Update notebook image build commit hashes #36
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
# The aim of this GitHub workflow is to update the params.env file with the latest digest. | |
name: Update notebook image build commit hashes | |
on: # yamllint disable-line rule:truthy | |
workflow_dispatch: | |
inputs: | |
branch: | |
required: true | |
description: "Provide the name of the branch you want to update ex main, vYYYYx etc: " | |
# Put the scheduler on comment until automate the full release procedure | |
# schedule: | |
# - cron: "0 0 * * 5" #Scheduled every Friday | |
env: | |
DIGEST_UPDATER_BRANCH: digest-updater-${{ github.run_id }} | |
BRANCH_NAME: ${{ github.event.inputs.branch || 'main' }} | |
RELEASE_VERSION_N: 2024b | |
RELEASE_VERSION_N_1: 2024a | |
jobs: | |
initialize: | |
runs-on: ubuntu-latest | |
permissions: | |
contents: write | |
steps: | |
- name: Install Skopeo CLI | |
shell: bash | |
run: | | |
sudo apt-get -y update | |
sudo apt-get -y install skopeo | |
# Checkout the branch | |
- name: Checkout branch | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ env.BRANCH_NAME }} | |
# Create a new branch | |
- name: Create a new branch | |
run: | | |
echo ${{ env.DIGEST_UPDATER_BRANCH }} | |
git checkout -b ${{ env.DIGEST_UPDATER_BRANCH }} | |
git push --set-upstream origin ${{ env.DIGEST_UPDATER_BRANCH }} | |
update-n-version: | |
needs: [initialize] | |
runs-on: ubuntu-latest | |
permissions: | |
contents: write | |
steps: | |
- name: Configure Git | |
run: | | |
git config --global user.email "github-actions[bot]@users.noreply.github.com" | |
git config --global user.name "GitHub Actions" | |
# Get latest build commit from the https://github.com/opendatahub-io/notebooks/${release_branch} using this as identifier for the latest tag name | |
- name: Retrive latest commit hash from the release branch | |
id: hash-n | |
shell: bash | |
run: | | |
PAYLOAD=$(curl --silent -H 'Accept: application/vnd.github.v4.raw' https://api.github.com/repos/opendatahub-io/notebooks/commits?sha=$RELEASE_VERSION_N&per_page=1) | |
echo "HASH_N=$(echo $PAYLOAD | jq -r '.[0].sha[0:7]')" >> ${GITHUB_OUTPUT} | |
# Checkout the release branch to apply the updates | |
- name: Checkout release branch | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ env.DIGEST_UPDATER_BRANCH }} | |
- name: Update the params.env file | |
run: | | |
PARAMS_ENV_PATH="manifests/base/params.env" | |
echo Latest commit is: ${{ steps.hash-n.outputs.HASH_N }} on ${{ env.RELEASE_VERSION_N }} | |
# Get the complete list of images N-version to update | |
IMAGES=$(grep "\-n=" "${PARAMS_ENV_PATH}" | cut -d "=" -f 1) | |
for image in ${IMAGES}; do | |
echo "CHECKING: '${image}'" | |
img=$(grep -E "${image}=" "${PARAMS_ENV_PATH}" | cut -d '=' -f2) | |
registry=$(echo "${img}" | cut -d '@' -f1) | |
skopeo_metadata=$(skopeo inspect --retry-times 3 "docker://${img}") | |
src_tag=$(echo "${skopeo_metadata}" | jq '.Env[] | select(startswith("OPENSHIFT_BUILD_NAME=")) | split("=")[1]' | tr -d '"' | sed 's/-amd64$//') | |
regex="^$src_tag-${{ env.RELEASE_VERSION_N}}-\d+-${{ steps.hash-n.outputs.HASH_N }}\$" | |
latest_tag=$(echo "${skopeo_metadata}" | jq -r --arg regex "$regex" '.RepoTags | map(select(. | test($regex))) | .[0]') | |
