From 1b00eecd44f49a8245baf2c1db09f9b94d2c3b83 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Wed, 28 Aug 2024 17:29:25 +0200 Subject: [PATCH] updatecli: use updatecli policies (#13934) (cherry picked from commit 3351902f87ecf36b2d8caa79252951474ba348e0) # Conflicts: # .github/workflows/bump-golang.yml --- .../bump-elastic-stack-snapshot.yml | 5 ++- .ci/{ => updatecli}/bump-golang.yml | 5 ++- .ci/{ => updatecli}/update-beats.yml | 5 ++- .ci/updatecli/values.d/ironbank.yml | 2 + .ci/updatecli/values.d/scm.yml | 14 ++++++ .ci/updatecli/values.d/updatecli-compose.yml | 3 ++ .github/workflows/bump-elastic-stack.yml | 6 +-- .github/workflows/bump-golang.yml | 33 +++++++++++++- .github/workflows/update-beats.yml | 6 +-- .github/workflows/update-compose.yml | 44 +++++++++++++++++++ updatecli-compose.yaml | 14 ++++++ 11 files changed, 123 insertions(+), 14 deletions(-) rename .ci/{ => updatecli}/bump-elastic-stack-snapshot.yml (92%) rename .ci/{ => updatecli}/bump-golang.yml (95%) rename .ci/{ => updatecli}/update-beats.yml (92%) create mode 100644 .ci/updatecli/values.d/ironbank.yml create mode 100644 .ci/updatecli/values.d/scm.yml create mode 100644 .ci/updatecli/values.d/updatecli-compose.yml create mode 100644 .github/workflows/update-compose.yml create mode 100644 updatecli-compose.yaml diff --git a/.ci/bump-elastic-stack-snapshot.yml b/.ci/updatecli/bump-elastic-stack-snapshot.yml similarity index 92% rename from .ci/bump-elastic-stack-snapshot.yml rename to .ci/updatecli/bump-elastic-stack-snapshot.yml index 9d276bc318..2706f8a0e3 100644 --- a/.ci/bump-elastic-stack-snapshot.yml +++ b/.ci/updatecli/bump-elastic-stack-snapshot.yml @@ -21,8 +21,9 @@ scms: kind: github spec: user: '{{ requiredEnv "GITHUB_ACTOR" }}' - owner: elastic - repository: apm-server + username: '{{ requiredEnv "GITHUB_ACTOR" }}' + owner: '{{ .scm.owner }}' + repository: '{{ .scm.repository }}' token: '{{ requiredEnv "GITHUB_TOKEN" }}' branch: '{{ requiredEnv "BRANCH" }}' commitusingapi: true diff --git a/.ci/bump-golang.yml b/.ci/updatecli/bump-golang.yml similarity index 95% rename from .ci/bump-golang.yml rename to .ci/updatecli/bump-golang.yml index b863c09485..3599b14a8a 100644 --- a/.ci/bump-golang.yml +++ b/.ci/updatecli/bump-golang.yml @@ -24,8 +24,9 @@ scms: kind: github spec: user: '{{ requiredEnv "GITHUB_ACTOR" }}' - owner: elastic - repository: apm-server + username: '{{ requiredEnv "GITHUB_ACTOR" }}' + owner: '{{ .scm.owner }}' + repository: '{{ .scm.repository }}' token: '{{ requiredEnv "GITHUB_TOKEN" }}' branch: main commitusingapi: true diff --git a/.ci/update-beats.yml b/.ci/updatecli/update-beats.yml similarity index 92% rename from .ci/update-beats.yml rename to .ci/updatecli/update-beats.yml index 21b1953faa..354f2f68f3 100644 --- a/.ci/update-beats.yml +++ b/.ci/updatecli/update-beats.yml @@ -7,8 +7,9 @@ scms: kind: github spec: user: '{{ requiredEnv "GITHUB_ACTOR" }}' - owner: elastic - repository: apm-server + username: '{{ requiredEnv "GITHUB_ACTOR" }}' + owner: '{{ .scm.owner }}' + repository: '{{ .scm.repository }}' token: '{{ requiredEnv "GITHUB_TOKEN" }}' branch: '{{ requiredEnv "BRANCH_NAME" }}' commitusingapi: true diff --git