diff --git a/.github/workflows/update-docker-version.yml b/.github/workflows/update-docker-version.yml new file mode 100644 index 0000000000..2fcf4335a9 --- /dev/null +++ b/.github/workflows/update-docker-version.yml @@ -0,0 +1,70 @@ +name: "update-docker-version" +on: + workflow_dispatch: + schedule: + # every Thursday at around 3 am pacific/10 am UTC + - cron: "0 10 * * 4" +env: + GOPROXY: https://proxy.golang.org + GO_VERSION: '1.20.2' +permissions: + contents: read + +jobs: + bump-docker-version: + runs-on: ubuntu-20.04 + steps: + - uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 + - uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 + with: + go-version: ${{env.GO_VERSION}} + cache-dependency-path: ./go.sum + - name: Bump docker Version + id: bumpDocker + run: | + echo "OLD_VERSION=$(DEP=docker make get-dependency-version)" >> $GITHUB_OUTPUT + make update-docker-version + echo "NEW_VERSION=$(DEP=docker make get-dependency-version)" >> $GITHUB_OUTPUT + # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings + echo "changes<> $GITHUB_OUTPUT + echo "$(git status --porcelain)" >> $GITHUB_OUTPUT + echo "EOF" >> $GITHUB_OUTPUT + - name: Create PR + id: createPR + if: ${{ steps.bumpDocker.outputs.changes != '' }} + uses: peter-evans/create-pull-request@5b4a9f6a9e2af26e5f02351490b90d01eb8ec1e5 + with: + token: ${{ secrets.MINIKUBE_BOT_PAT }} + commit-message: 'Kicbase/ISO: Update docker from ${{ steps.bumpContainerd.outputs.OLD_VERSION }} to ${{ steps.bumpContainerd.outputs.NEW_VERSION }}' + committer: minikube-bot + author: minikube-bot + branch: auto_bump_docker_version + branch-suffix: short-commit-hash + push-to-fork: minikube-bot/minikube + base: master + delete-branch: true + title: 'Kicbase/ISO: Update docker from ${{ steps.bumpContainerd.outputs.OLD_VERSION }} to ${{ steps.bumpContainerd.outputs.NEW_VERSION }}' + body: | + The docker project released a [new version](https://github.com/moby/moby/releases) + + This PR was auto-generated by `make update-docker-version` using [update-docker-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-docker-version.yml) CI Workflow. + - uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 + with: + github-token: ${{ secrets.MINIKUBE_BOT_PAT }} + script: | + github.rest.issues.createComment({ + issue_number: ${{ steps.createPR.outputs.pull-request-number }}, + owner: context.repo.owner, + repo: context.repo.repo, + body: 'ok-to-build-image' + }) + - uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 + with: + github-token: ${{ secrets.MINIKUBE_BOT_PAT }} + script: | + github.rest.issues.createComment({ + issue_number: ${{ steps.createPR.outputs.pull-request-number }}, + owner: context.repo.owner, + repo: context.repo.repo, + body: 'ok-to-build-iso' + }) diff --git a/Makefile b/Makefile index d34ae7a68f..f99410401e 100644 --- a/Makefile +++ b/Makefile @@ -1102,10 +1102,15 @@ update-runc-version: (cd hack/update/runc_version && \ go run update_runc_version.go) +.PHONY: update-docker-version +update-docker-version: + (cd hack/update/docker_version && \ + go run update_docker_version.go) + .PHONY: get-dependency-verison get-dependency-version: @(cd hack/update/get_version && \ - go run get_version.go) + go run get_version.go) .PHONY: generate-licenses generate-licenses: diff --git a/deploy/iso/minikube-iso/arch/aarch64/package/docker-bin-aarch64/docker-bin.hash b/deploy/iso/minikube-iso/arch/aarch64/package/docker-bin-aarch64/docker-bin.hash index 1366e44603..5bbf325d09 100644 --- a/deploy/iso/minikube-iso/arch/aarch64/package/docker-bin-aarch64/docker-bin.hash +++ b/deploy/iso/minikube-iso/arch/aarch64/package/docker-bin-aarch64/docker-bin.hash @@ -1,10 +1,10 @@ -sha256 ea971edc1179088bfd25edd04a0c12848143d15cb8202ebb93a6a08973464fd0 