diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/common.sh b/sdk_container/src/third_party/coreos-overlay/.github/workflows/common.sh new file mode 100644 index 0000000000..0c2e3a140f --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/.github/workflows/common.sh @@ -0,0 +1,57 @@ +#!/bin/bash + +set -euo pipefail + +readonly SDK_OUTER_TOPDIR="${HOME}/flatcar-sdk" +readonly SDK_OUTER_SRCDIR="${SDK_OUTER_TOPDIR}/src" +readonly SDK_INNER_SRCDIR="/mnt/host/source/src" + +readonly BUILDBOT_USERNAME="Flatcar Buildbot" +readonly BUILDBOT_USEREMAIL="buildbot@flatcar-linux.org" + +function enter() ( cd ../../..; exec cork enter -- $@ ) + +# caller needs to set pass a parameter as a branch name to be created. +function checkout_branches() { + TARGET_BRANCH=$1 + + [[ -z "${TARGET_BRANCH}" ]] && echo "No target branch specified. exit." && return 1 + + git -C "${SDK_OUTER_SRCDIR}/scripts" checkout -B "${BASE_BRANCH}" "github/${BASE_BRANCH}" + git -C "${SDK_OUTER_SRCDIR}/third_party/portage-stable" checkout -B "${BASE_BRANCH}" "github/${BASE_BRANCH}" + + if git -C "${SDK_OUTER_SRCDIR}/third_party/coreos-overlay" show-ref "remotes/github/${TARGET_BRANCH}"; then + echo "Target branch already exists. exit."; + return 1 + fi + + git -C "${SDK_OUTER_SRCDIR}/third_party/coreos-overlay" checkout -B "${TARGET_BRANCH}" "github/${BASE_BRANCH}" +} + +function generate_patches() { + CATEGORY_NAME=$1 + PKGNAME_SIMPLE=$2 + PKGNAME_DESC=$3 + + pushd "${SDK_OUTER_SRCDIR}/third_party/coreos-overlay" >/dev/null || exit + + enter ebuild "${SDK_INNER_SRCDIR}/third_party/coreos-overlay/${CATEGORY_NAME}/${PKGNAME_SIMPLE}/${PKGNAME_SIMPLE}-${VERSION_NEW}.ebuild" manifest --force + + # We can only create the actual commit in the actual source directory, not under the SDK. + # So create a format-patch, and apply to the actual source. + git add ${CATEGORY_NAME}/${PKGNAME_SIMPLE} + git commit -a -m "${CATEGORY_NAME}: Upgrade ${PKGNAME_DESC} ${VERSION_OLD} to ${VERSION_NEW}" + + # Create a patch for the main ebuilds. + git format-patch -1 HEAD + popd || exit +} + +function apply_patches() { + git config user.name "${BUILDBOT_USERNAME}" + git config user.email "${BUILDBOT_USEREMAIL}" + git reset --hard HEAD + git fetch origin + git checkout -B "${BASE_BRANCH}" "origin/${BASE_BRANCH}" + git am "${SDK_OUTER_SRCDIR}"/third_party/coreos-overlay/0*.patch +} diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/containerd-apply-patch.sh b/sdk_container/src/third_party/coreos-overlay/.github/workflows/containerd-apply-patch.sh new file mode 100755 index 0000000000..a0daef3f19 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/.github/workflows/containerd-apply-patch.sh @@ -0,0 +1,46 @@ +#!/bin/bash + +set -euo pipefail + +UPDATE_NEEDED=1 + +. .github/workflows/common.sh + +if ! checkout_branches "containerd-${VERSION_NEW}-${TARGET}"; then + UPDATE_NEEDED=0 + exit 0 +fi + +pushd "${SDK_OUTER_SRCDIR}/third_party/coreos-overlay" >/dev/null || exit + +VERSION_OLD=$(sed -n "s/^DIST containerd-\([0-9]*.[0-9]*.[0-9]*\).*/\1/p" app-emulation/containerd/Manifest | sort -ruV | head -n1) +if [[ "${VERSION_NEW}" = "${VERSION_OLD}" ]]; then + echo "already the latest Containerd, nothing to do" + UPDATE_NEEDED=0 + exit 0 +fi + +DOCKER_VERSION=$(sed -n "s/^DIST docker-\([0-9]*.[0-9]*.[0-9]*\).*/\1/p" app-emulation/docker/Manifest | sort -ruV | head -n1) + +# we need to update not only the main ebuild file, but also its CONTAINERD_COMMIT, +# which needs to point to COMMIT_HASH that matches with $VERSION_NEW from upstream containerd. +containerdEbuildOldSymlink=$(ls -1 app-emulation/containerd/containerd-${VERSION_OLD}*.ebuild | sort -ruV | head -n1) +containerdEbuildNewSymlink="app-emulation/containerd/containerd-${VERSION_NEW}.ebuild" +containerdEbuildMain="app-emulation/containerd/containerd-9999.ebuild" +git mv ${containerdEbuildOldSymlink} ${containerdEbuildNewSymlink} +sed -i "s/CONTAINERD_COMMIT=\"\(.*\)\"/CONTAINERD_COMMIT=\"${COMMIT_HASH}\"/g" ${containerdEbuildMain} +sed -i "s/v${VERSION_OLD}/v${VERSION_NEW}/g" ${containerdEbuildMain} + +# torcx ebuild file has a docker version with only major and minor versions, like 19.03. +versionTorcx=${DOCKER_VERSION%.