Expand updatecli action to open updates on release branches

Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-02-06 21:07:12 -08:00 · 2024-02-06 21:07:12 -08:00 · 0d273cc385
parent fae0d99863
commit 0d273cc385
5 changed files with 53 additions and 4 deletions
--- a/.github/workflows/updatecli.yaml
+++ b/.github/workflows/updatecli.yaml
@ -38,9 +38,48 @@ jobs:
      - name: Install Updatecli
        uses: updatecli/updatecli-action@v2

-      - name: Apply Updatecli
+      - name: Apply Updatecli to master branch
        # Never use '--debug' option, because it might leak the access tokens.
        run: "updatecli apply --clean --config ./updatecli/updatecli.d/ --values ./updatecli/values.yaml"
        env:
          UPDATECLI_GITHUB_ACTOR: ${{ github.actor }}
          UPDATECLI_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  updatecli-matrix:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      issues: write
+      pull-requests: write
+    strategy:
+      matrix:
+        release: [1.26, 1.27, 1.28]
+    if: github.ref == 'refs/heads/master'
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Install Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: 'stable'
+
+      - name: Delete leftover UpdateCLI branches
+        run: |
+          gh pr list --search "is:closed is:pr head:updatecli_" --json headRefName --jq ".[].headRefName" | sort -u > closed_prs_branches.txt
+          gh pr list --search "is:open is:pr head:updatecli_" --json headRefName --jq ".[].headRefName" | sort -u > open_prs_branches.txt
+          for branch in $(comm -23 closed_prs_branches.txt open_prs_branches.txt); do if (git ls-remote --exit-code --heads origin "$branch"); then echo "Deleting leftover UpdateCLI branch - $branch"; git push origin --delete "$branch"; fi done
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Install Updatecli
+        uses: updatecli/updatecli-action@v2
+
+      - name: Inject branch from matrix
+        run: sed -i "s/XXX/${{ matrix.release }}/g" ./updatecli/matrix.yaml
+
+      - name: Apply Updatecli to matrix of release branch
+        # Never use '--debug' option, because it might leak the access tokens.
+        run: "updatecli apply --clean --config ./updatecli/updatecli.d/ --values ./updatecli/matrix.yaml"
+        env:
+          UPDATECLI_GITHUB_ACTOR: ${{ github.actor }}
+          UPDATECLI_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
--- a/updatecli/matrix.yaml
+++ b/updatecli/matrix.yaml
@ -0,0 +1,10 @@
+# This is used as a template to inject the matrix configuration into the updatecli command
+github:
+  user: "github-actions[bot]"
+  email: "41898282+github-actions[bot]@users.noreply.github.com"
+  username: "UPDATECLI_GITHUB_ACTOR"
+  token: "UPDATECLI_GITHUB_TOKEN"
+k3s:
+  org: "k3s-io"
+  repo: "k3s"
+  branch: "release-XXX"
--- a/updatecli/updatecli.d/golang-alpine.yaml
+++ b/updatecli/updatecli.d/golang-alpine.yaml
@ -16,7 +16,7 @@ scms:

 actions:
  github:
-    title: "Bump golang:alpine image version"
+    title: "[{{ .k3s.branch }}] Bump golang:alpine image version"
    kind: "github/pullrequest"
    scmid: "k3s"
    spec:
--- a/updatecli/updatecli.d/sonobuoy.yaml
+++ b/updatecli/updatecli.d/sonobuoy.yaml
@ -14,7 +14,7 @@ scms:

 actions:
  github:
-    title: "Bump Sonobuoy version"
+    title: "[{{ .k3s.branch }}] Bump Sonobuoy version"
    kind: "github/pullrequest"
    scmid: "k3s"
    spec:
--- a/updatecli/updatecli.d/trivy.yaml
+++ b/updatecli/updatecli.d/trivy.yaml
@ -16,7 +16,7 @@ scms:

 actions:
  github:
-    title: "Bump Trivy version"
+    title: "[{{ .k3s.branch }}] Bump Trivy version"
    kind: "github/pullrequest"
    scmid: "k3s"
    spec: