diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/cacerts-apply-patch.sh b/sdk_container/src/third_party/coreos-overlay/.github/workflows/cacerts-apply-patch.sh index d74de66f6c..893453538c 100755 --- a/sdk_container/src/third_party/coreos-overlay/.github/workflows/cacerts-apply-patch.sh +++ b/sdk_container/src/third_party/coreos-overlay/.github/workflows/cacerts-apply-patch.sh @@ -2,14 +2,13 @@ set -euo pipefail -UPDATE_NEEDED=1 - . .github/workflows/common.sh +BRANCH_NAME="cacerts-${VERSION_NEW}-${TARGET}" + prepare_git_repo -if ! checkout_branches "${VERSION_NEW}-${TARGET}"; then - UPDATE_NEEDED=0 +if ! checkout_branches "${BRANCH_NAME}"; then exit 0 fi @@ -19,7 +18,6 @@ pushd "${SDK_OUTER_SRCDIR}/third_party/coreos-overlay" >/dev/null || exit VERSION_OLD=$(sed -n "s/^DIST nss-\([0-9]*\.[0-9]*\).*$/\1/p" app-misc/ca-certificates/Manifest | sort -ruV | head -n1) if [[ "${VERSION_NEW}" = "${VERSION_OLD}" ]]; then echo "already the latest ca-certificates, nothing to do" - UPDATE_NEEDED=0 exit 0 fi @@ -37,5 +35,6 @@ generate_patches app-misc ca-certificates ca-certificates apply_patches -echo ::set-output name=VERSION_OLD::"${VERSION_OLD}" -echo ::set-output name=UPDATE_NEEDED::"${UPDATE_NEEDED}" +echo "VERSION_OLD=${VERSION_OLD}" >>"${GITHUB_OUTPUT}" +echo "UPDATE_NEEDED=1" >>"${GITHUB_OUTPUT}" +echo "BRANCH_NAME=${BRANCH_NAME}" >>"${GITHUB_OUTPUT}" diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/cacerts-release.yml b/sdk_container/src/third_party/coreos-overlay/.github/workflows/cacerts-release.yml new file mode 100644 index 0000000000..e30def30df --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/.github/workflows/cacerts-release.yml @@ -0,0 +1,55 @@ +name: Get the latest ca-certificates release for all maintained branches +on: + schedule: + - cron: '0 7 * * 1' + workflow_dispatch: + +jobs: + get-cacerts-release: + strategy: + matrix: + branch: [main,alpha,beta,stable,lts,lts-old] + fail-fast: false + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: Figure out branch + id: figure-out-branch + run: .github/workflows/figure-out-branch.sh '${{ matrix.branch }}' + - name: Fetch latest ca-certificates release + if: steps.figure-out-branch.outputs.SKIP == 0 + id: fetch-latest-release + run: | + git clone --depth=1 --no-checkout https://github.com/nss-dev/nss + nssVersion=$(git -C nss ls-remote --tags origin | cut -f2 | sed -n "s/refs\/tags\/NSS_\([0-9]_[0-9_]*\).*_RTM$/\1/p" | sort -s -t_ -k1,1 -k2,2n -k3,3n | tr '_' '.' | tail -n1) + rm -rf nss + echo "NSS_VERSION=${nssVersion}" >>"${GITHUB_OUTPUT}" + - name: Set up Flatcar SDK + if: steps.figure-out-branch.outputs.SKIP == 0 + id: setup-flatcar-sdk + run: .github/workflows/setup-flatcar-sdk.sh + - name: Apply patch + if: steps.figure-out-branch.outputs.SKIP == 0 + id: apply-patch + env: + TARGET: ${{ steps.figure-out-branch.outputs.BRANCH }} + BASE_BRANCH: ${{ steps.figure-out-branch.outputs.BRANCH }} + PATH: ${{ steps.setup-flatcar-sdk.outputs.path }} + VERSION_NEW: ${{ steps.fetch-latest-release.outputs.NSS_VERSION }} + PACKAGES_CONTAINER: ${{ steps.setup-flatcar-sdk.outputs.PACKAGES_CONTAINER }} + SDK_NAME: ${{ steps.setup-flatcar-sdk.outputs.SDK_NAME }} + run: .github/workflows/cacerts-apply-patch.sh + - name: Create pull request + if: (steps.figure-out-branch.outputs.SKIP == 0) && (steps.apply-patch.outputs.UPDATE_NEEDED == 1) + uses: peter-evans/create-pull-request@v4 + with: + token: ${{ secrets.GITHUB_TOKEN }} + base: ${{ steps.figure-out-branch.outputs.BRANCH }} + branch: ${{ steps.apply-patch.outputs.BRANCH_NAME }} + author: Flatcar Buildbot + committer: Flatcar Buildbot + title: Upgrade ca-certificates in ${{ steps.figure-out-branch.outputs.BRANCH }} from ${{ steps.apply-patch.