*} +torcxEbuildFile=$(ls -1 app-torcx/docker/docker-${versionTorcx}*.ebuild | sort -ruV | head -n1) +sed -i "s/containerd-${VERSION_OLD}/containerd-${VERSION_NEW}/g" ${torcxEbuildFile} + +popd >/dev/null || exit + +generate_patches app-emulation containerd Containerd + +apply_patches + +echo ::set-output name=VERSION_OLD::"${VERSION_OLD}" +echo ::set-output name=UPDATE_NEEDED::"${UPDATE_NEEDED}" diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/containerd-releases-main.yml b/sdk_container/src/third_party/coreos-overlay/.github/workflows/containerd-releases-main.yml new file mode 100644 index 0000000000..fdbb9faefc --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/.github/workflows/containerd-releases-main.yml @@ -0,0 +1,47 @@ +name: Get the latest Containerd release for main +on: + schedule: + - cron: '00 8 * * 5' + +jobs: + get-containerd-release: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: Fetch latest Containerd release + id: fetch-latest-release + run: | + git clone https://github.com/containerd/containerd + versionMain=$(git -C containerd ls-remote --tags origin | cut -f2 | sed -n "/refs\/tags\/v[0-9]*.[0-9]*.[0-9]*$/s/^refs\/tags\/v//p" | egrep -v -e '(beta|rc)' | sort -ruV | head -n1) + commitMain=$(git -C containerd rev-parse v${versionMain}) + rm -rf containerd + echo ::set-output name=VERSION_MAIN::$(echo ${versionMain}) + echo ::set-output name=COMMIT_MAIN::$(echo ${commitMain}) + echo ::set-output name=BASE_BRANCH_MAIN::main + - name: Set up Flatcar SDK + id: setup-flatcar-sdk + run: .github/workflows/setup-flatcar-sdk.sh + - name: Apply patch for main + id: apply-patch-main + env: + TARGET: main + BASE_BRANCH: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAIN }} + VERSION_NEW: ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} + COMMIT_HASH: ${{ steps.fetch-latest-release.outputs.COMMIT_MAIN }} + PATH: ${{ steps.setup-flatcar-sdk.outputs.path }} + run: .github/workflows/containerd-apply-patch.sh + - name: Create pull request for main + uses: peter-evans/create-pull-request@v2 + if: steps.apply-patch-main.outputs.UPDATE_NEEDED == 1 + with: + token: ${{ secrets.GITHUB_TOKEN }} + base: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAIN }} + branch: containerd-${{ steps.fetch-latest-release.outputs.VERSION_MAIN }}-main + author: Flatcar Buildbot + committer: Flatcar Buildbot + title: Upgrade Containerd in main from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} + commit-message: Upgrade Containerd in main from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} + body: Upgrade Containerd in main from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} + labels: main diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/docker-apply-patch.sh b/sdk_container/src/third_party/coreos-overlay/.github/workflows/docker-apply-patch.sh new file mode 100755 index 0000000000..62a98d5943 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/.github/workflows/docker-apply-patch.sh @@ -0,0 +1,49 @@ +#!/bin/bash + +set -euo pipefail + +UPDATE_NEEDED=1 + +. .github/workflows/common.sh + +if ! checkout_branches "docker-${VERSION_NEW}-${TARGET}"; then + UPDATE_NEEDED=0 + exit 0 +fi + +pushd "${SDK_OUTER_SRCDIR}/third_party/coreos-overlay" >/dev/null || exit + +VERSION_OLD=$(sed -n "s/^DIST docker-\([0-9]*.[0-9]*.[0-9]*\).*/\1/p" app-emulation/docker/Manifest | sort -ruV | head -n1) +if [[ "${VERSION_NEW}" = "${VERSION_OLD}" ]]; then + echo "already the latest Docker, nothing to do" + UPDATE_NEEDED=0 + exit 0 +fi + +# we need to update not only the main ebuild file, but also its DOCKER_GITCOMMIT, +# which needs to point to COMMIT_HASH that matches with $VERSION_NEW from upstream docker-ce. +dockerEbuildOldSymlink=$(ls -1 app-emulation/docker/docker-${VERSION_OLD}*.ebuild | sort -ruV | head -n1) +dockerEbuildNewSymlink="app-emulation/docker/docker-${VERSION_NEW}.ebuild" +dockerEbuildMain="app-emulation/docker/docker-9999.ebuild" +git mv ${dockerEbuildOldSymlink} ${dockerEbuildNewSymlink} +sed -i "s/DOCKER_GITCOMMIT=\"\(.*\)\"/DOCKER_GITCOMMIT=\"${COMMIT_HASH}\"/g" ${dockerEbuildMain} +sed -i "s/v${VERSION_OLD}/v${VERSION_NEW}/g" ${dockerEbuildMain} + +# torcx ebuild file has a docker version with only major and minor versions, like 19.03. +versionTorcx=${VERSION_OLD%.*} +torcxEbuildFile=$(ls -1 app-torcx/docker/docker-${versionTorcx}*.ebuild | sort -ruV | head -n1) +sed -i "s/docker-${VERSION_OLD}/docker-${VERSION_NEW}/g" ${torcxEbuildFile} + +# update also docker versions used by the current docker-runc ebuild file. +versionRunc=$(sed -n "s/^DIST docker-runc-\([0-9]*.[0-9]*.*\)\.tar.