-
Notifications
You must be signed in to change notification settings - Fork 70
237 lines (203 loc) · 10.4 KB
/
notebooks-digest-updater-upstream.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
---
# The aim of this GitHub workflow is to update the params.env file with the latest digest.
name: Update notebook image build commit hashes
on: # yamllint disable-line rule:truthy
workflow_dispatch:
inputs:
branch:
required: true
description: "Provide the name of the branch you want to update ex main, vYYYYx etc: "
# Put the scheduler on comment until automate the full release procedure
# schedule:
# - cron: "0 0 * * 5" #Scheduled every Friday
env:
DIGEST_UPDATER_BRANCH: digest-updater-${{ github.run_id }}
BRANCH_NAME: ${{ github.event.inputs.branch || 'main' }}
RELEASE_VERSION_N: 2024b
RELEASE_VERSION_N_1: 2024a
jobs:
initialize:
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Install Skopeo CLI
shell: bash
run: |
sudo apt-get -y update
sudo apt-get -y install skopeo
# Checkout the branch
- name: Checkout branch
uses: actions/checkout@v4
with:
ref: ${{ env.BRANCH_NAME }}
# Create a new branch
- name: Create a new branch
run: |
echo ${{ env.DIGEST_UPDATER_BRANCH }}
git checkout -b ${{ env.DIGEST_UPDATER_BRANCH }}
git push --set-upstream origin ${{ env.DIGEST_UPDATER_BRANCH }}
update-n-version:
needs: [initialize]
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Configure Git
run: |
git config --global user.email "github-actions[bot]@users.noreply.github.com"
git config --global user.name "GitHub Actions"
# Get latest build commit from the https://github.com/opendatahub-io/notebooks/${release_branch} using this as identifier for the latest tag name
- name: Retrive latest commit hash from the release branch
id: hash-n
shell: bash
run: |
PAYLOAD=$(curl --silent -H 'Accept: application/vnd.github.v4.raw' https://api.github.com/repos/opendatahub-io/notebooks/commits?sha=$RELEASE_VERSION_N&per_page=1)
echo "HASH_N=$(echo $PAYLOAD | jq -r '.[0].sha[0:7]')" >> ${GITHUB_OUTPUT}
# Checkout the release branch to apply the updates
- name: Checkout release branch
uses: actions/checkout@v4
with:
ref: ${{ env.DIGEST_UPDATER_BRANCH }}
- name: Update the params.env file
run: |
PARAMS_ENV_PATH="manifests/base/params.env"
echo Latest commit is: ${{ steps.hash-n.outputs.HASH_N }} on ${{ env.RELEASE_VERSION_N }}
# Get the complete list of images N-version to update
IMAGES=$(grep "\-n=" "${PARAMS_ENV_PATH}" | cut -d "=" -f 1)
for image in ${IMAGES}; do
echo "CHECKING: '${image}'"
img=$(grep -E "${image}=" "${PARAMS_ENV_PATH}" | cut -d '=' -f2)
registry=$(echo "${img}" | cut -d '@' -f1)
skopeo_metadata=$(skopeo inspect --retry-times 3 "docker://${img}")
src_tag=$(echo "${skopeo_metadata}" | jq '.Env[] | select(startswith("OPENSHIFT_BUILD_NAME=")) | split("=")[1]' | tr -d '"' | sed 's/-amd64$//')
src_tag2=$(echo $src_tag | sed 's/python-3.9/python-3.11/')
regex="^$src_tag2-${{ env.RELEASE_VERSION_N}}-\d+-${{ steps.hash-n.outputs.HASH_N }}\$"
latest_tag=$(echo "${skopeo_metadata}" | jq -r --arg regex "$regex" '.RepoTags | map(select(. | test($regex))) | .[0]')
# use `--no-tags` for skopeo once available in newer version
digest=$(skopeo inspect --retry-times 3 "docker://${registry}:${latest_tag}" | jq .Digest | tr -d '"')
output="${registry}@${digest}"
echo "NEW: ${output}"
sed -i "s|${image}=.*|${image}=${output}|" "${PARAMS_ENV_PATH}"
done
if [[ $(git status --porcelain | wc -l) -gt 0 ]]; then
git fetch origin ${{ env.DIGEST_UPDATER_BRANCH }} && \
git pull origin ${{ env.DIGEST_UPDATER_BRANCH }} && \
git add "${PARAMS_ENV_PATH}" && \
git commit -m "Update images for release N via ${{ env.DIGEST_UPDATER_BRANCH }} GitHub action" && \
git push origin ${{ env.DIGEST_UPDATER_BRANCH }}
else
echo "There were no changes detected in the images for the ${{ env.RELEASE_VERSION_N }}"
fi
- name: Update the commit.env file
run: |
COMMIT_ENV_PATH="manifests/base/commit.env"
echo Latest commit is: ${{ steps.hash-n.outputs.HASH_N }} on ${{ env.RELEASE_VERSION_N }}
# Get the complete list of commits N-version to update
COMMIT=$(grep "\-n=" "${COMMIT_ENV_PATH}" | cut -d "=" -f 1)
for val in ${COMMIT}; do
echo "${val}"
sed -i "s|${val}=.*|${val}=${{ steps.hash-n.outputs.HASH_N }}|" "${COMMIT_ENV_PATH}"
done
if [[ $(git status --porcelain | wc -l) -gt 0 ]]; then
git fetch origin ${{ env.DIGEST_UPDATER_BRANCH }} && \
git pull origin ${{ env.DIGEST_UPDATER_BRANCH }} && \
git add "${COMMIT_ENV_PATH}" && \
