DUPLO-42774 Update GitHub Actions workflows and add NetworkAgent files for Amazon Linux 2023

.github/workflows/build-image.yaml

@@ -31,22 +31,20 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
-      # GCP credentials
+      # GCP credentials - only when a GCP builder is in scope
       - name: Packer GCP Service Account
-        uses: google-github-actions/auth@v2
+        if: github.event.inputs.only_builders == 'all' || contains(github.event.inputs.only_builders, 'googlecompute')
+        uses: google-github-actions/auth@v3
         with:
           workload_identity_provider: 'projects/17033121890/locations/global/workloadIdentityPools/duplo-githubactions/providers/duplo-githubactions'
           service_account: 'packer@msp-duplocloud-01.iam.gserviceaccount.com'
 
-      # AWS credentials
+      # AWS credentials (OIDC: role-to-assume + aws-region only)
       - name: Packer AWS Role
-        uses: aws-actions/configure-aws-credentials@v4
+        uses: aws-actions/configure-aws-credentials@v6
         with:
-          aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }}
-          aws-session-token: ${{ env.AWS_SESSION_TOKEN }}
           aws-region: us-west-2
           role-to-assume: arn:aws:iam::227120241369:role/packer-builder
           role-session-name: github-duplocloud-linuxagent
@@ -105,7 +103,7 @@ jobs:
 
       # Upload the image manifest
       - name: Attach Manifest
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
         with:
           name: packer-manifest.json
           path: packer-manifest.json
@@ -117,7 +115,7 @@ jobs:
       duplo_token: "${{ secrets.GOVCLOUD_DUPLO_TOKEN }}"
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       # AWS credentials
       - name: Tenant AWS JIT
@@ -127,7 +125,7 @@ jobs:
 
       # AWS credentials
       - name: Packer AWS Role
-        uses: aws-actions/configure-aws-credentials@v4
+        uses: aws-actions/configure-aws-credentials@v6
         with:
           aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }}
@@ -193,7 +191,7 @@ jobs:
 
       # Upload the image manifest
       - name: Attach Manifest
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
         with:
           name: govcloud-packer-manifest.json
           path: govcloud-packer-manifest.json
@@ -208,9 +206,9 @@ jobs:
     steps:
       # Get the code for the image JSON generation, and the code for Duplo master.
       - name: Checkout duplo-infra
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
       - name: Checkout duplo (backend)
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
         with:
           repository: duplocloud-internal/duplo
           ref: master                 # always start from master
@@ -219,12 +217,12 @@ jobs:
 
       # Download the image manifest
       - name: Download Manifest (Commercial)
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v7
         with:
           name: packer-manifest.json
           path: packer
       - name: Download Manifest (Govcloud)
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v7
         with:
           name: govcloud-packer-manifest.json
           path: packer
@@ -238,7 +236,7 @@ jobs:
 
       # Create a PR
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v4
+        uses: peter-evans/create-pull-request@v8
         with:
           title: '[duplo-bot] Update Duplo Docker AMI(s)'
           branch: auto-update/duplo-docker-amis

.github/workflows/lint.yaml

@@ -6,7 +6,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v6
 
       # Validate templates
       - name: Validate Template

AgentAmazonLinux2023/NetworkAgent.service

@@ -0,0 +1,28 @@
+[Unit]
+Description="NetworkAgent daemon"
+Wants=network.target network-online.target autofs.service
+After=network.target network-online.target autofs.service
+
+[Service]
+LimitNOFILE=65536
+LimitNPROC=65536
+Type=simple
+WorkingDirectory=/usr/local/src/AgentV2
+Environment=VIRTUAL_ENV=$WorkingDirectory/flask
+Environment=PATH=$VIRTUAL_ENV/bin:$PATH
+Environment=PYTHONPATH=$VIRTUAL_ENV/bin:$WorkingDirectory
+Environment=DEFAULTS=NetworkAgentV2
+Environment=DAEMON_DIR=$WorkingDirectory
+Environment=DAEMON=$DAEMON_DIR/NetworkAgentV2.py
+Environment=DAEMON_NAME=NetworkAgent
+EnvironmentFile=-/etc/default/NetworkAgentV2
+User=root
+Group=root
+UMask=0007
+ExecStart=/bin/bash -c '/usr/local/src/AgentV2/flask/bin/python /usr/local/src/AgentV2/NetworkAgentV2.py  '
+ExecReload=/bin/bash -c '/usr/local/src/AgentV2/flask/bin/python /usr/local/src/AgentV2/NetworkAgentV2.py '
+PIDFile=/var/run/NetworkAgent.pid
+Restart=on-failure
+
+[Install]
+WantedBy=multi-user.target