docker-20.10.14.tgz -sha256 46102273fab8d6b8a7cf248a928ebaa4bee43114001c593b0d07092a34a439e1 docker-20.10.15.tgz -sha256 2f35d8d422b63a59279084c159c9092b63b6d974a7fcd868167aee4cc5f79f3b docker-20.10.16.tgz -sha256 249244024b507a6599084522cc73e73993349d13264505b387593f2b2ed603e6 docker-20.10.17.tgz -sha256 aa2b2da571fb9160df87fd5a831f203fb97655e35fb9c4e8d46e72078ae16acf docker-20.10.18.tgz -sha256 a04414b3fcf537f0cff17cf01e2b7cb3e39013c10d12e7959547f11aaf71f63c docker-20.10.19.tgz -sha256 ef69a2a8ddb87026a8b19e240b2ae3087764b7285860df7faee24e04024f2eb7 docker-20.10.20.tgz -sha256 b4ceb6151d4dd1bfc7557f5fe0317e29cfcac91f798c34fae7dee891a811f8ee docker-20.10.21.tgz -sha256 2c75cd6c3dc9b81cb5bde664c882e4339a2054e09cf09606f9f7dd6970e7f078 docker-20.10.22.tgz -sha256 5c40bb7dcd1aad94be49ad75d24e7fd409119ed0eaad04f5d13c4fddfb397c8a docker-20.10.23.tgz +sha256 ea971edc1179088bfd25edd04a0c12848143d15cb8202ebb93a6a08973464fd0 docker-20.10.14.tgz +sha256 46102273fab8d6b8a7cf248a928ebaa4bee43114001c593b0d07092a34a439e1 docker-20.10.15.tgz +sha256 2f35d8d422b63a59279084c159c9092b63b6d974a7fcd868167aee4cc5f79f3b docker-20.10.16.tgz +sha256 249244024b507a6599084522cc73e73993349d13264505b387593f2b2ed603e6 docker-20.10.17.tgz +sha256 aa2b2da571fb9160df87fd5a831f203fb97655e35fb9c4e8d46e72078ae16acf docker-20.10.18.tgz +sha256 a04414b3fcf537f0cff17cf01e2b7cb3e39013c10d12e7959547f11aaf71f63c docker-20.10.19.tgz +sha256 ef69a2a8ddb87026a8b19e240b2ae3087764b7285860df7faee24e04024f2eb7 docker-20.10.20.tgz +sha256 b4ceb6151d4dd1bfc7557f5fe0317e29cfcac91f798c34fae7dee891a811f8ee docker-20.10.21.tgz +sha256 2c75cd6c3dc9b81cb5bde664c882e4339a2054e09cf09606f9f7dd6970e7f078 docker-20.10.22.tgz +sha256 5c40bb7dcd1aad94be49ad75d24e7fd409119ed0eaad04f5d13c4fddfb397c8a docker-20.10.23.tgz diff --git a/hack/update/containerd_version/update_containerd_version.go b/hack/update/containerd_version/update_containerd_version.go index 4000834680..bfdceed62f 100644 --- a/hack/update/containerd_version/update_containerd_version.go +++ b/hack/update/containerd_version/update_containerd_version.go @@ -83,17 +83,17 @@ func updateHashFiles(version string) error { return fmt.Errorf("failed to read response body: %v", err) } sum := sha256.Sum256(b) - filePathBase := "../../../deploy/iso/minikube-iso/arch/" - if err := updateHashFile(filePathBase+"aarch64/package/containerd-bin-aarch64/containerd-bin.hash", version, sum); err != nil { + if err := updateHashFile(version, "aarch64", "-aarch64", sum); err != nil { return fmt.Errorf("aarch64: %v", err) } - if err := updateHashFile(filePathBase+"x86_64/package/containerd-bin/containerd-bin.hash", version, sum); err != nil { + if err := updateHashFile(version, "x86_64", "", sum); err != nil { return fmt.Errorf("x86_64: %v", err) } return nil } -func updateHashFile(filePath, version string, shaSum [sha256.Size]byte) error { +func updateHashFile(version, arch, folderSuffix string, shaSum [sha256.Size]byte) error { + filePath := fmt.Sprintf("../../../deploy/iso/minikube-iso/arch/%s/package/containerd-bin%s/containerd-bin.hash", arch, folderSuffix) b, err := os.ReadFile(filePath) if err != nil { return fmt.Errorf("failed to read hash file: %v", err) diff --git a/hack/update/docker_version/update_docker_version.go b/hack/update/docker_version/update_docker_version.go new file mode 100644 index 0000000000..41f5b7b01a --- /dev/null +++ b/hack/update/docker_version/update_docker_version.go @@ -0,0 +1,102 @@ +/* +Copyright 2023 The Kubernetes Authors All rights reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package main + +import ( + "context" + "crypto/sha256" + "fmt" + "io" + "net/http" + "os" + "strings" + "time" + + "k8s.io/klog/v2" + "k8s.io/minikube/hack/update" +) + +const cxTimeout = 5 * time.Minute + +var schema = map[string]update.Item{ + "deploy/iso/minikube-iso/arch/aarch64/package/docker-bin-aarch64/docker-bin.mk": { + Replace: map[string]string{ + `DOCKER_BIN_AARCH64_VERSION = .