Help debugging issues

.github/workflows/build.yml

@@ -121,7 +121,7 @@ jobs:
             cat "${{ steps.terraform-vm-id.outputs.stdout }}"
             echo "BUILDEOF"
           } >> "$GITHUB_OUTPUT"
-          if grep "SUCCESSFUL BUILD" "${{ steps.terraform-vm-id.outputs.stdout }}"; then
+          if egrep "^### BUILD-IMAGE: (SUCCESS)|(SKIP) -" "${{ steps.terraform-vm-id.outputs.stdout }}"; then
             echo "outcome=success" >> "$GITHUB_OUTPUT"
           else
             echo "outcome=failure" >> "$GITHUB_OUTPUT"

builder/build-image.sh

@@ -2,11 +2,11 @@
 set -e
 
 error_handler() {
-    echo " Error in line: $1 " >> /var/log/image-build.log 2>&1
+    echo "### BUILD-IMAGE: ERROR - line $1"
     shift
-    echo " Exit status: $1 " >> /var/log/image-build.log 2>&1
+    echo " Exit status: $1"
     shift
-    echo " Command: $* " >> /var/log/image-build.log 2>&1
+    echo " Command: $*"
 }
 
 trap 'error_handler ${LINENO} $? ${BASH_COMMAND}' ERR INT TERM
@@ -37,22 +37,34 @@ apt-get update && apt-get install -y packer
 packer plugins install github.com/hashicorp/qemu
 packer plugins install github.com/hashicorp/ansible
 
-# do the build
-if tools/build.sh "$IMAGE" >/var/log/image-build.log 2>&1; then
-    # compress the resulting image
-    QEMU_SOURCE_ID=$(hcl2tojson "$IMAGE" | jq -r '.source[0].qemu | keys[]')
-    VM_NAME=$(hcl2tojson "$IMAGE" | jq -r '.source[0].qemu.'"$QEMU_SOURCE_ID"'.vm_name')
-    QCOW_FILE="$VM_NAME.qcow2"
-    builder/refresh.sh vo.access.egi.eu "$(cat /var/tmp/egi/.refresh_token)" images
-    OS_TOKEN="$(yq -r '.clouds.images.auth.token' /etc/openstack/clouds.yaml)"
-    OUTPUT_DIR="$(dirname "$IMAGE")/output-$QEMU_SOURCE_ID"
-    cd "$OUTPUT_DIR"
-    qemu-img convert -O qcow2 -c "$VM_NAME" "$QCOW_FILE"
-    openstack --os-cloud images --os-token "$OS_TOKEN" \
-        object create egi_endorsed_vas "$QCOW_FILE"
-    ls -lh "$QCOW_FILE"
-    SHA="$(sha512sum -z "$QCOW_FILE" | cut -f1 -d" ")"
-    echo "SUCCESSFUL BUILD - $QCOW_FILE - $SHA" >>/var/log/image-build.log
+QEMU_SOURCE_ID=$(hcl2tojson "$IMAGE" | jq -r '.source[0].qemu | keys[]')
+VM_NAME=$(hcl2tojson "$IMAGE" \
+	| jq -r '.source[0].qemu.'"$QEMU_SOURCE_ID"'.vm_name')
+QCOW_FILE="$VM_NAME.qcow2"
+
+# Check if the image is already there
+builder/refresh.sh vo.access.egi.eu "$(cat /var/tmp/egi/.refresh_token)" images
+OS_TOKEN="$(yq -r '.clouds.images.auth.token' /etc/openstack/clouds.yaml)"
+if openstack --os-cloud images --os-token "$OS_TOKEN" \
+	object show egi_endorsed_vas \
+	"$QCOW_FILE"  > /dev/null ; then
+	# skip
+	echo "### BUILD-IMAGE: SKIP - Image $QCOW_FILE is already uploaded"
+else
+	if tools/build.sh "$IMAGE"; then
+	    # compress the resulting image
+	    OUTPUT_DIR="$(dirname "$IMAGE")/output-$QEMU_SOURCE_ID"
+	    cd "$OUTPUT_DIR"
+	    qemu-img convert -O qcow2 -c "$VM_NAME" "$QCOW_FILE"
+	    # upload the image
+	    builder/refresh.sh vo.access.egi.eu "$(cat /var/tmp/egi/.refresh_token)" images
+	    OS_TOKEN="$(yq -r '.clouds.images.auth.token' /etc/openstack/clouds.yaml)"
+	    openstack --os-cloud images --os-token "$OS_TOKEN" \
+		object create egi_endorsed_vas "$QCOW_FILE"
+	    ls -lh "$QCOW_FILE"
+	    SHA="$(sha512sum -z "$QCOW_FILE" | cut -f1 -d" ")"
+	    echo "### BUILD-IMAGE: SUCCESS - qcow: $QCOW_FILE sha512sum: $SHA"
+	fi
 fi
 
-echo "BUILD ENDED" >>/var/log/image-build.log
+echo "### BUILD ENDED"

builder/cloud-init.yaml

@@ -46,7 +46,7 @@ write_files:
       ansible-galaxy role install -p /var/tmp/egi/ubuntu/provisioners/roles/ grycap.docker
 
       # build image
-      builder/build-image.sh "$IMAGE" "$FEDCLOUD_LOCKER_TOKEN"
+      builder/build-image.sh "$IMAGE" "$FEDCLOUD_LOCKER_TOKEN" > /var/log/image-build.log 2>&1
     path: /var/lib/cloud/scripts/per-boot/build.sh
     permissions: '0755'
   - content: |

builder/refresh.sh

@@ -5,7 +5,7 @@
 # 2 --> the refresh token
 # 3 --> the list of clouds to update
 #
-# Will throw the OIDC TOKEN to output!
+# Will throw the OIDC TOKEN to output if $GITHUB_ACTION is defined!
 
 set -e
 
@@ -27,12 +27,13 @@ SCOPE="$SCOPE%20eduperson_entitlement:urn:mace:egi.eu:group:$VO:role=member#aai.
 OIDC_TOKEN=$(curl -X POST "https://aai.egi.eu/auth/realms/egi/protocol/openid-connect/token" \
                   -d "grant_type=refresh_token&client_id=token-portal&scope=$SCOPE&refresh_token=$REFRESH_TOKEN" \
                   | jq -r ".access_token")
-echo "::add-mask::$OIDC_TOKEN"
+[ -n "$GITHUB_ACTION" ] &&  echo "::add-mask::$OIDC_TOKEN"
 for cloud in "$@" ; do
 	SITE="$(yq -r ".clouds.$cloud.site" $CLOUDS_YAML)"
 	VO="$(yq -r ".clouds.$cloud.vo" $CLOUDS_YAML)"
 	OS_TOKEN="$(fedcloud openstack token issue --oidc-access-token "$OIDC_TOKEN" \
         			--site "$SITE" --vo "$VO" -j | jq -r '.[0].Result.id')"
+	[ -n "$GITHUB_ACTION" ] &&  echo "::add-mask::$OIDC_TOKEN"
 	echo "::add-mask::$OS_TOKEN"
 	yq -y -i '.clouds.'"$cloud"'.auth.token="'"$OS_TOKEN"'"'  $CLOUDS_YAML
 done