Skip to content

Commit

Permalink
feat: improve workflows
Browse files Browse the repository at this point in the history 
closes #4
closes #5
closes #6
  • Loading branch information
@ialejandro
ialejandro committed Aug 14, 2024
1 parent c48cc8b commit ca2c530
Show file tree
Hide file tree
Showing 6 changed files with 209 additions and 86 deletions.
64 changes: 64 additions & 0 deletions .github/updatecli/dependencies.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
scms:
cruise-control:
kind: github
spec:
owner: "linkedin"
repository: "cruise-control"
token: {{ requiredEnv "GITHUB_TOKEN" }}
branch: "main"
sources:
aws-msk-iam-auth:
kind: githubrelease
spec:
owner: "aws"
repository: "aws-msk-iam-auth"
token: {{ requiredEnv "GITHUB_TOKEN" }}
versionFilter:
kind: semver
transformers:
- trimprefix: "v"
cruise-control:
kind: gittag
scmid: cruise-control
spec:
versionfilter:
kind: semver
cruise-control-ui:
kind: githubrelease
spec:
owner: "linkedin"
repository: "cruise-control-ui"
token: {{ requiredEnv "GITHUB_TOKEN" }}
versionFilter:
kind: semver
transformers:
- trimprefix: "v"
conditions: {}
targets:
update-aws-msk-iam-auth-version:
name: "Update the value of ARG AWS_MSK_IAM_AUTH_VERSION in the Dockerfile"
sourceid: aws-msk-iam-auth
kind: dockerfile
spec:
file: Dockerfile
instruction:
keyword: "ARG"
matcher: "AWS_MSK_IAM_AUTH_VERSION"
update-cc-tag:
name: "Update the value of ARG CC_TAG in the Dockerfile"
sourceid: cruise-control
kind: dockerfile
spec:
file: Dockerfile
instruction:
keyword: "ARG"
matcher: "CC_TAG"
update-cc-ui-tag:
name: "Update the value of ARG CC_UI_TAG in the Dockerfile"
sourceid: cruise-control-ui
kind: dockerfile
spec:
file: Dockerfile
instruction:
keyword: "ARG"
matcher: "CC_UI_TAG"
108 changes: 80 additions & 28 deletions .github/workflows/check-changes.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,46 +13,98 @@ jobs:
uses: actions/checkout@v4
with:
fetch-depth: 0

- name: Get latest tag
id: latest_release
run: |
latest_release=$(curl -s https://api.github.com/repos/linkedin/cruise-control/tags | jq -r '.[0].name')
echo "latest_release=$latest_release" >> $GITHUB_OUTPUT

- name: Get current tag
id: current_release
run: |
current_release=$(grep lastTag .lastbuild | cut -d '=' -f 2)
echo "current_release=$current_release" >> $GITHUB_OUTPUT
# cc_tag
cc_current_release=$(grep "ARG CC_TAG" Dockerfile | cut -d '=' -f 2)
echo "cc_current_release=$cc_current_release" >> $GITHUB_OUTPUT
# cc_ui_tag
cc_ui_current_release=$(grep "ARG CC_TAG_UI" Dockerfile | cut -d '=' -f 2)
echo "cc_ui_current_release=$cc_ui_current_release" >> $GITHUB_OUTPUT
# iam_tag
iam_current_release=$(grep "ARG AWS_MSK_IAM_AUTH_VERSION" Dockerfile | cut -d '=' -f 2)
echo "iam_current_release=$iam_current_release" >> $GITHUB_OUTPUT
- name: Install updatecli
uses: updatecli/updatecli-action@v2