*/\1/p" app-emulation/docker-runc/Manifest | sort -ruV | head -n1) +runcEbuildFile=$(ls -1 app-emulation/docker-runc/docker-runc-${versionRunc}*.ebuild | sort -ruV | head -n1) +sed -i "s/github.com\/docker\/docker-ce\/blob\/v${VERSION_OLD}/github.com\/docker\/docker-ce\/blob\/v${VERSION_NEW}/g" ${runcEbuildFile} + +popd >/dev/null || exit + +generate_patches app-emulation docker Docker + +apply_patches + +echo ::set-output name=VERSION_OLD::"${VERSION_OLD}" +echo ::set-output name=UPDATE_NEEDED::"${UPDATE_NEEDED}" diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/docker-releases-main.yml b/sdk_container/src/third_party/coreos-overlay/.github/workflows/docker-releases-main.yml new file mode 100644 index 0000000000..fe31017e03 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/.github/workflows/docker-releases-main.yml @@ -0,0 +1,47 @@ +name: Get the latest Docker release for main +on: + schedule: + - cron: '35 7 * * 3' + +jobs: + get-docker-release: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: Fetch latest Docker release + id: fetch-latest-release + run: | + git clone https://github.com/docker/docker-ce docker + versionMain=$(git -C docker ls-remote --tags origin | cut -f2 | sed -n "/refs\/tags\/v[0-9]*.[0-9]*.[0-9]*$/s/^refs\/tags\/v//p" | egrep -v -e '(beta|rc)' | sort -ruV | head -n1) + commitMain=$(git -C docker rev-parse --short=7 v${versionMain}) + rm -rf docker + echo ::set-output name=VERSION_MAIN::$(echo ${versionMain}) + echo ::set-output name=COMMIT_MAIN::$(echo ${commitMain}) + echo ::set-output name=BASE_BRANCH_MAIN::main + - name: Set up Flatcar SDK + id: setup-flatcar-sdk + run: .github/workflows/setup-flatcar-sdk.sh + - name: Apply patch for main + id: apply-patch-main + env: + TARGET: main + BASE_BRANCH: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAIN }} + VERSION_NEW: ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} + COMMIT_HASH: ${{ steps.fetch-latest-release.outputs.COMMIT_MAIN }} + PATH: ${{ steps.setup-flatcar-sdk.outputs.path }} + run: .github/workflows/docker-apply-patch.sh + - name: Create pull request for main + uses: peter-evans/create-pull-request@v2 + if: steps.apply-patch-main.outputs.UPDATE_NEEDED == 1 + with: + token: ${{ secrets.GITHUB_TOKEN }} + base: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAIN }} + branch: docker-${{ steps.fetch-latest-release.outputs.VERSION_MAIN }}-main + author: Flatcar Buildbot + committer: Flatcar Buildbot + title: Upgrade Docker in main from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} + commit-message: Upgrade Docker in main from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} + body: Upgrade Docker in main from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} + labels: main diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/go-apply-patch.sh b/sdk_container/src/third_party/coreos-overlay/.github/workflows/go-apply-patch.sh new file mode 100755 index 0000000000..c6efd78d0f --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/.github/workflows/go-apply-patch.sh @@ -0,0 +1,34 @@ +#!/bin/bash + +set -euo pipefail + +# trim the 3rd part in the input semver, e.g. from 1.14.3 to 1.14 +VERSION_SHORT=${VERSION_NEW%.*} +UPDATE_NEEDED=1 + +. .github/workflows/common.sh + +if ! checkout_branches "go-${VERSION_NEW}-${TARGET}"; then + UPDATE_NEEDED=0 + exit 0 +fi + +pushd "${SDK_OUTER_SRCDIR}/third_party/coreos-overlay" >/dev/null || exit + +VERSION_OLD=$(sed -n "s/^DIST go\(${VERSION_SHORT}.[0-9]*\).*/\1/p" dev-lang/go/Manifest | sort -ruV | head -n1) +if [[ "${VERSION_NEW}" = "${VERSION_OLD}" ]]; then + echo "already the latest Go, nothing to do" + UPDATE_NEEDED=0 + exit 0 +fi + +git mv $(ls -1 dev-lang/go/go-${VERSION_OLD}*.ebuild | sort -ruV | head -n1) "dev-lang/go/go-${VERSION_NEW}.ebuild" + +popd >/dev/null || exit + +generate_patches dev-lang go Go + +apply_patches + +echo ::set-output name=VERSION_OLD::"${VERSION_OLD}" +echo ::set-output name=UPDATE_NEEDED::"${UPDATE_NEEDED}" diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/go-releases-main.yml b/sdk_container/src/third_party/coreos-overlay/.github/workflows/go-releases-main.yml new file mode 100644 index 0000000000..2a46bced8b --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/.github/workflows/go-releases-main.yml @@ -0,0 +1,46 @@ +name: Get the latest Go release for main +on: + schedule: + - cron: '15 7 * * 1' + +jobs: + get-go-release: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: Fetch latest Go release + id: fetch-latest-release + env: + GO_VERSION: 1.13 + run: | + git clone --depth=1 --no-checkout https://github.com/golang/go + versionMain=$(git -C go ls-remote --tags origin | cut -f2 | sed -n "/refs\/tags\/go${GO_VERSION}.