CI: Automate updating ingress images

2023-06-02 17:01:23 -07:00 · 2023-06-02 17:01:23 -07:00 · edd4e36121
parent 7489d959a8
commit edd4e36121
5 changed files with 169 additions and 0 deletions
--- a/.github/workflows/update-ingress-version.yml
+++ b/.github/workflows/update-ingress-version.yml
@ -0,0 +1,49 @@
+name: "update-ingress-version"
+on:
+  workflow_dispatch:
+  schedule:
+    # every Monday at around 3 am pacific/10 am UTC
+    - cron: "0 10 * * 1"
+env:
+  GOPROXY: https://proxy.golang.org
+  GO_VERSION: '1.20.4'
+permissions:
+  contents: read
+
+jobs:
+  bump-ingress-version:
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
+      - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753
+        with:
+          go-version: ${{env.GO_VERSION}}
+          cache-dependency-path: ./go.sum
+      - name: Bump ingress version
+        id: bumpIngress
+        run: |
+          echo "OLD_VERSION=$(DEP=ingress make get-dependency-version)" >> $GITHUB_OUTPUT
+          make update-ingress-version
+          echo "NEW_VERSION=$(DEP=ingress make get-dependency-version)" >> $GITHUB_OUTPUT
+          # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+          echo "changes<<EOF" >> $GITHUB_OUTPUT
+          echo "$(git status --porcelain)" >> $GITHUB_OUTPUT
+          echo "EOF" >> $GITHUB_OUTPUT
+      - name: Create PR
+        if: ${{ steps.bumpIngress.outputs.changes != '' }}
+        uses: peter-evans/create-pull-request@284f54f989303d2699d373481a0cfa13ad5a6666
+        with:
+          token: ${{ secrets.MINIKUBE_BOT_PAT }}
+          commit-message: 'Addon ingress: Update ingress-nginx/controller image from ${{ steps.bumpIngress.outputs.OLD_VERSION }} to ${{ steps.bumpIngress.outputs.NEW_VERSION }}'
+          committer: minikube-bot <minikube-bot@google.com>
+          author: minikube-bot <minikube-bot@google.com>
+          branch: auto_bump_ingress_version
+          push-to-fork: minikube-bot/minikube
+          base: master
+          delete-branch: true
+          title: 'Addon ingress: Update ingress-nginx/controller image from ${{ steps.bumpIngress.outputs.OLD_VERSION }} to ${{ steps.bumpIngress.outputs.NEW_VERSION }}'
+          labels: ok-to-test
+          body: |
+            The ingress-nginx project released a [new version](https://github.com/kubernetes/ingress-nginx)
+
+            This PR was auto-generated by `make update-ingress-version` using [update-ingress-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-ingress-version.yml) CI Workflow.
--- a/5
+++ b/5
@ -1123,6 +1123,11 @@ update-kubernetes-versions-list:
 	(cd hack/update/kubernetes_versions_list && \
 	 go run update_kubernetes_versions_list.go)

+.PHONY: update-ingress-version
+update-ingress-version:
+	(cd hack/update/ingress_version && \
+	 go run update_ingress_version.go)
+
 .PHONY: get-dependency-verison
 get-dependency-version:
 	@(cd hack/update/get_version && \
--- a/hack/update/get_version/get_version.go
+++ b/hack/update/get_version/get_version.go
@ -41,6 +41,7 @@ var dependencies = map[string]dependency{
 	"gopogh":         {"hack/jenkins/common.sh", `github.com/medyagh/gopogh/cmd/gopogh@(.*)`},
 	"gotestsum":      {"hack/jenkins/installers/check_install_gotestsum.sh", `gotest\.tools/gotestsum@(.*)`},
 	"hugo":           {"netlify.toml", `HUGO_VERSION = "(.*)"`},
+	"ingress":        {"pkg/minikube/assets/addons.go", `ingress-nginx/controller:(.*)@`},
 	"metrics-server": {"pkg/minikube/assets/addons.go", `metrics-server/metrics-server:(.*)@`},