- name: Update dependencies
env:
GITHUB_TOKEN: ${{ secrets.PAT_GITHUB }}
run: |
updatecli apply --config .github/updatecli/dependencies.yaml --commit=false
- name: Get latest tag
id: latest_release
run: |
# cc_tag
cc_latest_release=$(grep "ARG CC_TAG" Dockerfile | cut -d '=' -f 2)
echo "cc_latest_release=$cc_latest_release" >> $GITHUB_OUTPUT
# cc_ui_tag
cc_ui_latest_release=$(grep "ARG CC_TAG_UI" Dockerfile | cut -d '=' -f 2)
echo "cc_ui_latest_release=$cc_ui_latest_release" >> $GITHUB_OUTPUT
# iam_tag
iam_latest_release=$(grep "ARG AWS_MSK_IAM_AUTH_VERSION" Dockerfile | cut -d '=' -f 2)
echo "iam_latest_release=$iam_latest_release" >> $GITHUB_OUTPUT
# complete tag
echo "complete_tag=cc$cc_latest_release-iam$iam_latest_release" >> $GITHUB_OUTPUT
- name: Check if exists changes
id: check_changes
env:
cc_latest_release: ${{ steps.latest_release.outputs.cc_latest_release }}
cc_ui_latest_release: ${{ steps.latest_release.outputs.cc_ui_latest_release }}
iam_latest_release: ${{ steps.latest_release.outputs.iam_latest_release }}
run: |
# check changes
if [ ${{ steps.latest_release.outputs.latest_release }} != ${{ steps.current_release.outputs.current_release }} ]; then
echo "release_changed=true" >> $GITHUB_OUTPUT
# Cruise Control
if [ "$cc_current_release" != "$cc_latest_release" ]; then
body+="Cruise Control version:\n"
body+=" - :information_source: Current: $cc_current_release\n"
body+=" - :up: Upgrade: $cc_latest_release\n"
body+=" - Changelog: https://github.com/linkedin/cruise-control/releases/tag/$cc_latest_release\n\n"
echo "release_changed=true" >> $GITHUB_OUTPUT
fi
# Cruise Control UI
if [ "$cc_ui_current_release" != "$cc_ui_latest_release" ]; then
body+="Cruise Control UI version:\n"
body+=" - :information_source: Current: $cc_ui_current_release\n"
body+=" - :up: Upgrade: $cc_ui_latest_release\n"
body+=" - Changelog: https://github.com/linkedin/cruise-control-ui/releases/tag/v$cc_ui_latest_release\n\n"
echo "release_changed=true" >> $GITHUB_OUTPUT
fi
# save file
echo "lastTag=$new_tag" > .lastbuild

- name: Create PR with .lastbuild changes
# IAM
if [ "$iam_current_release" != "$iam_latest_release" ]; then
body+="AWS IAM Auth version:\n"
body+=" - :information_source: Current: $iam_current_release\n"
body+=" - :up: Upgrade: $iam_latest_release\n"
body+=" - Changelog: https://github.com/aws/aws-msk-iam-auth/releases/tag/v$iam_latest_release\n\n"
echo "release_changed=true" >> $GITHUB_OUTPUT
fi
echo -e "$body" > pr-output.log
- name: Create PR changes
if: steps.check_changes.outputs.release_changed == 'true'
uses: peter-evans/create-pull-request@v6
with:
token: ${{ secrets.PAT_GITHUB }}
commit-message: "feat: new cruise-control version ${{ steps.latest_release.outputs.latest_release }}"
commit-message: "feat: new cruise-control version ${{ steps.latest_release.outputs.complete_tag }}"
signoff: false
branch: feat/upgrade-cruise-control-${{ steps.latest_release.outputs.latest_release }}
branch: feat/upgrade-cruise-control-${{ steps.latest_release.outputs.complete_tag }}
delete-branch: true
title: '[cruise-control] new release: ${{ steps.latest_release.outputs.latest_release }}'
body: |
Cruise Control version:
- :information_source: Current: `${{ steps.current_release.outputs.current_release }}`
- :up: Upgrade: `${{ steps.latest_release.outputs.latest_release }}`
Changelog: https://github.com/linkedin/cruise-control/releases/tag/${{ steps.latest_release.outputs.latest_release }}
title: '[cruise-control] new release: ${{ steps.latest_release.outputs.complete_tag }}'
body-path: pr-output.log
labels: |
auto-pr-bump-version
team-reviewers: devops-ia
119 changes: 63 additions & 56 deletions .github/workflows/release.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,22 +7,20 @@ env:
GHCR_REPO: ${{ github.repository }}

on:
workflow_dispatch:
push:
branches:
- main
paths:
- .lastbuild
workflow_dispatch:
- Dockerfile

jobs:
release:
name: Create tag release
runs-on: ubuntu-latest
strategy:
matrix:
jdk_version:
- 11
- 17
jdk_version: [11, 17]

permissions:
contents: write
Expand All @@ -36,44 +34,81 @@ jobs:
with:
fetch-depth: 0

- name: Read .lastbuild file
- name: Read tags from Dockerfile
id: current_tag
run: |
current_tag=$(grep lastTag .lastbuild | cut -d '=' -f 2)
echo "current_tag=$current_tag" >> $GITHUB_OUTPUT
# cc_tag
cc_current_tag=$(grep "ARG CC_TAG" Dockerfile | cut -d '=' -f 2)
echo "cc_current_tag=$cc_current_tag" >> $GITHUB_OUTPUT
# cc_ui_tag
cc_current_tag=$(grep "ARG CC_TAG_UI" Dockerfile | cut -d '=' -f 2)
echo "cc_ui_current_tag=$cc_ui_current_tag" >> $GITHUB_OUTPUT
# iam_tag
iam_current_tag=$(grep "ARG AWS_MSK_IAM_AUTH_VERSION" Dockerfile | cut -d '=' -f 2)
echo "iam_current_tag=$iam_current_tag" >> $GITHUB_OUTPUT
- name: "Set Docker metadata"
id: meta
uses: docker/metadata-action@v5
with:
images: |
${{ env.DOCKERHUB_USER }}/${{ env.DOCKERHUB_REPO }}
${{ env.GHCR_REGISTRY }}/${{ env.GHCR_REPO }}
labels: |
org.opencontainers.image.maintainer=ialejandro
org.opencontainers.image.title=Cruise Control
org.opencontainers.image.description=Cruise Control for Apache Kafka
org.opencontainers.image.vendor=DevOps IA
tags: |
type=sha,enable=false
- name: Set up QEMU
uses: docker/setup-qemu-action@v3