[0-9]*$/s/^refs\/tags\/go//p" | egrep -v -e '(beta|rc)' | sort -ruV | head -1) + rm -rf go + echo ::set-output name=VERSION_MAIN::$(echo ${versionMain}) + echo ::set-output name=BASE_BRANCH_MAIN::main + - name: Set up Flatcar SDK + id: setup-flatcar-sdk + run: .github/workflows/setup-flatcar-sdk.sh + - name: Apply patch for main + id: apply-patch-main + env: + TARGET: main + BASE_BRANCH: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAIN }} + PATH: ${{ steps.setup-flatcar-sdk.outputs.path }} + VERSION_NEW: ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} + run: .github/workflows/go-apply-patch.sh + - name: Create pull request for main + uses: peter-evans/create-pull-request@v2 + if: steps.apply-patch-main.outputs.UPDATE_NEEDED == 1 + with: + token: ${{ secrets.GITHUB_TOKEN }} + base: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAIN }} + branch: go-${{ steps.fetch-latest-release.outputs.VERSION_MAIN }}-main + author: Flatcar Buildbot + committer: Flatcar Buildbot + title: Upgrade Go in main from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} + commit-message: Upgrade Go in main from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} + body: Upgrade Go in main from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} + labels: main diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-apply-patch.sh b/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-apply-patch.sh new file mode 100755 index 0000000000..0c17dfceea --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-apply-patch.sh @@ -0,0 +1,42 @@ +#!/bin/bash + +set -euo pipefail + +# trim the 3rd part in the input semver, e.g. from 5.4.1 to 5.4 +VERSION_SHORT=${VERSION_NEW%.*} +UPDATE_NEEDED=1 + +. .github/workflows/common.sh + +if ! checkout_branches "linux-${VERSION_NEW}-${TARGET}"; then + UPDATE_NEEDED=0 + exit 0 +fi + +pushd "${SDK_OUTER_SRCDIR}/third_party/coreos-overlay" >/dev/null || exit + +VERSION_OLD=$(sed -n "s/^DIST patch-\(${VERSION_SHORT}.[0-9]*\).*/\1/p" sys-kernel/coreos-sources/Manifest) +if [[ -z "${VERSION_OLD}" ]]; then + VERSION_OLD=$(sed -n "s/^DIST linux-\(${VERSION_SHORT}*\).*/\1/p" sys-kernel/coreos-sources/Manifest) +fi +if [[ "${VERSION_NEW}" = "${VERSION_OLD}" ]]; then + echo "already the latest Kernel, nothing to do" + UPDATE_NEEDED=0 + exit 0 +fi + +for pkg in sources modules kernel; do \ + pushd "sys-kernel/coreos-${pkg}" >/dev/null || exit; \ + git mv "coreos-${pkg}"-*.ebuild "coreos-${pkg}-${VERSION_NEW}.ebuild"; \ + sed -i -e '/^COREOS_SOURCE_REVISION=/s/=.*/=""/' "coreos-${pkg}-${VERSION_NEW}.ebuild"; \ + popd >/dev/null || exit; \ +done + +popd >/dev/null || exit + +generate_patches sys-kernel coreos-{sources,kernel,modules} Linux + +apply_patches + +echo ::set-output name=VERSION_OLD::"${VERSION_OLD}" +echo ::set-output name=UPDATE_NEEDED::"${UPDATE_NEEDED}" diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-alpha.yml b/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-alpha.yml new file mode 100644 index 0000000000..afffda7026 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-alpha.yml @@ -0,0 +1,48 @@ +name: Get the latest Kernel release for the Alpha maintenance branch +on: + schedule: + - cron: '0 7 * * *' + +jobs: + get-kernel-release: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: Fetch latest Kernel release + id: fetch-latest-release + env: + CHANNEL: alpha + run: | + KV_MAIN=$(curl -s -S -f -L "https://${CHANNEL}.release.flatcar-linux.net/amd64-usr/current/flatcar_production_image_packages.txt" | grep -o 'coreos-kernel.*' | cut -d '-' -f 3- | cut -d . -f 1-2) + git clone --depth=1 --no-checkout https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux + versionMaintenance=$(git -C linux ls-remote --tags origin | cut -f2 | sed -n "/refs\/tags\/v${KV_MAIN}.[0-9]*$/s/^refs\/tags\/v//p" | sort -ruV | head -1) + rm -rf linux + maintenanceBranch=$(curl -s -S -f -L "https://${CHANNEL}.release.flatcar-linux.net/amd64-usr/current/version.txt" | grep -m 1 FLATCAR_BUILD= | cut -d = -f 2-) + echo ::set-output name=VERSION_MAINTENANCE::$(echo ${versionMaintenance}) + echo ::set-output name=BASE_BRANCH_MAINTENANCE::$(echo flatcar-${maintenanceBranch}) + - name: Set up Flatcar SDK + id: setup-flatcar-sdk + run: .github/workflows/setup-flatcar-sdk.sh + - name: Apply patch for maintenance branch + id: apply-patch-maintenance + env: + TARGET: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} + BASE_BRANCH: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} + PATH: ${{ steps.setup-flatcar-sdk.outputs.path }} + VERSION_NEW: ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} + run: .github/workflows/kernel-apply-patch.sh + - name: Create pull request for maintenance branch + uses: peter-evans/create-pull-request@v2 + if: steps.apply-patch-maintenance.outputs.UPDATE_NEEDED == 1 + with: + token: ${{ secrets.GITHUB_TOKEN }} + base: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} + branch: linux-${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }}-${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} + author: Flatcar Buildbot + committer: Flatcar Buildbot + title: Upgrade Linux Kernel for ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} + commit-message: Upgrade Linux Kernel in maintenance branch from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} + body: Upgrade Linux Kernel in ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} + labels: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-beta.yml b/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-beta.yml new file mode 100644 index 0000000000..562e9ec065 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-beta.yml @@ -0,0 +1,48 @@ +name: Get the latest Kernel release for the Beta maintenance branch +on: + schedule: + - cron: '0 7 * * *' + +jobs: + get-kernel-release: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: Fetch latest Kernel release + id: fetch-latest-release + env: + CHANNEL: beta + run: | + KV_MAIN=$(curl -s -S -f -L "https://${CHANNEL}.release.flatcar-linux.net/amd64-usr/current/flatcar_production_image_packages.txt" | grep -o 'coreos-kernel.*' | cut -d '-' -f 3- | cut -d . -f 1-2) + git clone --depth=1 --no-checkout https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux + versionMaintenance=$(git -C linux ls-remote --tags origin | cut -f2 | sed -n "/refs\/tags\/v${KV_MAIN}.[0-9]*$/s/^refs\/tags\/v//p" | sort -ruV | head -1) + rm -rf linux + maintenanceBranch=$(curl -s -S -f -L "https://${CHANNEL}.release.flatcar-linux.net/amd64-usr/current/version.txt" | grep -m 1 FLATCAR_BUILD= | cut -d = -f 2-) + echo ::set-output name=VERSION_MAINTENANCE::$(echo ${versionMaintenance}) + echo ::set-output name=BASE_BRANCH_MAINTENANCE::$(echo flatcar-${maintenanceBranch}) + - name: Set up Flatcar SDK + id: setup-flatcar-sdk + run: .github/workflows/setup-flatcar-sdk.sh + - name: Apply patch for maintenance branch + id: apply-patch-maintenance + env: + TARGET: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} + BASE_BRANCH: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} + PATH: ${{ steps.setup-flatcar-sdk.outputs.path }} + VERSION_NEW: ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} + run: .github/workflows/kernel-apply-patch.sh + - name: Create pull request for maintenance branch + uses: peter-evans/create-pull-request@v2 + if: steps.apply-patch-maintenance.outputs.UPDATE_NEEDED == 1 + with: + token: ${{ secrets.GITHUB_TOKEN }} + base: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} + branch: linux-${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }}-${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} + author: Flatcar Buildbot + committer: Flatcar Buildbot + title: Upgrade Linux Kernel for ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} + commit-message: Upgrade Linux Kernel in maintenance branch from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} + body: Upgrade Linux Kernel in ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} + labels: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-main.yml b/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-main.yml new file mode 100644 index 0000000000..351cea0261 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-main.yml @@ -0,0 +1,46 @@ +name: Get the latest Kernel release for main +on: + schedule: + - cron: '0 7 * * *' + +jobs: + get-kernel-release: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: Fetch latest Kernel release + id: fetch-latest-release + env: + KV_MAIN: 5.4 + run: | + git clone --depth=1 --no-checkout https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux + versionMain=$(git -C linux ls-remote --tags origin | cut -f2 | sed -n "/refs\/tags\/v${KV_MAIN}.