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.NSS_VERSION }} + body: Subject says it all. + labels: ${{ steps.figure-out-branch.outputs.LABEL }} diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/cacerts-releases-alpha.yml b/sdk_container/src/third_party/coreos-overlay/.github/workflows/cacerts-releases-alpha.yml deleted file mode 100644 index 13a75af638..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/.github/workflows/cacerts-releases-alpha.yml +++ /dev/null @@ -1,50 +0,0 @@ -name: Get the latest ca-certificates release for the Alpha maintenance branch -on: - schedule: - - cron: '0 7 * * 1' - workflow_dispatch: - -jobs: - get-cacerts-release: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - - name: Fetch latest ca-certificates release - id: fetch-latest-release - env: - CHANNEL: alpha - run: | - git clone --depth=1 --no-checkout https://github.com/nss-dev/nss - versionMaintenance=$(git -C nss ls-remote --tags origin | cut -f2 | sed -n "s/refs\/tags\/NSS_\([0-9]_[0-9_]*\).*_RTM$/\1/p" | sort -s -t_ -k1,1 -k2,2n -k3,3n | tr '_' '.' | tail -n1) - rm -rf nss - maintenanceBranch=$(curl -s -S -f -L "https://${CHANNEL}.release.flatcar-linux.net/amd64-usr/current/version.txt" | grep -m 1 FLATCAR_BUILD= | cut -d = -f 2-) - echo ::set-output name=BASE_BRANCH_MAINTENANCE::$(echo flatcar-${maintenanceBranch}) - echo ::set-output name=VERSION_MAINTENANCE::$(echo ${versionMaintenance}) - - name: Set up Flatcar SDK - id: setup-flatcar-sdk - run: .github/workflows/setup-flatcar-sdk.sh - - name: Apply patch for maintenance branch - id: apply-patch-maintenance - env: - TARGET: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - BASE_BRANCH: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - PATH: ${{ steps.setup-flatcar-sdk.outputs.path }} - VERSION_NEW: ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - PACKAGES_CONTAINER: ${{ steps.setup-flatcar-sdk.outputs.PACKAGES_CONTAINER }} - SDK_NAME: ${{ steps.setup-flatcar-sdk.outputs.SDK_NAME }} - run: .github/workflows/cacerts-apply-patch.sh - - name: Create pull request for maintenance branch - uses: peter-evans/create-pull-request@v3 - if: steps.apply-patch-maintenance.outputs.UPDATE_NEEDED == 1 - with: - token: ${{ secrets.GITHUB_TOKEN }} - base: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - branch: cacerts-${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }}-${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - author: Flatcar Buildbot - committer: Flatcar Buildbot - title: Upgrade ca-certificates in maintenance branch from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - commit-message: Upgrade ca-certificates in maintenance branch from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - body: Upgrade ca-certificates in maintenance branch from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - labels: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/cacerts-releases-beta.yml b/sdk_container/src/third_party/coreos-overlay/.github/workflows/cacerts-releases-beta.yml deleted file mode 100644 index 070c7e142a..