Skip to content

Commit

Permalink
add scripts and gh actions for auto dependency bump
Browse files Browse the repository at this point in the history
  • Loading branch information
@kokyhm
kokyhm committed Sep 19, 2024
1 parent 4323e5d commit cace6ca
Show file tree
Hide file tree
Showing 6 changed files with 1,018 additions and 0 deletions.
62 changes: 62 additions & 0 deletions .github/workflows/dependency-check.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
name: Dependency check version

on:
schedule:
- cron: '0 0 * * 0' # Every Sunday at 00:00 UTC
workflow_dispatch:

jobs:
dependency-check:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4

- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.12'
cache: 'pip'
cache-dependency-path: '**/dependency_requirements.txt'

- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -r scripts/dependency_requirements.txt
- name: Run version check
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: python scripts/dependency_updater.py --ci-check

- name: Trigger subsequent action for each component
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
version_diff=$(cat version_diff.json)
count=0 # Initialize a counter
for row in $(echo "${version_diff}" | jq -r 'to_entries[] | @base64'); do
_jq() {
echo ${row} | base64 --decode | jq -r ${1}
}
component=$(_jq '.key')
current_version=$(_jq '.value.current_version')
latest_version=$(_jq '.value.latest_version')
echo "Triggering update for $component from $current_version to $latest_version"
gh workflow run dependency-pull-request.yml \
-f component=$component \
-f current_version=$current_version \
-f latest_version=$latest_version \
count=$((count + 1))
# Stop after triggering 30 actions
if [ "$count" -ge 30 ]; then
echo "Reached the limit of 30 triggered actions."
break
fi
done
67 changes: 67 additions & 0 deletions .github/workflows/dependency-pull-request.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,67 @@
name: Dependency create bump PR

on:
workflow_dispatch:
inputs:
component:
description: "Component to update"
required: true
current_version:
description: "Current version of the component"
required: true
latest_version:
description: "Latest version of the component"
required: true

jobs:
create-pull-request:
runs-on: ubuntu-latest

steps:
- name: Checkout repository
uses: actions/checkout@v4

- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.12'
cache: 'pip'
cache-dependency-path: '**/dependency_requirements.txt'

- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -r scripts/dependency_requirements.txt
- name: Run version check to create version_diff.json
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: python scripts/dependency_updater.py --ci-check --component ${{ github.event.inputs.component }}

- name: Update component version
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: python scripts/dependency_updater.py --component ${{ github.event.inputs.component }}

- name: Generate PR body
id: generate_pr_body
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
pr_body=$(python scripts/generate_pr_body.py --component ${{ github.event.inputs.component }})
# Escape any special characters (e.g., newlines) for the GITHUB_OUTPUT
echo "pr_body<<EOF" >> $GITHUB_OUTPUT
echo "$pr_body" >> $GITHUB_OUTPUT
echo "EOF" >> $GITHUB_OUTPUT
- name: Create Pull Request
uses: peter-evans/create-pull-request@v5
with:
branch: "dependency-${{ github.event.inputs.component }}-${{ github.event.inputs.latest_version }}"
commit-message: "Bump ${{ github.event.inputs.component }} from ${{ github.event.inputs.current_version }} to ${{ github.event.inputs.latest_version }}"
title: "Bump ${{ github.event.inputs.component }} from ${{ github.event.inputs.current_version }} to ${{ github.event.inputs.latest_version }}"
body: ${{ steps.generate_pr_body.outputs.pr_body }}
labels: |
dependencies
release-note-none
222 changes: 222 additions & 0 deletions scripts/dependency_config.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,222 @@
# Arhitectures and OSes
architectures = ['arm', 'arm64', 'amd64', 'ppc64le']
oses = ['darwin', 'linux', 'windows']

# Paths
path_download = 'roles/kubespray-defaults/defaults/main/download.yml'
path_checksum = 'roles/kubespray-defaults/defaults/main/checksums.yml'
path_main = 'roles/kubespray-defaults/defaults/main/main.yml'
path_readme = 'README.md'
path_version_diff = 'version_diff.json'