[0-9]*$/s/^refs\/tags\/v//p" | sort -ruV | head -1) + rm -rf linux + echo ::set-output name=VERSION_MAIN::$(echo ${versionMain}) + echo ::set-output name=BASE_BRANCH_MAIN::main + - name: Set up Flatcar SDK + id: setup-flatcar-sdk + run: .github/workflows/setup-flatcar-sdk.sh + - name: Apply patch for main + id: apply-patch-main + env: + TARGET: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAIN }} + BASE_BRANCH: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAIN }} + PATH: ${{ steps.setup-flatcar-sdk.outputs.path }} + VERSION_NEW: ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} + run: .github/workflows/kernel-apply-patch.sh + - name: Create pull request for main + uses: peter-evans/create-pull-request@v2 + if: steps.apply-patch-main.outputs.UPDATE_NEEDED == 1 + with: + token: ${{ secrets.GITHUB_TOKEN }} + base: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAIN }} + branch: linux-${{ steps.fetch-latest-release.outputs.VERSION_MAIN }}-main + author: Flatcar Buildbot + committer: Flatcar Buildbot + title: Upgrade Linux Kernel in main from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} + commit-message: Upgrade Linux Kernel in main from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} + body: Upgrade Linux Kernel in main from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} + labels: main diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-stable.yml b/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-stable.yml new file mode 100644 index 0000000000..bfba811911 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-stable.yml @@ -0,0 +1,48 @@ +name: Get the latest Kernel release for the Stable maintenance branch +on: + schedule: + - cron: '0 7 * * *' + +jobs: + get-kernel-release: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: Fetch latest Kernel release + id: fetch-latest-release + env: + CHANNEL: stable + run: | + KV_MAIN=$(curl -s -S -f -L "https://${CHANNEL}.release.flatcar-linux.net/amd64-usr/current/flatcar_production_image_packages.txt" | grep -o 'coreos-kernel.*' | cut -d '-' -f 3- | cut -d . -f 1-2) + git clone --depth=1 --no-checkout https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux + versionMaintenance=$(git -C linux ls-remote --tags origin | cut -f2 | sed -n "/refs\/tags\/v${KV_MAIN}.[0-9]*$/s/^refs\/tags\/v//p" | sort -ruV | head -1) + rm -rf linux + maintenanceBranch=$(curl -s -S -f -L "https://${CHANNEL}.release.flatcar-linux.net/amd64-usr/current/version.txt" | grep -m 1 FLATCAR_BUILD= | cut -d = -f 2-) + echo ::set-output name=VERSION_MAINTENANCE::$(echo ${versionMaintenance}) + echo ::set-output name=BASE_BRANCH_MAINTENANCE::$(echo flatcar-${maintenanceBranch}) + - name: Set up Flatcar SDK + id: setup-flatcar-sdk + run: .github/workflows/setup-flatcar-sdk.sh + - name: Apply patch for maintenance branch + id: apply-patch-maintenance + env: + TARGET: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} + BASE_BRANCH: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} + PATH: ${{ steps.setup-flatcar-sdk.outputs.path }} + VERSION_NEW: ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} + run: .github/workflows/kernel-apply-patch.sh + - name: Create pull request for maintenance branch + uses: peter-evans/create-pull-request@v2 + if: steps.apply-patch-maintenance.outputs.UPDATE_NEEDED == 1 + with: + token: ${{ secrets.GITHUB_TOKEN }} + base: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} + branch: linux-${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }}-${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} + author: Flatcar Buildbot + committer: Flatcar Buildbot + title: Upgrade Linux Kernel for ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} + commit-message: Upgrade Linux Kernel in maintenance branch from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} + body: Upgrade Linux Kernel in ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} + labels: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/runc-apply-patch.sh b/sdk_container/src/third_party/coreos-overlay/.github/workflows/runc-apply-patch.sh new file mode 100755 index 0000000000..57d7f39829 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/.github/workflows/runc-apply-patch.sh @@ -0,0 +1,56 @@ +#!/bin/bash + +set -euo pipefail + +UPDATE_NEEDED=1 + +. .github/workflows/common.sh + +if ! checkout_branches "runc-${VERSION_NEW}-${TARGET}"; then + UPDATE_NEEDED=0 + exit 0 +fi + +pushd "${SDK_OUTER_SRCDIR}/third_party/coreos-overlay" >/dev/null || exit + +# Get the original runc version, including official releases and rc versions. +# We need some sed tweaks like adding underscore, sort, and trim the underscore again, +# so that sort -V can give the newest version including non-rc versions. +VERSION_OLD=$(sed -n "s/^DIST docker-runc-\([0-9]*.[0-9]*.*\)\.tar.*/\1/p" app-emulation/docker-runc/Manifest | sed '/-/!