Update dependencies #341
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow proposes updates to the dependencies that dependabot cannot | |
name: Update dependencies | |
on: | |
# Allow manual executions | |
workflow_dispatch: | |
# Run nightly | |
schedule: | |
- cron: '0 0 * * *' | |
jobs: | |
# Note that although the Azimuth components all have Helm charts, we use the | |
# GitHub releases to discover new versions, so that we only get tagged versions | |
# For Azimuth components, we also allow pre-releases so we can easily cut release candidates | |
propose_github_release_updates: | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
include: | |
# - key: ansible-slurm-appliance | |
# path: ./roles/azimuth_caas_operator/defaults/main.yml | |
# repository: stackhpc/ansible-slurm-appliance | |
# prereleases: "yes" | |
# version_jsonpath: azimuth_caas_stackhpc_slurm_appliance_git_version | |
- key: azimuth | |
path: ./roles/azimuth/defaults/main.yml | |
repository: stackhpc/azimuth | |
prereleases: "yes" | |
version_jsonpath: azimuth_chart_version | |
- key: azimuth-caas-operator | |
path: ./roles/azimuth_caas_operator/defaults/main.yml | |
repository: stackhpc/azimuth-caas-operator | |
prereleases: "yes" | |
version_jsonpath: azimuth_caas_operator_chart_version | |
- key: azimuth-capi-operator | |
path: ./roles/azimuth_capi_operator/defaults/main.yml | |
repository: stackhpc/azimuth-capi-operator | |
prereleases: "yes" | |
version_jsonpath: azimuth_capi_operator_chart_version | |
- key: azimuth-identity-operator | |
path: ./roles/azimuth_identity_operator/defaults/main.yml | |
repository: stackhpc/azimuth-identity-operator | |
prereleases: "yes" | |
version_jsonpath: azimuth_identity_operator_chart_version | |
- key: azimuth-images | |
path: ./roles/community_images/defaults/main.yml | |
repository: stackhpc/azimuth-images | |
prereleases: "yes" | |
version_jsonpath: community_images_azimuth_images_version | |
- key: azimuth-schedule-operator | |
path: ./roles/azimuth_schedule_operator/defaults/main.yml | |
repository: stackhpc/azimuth-schedule-operator | |
prereleases: "yes" | |
version_jsonpath: azimuth_schedule_operator_chart_version | |
- key: caas-workstation | |
path: ./roles/azimuth_caas_operator/defaults/main.yml | |
repository: stackhpc/caas-workstation | |
prereleases: "yes" | |
version_jsonpath: azimuth_caas_stackhpc_workstation_git_version | |
- key: caas-repo2docker | |
path: ./roles/azimuth_caas_operator/defaults/main.yml | |
repository: stackhpc/caas-repo2docker | |
prereleases: "yes" | |
version_jsonpath: azimuth_caas_stackhpc_repo2docker_git_version | |
- key: caas-rstudio | |
path: ./roles/azimuth_caas_operator/defaults/main.yml | |
repository: stackhpc/caas-r-studio-server | |
prereleases: "yes" | |
version_jsonpath: azimuth_caas_stackhpc_rstudio_git_version | |
- key: capi-helm-openstack-cluster | |
path: ./roles/capi_cluster/defaults/main.yml | |
repository: stackhpc/capi-helm-charts | |
prereleases: "yes" | |
version_jsonpath: capi_cluster_chart_version | |
- key: cluster-api | |
path: ./roles/clusterapi/defaults/main.yml | |
repository: kubernetes-sigs/cluster-api | |
version_jsonpath: clusterapi_core_version | |
- key: cluster-api-provider-openstack | |
path: ./roles/clusterapi/defaults/main.yml | |
repository: kubernetes-sigs/cluster-api-provider-openstack | |
version_jsonpath: clusterapi_openstack_version | |
- key: cluster-api-addon-provider | |