component_info = {
'calico_crds': {
'owner': 'projectcalico',
'repo': 'calico',
'url_download': 'https://github.com/projectcalico/calico/archive/VERSION.tar.gz',
'placeholder_version': ['calico_version'],
'placeholder_checksum' : 'calico_crds_archive_checksums',
'checksum_structure' : 'simple',
'release_type' : 'release',
},
'calicoctl': {
'owner': 'projectcalico',
'repo': 'calico',
'url_download': 'https://github.com/projectcalico/calico/releases/download/VERSION/calicoctl-linux-ARCH',
'placeholder_version': ['calico_version'],
'placeholder_checksum' : 'calicoctl_binary_checksums',
'checksum_structure' : 'arch',
'release_type' : 'release',
},
'ciliumcli': {
'owner': 'cilium',
'repo': 'cilium-cli',
'url_download': 'https://github.com/cilium/cilium-cli/releases/download/VERSION/cilium-linux-ARCH.tar.gz.sha256sum',
'placeholder_version': ['cilium_cli_version'],
'placeholder_checksum' : 'ciliumcli_binary_checksums',
'checksum_structure' : 'arch',
'release_type' : 'release',
},
'cni': {
'owner': 'containernetworking',
'repo': 'plugins',
'url_download': 'https://github.com/containernetworking/plugins/releases/download/VERSION/cni-plugins-linux-ARCH-VERSION.tgz.sha256',
'placeholder_version': ['cni_version'],
'placeholder_checksum' : 'cni_binary_checksums',
'checksum_structure' : 'arch',
'release_type' : 'release',
},
'containerd': {
'owner': 'containerd',
'repo': 'containerd',
'url_download': 'https://github.com/containerd/containerd/releases/download/vVERSION/containerd-VERSION-linux-ARCH.tar.gz.sha256sum',
'placeholder_version': ['containerd_version'],
'placeholder_checksum' : 'containerd_archive_checksums',
'checksum_structure' : 'arch',
'release_type' : 'release',
},
'crictl': {
'owner': 'kubernetes-sigs',
'repo': 'cri-tools',
'url_download': 'https://github.com/kubernetes-sigs/cri-tools/releases/download/VERSION/crictl-VERSION-linux-ARCH.tar.gz.sha256',
'placeholder_version': ['crictl_supported_versions', 'kube_major_version'],
'placeholder_checksum' : 'crictl_checksums',
'checksum_structure' : 'arch',
'release_type' : 'release',
},
'cri_dockerd': {
'owner': 'Mirantis',
'repo': 'cri-dockerd',
'url_download': 'https://github.com/Mirantis/cri-dockerd/releases/download/vVERSION/cri-dockerd-VERSION.ARCH.tgz',
'placeholder_version': ['cri_dockerd_version'],
'placeholder_checksum' : 'cri_dockerd_archive_checksums',
'checksum_structure' : 'arch',
'release_type' : 'release',
},
'crio': {
'owner': 'cri-o',
'repo': 'cri-o',
'url_download': 'https://storage.googleapis.com/cri-o/artifacts/cri-o.ARCH.VERSION.tar.gz',
'placeholder_version': ['crio_supported_versions', 'kube_major_version'],
'placeholder_checksum' : 'crio_archive_checksums',
'checksum_structure' : 'arch',
'release_type' : 'release',
},
'crun': {
'owner': 'containers',
'repo': 'crun',
'url_download': 'https://github.com/containers/crun/releases/download/VERSION/crun-VERSION-linux-ARCH',
'placeholder_version': ['crun_version'],
'placeholder_checksum' : 'crun_checksums',
'checksum_structure' : 'arch',
'release_type' : 'release',
},
'etcd': {
'owner': 'etcd-io',
'repo': 'etcd',
'url_download': 'https://github.com/etcd-io/etcd/releases/download/VERSION/SHA256SUMS',
'placeholder_version': ['etcd_supported_versions', 'kube_major_version'],
'placeholder_checksum' : 'etcd_binary_checksums',
'checksum_structure' : 'arch',
'release_type' : 'release',
},
'gvisor_containerd_shim': {
'owner': 'google',
'repo': 'gvisor',
'url_download': 'https://storage.googleapis.com/gvisor/releases/release/VERSION/ARCH/containerd-shim-runsc-v1',
'placeholder_version': ['gvisor_version'],
'placeholder_checksum' : 'gvisor_containerd_shim_binary_checksums',
'checksum_structure' : 'arch',
'release_type' : 'tag',
},
'gvisor_runsc': {
'owner': 'google',
'repo': 'gvisor',
'url_download': 'https://storage.googleapis.com/gvisor/releases/release/VERSION/ARCH/runsc',
'placeholder_version': ['gvisor_version'],
'placeholder_checksum' : 'gvisor_runsc_binary_checksums',
'checksum_structure' : 'arch',
'release_type' : 'tag',
},
'helm': {
'owner': 'helm',
'repo': 'helm',
'url_download': 'https://get.helm.sh/helm-VERSION-linux-ARCH.tar.gz',
'placeholder_version': ['helm_version'],
'placeholder_checksum' : 'helm_archive_checksums',
'checksum_structure' : 'arch',
'release_type' : 'release',
},

