diff --git a/.ci/bump-golang.yml b/.ci/bump-golang.yml deleted file mode 100644 index 5d51f9d5895..00000000000 --- a/.ci/bump-golang.yml +++ /dev/null @@ -1,143 +0,0 @@ ---- -name: Bump golang-version to latest version - -scms: - githubConfig: - kind: github - spec: - user: '{{ requiredEnv "GIT_USER" }}' - email: '{{ requiredEnv "GIT_EMAIL" }}' - owner: elastic - repository: elastic-agent - token: '{{ requiredEnv "GITHUB_TOKEN" }}' - username: '{{ requiredEnv "GIT_USER" }}' - branch: main - -actions: - elastic-agent: - kind: github/pullrequest - scmid: githubConfig - sourceid: latestGoVersion - spec: - automerge: false - labels: - - dependencies - - backport-skip - title: '[Automation] Bump Golang version to {{ source "latestGoVersion" }}' - description: | - It requires the version to be bumped first in golang-crossbuild project, then a new release will be added to: - https://github.com/elastic/golang-crossbuild/releases/tag/v{{ source "latestGoVersion" }}. - Otherwise it will fail until the docker images are available. - -sources: - minor: - name: Get minor version in .go-version - kind: shell - transformers: - - findsubmatch: - pattern: '^\d+.(\d+).\d+$' - captureindex: 1 - spec: - command: cat .go-version - - latestGoVersion: - name: Get Latest Go Release - kind: githubrelease - dependson: - - minor - transformers: - - trimprefix: go - spec: - owner: golang - repository: go - token: '{{ requiredEnv "GITHUB_TOKEN" }}' - username: '{{ requiredEnv "GIT_USER" }}' - versionfilter: - kind: regex - pattern: go1\.{{ source "minor" }}\.(\d*)$ - - gomod: - dependson: - - latestGoVersion - name: Get version in go.mod format - kind: shell - transformers: - - findsubmatch: - pattern: '^(\d+.\d+).\d+' - captureindex: 1 - spec: - command: echo {{ source "latestGoVersion" }} - -conditions: - dockerTag: - name: Is docker image golang:{{ source "latestGoVersion" }} published - kind: dockerimage - spec: - image: golang - tag: '{{ source "latestGoVersion" }}' - sourceid: latestGoVersion - - goDefaultVersion-check: - name: Check if defined golang version differs - kind: shell - sourceid: latestGoVersion - spec: - command: 'grep -v -q {{ source "latestGoVersion" }} .go-version #' - -targets: - update-go-version: - name: "Update .go-version" - sourceid: latestGoVersion - scmid: githubConfig - kind: file - spec: - content: '{{ source "latestGoVersion" }}' - file: .go-version - matchpattern: '\d+.\d+.\d+' - update-golang.ci: - name: "Update .golangci.yml" - sourceid: latestGoVersion - scmid: githubConfig - kind: file - spec: - content: '{{ source "latestGoVersion" }}' - file: .golangci.yml - matchpattern: '\d+.\d+.\d+' - update-version.asciidoc: - name: "Update version.asciidoc" - sourceid: latestGoVersion - scmid: githubConfig - kind: file - spec: - content: ':go-version: {{ source "latestGoVersion" }}' - file: version/docs/version.asciidoc - matchpattern: ':go-version: \d+.\d+.\d+' - update-dockerfiles: - name: "Update from dockerfiles" - sourceid: latestGoVersion - scmid: githubConfig - kind: file - spec: - content: 'ARG GO_VERSION={{ source "latestGoVersion" }}' - files: - - Dockerfile - - Dockerfile.skaffold - matchpattern: 'ARG GO_VERSION=\d+.\d+.\d+' - update-gomod-minor-version: - name: "Update go.mod minor version" - sourceid: gomod - scmid: githubConfig - kind: file - spec: - content: 'go {{ source "gomod" }}' - file: go.mod - matchpattern: 'go \d+.\d+' - update-gomod-toolchain-version: - name: "Update go.mod toolchain version" - sourceid: latestGoVersion - scmid: githubConfig - kind: file - spec: - content: 'toolchain go{{ source "latestGoVersion" }}' - file: go.mod - matchpattern: 'toolchain go\d+.\d+.\d+' diff --git a/.github/updatecli-bump-golang.yml b/.ci/updatecli/updatecli-bump-golang.yml similarity index 85% rename from .github/updatecli-bump-golang.yml rename to .ci/updatecli/updatecli-bump-golang.yml index df5d8104048..a20edc86b7e 100644 --- a/.github/updatecli-bump-golang.yml +++ b/.ci/updatecli/updatecli-bump-golang.yml @@ -6,12 +6,12 @@ scms: githubConfig: kind: github spec: - user: '{{ requiredEnv "GIT_USER" }}' - email: '{{ requiredEnv "GIT_EMAIL" }}' - owner: elastic - repository: elastic-agent + user: '{{ requiredEnv "GITHUB_ACTOR" }}' + username: '{{ requiredEnv "GITHUB_ACTOR" }}' + owner: '{{ .scm.owner }}' + repository: '{{ .scm.repository }}' token: '{{ requiredEnv "GITHUB_TOKEN" }}' - username: '{{ requiredEnv "GIT_USER" }}' + commitusingapi: true branch: main actions: @@ -124,8 +124,8 @@ targets: - Dockerfile - Dockerfile.skaffold matchpattern: 'ARG GO_VERSION=\d+.\d+.