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/.github/workflows/cacerts-releases-beta.yml +++ /dev/null @@ -1,50 +0,0 @@ -name: Get the latest ca-certificates release for the Beta maintenance branch -on: - schedule: - - cron: '0 7 * * 1' - workflow_dispatch: - -jobs: - get-cacerts-release: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - - name: Fetch latest ca-certificates release - id: fetch-latest-release - env: - CHANNEL: beta - run: | - git clone --depth=1 --no-checkout https://github.com/nss-dev/nss - versionMaintenance=$(git -C nss ls-remote --tags origin | cut -f2 | sed -n "s/refs\/tags\/NSS_\([0-9]_[0-9_]*\).*_RTM$/\1/p" | sort -s -t_ -k1,1 -k2,2n -k3,3n | tr '_' '.' | tail -n1) - rm -rf nss - maintenanceBranch=$(curl -s -S -f -L "https://${CHANNEL}.release.flatcar-linux.net/amd64-usr/current/version.txt" | grep -m 1 FLATCAR_BUILD= | cut -d = -f 2-) - echo ::set-output name=BASE_BRANCH_MAINTENANCE::$(echo flatcar-${maintenanceBranch}) - echo ::set-output name=VERSION_MAINTENANCE::$(echo ${versionMaintenance}) - - name: Set up Flatcar SDK - id: setup-flatcar-sdk - run: .github/workflows/setup-flatcar-sdk.sh - - name: Apply patch for maintenance branch - id: apply-patch-maintenance - env: - TARGET: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - BASE_BRANCH: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - PATH: ${{ steps.setup-flatcar-sdk.outputs.path }} - VERSION_NEW: ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - PACKAGES_CONTAINER: ${{ steps.setup-flatcar-sdk.outputs.PACKAGES_CONTAINER }} - SDK_NAME: ${{ steps.setup-flatcar-sdk.outputs.SDK_NAME }} - run: .github/workflows/cacerts-apply-patch.sh - - name: Create pull request for maintenance branch - uses: peter-evans/create-pull-request@v3 - if: steps.apply-patch-maintenance.outputs.UPDATE_NEEDED == 1 - with: - token: ${{ secrets.GITHUB_TOKEN }} - base: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - branch: cacerts-${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }}-${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - author: Flatcar Buildbot - committer: Flatcar Buildbot - title: Upgrade ca-certificates in maintenance branch from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - commit-message: Upgrade ca-certificates in maintenance branch from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - body: Upgrade ca-certificates in maintenance branch from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - labels: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/cacerts-releases-lts-2021.yml b/sdk_container/src/third_party/coreos-overlay/.github/workflows/cacerts-releases-lts-2021.yml deleted file mode 100644 index c64aea3750..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/.github/workflows/cacerts-releases-lts-2021.yml +++ /dev/null @@ -1,48 +0,0 @@ -name: Get the latest ca-certificates release for the LTS-2021 maintenance branch -on: - schedule: - - cron: '0 7 * * 1' - workflow_dispatch: - -jobs: - get-cacerts-release: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - - name: Fetch latest ca-certificates release - id: fetch-latest-release - run: | - git clone --depth=1 --no-checkout https://github.com/nss-dev/nss - versionMaintenance=$(git -C nss ls-remote --tags origin | cut -f2 | sed -n "s/refs\/tags\/NSS_\([0-9]_[0-9_]*\).