a/.ci/updatecli/values.d/ironbank.yml b/.ci/updatecli/values.d/ironbank.yml new file mode 100644 index 0000000000..5ba6727be2 --- /dev/null +++ b/.ci/updatecli/values.d/ironbank.yml @@ -0,0 +1,2 @@ +config: + - path: packaging/ironbank diff --git a/.ci/updatecli/values.d/scm.yml b/.ci/updatecli/values.d/scm.yml new file mode 100644 index 0000000000..1b3a48c25b --- /dev/null +++ b/.ci/updatecli/values.d/scm.yml @@ -0,0 +1,14 @@ +scm: + enabled: true + owner: elastic + repository: apm-server + branch: main + # begin updatecli-compose policy values + user: obltmachine + email: obltmachine@users.noreply.github.com + commitusingapi: true + # end updatecli-compose policy values + +# This will be moved to the scm section in the future and use +# commitusingapi instead. +signedcommit: true diff --git a/.ci/updatecli/values.d/updatecli-compose.yml b/.ci/updatecli/values.d/updatecli-compose.yml new file mode 100644 index 0000000000..02df609f2a --- /dev/null +++ b/.ci/updatecli/values.d/updatecli-compose.yml @@ -0,0 +1,3 @@ +spec: + files: + - "updatecli-compose.yaml" \ No newline at end of file diff --git a/.github/workflows/bump-elastic-stack.yml b/.github/workflows/bump-elastic-stack.yml index 894f6a3c1b..65c6e4d9d2 100644 --- a/.github/workflows/bump-elastic-stack.yml +++ b/.github/workflows/bump-elastic-stack.yml @@ -30,15 +30,15 @@ jobs: with: ref: ${{ matrix.branch }} - - uses: elastic/oblt-actions/updatecli/run@v1.9.1 + - uses: elastic/oblt-actions/updatecli/run@v1 with: - command: --experimental apply --config .ci/bump-elastic-stack-snapshot.yml + command: --experimental apply --config .ci/updatecli/bump-elastic-stack-snapshot.yml --values .ci/updatecli/values.d/scm.yml env: BRANCH: ${{ matrix.branch }} GITHUB_TOKEN: ${{ secrets.UPDATECLI_GH_TOKEN }} - if: ${{ failure() }} - uses: elastic/oblt-actions/slack/send@v1.9.1 + uses: elastic/oblt-actions/slack/send@v1 with: channel-id: '#apm-server' message: ":traffic_cone: updatecli failed for `${{ github.repository }}@${{ github.ref_name }}`, @robots-ci please look what's going on " diff --git a/.github/workflows/bump-golang.yml b/.github/workflows/bump-golang.yml index 89b9b51fa9..9cfae7cb2a 100644 --- a/.github/workflows/bump-golang.yml +++ b/.github/workflows/bump-golang.yml @@ -16,14 +16,43 @@ jobs: - uses: actions/checkout@v4 - - uses: elastic/oblt-actions/updatecli/run@v1.9.1 + - uses: elastic/oblt-actions/updatecli/run@v1 with: - command: --experimental apply --config .ci/bump-golang.yml + command: --experimental apply --config .ci/updatecli/bump-golang.yml --values .ci/updatecli/values.d/scm.yml env: GITHUB_TOKEN: ${{ secrets.UPDATECLI_GH_TOKEN }} +<<<<<<< HEAD - if: ${{ failure() }} uses: elastic/oblt-actions/slack/send@v1.9.1 +======= + bump-7: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + ref: '7.17' + + - uses: elastic/oblt-actions/updatecli/run@v1 + with: + command: --experimental apply --config .ci/updatecli/bump-golang.yml --values .ci/updatecli/values.d/scm.yml + env: + GITHUB_TOKEN: ${{ secrets.UPDATECLI_GH_TOKEN }} + GITHUB_BRANCH: '7.17' + GITHUB_LABELS: 'backport-skip' + + notify: + runs-on: ubuntu-latest + needs: [bump, bump-7] + if: always() + steps: + - id: check + uses: