP_FILE}" jq -r '.["Name"]')
ORIGINAL_DESCRIPTION=$(<"${TEMP_FILE}" jq -r '.["Description"]')
# check availability of current ami
UEFI_AMI=$(aws ec2 describe-images --owners self --filters "Name=name,Values=UEFI_${ORIGINAL_NAME}" --query "Images[0].ImageId" --output text)
TPM_AMI=$(aws ec2 describe-images --owners self --filters "Name=name,Values=TPM_${ORIGINAL_NAME}" --query "Images[0].ImageId" --output text)
if test "${UEFI_AMI}" != "None" -a "${TPM_AMI}" != "None"; then
exit 0
fi
# Generate new snapshot
SNAPSHOT=$(aws ec2 copy-snapshot --source-region "${REGION}" --destination-region "${REGION}" --source-snapshot-id "${ORIGINAL_SNAPSHOT}" | jq -r ".SnapshotId")
# wait for snapshot creation
while :
do
sleep 1
if test "$(aws ec2 describe-snapshots --snapshot-ids "${SNAPSHOT}" | jq -r '.["Snapshots"][0]["State"]')" = "completed"; then
break
fi
done
BLOCK_DEVICE_MAPPINGS_JSON=$(<"${TEMP_FILE}" jq --arg SNAPSHOT_ID "${SNAPSHOT}" -c '.["BlockDeviceMappings"][0]["Ebs"]["SnapshotId"] = $SNAPSHOT_ID | del(.["BlockDeviceMappings"][0]["Ebs"]["Encrypted"]) | .["BlockDeviceMappings"]')
# Build AMI
if test "${UEFI_AMI}" = "None"; then
aws ec2 register-image \
--name "UEFI_${ORIGINAL_NAME}" \
--architecture x86_64 \
--description "${ORIGINAL_DESCRIPTION} UEFI" \
--root-device-name /dev/sda1 \
--block-device-mappings "${BLOCK_DEVICE_MAPPINGS_JSON}" \
--ena-support \
--sriov-net-support simple \
--virtualization-type hvm \
--boot-mode uefi
fi
if test "${TPM_AMI}" = "None"; then
aws ec2 register-image \
--name "TPM_${ORIGINAL_NAME}" \
--architecture x86_64 \
--description "${ORIGINAL_DESCRIPTION} TPM" \
--root-device-name /dev/sda1 \
--block-device-mappings "${BLOCK_DEVICE_MAPPINGS_JSON}" \
--ena-support \
--sriov-net-support simple \
--virtualization-type hvm \
--boot-mode uefi \
--tpm-support v2.0
fi
rm "${TEMP_FILE}"