# use `--no-tags` for skopeo once available in newer version | |
digest=$(skopeo inspect --retry-times 3 "docker://${registry}:${latest_tag}" | jq .Digest | tr -d '"') | |
output="${registry}@${digest}" | |
echo "NEW: ${output}" | |
sed -i "s|${image}=.*|${image}=${output}|" "${PARAMS_ENV_PATH}" | |
done | |
if [[ $(git status --porcelain | wc -l) -gt 0 ]]; then | |
git fetch origin ${{ env.DIGEST_UPDATER_BRANCH }} && \ | |
git pull origin ${{ env.DIGEST_UPDATER_BRANCH }} && \ | |
git add "${PARAMS_ENV_PATH}" && \ | |
git commit -m "Update images for release N via ${{ env.DIGEST_UPDATER_BRANCH }} GitHub action" && \ | |
git push origin ${{ env.DIGEST_UPDATER_BRANCH }} | |
else | |
echo "There were no changes detected in the images for the ${{ env.RELEASE_VERSION_N }}" | |
fi | |
- name: Update the commit.env file | |
run: | | |
COMMIT_ENV_PATH="manifests/base/commit.env" | |
echo Latest commit is: ${{ steps.hash-n.outputs.HASH_N }} on ${{ env.RELEASE_VERSION_N }} | |
# Get the complete list of commits N-version to update | |
COMMIT=$(grep "\-n=" "${COMMIT_ENV_PATH}" | cut -d "=" -f 1) | |
for val in ${COMMIT}; do | |
echo "${val}" | |
sed -i "s|${val}=.*|${val}=${{ steps.hash-n.outputs.HASH_N }}|" "${COMMIT_ENV_PATH}" | |
done | |
if [[ $(git status --porcelain | wc -l) -gt 0 ]]; then | |
git fetch origin ${{ env.DIGEST_UPDATER_BRANCH }} && \ | |
git pull origin ${{ env.DIGEST_UPDATER_BRANCH }} && \ | |
git add "${COMMIT_ENV_PATH}" && \ | |
git commit -m "Update image commits for release N via ${{ env.DIGEST_UPDATER_BRANCH }} GitHub action" && \ | |
git push origin ${{ env.DIGEST_UPDATER_BRANCH }} | |
else | |
echo "There were no changes detected in the images for the ${{ env.RELEASE_VERSION_N }}" | |
fi | |
update-n-1-version: | |
needs: [initialize, update-n-version] | |
runs-on: ubuntu-latest | |
permissions: | |
contents: write | |
steps: | |
- name: Configure Git | |
run: | | |
git config --global user.email "github-actions[bot]@users.noreply.github.com" | |
git config --global user.name "GitHub Actions" | |
# Get latest build commit from the https://github.com/opendatahub-io/notebooks/${release_branch} using this as identifier for the latest tag name | |
- name: Retrive latest commit hash from the release branch | |
id: hash-n-1 | |
shell: bash | |
run: | | |
PAYLOAD=$(curl --silent -H 'Accept: application/vnd.github.v4.raw' https://api.github.com/repos/opendatahub-io/notebooks/commits?sha=$RELEASE_VERSION_N_1&per_page=1) | |
echo "HASH_N_1=$(echo $PAYLOAD | jq -r '.[0].sha[0:7]')" >> ${GITHUB_OUTPUT} | |
# Checkout the release branch to apply the updates | |
- name: Checkout release branch | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ env.DIGEST_UPDATER_BRANCH }} | |
- name: Update the param.env file | |
run: | | |
PARAMS_ENV_PATH="manifests/base/params.env" | |
echo Latest commit is: ${{ steps.hash-n-1.outputs.HASH_N_1 }} on ${{ env.RELEASE_VERSION_N_1 }} | |
# Get the complete list of images N-1-version to update | |
IMAGES=$(grep "\-n-1=" "${PARAMS_ENV_PATH}" | cut -d "=" -f 1) | |
for image in ${IMAGES}; do | |
echo "CHECKING: '${image}'" | |
img=$(grep -E "${image}=" "${PARAMS_ENV_PATH}" | cut -d '=' -f2) | |