elastic/apm-pipeline-library/.github/actions/check-dependent-jobs@current + with: + needs: ${{ toJSON(needs) }} + - if: ${{ steps.check.outputs.isSuccess == 'false' }} + uses: elastic/oblt-actions/slack/send@v1 +>>>>>>> 3351902f8 (updatecli: use updatecli policies (#13934)) with: bot-token: ${{ secrets.SLACK_BOT_TOKEN }} channel-id: "#apm-server" diff --git a/.github/workflows/update-beats.yml b/.github/workflows/update-beats.yml index 20af487d22..ef72d8b957 100644 --- a/.github/workflows/update-beats.yml +++ b/.github/workflows/update-beats.yml @@ -33,15 +33,15 @@ jobs: with: go-version-file: go.mod - - uses: elastic/oblt-actions/updatecli/run@v1.9.1 + - uses: elastic/oblt-actions/updatecli/run@v1 with: - command: --experimental apply --config .ci/update-beats.yml + command: --experimental apply --config .ci/updatecli/update-beats.yml --values .ci/updatecli/values.d/scm.yml env: BRANCH_NAME: ${{ matrix.branch }} GITHUB_TOKEN: ${{ secrets.UPDATECLI_GH_TOKEN }} - if: ${{ failure() }} - uses: elastic/oblt-actions/slack/send@v1.9.1 + uses: elastic/oblt-actions/slack/send@v1 with: channel-id: '#apm-server' message: ":traffic_cone: updatecli failed for `${{ github.repository }}@${{ github.ref_name }}`, @robots-ci please look what's going on " diff --git a/.github/workflows/update-compose.yml b/.github/workflows/update-compose.yml new file mode 100644 index 0000000000..e9abe45779 --- /dev/null +++ b/.github/workflows/update-compose.yml @@ -0,0 +1,44 @@ +--- +name: update-compose + +on: + workflow_dispatch: + schedule: + - cron: '0 6 * * *' + +permissions: + contents: read + +jobs: + compose: + runs-on: ubuntu-latest + permissions: + contents: read + packages: read + steps: + - uses: actions/checkout@v4 + + - uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - uses: elastic/oblt-actions/updatecli/run@v1 + with: + command: --experimental compose diff + env: + GITHUB_TOKEN: ${{ secrets.UPDATECLI_GH_TOKEN }} + + - uses: elastic/oblt-actions/updatecli/run@v1 + with: + command: --experimental compose apply + env: + GITHUB_TOKEN: ${{ secrets.UPDATECLI_GH_TOKEN }} + + - if: ${{ failure() }} + uses: elastic/oblt-actions/slack/send@v1 + with: + channel-id: '#apm-server' + message: ":traffic_cone: updatecli failed for `${{ github.repository }}@${{ github.ref_name }}`, @robots-ci please look what's going on " + bot-token: ${{ secrets.SLACK_BOT_TOKEN }} diff --git a/updatecli-compose.yaml b/updatecli-compose.yaml new file mode 100644 index 0000000000..1dabf4e147 --- /dev/null +++ b/updatecli-compose.yaml @@ -0,0 +1,14 @@ +# Config file for `updatecli compose ...`. +# https://www.updatecli.io/docs/core/compose/ +policies: + - name: Handle ironbank bumps + policy: ghcr.io/elastic/oblt-updatecli-policies/ironbank/templates:0.0.2@sha256:327ee971e3a974edc943f7f628145a47b202972f48e45c2054fddcd29f96a50a + values: + - .ci/updatecli/values.d/scm.yml + - .ci/updatecli/values.d/ironbank.yml + + - name: Update Updatecli policies + policy: ghcr.io/updatecli/policies/autodiscovery/updatecli:0.4.0@sha256:254367f5b1454fd6032b88b314450cd3b6d5e8d5b6c953eb242a6464105eb869 + values: + - .ci/updatecli/values.d/scm.yml + - .ci/updatecli/values.d/updatecli-compose.yml \ No newline at end of file