*_RTM$/\1/p" | sort -s -t_ -k1,1 -k2,2n -k3,3n | tr '_' '.' | tail -n1) - rm -rf nss - maintenanceBranch=2605 - echo ::set-output name=BASE_BRANCH_MAINTENANCE::$(echo flatcar-lts-${maintenanceBranch}) - echo ::set-output name=VERSION_MAINTENANCE::$(echo ${versionMaintenance}) - - name: Set up Flatcar SDK - id: setup-flatcar-sdk - run: .github/workflows/setup-flatcar-sdk.sh - - name: Apply patch for maintenance branch - id: apply-patch-maintenance - env: - TARGET: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - BASE_BRANCH: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - PATH: ${{ steps.setup-flatcar-sdk.outputs.path }} - VERSION_NEW: ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - PACKAGES_CONTAINER: ${{ steps.setup-flatcar-sdk.outputs.PACKAGES_CONTAINER }} - SDK_NAME: ${{ steps.setup-flatcar-sdk.outputs.SDK_NAME }} - run: .github/workflows/cacerts-apply-patch.sh - - name: Create pull request for maintenance branch - uses: peter-evans/create-pull-request@v3 - if: steps.apply-patch-maintenance.outputs.UPDATE_NEEDED == 1 - with: - token: ${{ secrets.GITHUB_TOKEN }} - base: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - branch: cacerts-${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }}-${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - author: Flatcar Buildbot - committer: Flatcar Buildbot - title: Upgrade ca-certificates in maintenance branch from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - commit-message: Upgrade ca-certificates in maintenance branch from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - body: Upgrade ca-certificates in maintenance branch from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - labels: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/cacerts-releases-lts.yml b/sdk_container/src/third_party/coreos-overlay/.github/workflows/cacerts-releases-lts.yml deleted file mode 100644 index 71db47da19..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/.github/workflows/cacerts-releases-lts.yml +++ /dev/null @@ -1,50 +0,0 @@ -name: Get the latest ca-certificates release for the current LTS maintenance branch -on: - schedule: - - cron: '0 7 * * 1' - workflow_dispatch: - -jobs: - get-cacerts-release: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - - name: Fetch latest ca-certificates release - id: fetch-latest-release - env: - CHANNEL: lts - run: | - git clone --depth=1 --no-checkout https://github.com/nss-dev/nss - versionMaintenance=$(git -C nss ls-remote --tags origin | cut -f2 | sed -n "s/refs\/tags\/NSS_\([0-9]_[0-9_]*\).*_RTM$/\1/p" | sort -s -t_ -k1,1 -k2,2n -k3,3n | tr '_' '.' | tail -n1) - rm -rf nss - maintenanceBranch=$(curl -s -S -f -L "https://${CHANNEL}.release.flatcar-linux.net/amd64-usr/current/version.txt" | grep -m 1 FLATCAR_BUILD= | cut -d = -f 2-) - echo ::set-output name=BASE_BRANCH_MAINTENANCE::$(echo flatcar-${maintenanceBranch}) - echo ::set-output name=VERSION_MAINTENANCE::$(echo ${versionMaintenance}) - - name: Set up Flatcar SDK - id: setup-flatcar-sdk - run: .github/workflows/setup-flatcar-sdk.sh - - name: Apply patch for maintenance branch - id: apply-patch-maintenance - env: - TARGET: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - BASE_BRANCH: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - PATH: ${{ steps.setup-flatcar-sdk.outputs.path }} - VERSION_NEW: ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - PACKAGES_CONTAINER: ${{ steps.setup-flatcar-sdk.outputs.PACKAGES_CONTAINER }} - SDK_NAME: ${{ steps.setup-flatcar-sdk.outputs.SDK_NAME }} - run: .github/workflows/cacerts-apply-patch.sh - - name: Create pull request for maintenance branch - uses: peter-evans/create-pull-request@v3 - if: steps.apply-patch-maintenance.outputs.UPDATE_NEEDED == 1 - with: - token: ${{ secrets.GITHUB_TOKEN }} - base: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - branch: cacerts-${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }}-${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - author: Flatcar Buildbot - committer: Flatcar Buildbot - title: Upgrade