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

##############
# DOCKERHUB
##############
- name: Cache Docker layers
uses: actions/cache@v4
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: "[DOCKERHUB] Log in to Docker Hub"
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}

- name: "[DOCKERHUB] Build and push Docker image"
- name: "[GHCR] Log in to the Container registry"
uses: docker/login-action@v3
with:
registry: ${{ env.GHCR_REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: "Build and push Docker image"
uses: docker/build-push-action@v6
with:
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
context: .
push: true
labels: ${{ steps.meta.outputs.labels }}
platforms: linux/amd64,linux/arm64
build-args: |
OPENJDK_VERSION=${{ matrix.jdk_version }}
CC_TAG=${{ steps.current_tag.outputs.current_tag }}
tags: |
${{ env.DOCKERHUB_USER }}/${{ env.DOCKERHUB_REPO }}:jdk${{ matrix.jdk_version }}-cc${{ steps.current_tag.outputs.current_tag }}
push: true
sbom: true
tags: ${{ steps.meta.outputs.tags }}

- name: "[DOCKERHUB] Update README.md default version"
- name: "Update README.md default version"
run: |
# replace default version
sed -i "s/\* Cruise Control: .*/* Cruise Control: \`${{ steps.current_tag.outputs.current_tag }}\`/" README.md
sed -i "s/\* Cruise Control: .*/* Cruise Control: \`${{ steps.current_tag.outputs.cc_current_tag }}\`/" README.md
sed -i "s/\* Cruise Control UI: .*/* Cruise Control UI: \`${{ steps.current_tag.outputs.cc_ui_current_tag }}\`/" README.md
sed -i "s/\* AWS IAM Auth: .*/* AWS IAM Auth: \`${{ steps.current_tag.outputs.iam_current_tag }}\`/" README.md
# push changes
git config --global user.email "github-actions[bot]@users.noreply.github.com"
Expand All @@ -89,45 +124,17 @@ jobs:
password: ${{ secrets.DOCKERHUB_PASSWORD }}
repository: ${{ env.DOCKERHUB_USER }}/${{ env.DOCKERHUB_REPO }}

##############
# GHCR
##############

- name: "[GHCR] Log in to the Container registry"
uses: docker/login-action@v3
with:
registry: ${{ env.GHCR_REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: "[GHCR] Get metadata"
uses: docker/metadata-action@v5
with:
images: |
${{ env.GHCR_REGISTRY }}/${{ env.GHCR_REPO }}
tags: |
type=sha,enable=false
labels: |
maintainer=ialejandro
org.opencontainers.image.title=cruise-control
org.opencontainers.image.description=Cruise Control for Apache Kafka
- name: "[GHCR] Build and push Docker image"
id: push
uses: docker/build-push-action@v6
with:
context: .
push: true
platforms: linux/amd64,linux/arm64
build-args: |
OPENJDK_VERSION=${{ matrix.jdk_version }}
CC_TAG=${{ steps.current_tag.outputs.current_tag }}
tags: |
${{ env.GHCR_REGISTRY }}/${{ env.GHCR_REPO }}:jdk${{ matrix.jdk_version }}-cc${{ steps.current_tag.outputs.current_tag }}
- name: "[GHCR] Generate artifact"
uses: actions/attest-build-provenance@v1
with:
subject-name: ${{ env.GHCR_REGISTRY }}/${{ env.GHCR_REPO }}
subject-digest: ${{ steps.push.outputs.digest }}
push-to-registry: true

- # Temp fix
# https://github.com/docker/build-push-action/issues/252
# https://github.com/moby/buildkit/issues/1896
name: Move cache
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
1 change: 1 addition & 0 deletions .gitignore
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
pr-output.log
1 change: 0 additions & 1 deletion .lastbuild
View file

This file was deleted.

2 changes: 1 addition & 1 deletion Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
ARG OPENJDK_VERSION=11
ARG OPENJDK_VERSION=17

FROM amazoncorretto:${OPENJDK_VERSION} as base

Expand Down

0 comments on commit ca2c530

Please sign in to comment.