From 236edb133a0a571a09361ff2f7c584f8b8f9420a Mon Sep 17 00:00:00 2001
From: Krzesimir Nowak <knowak@microsoft.com>
Date: Thu, 6 Apr 2023 15:56:31 +0200
Subject: [PATCH] .github: Port docker update action from old coreos-overlay

---
 .github/workflows/docker-apply-patch.sh    | 67 ++++++++++++++++++++++
 .github/workflows/docker-release-main.yaml | 52 +++++++++++++++++
 2 files changed, 119 insertions(+)
 create mode 100755 .github/workflows/docker-apply-patch.sh
 create mode 100644 .github/workflows/docker-release-main.yaml

diff --git a/.github/workflows/docker-apply-patch.sh b/.github/workflows/docker-apply-patch.sh
new file mode 100755
index 0000000000..e5f38d5e09
--- /dev/null
+++ b/.github/workflows/docker-apply-patch.sh
@@ -0,0 +1,67 @@
+#!/bin/bash
+
+set -euo pipefail
+
+source "${GHA_SCRIPTS_DIR}/.github/workflows/common.sh"
+
+prepare_git_repo
+
+pushd "${SDK_OUTER_OVERLAY}"
+
+VERSION_OLD=$(sed -n "s/^DIST docker-\([0-9]*.[0-9]*.[0-9]*\).*/\1/p" app-emulation/docker/Manifest | sort -ruV | head -n1)
+if [[ "${VERSION_NEW}" = "${VERSION_OLD}" ]]; then
+  echo "already the latest Docker, nothing to do"
+  exit 0
+fi
+
+# we need to update not only the main ebuild file, but also its DOCKER_GITCOMMIT,
+# which needs to point to COMMIT_HASH that matches with $VERSION_NEW from upstream docker-ce.
+dockerEbuildOld=$(get_ebuild_filename app-emulation/docker "${VERSION_OLD}")
+dockerEbuildNew="app-emulation/docker/docker-${VERSION_NEW}.ebuild"
+git mv "${dockerEbuildOld}" "${dockerEbuildNew}"
+sed -i "s/GIT_COMMIT=\(.*\)/GIT_COMMIT=${COMMIT_HASH_MOBY}/g" "${dockerEbuildNew}"
+sed -i "s/v${VERSION_OLD}/v${VERSION_NEW}/g" "${dockerEbuildNew}"
+
+cliEbuildOld=$(get_ebuild_filename app-emulation/docker-cli "${VERSION_OLD}")
+cliEbuildNew="app-emulation/docker-cli/docker-cli-${VERSION_NEW}.ebuild"
+git mv "${cliEbuildOld}" "${cliEbuildNew}"
+sed -i "s/GIT_COMMIT=\(.*\)/GIT_COMMIT=${COMMIT_HASH_CLI}/g" "${cliEbuildNew}"
+sed -i "s/v${VERSION_OLD}/v${VERSION_NEW}/g" "${cliEbuildNew}"
+
+# torcx ebuild file has a docker version with only major and minor versions, like 19.03.
+versionTorcx=${VERSION_OLD%.*}
+torcxEbuildFile=$(get_ebuild_filename app-torcx/docker "${versionTorcx}")
+sed -i "s/docker-${VERSION_OLD}/docker-${VERSION_NEW}/g" "${torcxEbuildFile}"
+sed -i "s/docker-cli-${VERSION_OLD}/docker-cli-${VERSION_NEW}/g" "${torcxEbuildFile}"
+
+# update also docker versions used by the current docker-runc ebuild file.
+versionRunc=$(sed -n "s/^DIST docker-runc-\([0-9]*.[0-9]*.*\)\.tar.*/\1/p" app-emulation/docker-runc/Manifest | sort -ruV | head -n1)
+runcEbuildFile=$(get_ebuild_filename app-emulation/docker-runc "${versionRunc}")
+sed -i "s/github.com\/docker\/docker-ce\/blob\/v${VERSION_OLD}/github.com\/docker\/docker-ce\/blob\/v${VERSION_NEW}/g" ${runcEbuildFile}
+
+popd
+
+# URL for Docker release notes has a specific format of
+#   https://docs.docker.com/engine/release-notes/MAJOR.MINOR/#COMBINEDFULLVERSION
+# To get the subfolder part MAJOR.MINOR, drop the patchlevel of the semver.