ca-certificates in maintenance branch from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - commit-message: Upgrade ca-certificates in maintenance branch from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - body: Upgrade ca-certificates in maintenance branch from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - labels: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/cacerts-releases-main.yaml b/sdk_container/src/third_party/coreos-overlay/.github/workflows/cacerts-releases-main.yaml deleted file mode 100644 index 962530b21e..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/.github/workflows/cacerts-releases-main.yaml +++ /dev/null @@ -1,47 +0,0 @@ -name: Get the latest ca-certificates release for main -on: - schedule: - - cron: '0 7 * * 1' - workflow_dispatch: - -jobs: - get-cacerts-release: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - - name: Fetch latest ca-certificates release - id: fetch-latest-release - run: | - git clone --depth=1 --no-checkout https://github.com/nss-dev/nss - versionMain=$(git -C nss ls-remote --tags origin | cut -f2 | sed -n "s/refs\/tags\/NSS_\([0-9]_[0-9_]*\).*_RTM$/\1/p" | sort -s -t_ -k1,1 -k2,2n -k3,3n | tr '_' '.' | tail -n1) - rm -rf nss - echo ::set-output name=BASE_BRANCH_MAIN::main - echo ::set-output name=VERSION_MAIN::$(echo ${versionMain}) - - name: Set up Flatcar SDK - id: setup-flatcar-sdk - run: .github/workflows/setup-flatcar-sdk.sh - - name: Apply patch for main - id: apply-patch-main - env: - TARGET: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAIN }} - BASE_BRANCH: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAIN }} - PATH: ${{ steps.setup-flatcar-sdk.outputs.path }} - VERSION_NEW: ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} - PACKAGES_CONTAINER: ${{ steps.setup-flatcar-sdk.outputs.PACKAGES_CONTAINER }} - SDK_NAME: ${{ steps.setup-flatcar-sdk.outputs.SDK_NAME }} - run: .github/workflows/cacerts-apply-patch.sh - - name: Create pull request for main - uses: peter-evans/create-pull-request@v3 - if: steps.apply-patch-main.outputs.UPDATE_NEEDED == 1 - with: - token: ${{ secrets.GITHUB_TOKEN }} - base: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAIN }} - branch: cacerts-${{ steps.fetch-latest-release.outputs.VERSION_MAIN }}-${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAIN }} - author: Flatcar Buildbot - committer: Flatcar Buildbot - title: Upgrade ca-certificates in main from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} - commit-message: Upgrade ca-certificates in main from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} - body: Upgrade ca-certificates in main from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} - labels: main diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/cacerts-releases-stable.yml b/sdk_container/src/third_party/coreos-overlay/.github/workflows/cacerts-releases-stable.yml deleted file mode 100644 index ef7f406536..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/.github/workflows/cacerts-releases-stable.yml +++ /dev/null @@ -1,50 +0,0 @@ -name: Get the latest ca-certificates release for the Stable maintenance branch -on: - schedule: - - cron: '0 7 * * 1' - workflow_dispatch: - -jobs: - get-cacerts-release: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - - name: Fetch latest ca-certificates release - id: fetch-latest-release - env: - CHANNEL: stable - run: | - git clone --depth=1 --no-checkout https://github.com/nss-dev/nss - versionMaintenance=$(git -C nss ls-remote --tags origin | cut -f2 | sed -n "s/refs\/tags\/NSS_\([0-9]_[0-9_]*\).