{s/$/_/}' | sort -ruV | sed 's/_$//' | head -n1 | tr '-' '_') +if [[ "${VERSION_NEW}" = "${VERSION_OLD}" ]]; then + echo "already the latest Runc, nothing to do" + UPDATE_NEEDED=0 + exit 0 +fi + +runcEbuildOld=$(ls -1 app-emulation/docker-runc/docker-runc-${VERSION_OLD}*.ebuild | sort -ruV | head -n1) +runcEbuildNew="app-emulation/docker-runc/docker-runc-${VERSION_NEW}.ebuild" +git mv ${runcEbuildOld} ${runcEbuildNew} +sed -i "s/${VERSION_OLD}/${VERSION_NEW}/g" ${runcEbuildNew} +sed -i "s/COMMIT_ID=\"\(.*\)\"/COMMIT_ID=\"${COMMIT_HASH}\"/g" ${runcEbuildNew} + +# docker-runc ebuild file has also lines of runc versions with '-' instead of '_', e.g. '1.0.0-rc10' +VERSION_OLD_HYPHEN=${VERSION_OLD//_/-} +VERSION_NEW_HYPHEN=${VERSION_NEW//_/-} + +sed -i "s/${VERSION_OLD_HYPHEN}/${VERSION_NEW_HYPHEN}/g" ${runcEbuildNew} + +# update also runc versions used by docker and containerd +sed -i "s/docker-runc-${VERSION_OLD}/docker-runc-${VERSION_NEW}/g" app-emulation/docker/docker-9999.ebuild +sed -i "s/docker-runc-${VERSION_OLD}/docker-runc-${VERSION_NEW}/g" app-emulation/containerd/containerd-9999.ebuild + +dockerVersion=$(sed -n "s/^DIST docker-\([0-9]*.[0-9]*.[0-9]*\).*/\1/p" app-emulation/docker/Manifest | sort -ruV | head -n1) + +# torcx ebuild file has a docker version with only major and minor versions, like 19.03. +versionTorcx=${dockerVersion%.*} +torcxEbuildFile=$(ls -1 app-torcx/docker/docker-${versionTorcx}*.ebuild | sort -ruV | head -n1) +sed -i "s/docker-runc-${VERSION_OLD}/docker-runc-${VERSION_NEW}/g" ${torcxEbuildFile} + +popd >/dev/null || exit + +generate_patches app-emulation docker-runc Runc + +apply_patches + +echo ::set-output name=VERSION_OLD::"${VERSION_OLD}" +echo ::set-output name=UPDATE_NEEDED::"${UPDATE_NEEDED}" diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/runc-releases-main.yml b/sdk_container/src/third_party/coreos-overlay/.github/workflows/runc-releases-main.yml new file mode 100644 index 0000000000..f029525d30 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/.github/workflows/runc-releases-main.yml @@ -0,0 +1,51 @@ +name: Get the latest Runc release for main +on: + schedule: + - cron: '50 7 * * 4' + +jobs: + get-runc-release: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: Fetch latest Runc release + id: fetch-latest-release + run: | + git clone https://github.com/opencontainers/runc + # Get the newest runc version, including official releases and rc versions. + # We need some sed tweaks like adding underscore, sort, and trim the underscore again, + # so that sort -V can give the newest version including non-rc versions. + versionMain=$(git -C runc ls-remote --tags origin | cut -f2 | sed '/-/!{s/$/_/}' | sed -n "/refs\/tags\/v[0-9]*.[0-9]*.[0-9]*/s/^refs\/tags\/v//p" |grep -v '\{\}$' | sort -ruV | sed 's/_$//' | head -n1) + commitMain="$(git -C runc rev-parse v${versionMain})" + versionMain="${versionMain//-/_}" + rm -rf runc + echo ::set-output name=VERSION_MAIN::$(echo ${versionMain}) + echo ::set-output name=COMMIT_MAIN::$(echo ${commitMain}) + echo ::set-output name=BASE_BRANCH_MAIN::main + - name: Set up Flatcar SDK + id: setup-flatcar-sdk + run: .github/workflows/setup-flatcar-sdk.sh + - name: Apply patch for main + id: apply-patch-main + env: + TARGET: main + BASE_BRANCH: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAIN }} + VERSION_NEW: ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} + COMMIT_HASH: ${{ steps.fetch-latest-release.outputs.COMMIT_MAIN }} + PATH: ${{ steps.setup-flatcar-sdk.outputs.path }} + run: .github/workflows/runc-apply-patch.sh + - name: Create pull request for main + uses: peter-evans/create-pull-request@v2 + if: steps.apply-patch-main.outputs.UPDATE_NEEDED == 1 + with: + token: ${{ secrets.GITHUB_TOKEN }} + base: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAIN }} + branch: runc-${{ steps.fetch-latest-release.outputs.VERSION_MAIN }}-main + author: Flatcar Buildbot + committer: Flatcar Buildbot + title: Upgrade Runc in main from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} + commit-message: Upgrade Runc in main from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} + body: Upgrade Runc in main from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} + labels: main diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/rust-apply-patch.sh b/sdk_container/src/third_party/coreos-overlay/.github/workflows/rust-apply-patch.sh new file mode 100755 index 0000000000..644efe4e39 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/.github/workflows/rust-apply-patch.sh @@ -0,0 +1,37 @@ +#!