+#   e.g. 20.10.23 -> 20.10
+# To get the combined full version, drop all dots from the full version.
+#   e.g. 20.10.23 -> 201023
+# So the result becomes like:
+#   https://docs.docker.com/engine/release-notes/20.10/#201023
+URLSUBFOLDER=${VERSION_NEW%.*}
+URLVERSION="${VERSION_NEW//./}"
+URL="https://docs.docker.com/engine/release-notes/${URLSUBFOLDER}/#${URLVERSION}"
+
+generate_update_changelog 'Docker' "${VERSION_NEW}" "${URL}" 'docker'
+
+regenerate_manifest app-emulation/docker-cli "${VERSION_NEW}"
+commit_changes app-emulation/docker "${VERSION_OLD}" "${VERSION_NEW}" \
+               app-emulation/docker-cli \
+               app-torcx/docker \
+               app-emulation/docker-runc
+
+cleanup_repo
+
+echo "VERSION_OLD=${VERSION_OLD}" >>"${GITHUB_OUTPUT}"
+echo 'UPDATE_NEEDED=1' >>"${GITHUB_OUTPUT}"
diff --git a/.github/workflows/docker-release-main.yaml b/.github/workflows/docker-release-main.yaml
new file mode 100644
index 0000000000..5459d5a904
--- /dev/null
+++ b/.github/workflows/docker-release-main.yaml
@@ -0,0 +1,52 @@
+name: Get the latest Docker release for main
+on:
+  schedule:
+    - cron:  '35 7 * * 3'
+  workflow_dispatch:
+
+jobs:
+  get-docker-release:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out scripts
+        uses: actions/checkout@v3
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          path: scripts
+      - name: Figure out latest Docker release version
+        id: docker-latest-release
+        run: |
+          versionCommitPairMoby=( $(git ls-remote --tags https://github.com/moby/moby | grep 'refs/tags/v[0-9]*\.[0-9]*\.[0-9]*$' | sed -e 's#^\([0-9a-fA-F]*\)[[:space:]]*refs/tags/v\(.*\)$#\2 \1#g' | sort --reverse --unique --version-sort | head --lines 1) )
+          commitHashCLI=$(git ls-remote --tags https://github.com/docker/cli | grep 'refs/tags/v'"${versionCommitPairMoby[0]}"'$' | cut -f1)
+
+          echo "VERSION_NEW=${versionCommitPairMoby[0]}" >>"${GITHUB_OUTPUT}"
+          echo "COMMIT_HASH_MOBY=${versionCommitPairMoby[1]}" >>"${GITHUB_OUTPUT}"
+          echo "COMMIT_HASH_CLI=${commitHashCLI}" >>"${GITHUB_OUTPUT}"
+      - name: Set up Flatcar SDK
+        id: setup-flatcar-sdk
+        env:
+          WORK_SCRIPTS_DIR: "${{ github.workspace }}/scripts"
+          CHANNEL: main
+        run: scripts/.github/workflows/setup-flatcar-sdk.sh
+      - name: Apply patch for main
+        id: apply-patch-main
+        env:
+          GHA_SCRIPTS_DIR: "${{ github.workspace }}/scripts"
+          WORK_SCRIPTS_DIR: "${{ github.workspace }}/scripts"
+          VERSION_NEW: ${{ steps.docker-latest-release.outputs.VERSION_NEW }}
+          COMMIT_HASH_MOBY: ${{ steps.docker-latest-release.outputs.COMMIT_HASH_MOBY }}
+          COMMIT_HASH_CLI: ${{ steps.docker-latest-release.outputs.COMMIT_HASH_CLI }}
+          PACKAGES_CONTAINER: ${{ steps.setup-flatcar-sdk.outputs.PACKAGES_CONTAINER }}
+          SDK_NAME: ${{ steps.setup-flatcar-sdk.outputs.SDK_NAME }}
+        run: scripts/.github/workflows/docker-apply-patch.sh
+      - name: Create pull request for main
+        uses: peter-evans/create-pull-request@v5
+        if: steps.apply-patch-main.outputs.UPDATE_NEEDED == 1
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          path: scripts
+          branch: docker-${{ steps.docker-latest-release.outputs.VERSION_NEW }}-main
+          base: main
+          title: Upgrade Docker in main from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.docker-latest-release.outputs.VERSION_NEW }}
+          body: Subject says it all.
+          labels: main