*_RTM$/\1/p" | sort -s -t_ -k1,1 -k2,2n -k3,3n | tr '_' '.' | tail -n1) - rm -rf nss - maintenanceBranch=$(curl -s -S -f -L "https://${CHANNEL}.release.flatcar-linux.net/amd64-usr/current/version.txt" | grep -m 1 FLATCAR_BUILD= | cut -d = -f 2-) - echo ::set-output name=BASE_BRANCH_MAINTENANCE::$(echo flatcar-${maintenanceBranch}) - echo ::set-output name=VERSION_MAINTENANCE::$(echo ${versionMaintenance}) - - name: Set up Flatcar SDK - id: setup-flatcar-sdk - run: .github/workflows/setup-flatcar-sdk.sh - - name: Apply patch for maintenance branch - id: apply-patch-maintenance - env: - TARGET: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - BASE_BRANCH: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - PATH: ${{ steps.setup-flatcar-sdk.outputs.path }} - VERSION_NEW: ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - PACKAGES_CONTAINER: ${{ steps.setup-flatcar-sdk.outputs.PACKAGES_CONTAINER }} - SDK_NAME: ${{ steps.setup-flatcar-sdk.outputs.SDK_NAME }} - run: .github/workflows/cacerts-apply-patch.sh - - name: Create pull request for maintenance branch - uses: peter-evans/create-pull-request@v3 - if: steps.apply-patch-maintenance.outputs.UPDATE_NEEDED == 1 - with: - token: ${{ secrets.GITHUB_TOKEN }} - base: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - branch: cacerts-${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }}-${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - author: Flatcar Buildbot - committer: Flatcar Buildbot - title: Upgrade ca-certificates in maintenance branch from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - commit-message: Upgrade ca-certificates in maintenance branch from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - body: Upgrade ca-certificates in maintenance branch from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - labels: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/common.sh b/sdk_container/src/third_party/coreos-overlay/.github/workflows/common.sh index 55126f9b9c..4975c83282 100644 --- a/sdk_container/src/third_party/coreos-overlay/.github/workflows/common.sh +++ b/sdk_container/src/third_party/coreos-overlay/.github/workflows/common.sh @@ -53,7 +53,7 @@ function prepare_git_repo() { # caller needs to set pass a parameter as a branch name to be created. function checkout_branches() { - TARGET_BRANCH=$1 + local TARGET_BRANCH="${1}" [[ -z "${TARGET_BRANCH}" ]] && echo "No target branch specified. exit." && return 1 @@ -63,16 +63,22 @@ function checkout_branches() { # update submodules like portage-stable under the scripts directories git submodule update --init --recursive + # set up coreos-overlay submodule to use the fork remote, not the + # original remote set for the submodule. + local CO_PATH="${SDK_OUTER_SRCDIR}/third_party/coreos-overlay" + local FORK_URL=$(git remote get-url origin) + git -C "${CO_PATH}" remote add fork "${FORK_URL}" + git -C "${CO_PATH}" fetch fork - if git -C "${SDK_OUTER_SRCDIR}/third_party/coreos-overlay" show-ref "remotes/origin/${TARGET_BRANCH}"; then + if git -C "${CO_PATH}" show-ref "remotes/fork/${TARGET_BRANCH}"; then echo "Target branch already exists. exit."; return 1 fi # Each submodule directory should be explicitly set from BASE_BRANCH, # as the submodule refs could be only updated during the night. - git -C "${SDK_OUTER_SRCDIR}/third_party/coreos-overlay" checkout \ - -B "${TARGET_BRANCH}" "origin/${BASE_BRANCH}" + git -C "${CO_PATH}" checkout \ + -B "${TARGET_BRANCH}" "fork/${BASE_BRANCH}" git -C "${SDK_OUTER_SRCDIR}/third_party/portage-stable" checkout \ -B "${TARGET_BRANCH}" "origin/${BASE_BRANCH}" } diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/figure-out-branch.sh b/sdk_container/src/third_party/coreos-overlay/.github/workflows/figure-out-branch.sh new file mode 100755 index 0000000000..610a35f10b --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/.github/workflows/figure-out-branch.sh @@ -0,0 +1,71 @@ +#!