*`: `DOCKER_BIN_AARCH64_VERSION {{.Version}}`, + }, + }, + "deploy/iso/minikube-iso/arch/x86_64/package/docker-bin/docker-bin.mk": { + Replace: map[string]string{ + `DOCKER_BIN_VERSION = .*`: `DOCKER_BIN_VERSION = {{.Version}}`, + }, + }, +} + +type Data struct { + Version string +} + +func main() { + ctx, cancel := context.WithTimeout(context.Background(), cxTimeout) + defer cancel() + + stable, _, _, err := update.GHReleases(ctx, "moby", "moby") + if err != nil { + klog.Fatalf("Unable to get docker stable version: %v", err) + } + + data := Data{Version: strings.TrimPrefix(stable.Tag, "v")} + + update.Apply(schema, data) + + if err := updateHashFile(data.Version, "aarch64", "-aarch64"); err != nil { + klog.Fatalf("failed to update hash file: %v", err) + } + if err := updateHashFile(data.Version, "x86_64", ""); err != nil { + klog.Fatalf("failed to update hash file: %v", err) + } +} + +func updateHashFile(version, arch, folderSuffix string) error { + r, err := http.Get(fmt.Sprintf("https://download.docker.com/linux/static/stable/%s/docker-%s.tgz", arch, version)) + if err != nil { + return fmt.Errorf("failed to download source code: %v", err) + } + defer r.Body.Close() + b, err := io.ReadAll(r.Body) + if err != nil { + return fmt.Errorf("failed to read response body: %v", err) + } + sum := sha256.Sum256(b) + filePath := fmt.Sprintf("../../../deploy/iso/minikube-iso/arch/%s/package/docker-bin%s/docker-bin.hash", arch, folderSuffix) + b, err = os.ReadFile(filePath) + if err != nil { + return fmt.Errorf("failed to read hash file: %v", err) + } + if strings.Contains(string(b), version) { + klog.Infof("hash file already contains %q", version) + return nil + } + f, err := os.OpenFile(filePath, os.O_APPEND|os.O_WRONLY, 0644) + if err != nil { + return fmt.Errorf("failed to open hash file: %v", err) + } + defer f.Close() + if _, err := f.WriteString(fmt.Sprintf("sha256 %x docker-%s.tgz\n", sum, version)); err != nil { + return fmt.Errorf("failed to write to hash file: %v", err) + } + return nil +} diff --git a/hack/update/get_version/get_version.go b/hack/update/get_version/get_version.go index c47b5df7f8..d1c704311f 100644 --- a/hack/update/get_version/get_version.go +++ b/hack/update/get_version/get_version.go @@ -32,6 +32,7 @@ var dependencies = map[string]dependency{ "cloud-spanner": {"pkg/minikube/assets/addons.go", `cloud-spanner-emulator/emulator:(.*)@`}, "containerd": {"deploy/iso/minikube-iso/arch/x86_64/package/containerd-bin/containerd-bin.mk", `CONTAINERD_BIN_VERSION = (.*)`}, "cri-o": {"deploy/iso/minikube-iso/package/crio-bin/crio-bin.mk", `CRIO_BIN_VERSION = (.*)`}, + "docker": {"deploy/iso/minikube-iso/arch/x86_64/package/docker-bin/docker-bin.mk", `DOCKER_BIN_VERSION = (.*)`}, "gh": {"hack/jenkins/installers/check_install_gh.sh", `GH_VERSION="(.*)"`}, "go": {"Makefile", `GO_VERSION \?= (.*)`}, "golint": {"Makefile", `GOLINT_VERSION \?= (.*)`}, diff --git a/hack/update/golang_version/update_golang_version.go b/hack/update/golang_version/update_golang_version.go index 86747f8a4e..f21e6513b0 100644 --- a/hack/update/golang_version/update_golang_version.go +++ b/hack/update/golang_version/update_golang_version.go @@ -155,6 +155,11 @@ var ( `GO_VERSION: .*`: `GO_VERSION: '{{.StableVersion}}'`, }, }, + ".github/workflows/update-docker-version.yml": { + Replace: map[string]string{ + `GO_VERSION: .*`: `GO_VERSION: '{{.StableVersion}}'`, + }, + }, ".github/workflows/sync-minikube.yml": { Replace: map[string]string{ `GO_VERSION: .*`: `GO_VERSION: '{{.StableVersion}}'`,