From 9a496e26715c17d54f29d4cb2c4649114310e1b9 Mon Sep 17 00:00:00 2001 From: Santiago Mola Date: Wed, 27 Sep 2023 17:32:08 +0200 Subject: [PATCH 1/4] Add workflow to use versioned images --- .github/workflows/docker-tag.yml | 28 ++++++++++++++++++++++++++++ build | 25 +++++++++++++++++++++++++ 2 files changed, 53 insertions(+) create mode 100644 .github/workflows/docker-tag.yml diff --git a/.github/workflows/docker-tag.yml b/.github/workflows/docker-tag.yml new file mode 100644 index 0000000..913590f --- /dev/null +++ b/.github/workflows/docker-tag.yml @@ -0,0 +1,28 @@ +name: Tag new images version +on: + workflow_dispatch: + +jobs: + tag-images: + name: Tag new images version + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + steps: + - name: Checkout repository + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # 3.3.0 + - name: Login to ghcr.io + uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # 2.1.0 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Tag images + run: ./build --tag + - name: Create Pull Request + if: steps.changes-check.outputs.changed == 'true' + run: | + git commit -am 'Update base images' + git push origin HEAD:github-actions/docker-lock-update + gh pr create --title "Update base images" --base smola/staging --head github-actions/docker-lock-update \ No newline at end of file diff --git a/build b/build index b12970a..416a129 100755 --- a/build +++ b/build @@ -203,6 +203,29 @@ function do_push() { done } +function do_tag() { + local tag token + TAG_PREFIX= + echo "Pulling latest images" + for tag in base latest "${BASE_VARIANTS[@]}" "${VARIANTS[@]}"; do + tag="${tag,,}" + tag="$(image_name "${tag}")" + docker pull "$tag" + done + token="$(curl "https://ghcr.io/token?scope=repository:datadog/dd-trace-java-docker-build:pull" | jq -r .token)" + latest_version="$(curl -s -k -X GET -H "Authorization: Bearer $token" -H "Accept: application/json" "https://ghcr.io/v2/datadog/dd-trace-java-docker-build/tags/list" | jq -r '.tags[]' | grep ^v | sed -e 's~^v~~g' -e 's~-.*~~g' | sort -rn | head -n 1)" + latest_version="${latest_version:-0}" + next_version="$((latest_version+1))" + echo "Latest version is v$latest_version, will tag v$next_version" + for tag in base latest "${BASE_VARIANTS[@]}" "${VARIANTS[@]}"; do + tag="${tag,,}" + tag="$(image_name "${tag}")" + new_tag="${tag/:/:v$next_version-}" + docker tag "$tag" "$new_tag" + docker push "$new_tag" + done +} + if [[ -z ${1:-} ]]; then do_build elif [[ ${1} = "--test" ]]; then @@ -216,4 +239,6 @@ elif [[ ${1} = "--inner-describe" ]]; then do_inner_describe elif [[ ${1} = "--push" ]]; then do_push +elif [[ ${1} = "--tag" ]]; then + do_tag fi From a08a0263dd937269c33568d655d087b7fc88e0e2 Mon Sep 17 00:00:00 2001 From: Santiago Mola Date: Fri, 29 Sep 2023 14:02:50 +0200 Subject: [PATCH 2/4] Remove leftovers --- .github/workflows/docker-tag.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.github/workflows/docker-tag.yml b/.github/workflows/docker-tag.yml index 913590f..fddf54b 100644 --- a/.github/workflows/docker-tag.yml +++ b/.github/workflows/docker-tag.yml @@ -20,9 +20,3 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Tag images run: ./build --tag - - name: Create Pull Request - if: steps.changes-check.outputs.changed == 'true' - run: | - git commit -am 'Update base images' - git push origin HEAD:github-actions/docker-lock-update - gh pr create --title "Update base images" --base smola/staging --head github-actions/docker-lock-update \ No newline at end of file From aea7d490da56f2a2eaebca47114523b7c62f77d7 Mon Sep 17 00:00:00 2001 From: Santiago Mola Date: Fri, 29 Sep 2023 14:14:26 +0200 Subject: [PATCH 3/4] Simplify versions --- build | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/build b/build index 416a129..cb96e70 100755 --- a/build +++ b/build @@ -204,7 +204,7 @@ function do_push() { } function do_tag() { - local tag token + local tag token version TAG_PREFIX= echo "Pulling latest images" for tag in base latest "${BASE_VARIANTS[@]}" "${VARIANTS[@]}"; do @@ -212,15 +212,12 @@ function do_tag() { tag="$(image_name "${tag}")" docker pull "$tag" done - token="$(curl "https://ghcr.io/token?scope=repository:datadog/dd-trace-java-docker-build:pull" | jq -r .token)" - latest_version="$(curl -s -k -X GET -H "Authorization: Bearer $token" -H "Accept: application/json" "https://ghcr.io/v2/datadog/dd-trace-java-docker-build/tags/list" | jq -r '.tags[]' | grep ^v | sed -e 's~^v~~g' -e 's~-.*~~g' | sort -rn | head -n 1)" - latest_version="${latest_version:-0}" - next_version="$((latest_version+1))" - echo "Latest version is v$latest_version, will tag v$next_version" + version="$(date +%y.%m)" + echo "Tagging version $version" for tag in base latest "${BASE_VARIANTS[@]}" "${VARIANTS[@]}"; do tag="${tag,,}" tag="$(image_name "${tag}")" - new_tag="${tag/:/:v$next_version-}" + new_tag="${tag/:/:v$version-}" docker tag "$tag" "$new_tag" docker push "$new_tag" done From 50830086ef80c4e6c4f9c869da0fd3a3104f65c0 Mon Sep 17 00:00:00 2001 From: Santiago Mola Date: Fri, 29 Sep 2023 14:37:04 +0200 Subject: [PATCH 4/4] add crontab --- .github/workflows/docker-tag.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/docker-tag.yml b/.github/workflows/docker-tag.yml index fddf54b..c9d81e4 100644 --- a/.github/workflows/docker-tag.yml +++ b/.github/workflows/docker-tag.yml @@ -1,5 +1,8 @@ name: Tag new images version on: + schedule: + # Quarterly schedule, roughly aligned with JDK CPU + - cron: '0 0 30 1,4,7,10 *' workflow_dispatch: jobs: