in tools/gke-disk-image-builder/imager.go [271:381]
func VerifyDiskImage(ctx context.Context, req Request) error {
startupScriptFile, err := verifyDiskStartupScript(req)
if err != nil {
return err
}
defer startupScriptFile.Close()
defer os.Remove(startupScriptFile.Name())
verifyDiskWorkflow := daisy.New()
verifyDiskWorkflow.Name = req.JobName
verifyDiskWorkflow.Project = req.ProjectName
verifyDiskWorkflow.Zone = req.Zone
verifyDiskWorkflow.GCSPath = req.GCSPath
verifyDiskWorkflow.OAuthPath = req.GCPOAuth
verifyDiskWorkflow.DefaultTimeout = req.Timeout.String()
verifyDiskWorkflow.Sources = map[string]string{
"verify.sh": startupScriptFile.Name(),
}
verifyDiskWorkflow.Steps = map[string]*daisy.Step{
"create-disk": {
CreateDisks: &daisy.CreateDisks{
&daisy.Disk{
Resource: daisy.Resource{
ExactName: true,
},
Disk: compute.Disk{
Name: fmt.Sprintf("%s-disk", req.JobName),
Type: req.DiskType,
SizeGb: req.DiskSizeGB,
// Use the image to be verified to create a disk.
SourceImage: req.ImageName,
},
},
},
},
"create-instance": {
CreateInstances: &daisy.CreateInstances{
Instances: []*daisy.Instance{
&daisy.Instance{
InstanceBase: daisy.InstanceBase{
Resource: daisy.Resource{
ExactName: true,
},
StartupScript: "verify.sh",
},
Instance: compute.Instance{
Name: fmt.Sprintf("%s-instance", req.JobName),
MachineType: fmt.Sprintf("zones/%s/machineTypes/%s", req.Zone, req.MachineType),
NetworkInterfaces: []*compute.NetworkInterface{
{
Network: req.Network,
Subnetwork: req.Subnet,
},
},
Disks: []*compute.AttachedDisk{
&compute.AttachedDisk{
AutoDelete: true,
Boot: true,
Type: "PERSISTENT",
DeviceName: fmt.Sprintf("%s-bootable-disk", req.JobName),
Mode: "READ_WRITE",
InitializeParams: &compute.AttachedDiskInitializeParams{
DiskSizeGb: req.DiskSizeGB,
DiskType: fmt.Sprintf("projects/%s/zones/%s/diskTypes/%s", req.ProjectName, req.Zone, req.DiskType),
SourceImage: "projects/debian-cloud/global/images/debian-11-bullseye-v20230912",
},
},
&compute.AttachedDisk{
AutoDelete: true,
Boot: false,
DiskSizeGb: req.DiskSizeGB,
DeviceName: deviceName,
Source: fmt.Sprintf("%s-disk", req.JobName),
},
},
},
},
},
},
},
"wait-on-image-verification": {
WaitForInstancesSignal: &daisy.WaitForInstancesSignal{
&daisy.InstanceSignal{
Name: fmt.Sprintf("%s-instance", req.JobName),
SerialOutput: &daisy.SerialOutput{
Port: 1,
SuccessMatch: "Disk image verification succeeds",
FailureMatch: []string{
"Image verfication failure",
},
},
},
},
},
"detach-disk": {
DetachDisks: &daisy.DetachDisks{
&daisy.DetachDisk{
Instance: fmt.Sprintf("%s-instance", req.JobName),
DeviceName: deviceName,
},
},
},
}
verifyDiskWorkflow.Dependencies = map[string][]string{
"create-instance": {"create-disk"},
"wait-on-image-verification": {"create-instance"},
"detach-disk": {"wait-on-image-verification"},
}
return run(ctx, verifyDiskWorkflow)
}