 	"runc":           {"deploy/iso/minikube-iso/package/runc-master/runc-master.mk", `RUNC_MASTER_VERSION = (.*)`},
 	"ubuntu":         {"deploy/kicbase/Dockerfile", `ubuntu:jammy-(.*)"`},
--- a/hack/update/golang_version/update_golang_version.go
+++ b/hack/update/golang_version/update_golang_version.go
@ -180,6 +180,11 @@ var (
 				`GO_VERSION: .*`: `GO_VERSION: '{{.StableVersion}}'`,
 			},
 		},
+		".github/workflows/update-ingress-version.yml": {
+			Replace: map[string]string{
+				`GO_VERSION: .*`: `GO_VERSION: '{{.StableVersion}}'`,
+			},
+		},
 		".github/workflows/sync-minikube.yml": {
 			Replace: map[string]string{
 				`GO_VERSION: .*`: `GO_VERSION: '{{.StableVersion}}'`,
--- a/hack/update/ingress_version/update_ingress_version.go
+++ b/hack/update/ingress_version/update_ingress_version.go
@ -0,0 +1,109 @@
+/*
+Copyright 2023 The Kubernetes Authors All rights reserved.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package main
+
+import (
+	"context"
+	"fmt"
+	"io"
+	"net/http"
+	"regexp"
+	"strings"
+	"time"
+
+	"github.com/google/go-github/v43/github"
+	"k8s.io/klog/v2"
+
+	"k8s.io/minikube/hack/update"
+)
+
+const (
+	cxTimeout = 1 * time.Minute
+
+	// ghListPerPage uses max value (100) for PerPage to avoid hitting the rate limits.
+	// (ref: https://pkg.go.dev/github.com/google/go-github/github#hdr-Rate_Limiting)
+	ghListPerPage = 100
+
+	// ghSearchLimit limits the number of searched items to be <= N * ghListPerPage.
+	ghSearchLimit = 300
+)
+
+var schema = map[string]update.Item{
+	"pkg/minikube/assets/addons.go": {
+		Replace: map[string]string{
+			`ingress-nginx/controller:.*`:          `{{.Controller}}",`,
+			`ingress-nginx/kube-webhook-certgen.*`: `{{.Webhook}}",`,
+		},
+	},
+}
+
+type Data struct {
+	Controller string
+	Webhook    string
+}
+
+func main() {
+	ctx, cancel := context.WithTimeout(context.Background(), cxTimeout)
+	defer cancel()
+
+	tag, err := LatestControllerTag(ctx)
+	if err != nil {
+		klog.Fatalf("Unable to get controller tag: %v", err)
+	}
+	res, err := http.Get(fmt.Sprintf("https://raw.githubusercontent.com/kubernetes/ingress-nginx/%s/deploy/static/provider/kind/deploy.yaml", tag))
+	if err != nil {
+		klog.Fatalf("failed to get deploy.yaml: %v", err)
+	}
+	defer res.Body.Close()
+	body, err := io.ReadAll(res.Body)
+	if err != nil {
+		klog.Fatalf("failed to read body: %v", err)
+	}
+	controllerRegex := regexp.MustCompile(`ingress-nginx\/controller.*`)
+	controllerImage := controllerRegex.Find(body)
+	webhookRegex := regexp.MustCompile(`ingress-nginx\/kube-webhook-certgen.*`)
+	webhookImage := webhookRegex.Find(body)
+
+	data := Data{Controller: string(controllerImage), Webhook: string(webhookImage)}
+
+	update.Apply(schema, data)
+}
+
+func LatestControllerTag(ctx context.Context) (string, error) {
+	ghc := github.NewClient(nil)
+
+	// walk through the paginated list of up to ghSearchLimit newest releases
+	opts := &github.ListOptions{PerPage: ghListPerPage}
+	for (opts.Page+1)*ghListPerPage <= ghSearchLimit {
+		rls, resp, err := ghc.Repositories.ListReleases(ctx, "kubernetes", "ingress-nginx", opts)
+		if err != nil {
+			return "", err
+		}
+		for _, rl := range rls {
+			ver := rl.GetTagName()
+			if strings.HasPrefix(ver, "controller-") {
+				return ver, nil
+			}
+			return ver, nil
+		}
+		if resp.NextPage == 0 {
+			break
+		}
+		opts.Page = resp.NextPage
+	}
+	return "", fmt.Errorf("no version found")
+}