path: ./roles/clusterapi/defaults/main.yml | |
repository: stackhpc/cluster-api-addon-provider | |
prereleases: "yes" | |
version_jsonpath: clusterapi_addon_provider_chart_version | |
- key: cluster-api-janitor-openstack | |
path: ./roles/clusterapi/defaults/main.yml | |
repository: stackhpc/cluster-api-janitor-openstack | |
prereleases: "yes" | |
version_jsonpath: clusterapi_janitor_openstack_chart_version | |
- key: helm | |
path: ./roles/helm/defaults/main.yml | |
repository: helm/helm | |
version_jsonpath: helm_version | |
- key: k3s | |
path: ./roles/k3s/defaults/main.yml | |
repository: k3s-io/k3s | |
version_jsonpath: k3s_version | |
- key: keycloak-operator | |
path: ./roles/keycloak/defaults/main.yml | |
repository: keycloak/keycloak-k8s-resources | |
tags: "yes" | |
version_jsonpath: keycloak_operator_version | |
- key: kustomize | |
path: ./roles/kustomize/defaults/main.yml | |
repository: kubernetes-sigs/kustomize | |
version_jsonpath: kustomize_version | |
- key: velero-cli | |
path: ./roles/velero/defaults/main.yml | |
repository: vmware-tanzu/velero | |
version_jsonpath: velero_cli_version | |
- key: velero-plugin-for-aws | |
path: ./roles/velero/defaults/main.yml | |
repository: vmware-tanzu/velero-plugin-for-aws | |
version_jsonpath: velero_s3_plugin_image_version | |
- key: velero-plugin-for-csi | |
path: ./roles/velero/defaults/main.yml | |
repository: vmware-tanzu/velero-plugin-for-csi | |
version_jsonpath: velero_csi_plugin_image_version | |
- key: zenith | |
path: ./roles/zenith/defaults/main.yml | |
repository: stackhpc/zenith | |
prereleases: "yes" | |
version_jsonpath: zenith_chart_version | |
name: ${{ matrix.key }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Check for most recent GitHub release | |
id: next | |
uses: stackhpc/github-actions/github-latest-release@master | |
with: | |
repository: ${{ matrix.repository }} | |
prereleases: ${{ matrix.prereleases || 'no' }} | |
tags: ${{ matrix.tags || 'no' }} | |
- name: Update dependency key | |
uses: stackhpc/github-actions/config-update@master | |
with: | |
path: ${{ matrix.path }} | |
updates: | | |
${{ matrix.version_jsonpath }}=${{ steps.next.outputs.version }} | |
- name: Generate app token for PR | |
uses: stackhpc/github-actions/generate-app-token@master | |
id: generate-app-token | |
with: | |
repository: ${{ github.repository }} | |
app-id: ${{ secrets.APP_ID }} | |
app-private-key: ${{ secrets.APP_PRIVATE_KEY }} | |
- name: Propose changes via PR if required | |
uses: peter-evans/create-pull-request@v6 | |
with: | |
token: ${{ steps.generate-app-token.outputs.token }} | |
commit-message: >- | |
Update ${{ matrix.key }} to ${{ steps.next.outputs.version }} | |
branch: update-dependency/${{ matrix.key }} | |
delete-branch: true | |
title: >- | |
Update ${{ matrix.key }} to ${{ steps.next.outputs.version }} | |
body: > | |
This PR was created automatically to update | |
${{ matrix.key }} to ${{ steps.next.outputs.version }}. | |
labels: | | |
automation | |
dependency-update | |
propose_helm_chart_updates: | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
include: | |
- key: cert-manager | |
path: ./roles/certmanager/defaults/main.yml | |
chart_repo_jsonpath: certmanager_chart_repo | |
chart_name_jsonpath: certmanager_chart_name | |
chart_version_jsonpath: certmanager_chart_version | |
- key: cloud-metrics-grafana | |
path: ./roles/cloud_metrics/defaults/main.yml | |