git commit -m "Update image commits for release N via ${{ env.DIGEST_UPDATER_BRANCH }} GitHub action" && \
git push origin ${{ env.DIGEST_UPDATER_BRANCH }}
else
echo "There were no changes detected in the images for the ${{ env.RELEASE_VERSION_N }}"
fi
update-n-1-version:
needs: [initialize, update-n-version]
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Configure Git
run: |
git config --global user.email "github-actions[bot]@users.noreply.github.com"
git config --global user.name "GitHub Actions"
# Get latest build commit from the https://github.com/opendatahub-io/notebooks/${release_branch} using this as identifier for the latest tag name
- name: Retrive latest commit hash from the release branch
id: hash-n-1
shell: bash
run: |
PAYLOAD=$(curl --silent -H 'Accept: application/vnd.github.v4.raw' https://api.github.com/repos/opendatahub-io/notebooks/commits?sha=$RELEASE_VERSION_N_1&per_page=1)
echo "HASH_N_1=$(echo $PAYLOAD | jq -r '.[0].sha[0:7]')" >> ${GITHUB_OUTPUT}
# Checkout the release branch to apply the updates
- name: Checkout release branch
uses: actions/checkout@v4
with:
ref: ${{ env.DIGEST_UPDATER_BRANCH }}
- name: Update the param.env file
run: |
PARAMS_ENV_PATH="manifests/base/params.env"
echo Latest commit is: ${{ steps.hash-n-1.outputs.HASH_N_1 }} on ${{ env.RELEASE_VERSION_N_1 }}
# Get the complete list of images N-1-version to update
IMAGES=$(grep "\-n-1=" "${PARAMS_ENV_PATH}" | cut -d "=" -f 1)
for image in ${IMAGES}; do
echo "CHECKING: '${image}'"
img=$(grep -E "${image}=" "${PARAMS_ENV_PATH}" | cut -d '=' -f2)
registry=$(echo "${img}" | cut -d '@' -f1)
skopeo_metadata=$(skopeo inspect --retry-times 3 "docker://${img}")
src_tag=$(echo "${skopeo_metadata}" | jq '.Env[] | select(startswith("OPENSHIFT_BUILD_NAME=")) | split("=")[1]' | tr -d '"' | sed 's/-amd64$//')
regex="^$src_tag-${{ env.RELEASE_VERSION_N_1}}-\d+-${{ steps.hash-n-1.outputs.HASH_N_1 }}\$"
latest_tag=$(echo "${skopeo_metadata}" | jq -r --arg regex "$regex" '.RepoTags | map(select(. | test($regex))) | .[0]')
# use `--no-tags` for skopeo once available in newer version
digest=$(skopeo inspect --retry-times 3 "docker://${registry}:${latest_tag}" | jq .Digest | tr -d '"')
output="${registry}@${digest}"
echo "NEW: ${output}"
sed -i "s|${image}=.*|${image}=${output}|" "${PARAMS_ENV_PATH}"
done
if [[ $(git status --porcelain | wc -l) -gt 0 ]]; then
git fetch origin ${{ env.DIGEST_UPDATER_BRANCH }} && \
git pull origin ${{ env.DIGEST_UPDATER_BRANCH }} && \
git add "${PARAMS_ENV_PATH}" && \
git commit -m "Update images for release N-1 via ${{ env.DIGEST_UPDATER_BRANCH }} GitHub action" && \
git push origin ${{ env.DIGEST_UPDATER_BRANCH }}
else
echo "There were no changes detected in the images for the ${{ env.RELEASE_VERSION_N_1 }}"
fi
- name: Update the commit.env file
run: |
COMMIT_ENV_PATH="manifests/base/commit.env"
echo Latest commit is: ${{ steps.hash-n-1.outputs.HASH_N_1 }} on ${{ env.RELEASE_VERSION_N_1 }}
# Get the complete list of images N-1-version to update
COMMIT=$(grep "\-n-1=" "${COMMIT_ENV_PATH}" | cut -d "=" -f 1)
for val in ${COMMIT}; do
echo "${val}"
sed -i "s|${val}=.*|${val}=${{ steps.hash-n-1.outputs.HASH_N_1 }}|" "${COMMIT_ENV_PATH}"
done
if [[ $(git status --porcelain | wc -l) -gt 0 ]]; then
git fetch origin ${{ env.DIGEST_UPDATER_BRANCH }} && \
git pull origin ${{ env.DIGEST_UPDATER_BRANCH }} && \
git add "${COMMIT_ENV_PATH}" && \
git commit -m "Update image commits for release N-1 via ${{ env.DIGEST_UPDATER_BRANCH }} GitHub action" && \
git push origin ${{ env.DIGEST_UPDATER_BRANCH }}
else
echo "There were no changes detected in the images for the ${{ env.RELEASE_VERSION_N_1 }}"
fi
open-pull-request:
needs: [update-n-version, update-n-1-version]
runs-on: ubuntu-latest
permissions:
pull-requests: write
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: pull-request
uses: repo-sync/pull-request@v2
with:
source_branch: ${{ env.DIGEST_UPDATER_BRANCH }}
destination_branch: ${{ env.BRANCH_NAME }}
github_token: ${{ secrets.GITHUB_TOKEN }}
pr_label: "automated pr"
pr_title: "[Digest Updater Action] Update Notebook Images"
pr_body: |
:rocket: This is an automated Pull Request.
Created by `/.github/workflows/notebooks-digest-updater-upstream.yaml`
This PR updates the following files:
- `manifests/base/params.env` file with the latest updated SHA digests of the notebooks (N & N-1).
- `manifests/base/commit.env` file with the latest commit (N & N-1).
:exclamation: **IMPORTANT NOTE**: Remember to delete the `${{ env.DIGEST_UPDATER_BRANCH }}` branch after merging the changes