'kata_containers': {
'owner': 'kata-containers',
'repo': 'kata-containers',
'url_download': 'https://github.com/kata-containers/kata-containers/releases/download/VERSION/kata-static-VERSION-ARCH.tar.xz',
'placeholder_version': ['kata_containers_version'],
'placeholder_checksum' : 'kata_containers_binary_checksums',
'checksum_structure' : 'arch',
'release_type' : 'release',
},
'krew': {
'owner': 'kubernetes-sigs',
'repo': 'krew',
'url_download': 'https://github.com/kubernetes-sigs/krew/releases/download/VERSION/krew-OS_ARCH.tar.gz.sha256',
'placeholder_version': ['krew_version'],
'placeholder_checksum' : 'krew_archive_checksums',
'checksum_structure' : 'os_arch',
'release_type' : 'release',
},
'kubeadm': {
'owner': 'kubernetes',
'repo': 'kubernetes',
'url_download': 'https://dl.k8s.io/release/VERSION/bin/linux/ARCH/kubeadm.sha256',
'placeholder_version': ['kube_version'],
'placeholder_checksum' : 'kubeadm_checksums',
'checksum_structure' : 'arch',
'release_type' : 'release',
},
'kubectl': {
'owner': 'kubernetes',
'repo': 'kubernetes',
'url_download': 'https://dl.k8s.io/release/VERSION/bin/linux/ARCH/kubectl.sha256',
'placeholder_version': ['kube_version'],
'placeholder_checksum' : 'kubectl_checksums',
'checksum_structure' : 'arch',
'release_type' : 'release',
},
'kubelet': {
'owner': 'kubernetes',
'repo': 'kubernetes',
'url_download': 'https://dl.k8s.io/release/VERSION/bin/linux/ARCH/kubelet.sha256',
'placeholder_version': ['kube_version'],
'placeholder_checksum' : 'kubelet_checksums',
'checksum_structure' : 'arch',
'release_type' : 'release',
},
'nerdctl': {
'owner': 'containerd',
'repo': 'nerdctl',
'url_download': 'https://github.com/containerd/nerdctl/releases/download/vVERSION/SHA256SUMS',
'placeholder_version': ['nerdctl_version'],
'placeholder_checksum' : 'nerdctl_archive_checksums',
'checksum_structure' : 'arch',
'release_type' : 'release',
},
'runc': {
'owner': 'opencontainers',
'repo': 'runc',
'url_download': 'https://github.com/opencontainers/runc/releases/download/VERSION/runc.ARCH',
'placeholder_version': ['runc_version'],
'placeholder_checksum' : 'runc_checksums',
'checksum_structure' : 'arch',
'release_type' : 'release',
},
'skopeo': {
'owner': 'containers',
'repo': 'skopeo',
'url_download': 'https://github.com/lework/skopeo-binary/releases/download/VERSION/skopeo-linux-ARCH',
'placeholder_version': ['skopeo_version'],
'placeholder_checksum' : 'skopeo_binary_checksums',
'checksum_structure' : 'arch',
'release_type' : 'release',
},
'youki': {
'owner': 'containers',
'repo': 'youki',
'url_download': 'https://github.com/containers/youki/releases/download/vVERSION/youki-VERSION-ARCH.tar.gz',
'placeholder_version': ['youki_version'],
'placeholder_checksum' : 'youki_checksums',
'checksum_structure' : 'arch',
'release_type' : 'release',
},
'yq': {
'owner': 'mikefarah',
'repo': 'yq',
'url_download': 'https://github.com/mikefarah/yq/releases/download/VERSION/checksums-bsd',
'placeholder_version': ['yq_version'],
'placeholder_checksum' : 'yq_checksums',
'checksum_structure' : 'arch',
'release_type' : 'release',
},
}
7 changes: 7 additions & 0 deletions scripts/dependency_requirements.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
certifi==2024.8.30
charset-normalizer==3.3.2
idna==3.9
requests==2.32.3
ruamel.yaml==0.18.6
ruamel.yaml.clib==0.2.8
urllib3==2.2.3
Loading

0 comments on commit cace6ca

Please sign in to comment.