chart_repo_jsonpath: cloud_metrics_grafana_chart_repo | |
chart_name_jsonpath: cloud_metrics_grafana_chart_name | |
chart_version_jsonpath: cloud_metrics_grafana_chart_version | |
- key: harbor | |
path: ./roles/harbor/defaults/main.yml | |
chart_repo_jsonpath: harbor_chart_repo | |
chart_name_jsonpath: harbor_chart_name | |
chart_version_jsonpath: harbor_chart_version | |
- key: helm-dashboard | |
path: ./roles/helm_dashboard/defaults/main.yml | |
chart_repo_jsonpath: helm_dashboard_chart_repo | |
chart_name_jsonpath: helm_dashboard_chart_name | |
chart_version_jsonpath: helm_dashboard_chart_version | |
- key: ingress-nginx | |
path: ./roles/ingress_nginx/defaults/main.yml | |
chart_repo_jsonpath: ingress_nginx_chart_repo | |
chart_name_jsonpath: ingress_nginx_chart_name | |
chart_version_jsonpath: ingress_nginx_chart_version | |
- key: kube-prometheus-stack | |
path: ./roles/kube_prometheus_stack/defaults/main.yml | |
chart_repo_jsonpath: kube_prometheus_stack_chart_repo | |
chart_name_jsonpath: kube_prometheus_stack_chart_name | |
chart_version_jsonpath: kube_prometheus_stack_chart_version | |
- key: kubernetes-dashboard | |
path: ./roles/kubernetes_dashboard/defaults/main.yml | |
chart_repo_jsonpath: kubernetes_dashboard_chart_repo | |
chart_name_jsonpath: kubernetes_dashboard_chart_name | |
chart_version_jsonpath: kubernetes_dashboard_chart_version | |
- key: snapshot-controller | |
path: ./roles/velero/defaults/main.yml | |
chart_repo_jsonpath: velero_csi_snapshot_controller_chart_repo | |
chart_name_jsonpath: velero_csi_snapshot_controller_chart_name | |
chart_version_jsonpath: velero_csi_snapshot_controller_chart_version | |
- key: velero | |
path: ./roles/velero/defaults/main.yml | |
chart_repo_jsonpath: velero_chart_repo | |
chart_name_jsonpath: velero_chart_name | |
chart_version_jsonpath: velero_chart_version | |
name: ${{ matrix.key }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Extract repo and chart | |
id: chart-info | |
uses: stackhpc/github-actions/config-extract@master | |
with: | |
path: ${{ matrix.path }} | |
outputs: | | |
repo=${{ matrix.chart_repo_jsonpath }} | |
name=${{ matrix.chart_name_jsonpath }} | |
- name: Check for updates | |
id: next | |
uses: stackhpc/github-actions/helm-latest-version@master | |
with: | |
repository: ${{ steps.chart-info.outputs.repo }} | |
chart: ${{ steps.chart-info.outputs.name }} | |
- name: Update chart version | |
uses: stackhpc/github-actions/config-update@master | |
with: | |
path: ${{ matrix.path }} | |
updates: | | |
${{ matrix.chart_version_jsonpath }}=${{ steps.next.outputs.version }} | |
- name: Generate app token for PR | |
uses: stackhpc/github-actions/generate-app-token@master | |
id: generate-app-token | |
with: | |
repository: ${{ github.repository }} | |
app-id: ${{ secrets.APP_ID }} | |
app-private-key: ${{ secrets.APP_PRIVATE_KEY }} | |
- name: Propose changes via PR if required | |
uses: peter-evans/create-pull-request@v6 | |
with: | |
token: ${{ steps.generate-app-token.outputs.token }} | |
commit-message: >- | |
Update ${{ matrix.key }} to ${{ steps.next.outputs.version }} | |
branch: update-dependency/${{ matrix.key }} | |
delete-branch: true | |
title: >- | |
Update ${{ matrix.key }} to ${{ steps.next.outputs.version }} | |
body: > | |
This PR was created automatically to update | |
${{ matrix.key }} to ${{ steps.next.outputs.version }}. | |
labels: | | |
automation | |
dependency-update |