\d+' - update-gomod: - name: "Update go.mod" + update-gomod-minor-version: + name: "Update go.mod minor version" sourceid: gomod scmid: githubConfig kind: file @@ -133,3 +133,12 @@ targets: content: 'go {{ source "gomod" }}' file: go.mod matchpattern: 'go \d+.\d+' + update-gomod-toolchain-version: + name: "Update go.mod toolchain version" + sourceid: latestGoVersion + scmid: githubConfig + kind: file + spec: + content: 'toolchain go{{ source "latestGoVersion" }}' + file: go.mod + matchpattern: 'toolchain go\d+.\d+.\d+' diff --git a/.ci/updatecli/values.d/ironbank.yml b/.ci/updatecli/values.d/ironbank.yml new file mode 100644 index 00000000000..05f887014f1 --- /dev/null +++ b/.ci/updatecli/values.d/ironbank.yml @@ -0,0 +1,4 @@ +config: + - path: dev-tools/packaging/templates/ironbank + dockerfile: Dockerfile.tmpl + manifest: hardening_manifest.yaml.tmpl diff --git a/.ci/updatecli/values.d/scm.yml b/.ci/updatecli/values.d/scm.yml new file mode 100644 index 00000000000..27082627288 --- /dev/null +++ b/.ci/updatecli/values.d/scm.yml @@ -0,0 +1,11 @@ +scm: + enabled: true + owner: elastic + repository: elastic-agent + branch: main + commitusingapi: true + # begin updatecli-compose policy values + user: 'github-actions[bot]' + email: '41898282+github-actions[bot]@users.noreply.github.com' + # end updatecli-compose policy values + diff --git a/.ci/updatecli/values.d/updatecli-compose.yml b/.ci/updatecli/values.d/updatecli-compose.yml new file mode 100644 index 00000000000..02df609f2a3 --- /dev/null +++ b/.ci/updatecli/values.d/updatecli-compose.yml @@ -0,0 +1,3 @@ +spec: + files: + - "updatecli-compose.yaml" \ No newline at end of file diff --git a/.github/workflows/bump-golang.yml b/.github/workflows/bump-golang.yml index 4af36c556e4..35377765c75 100644 --- a/.github/workflows/bump-golang.yml +++ b/.github/workflows/bump-golang.yml @@ -25,11 +25,9 @@ jobs: uses: updatecli/updatecli-action@eb158f6fd9e425b940a6750d6318f98e050ac390 # v0.76.1 - name: Run Updatecli in Apply mode - run: updatecli apply --config .github/updatecli-bump-golang.yml + run: updatecli apply --config .ci/updatecli/updatecli-bump-golang.yml env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GIT_USER: "github-actions[bot]" - GIT_EMAIL: "41898282+github-actions[bot]@users.noreply.github.com" - if: ${{ failure() }} uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0 diff --git a/.github/workflows/updatecli-compose.yml b/.github/workflows/updatecli-compose.yml new file mode 100644 index 00000000000..17e89452266 --- /dev/null +++ b/.github/workflows/updatecli-compose.yml @@ -0,0 +1,59 @@ +--- +name: updatecli-compose + +on: + workflow_dispatch: + schedule: + - cron: '0 6 * * *' + +permissions: + contents: read + +jobs: + compose: + runs-on: ubuntu-latest + permissions: + contents: write + packages: read + pull-requests: write + steps: + - uses: actions/checkout@v4 + + - uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - uses: elastic/oblt-actions/updatecli/run@v1 + with: + command: --experimental compose diff + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - uses: elastic/oblt-actions/updatecli/run@v1 + with: + command: --experimental compose apply + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - if: ${{ failure() }} + uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0 + with: + channel-id: '#ingest-notifications' + payload: | + { + "text": "${{ env.SLACK_MESSAGE }}", + "blocks": [ + { + "type": "section", + "text": { + "type": "mrkdwn", + "text": "${{ env.SLACK_MESSAGE }}" + } + } + ] + } + env: + SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} + SLACK_MESSAGE: ":traffic_cone: updatecli failed for `${{ github.repository }}@${{ github.ref_name }}`, `@agent-team` please look what's going on <${{ env.JOB_URL }}|here>" diff --git a/updatecli-compose.yaml b/updatecli-compose.yaml new file mode 100644 index 00000000000..1f15eebac0a --- /dev/null +++ b/updatecli-compose.yaml @@ -0,0 +1,14 @@ +# Config file for `updatecli compose ...`. +# https://www.updatecli.io/docs/core/compose/ +policies: + - name: Handle ironbank bumps + policy: ghcr.io/elastic/oblt-updatecli-policies/ironbank/templates:0.3.0@sha256:b0c841d8fb294e6b58359462afbc83070dca375ac5dd0c5216c8926872a98bb1 + values: + - .ci/updatecli/values.d/scm.yml + - .ci/updatecli/values.d/ironbank.yml + + - name: Update Updatecli policies + policy: ghcr.io/updatecli/policies/autodiscovery/updatecli:0.4.0@sha256:254367f5b1454fd6032b88b314450cd3b6d5e8d5b6c953eb242a6464105eb869 + values: + - .ci/updatecli/values.d/scm.yml + - .ci/updatecli/values.d/updatecli-compose.yml \ No newline at end of file