/bin/bash + +set -euo pipefail + +UPDATE_NEEDED=1 + +. .github/workflows/common.sh + +if ! checkout_branches "rust-${VERSION_NEW}-${TARGET}"; then + UPDATE_NEEDED=0 + exit 0 +fi + +pushd "${SDK_OUTER_SRCDIR}/third_party/coreos-overlay" >/dev/null || exit + +VERSION_OLD=$(sed -n "s/^DIST rustc-\(1.[0-9]*.[0-9]*\).*/\1/p" dev-lang/rust/Manifest | sort -ruV | head -n1) +if [[ "${VERSION_NEW}" = "${VERSION_OLD}" ]]; then + echo "already the latest Rust, nothing to do" + UPDATE_NEEDED=0 + exit 0 +fi + +# replace rust version in profiles/, e.g. package.accept_keywords. +find profiles -name 'package.*' | xargs sed -i "s/=dev-lang\/rust-${VERSION_OLD}/=dev-lang\/rust-${VERSION_NEW}/" + +pushd "dev-lang/rust" >/dev/null || exit +git mv $(ls -1 rust-${VERSION_OLD}*.ebuild | sort -ruV | head -n1) "rust-${VERSION_NEW}.ebuild" +popd >/dev/null || exit + +popd >/dev/null || exit + +generate_patches dev-lang rust Rust + +apply_patches + +echo ::set-output name=VERSION_OLD::"${VERSION_OLD}" +echo ::set-output name=UPDATE_NEEDED::"${UPDATE_NEEDED}" diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/rust-release-main.yml b/sdk_container/src/third_party/coreos-overlay/.github/workflows/rust-release-main.yml new file mode 100644 index 0000000000..ea6e45c96a --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/.github/workflows/rust-release-main.yml @@ -0,0 +1,51 @@ +name: Get the latest Rust release for main +on: + schedule: + - cron: '20 7 * * 2' + +jobs: + get-rust-release: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: Fetch latest Rust release + id: fetch-latest-release + run: | + git clone --depth=1 --no-checkout https://github.com/rust-lang/rust + versionMain=$(git -C rust ls-remote --tags origin | cut -f2 | sed -n "/refs\/tags\/1.[0-9]*.[0-9]*$/s/^refs\/tags\///p" | sort -ruV | head -n1) + rm -rf rust + echo ::set-output name=VERSION_MAIN::$(echo ${versionMain}) + echo ::set-output name=BASE_BRANCH_MAIN::main + - name: Set up Flatcar SDK + id: setup-flatcar-sdk + run: .github/workflows/setup-flatcar-sdk.sh + - name: Apply patch for main + id: apply-patch-main + env: + TARGET: main + BASE_BRANCH: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAIN }} + PATH: ${{ steps.setup-flatcar-sdk.outputs.path }} + VERSION_NEW: ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} + run: .github/workflows/rust-apply-patch.sh + - name: Create pull request for main + uses: peter-evans/create-pull-request@v2 + if: steps.apply-patch-main.outputs.UPDATE_NEEDED == 1 + with: + token: ${{ secrets.GITHUB_TOKEN }} + base: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAIN }} + branch: rust-${{ steps.fetch-latest-release.outputs.VERSION_MAIN }}-main + author: Flatcar Buildbot + committer: Flatcar Buildbot + title: Upgrade Rust in main from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} + commit-message: Upgrade Rust in main from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} + body: Upgrade Rust in main from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} + labels: main + - name: Send repository dispatch to portage-stable + uses: peter-evans/repository-dispatch@v1.0.0 + if: steps.apply-patch-main.outputs.UPDATE_NEEDED == 1 + with: + token: ${{ secrets.FLATCAR_PORTAGE_STABLE_ACCESS_TOKEN }} + repository: flatcar-linux/portage-stable + event-type: cargo-pull-request-main diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/setup-flatcar-sdk.sh b/sdk_container/src/third_party/coreos-overlay/.github/workflows/setup-flatcar-sdk.sh new file mode 100755 index 0000000000..fed7db3457 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/.github/workflows/setup-flatcar-sdk.sh @@ -0,0 +1,60 @@ +#!/bin/bash + +set -euo pipefail + +CORK_VERSION=$(curl -s https://api.github.com/repos/flatcar-linux/mantle/releases/latest | jq -r .tag_name | sed -e 's/^v//') +curl -L -o cork https://github.com/flatcar-linux/mantle/releases/download/v"${CORK_VERSION}"/cork-"${CORK_VERSION}"-amd64 +curl -L -o cork.sig https://github.com/flatcar-linux/mantle/releases/download/v"${CORK_VERSION}"/cork-"${CORK_VERSION}"-amd64.sig +gpg --keyserver keys.gnupg.net --receive-keys 84C8E771C0DF83DFBFCAAAF03ADA89DEC2507883 +gpg --verify cork.sig cork +rm -f cork.sig +chmod +x cork +mkdir -p ~/.local/bin +mv cork ~/.local/bin + +export PATH=$PATH:$HOME/.local/bin +mkdir -p ~/flatcar-sdk + +pushd ~/flatcar-sdk || exit +cork create || true + +sudo tee "./chroot/etc/portage/make.conf" <