From 8dbc5caf1865743ba3854d5ba5c75d154d661a66 Mon Sep 17 00:00:00 2001 From: Massimiliano Giovagnoli Date: Fri, 9 Sep 2022 20:52:02 +0200 Subject: [PATCH] ci(autobump): add autobump for evolution jobs Signed-off-by: Massimiliano Giovagnoli --- config/jobs/autobump/evolution.yaml | 64 +++++++++++++++++++ .../autobump/{autobump.yaml => infra.yaml} | 0 images/autobump/autobump.sh | 28 ++++---- 3 files changed, 78 insertions(+), 14 deletions(-) create mode 100644 config/jobs/autobump/evolution.yaml rename config/jobs/autobump/{autobump.yaml => infra.yaml} (100%) diff --git a/config/jobs/autobump/evolution.yaml b/config/jobs/autobump/evolution.yaml new file mode 100644 index 00000000000..ca7061e9025 --- /dev/null +++ b/config/jobs/autobump/evolution.yaml @@ -0,0 +1,64 @@ +periodics: +- name: ci-prow-autobump-evolution + # interval: 15m + cron: "05 15 * * 1" # Run at 15:05 PST (15:05 UTC) Mon + decorate: true + extra_refs: + # Check out the repo containing the config and deployment files for your Prow instance. + - org: falcosecurity + repo: evolution + base_ref: main + spec: + containers: + - image: 292999226676.dkr.ecr.eu-west-1.amazonaws.com/test-infra/autobump # see images/autobump + imagePullPolicy: Always + command: + - /autobump.sh + args: + - /etc/github-token/oauth + # Make the bot name and email match the user data of the provided token's user. + - "Falco Automation" + - 51138685+poiana@users.noreply.github.com + - /root/gpg-signing-key/poiana.asc + - "EC9875C7B990D55F3B44D6E45F284448FF941C8F" + volumeMounts: + - name: service + mountPath: /etc/service-account + readOnly: true + - name: github + mountPath: /etc/github-token + readOnly: true + - name: gpg-signing-key + mountPath: /root/gpg-signing-key/ + readOnly: true + env: + # autobump.sh args + - name: GH_PROXY + value: https://api.github.com + # GitHub org containing the repo where the Prow config and component files live. + - name: GH_ORG + value: falcosecurity + # GitHub repo where the Prow config and component deployment files live. + - name: GH_REPO + value: evolution + # bump.sh args + # Repo relative path of the ProwJob config file or directory. + # Omit this if ProwJobs are only defined in config.yaml (or are not configured at all). + - name: JOB_CONFIG_PATH + value: .prow/ + - name: GOOGLE_APPLICATION_CREDENTIALS + value: /etc/service-account/service-account.json + volumes: + - name: service + secret: + secretName: gcloud-credentials + - name: github + secret: + # Secret containing a GitHub user access token with `repo` scope for creating PRs. + secretName: oauth-token + - name: gpg-signing-key + secret: + secretName: poiana-gpg-signing-key + defaultMode: 0400 + nodeSelector: + Archtype: "x86" diff --git a/config/jobs/autobump/autobump.yaml b/config/jobs/autobump/infra.yaml similarity index 100% rename from config/jobs/autobump/autobump.yaml rename to config/jobs/autobump/infra.yaml diff --git a/images/autobump/autobump.sh b/images/autobump/autobump.sh index 707730dd69e..a15bfe9defc 100644 --- a/images/autobump/autobump.sh +++ b/images/autobump/autobump.sh @@ -56,20 +56,20 @@ main() { title="Bump ${PROW_INSTANCE_NAME} configs" if -n "${PROW_CONTROLLER_MANAGER_FILE}"; then - cd "$(git rev-parse --show-toplevel)" - old_version=$(git show "HEAD:${PROW_CONTROLLER_MANAGER_FILE}" | extract-version) - version=$(cat "${PROW_CONTROLLER_MANAGER_FILE}" | extract-version) - - if [[ -z "${version}" ]]; then - echo "Failed to fetch version from ${PROW_CONTROLLER_MANAGER_FILE}" - exit 1 - fi - if [[ "${old_version}" == "${version}" ]]; then - echo "Bump did not change the Prow version: it's still ${version}. Aborting no-op bump." >&2 - return 0 - fi - - title+=" and components from ${old_version} to ${version}" + cd "$(git rev-parse --show-toplevel)" + old_version=$(git show "HEAD:${PROW_CONTROLLER_MANAGER_FILE}" | extract-version) + version=$(cat "${PROW_CONTROLLER_MANAGER_FILE}" | extract-version) + + if [[ -z "${version}" ]]; then + echo "Failed to fetch version from ${PROW_CONTROLLER_MANAGER_FILE}" + exit 1 + fi + if [[ "${old_version}" == "${version}" ]]; then + echo "Bump did not change the Prow version: it's still ${version}. Aborting no-op bump." >&2 + return 0 + fi + + title+=" and components from ${old_version} to ${version}" fi git add -u