registry=$(echo "${img}" | cut -d '@' -f1) | |
skopeo_metadata=$(skopeo inspect --retry-times 3 "docker://${img}") | |
src_tag=$(echo "${skopeo_metadata}" | jq '.Env[] | select(startswith("OPENSHIFT_BUILD_NAME=")) | split("=")[1]' | tr -d '"' | sed 's/-amd64$//') | |
regex="^$src_tag-${{ env.RELEASE_VERSION_N_1}}-\d+-${{ steps.hash-n-1.outputs.HASH_N_1 }}\$" | |
latest_tag=$(echo "${skopeo_metadata}" | jq -r --arg regex "$regex" '.RepoTags | map(select(. | test($regex))) | .[0]') | |
# use `--no-tags` for skopeo once available in newer version | |
digest=$(skopeo inspect --retry-times 3 "docker://${registry}:${latest_tag}" | jq .Digest | tr -d '"') | |
output="${registry}@${digest}" | |
echo "NEW: ${output}" | |
sed -i "s|${image}=.*|${image}=${output}|" "${PARAMS_ENV_PATH}" | |
done | |
if [[ $(git status --porcelain | wc -l) -gt 0 ]]; then | |
git fetch origin ${{ env.DIGEST_UPDATER_BRANCH }} && \ | |
git pull origin ${{ env.DIGEST_UPDATER_BRANCH }} && \ | |
git add "${PARAMS_ENV_PATH}" && \ | |
git commit -m "Update images for release N-1 via ${{ env.DIGEST_UPDATER_BRANCH }} GitHub action" && \ | |
git push origin ${{ env.DIGEST_UPDATER_BRANCH }} | |
else | |
echo "There were no changes detected in the images for the ${{ env.RELEASE_VERSION_N_1 }}" | |
fi | |
- name: Update the commit.env file | |
run: | | |
COMMIT_ENV_PATH="manifests/base/commit.env" | |
echo Latest commit is: ${{ steps.hash-n-1.outputs.HASH_N_1 }} on ${{ env.RELEASE_VERSION_N_1 }} | |
# Get the complete list of images N-1-version to update | |
COMMIT=$(grep "\-n-1=" "${COMMIT_ENV_PATH}" | cut -d "=" -f 1) | |
for val in ${COMMIT}; do | |
echo "${val}" | |
sed -i "s|${val}=.*|${val}=${{ steps.hash-n-1.outputs.HASH_N_1 }}|" "${COMMIT_ENV_PATH}" | |
done | |
if [[ $(git status --porcelain | wc -l) -gt 0 ]]; then | |
git fetch origin ${{ env.DIGEST_UPDATER_BRANCH }} && \ | |
git pull origin ${{ env.DIGEST_UPDATER_BRANCH }} && \ | |
git add "${COMMIT_ENV_PATH}" && \ | |
git commit -m "Update image commits for release N-1 via ${{ env.DIGEST_UPDATER_BRANCH }} GitHub action" && \ | |
git push origin ${{ env.DIGEST_UPDATER_BRANCH }} | |
else | |
echo "There were no changes detected in the images for the ${{ env.RELEASE_VERSION_N_1 }}" | |
fi | |
open-pull-request: | |
needs: [update-n-version, update-n-1-version] | |
runs-on: ubuntu-latest | |
permissions: | |
pull-requests: write | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v4 | |
- name: pull-request | |
uses: repo-sync/pull-request@v2 | |
with: | |
source_branch: ${{ env.DIGEST_UPDATER_BRANCH }} | |
destination_branch: ${{ env.BRANCH_NAME }} | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
pr_label: "automated pr" | |
pr_title: "[Digest Updater Action] Update Notebook Images" | |
pr_body: | | |
:rocket: This is an automated Pull Request. | |
Created by `/.github/workflows/notebooks-digest-updater-upstream.yaml` | |
This PR updates the following files: | |
- `manifests/base/params.env` file with the latest updated SHA digests of the notebooks (N & N-1). | |
- `manifests/base/commit.env` file with the latest commit (N & N-1). | |
:exclamation: **IMPORTANT NOTE**: Remember to delete the `${{ env.DIGEST_UPDATER_BRANCH }}` branch after merging the changes |