/bin/bash + +# Prints the following github outputs based on channel named passed to +# the script as a parameter. +# +# BRANCH is a name of the git branch related to the passed channel. +# +# SKIP tells whether the rest of the steps should be skipped, will be +# either 0 or 1. +# +# LINK is a link to release mirror for the following channel. Will be +# empty for main channel. +# +# LABEL is going to be mostly the same as the channel name, except +# that lts-old will be labeled as lts. + +set -euo pipefail + +if [[ ${#} -ne 1 ]]; then + echo "Expected a channel name as a parameter" >&2 + exit 1 +fi + +channel_name="${1}" +skip=0 +link='' +branch='' +label='' +case "${channel_name}" in + main) + branch='main' + ;; + lts-old) + curl -fsSLO --retry-delay 1 --retry 60 --retry-connrefused --retry-max-time 60 --connect-timeout 20 'https://lts.release.flatcar-linux.net/lts-info' + if [[ $(grep -e ':supported' lts-info | wc -l) -le 1 ]]; then + # Only one supported LTS, skip this workflow run + # as 'lts' matrix branch will handle updating the only + # supported LTS. + skip=1 + else + line=$(grep -e ':supported' lts-info | sort -V | head -n 1) + major=$(awk -F: '{print $1}' <<<"${line}") + year=$(awk -F: '{print $2}' <<<"${line}") + branch="flatcar-${major}" + # Drop this corner case when 2605 is not supported. + if [[ ${major} -eq 2605 ]]; then + branch='flatcar-lts-2605' + fi + link="https://lts.release.flatcar-linux.net/amd64-usr/current-${year}" + label='lts' + fi + rm -f lts-info + ;; + alpha|beta|stable|lts) + link="https://${channel_name}.release.flatcar-linux.net/amd64-usr/current" + major=$(curl -sSL "${link}/version.txt" | awk -F= '/FLATCAR_BUILD=/{ print $2 }') + branch="flatcar-${major}" + ;; + *) + echo "Unknown channel '${channel_name}'" >&2 + exit 1 +esac + +if [[ -z "${label}" ]]; then + label="${channel_name}" +fi + +echo "BRANCH=${branch}" >>"${GITHUB_OUTPUT}" +echo "SKIP=${skip}" >>"${GITHUB_OUTPUT}" +echo "LINK=${link}" >>"${GITHUB_OUTPUT}" +echo "LABEL=${label}" >>"${GITHUB_OUTPUT}" diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-apply-patch.sh b/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-apply-patch.sh index 9846ccc5f8..b11004332c 100755 --- a/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-apply-patch.sh +++ b/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-apply-patch.sh @@ -4,14 +4,13 @@ set -euo pipefail # trim the 3rd part in the input semver, e.g. from 5.4.1 to 5.4 VERSION_SHORT=${VERSION_NEW%.*} -UPDATE_NEEDED=1 +BRANCH_NAME="linux-${VERSION_NEW}-${TARGET}" . .github/workflows/common.sh prepare_git_repo -if ! checkout_branches "linux-${VERSION_NEW}-${TARGET}"; then - UPDATE_NEEDED=0 +if ! checkout_branches "${BRANCH_NAME}"; then exit 0 fi @@ -23,7 +22,6 @@ if [[ -z "${VERSION_OLD}" ]]; then fi if [[ "${VERSION_NEW}" = "${VERSION_OLD}" ]]; then echo "already the latest Kernel, nothing to do" - UPDATE_NEEDED=0 exit 0 fi @@ -77,5 +75,6 @@ generate_patches sys-kernel coreos-sources Kernel apply_patches -echo ::set-output name=VERSION_OLD::"${VERSION_OLD}" -echo ::set-output name=UPDATE_NEEDED::"${UPDATE_NEEDED}" +echo "VERSION_OLD=${VERSION_OLD}" >>"${GITHUB_OUTPUT}" +echo "UPDATE_NEEDED=1" >>"${GITHUB_OUTPUT}" +echo "BRANCH_NAME=${BRANCH_NAME}" >>"${GITHUB_OUTPUT}" diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-release.yml b/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-release.yml new file mode 100644 index 0000000000..a365a66287 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-release.yml @@ -0,0 +1,61 @@ +name: Get the latest Kernel release for all maintained branches +on: + schedule: + - cron: '0 7 * * *' + workflow_dispatch: + +jobs: + get-kernel-release: + strategy: + matrix: + branch: [main,alpha,beta,stable,lts,lts-old] + fail-fast: false + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: Figure out branch + id: figure-out-branch + run: .github/workflows/figure-out-branch.sh '${{ matrix.branch }}' + - name: Fetch latest Linux release + if: steps.figure-out-branch.outputs.SKIP == 0 + id: fetch-latest-release + run: | + CHANNEL='${{ matrix.branch }}' + if [[ "${CHANNEL}" = 'main' ]]; then + KV=$(git ls-files 'sys-kernel/coreos-kernel/*ebuild' | head -n 1 | cut -d '-' -f 5- | cut -d . -f 1-2) + else + KV=$(curl -s -S -f -L '${{ steps.figure-out-branch.outputs.LINK }}/flatcar_production_image_packages.txt' | grep -o 'coreos-kernel.*' | cut -d '-' -f 3- | cut -d . -f 1-2) + fi + git clone --depth=1 --no-checkout https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux + kernelVersion=$(git -C linux ls-remote --tags origin | cut -f2 | sed -n "/refs\/tags\/v${KV}\.[0-9]*$/s/^refs\/tags\/v//p" | sort -ruV | head -1) + rm -rf linux + echo "KERNEL_VERSION=${kernelVersion}" >>"${GITHUB_OUTPUT}" + - name: Set up Flatcar SDK + if: steps.figure-out-branch.outputs.SKIP == 0 + id: setup-flatcar-sdk + run: .github/workflows/setup-flatcar-sdk.sh + - name: Apply patch + if: steps.figure-out-branch.outputs.SKIP == 0 + id: apply-patch + env: + TARGET: ${{ steps.figure-out-branch.outputs.BRANCH }} + BASE_BRANCH: ${{ steps.figure-out-branch.outputs.BRANCH }} + PATH: ${{ steps.setup-flatcar-sdk.outputs.path }} + VERSION_NEW: ${{ steps.fetch-latest-release.outputs.KERNEL_VERSION }} + PACKAGES_CONTAINER: ${{ steps.setup-flatcar-sdk.outputs.PACKAGES_CONTAINER }} + SDK_NAME: ${{ steps.setup-flatcar-sdk.outputs.SDK_NAME }} + run: .github/workflows/kernel-apply-patch.sh + - name: Create pull request + if: (steps.figure-out-branch.outputs.SKIP == 0) && (steps.apply-patch.outputs.UPDATE_NEEDED == 1) + uses: peter-evans/create-pull-request@v4 + with: + token: ${{ secrets.GITHUB_TOKEN }} + base: ${{ steps.figure-out-branch.outputs.BRANCH }} + branch: ${{ steps.apply-patch.outputs.BRANCH_NAME }} + author: Flatcar Buildbot + committer: Flatcar Buildbot + title: Upgrade Linux Kernel for ${{ steps.figure-out-branch.outputs.BRANCH }} from ${{ steps.apply-patch.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.KERNEL_VERSION }} + body: Subject says it all. + labels: ${{ steps.figure-out-branch.outputs.LABEL }} diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-alpha.yml b/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-alpha.yml deleted file mode 100644 index a3121e7451..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-alpha.yml +++ /dev/null @@ -1,51 +0,0 @@ -name: Get the latest Kernel release for the Alpha maintenance branch -on: - schedule: - - cron: '0 7 * * *' - workflow_dispatch: - -jobs: - get-kernel-release: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - - name: Fetch latest Kernel release - id: fetch-latest-release - env: - CHANNEL: alpha - run: | - KV_MAIN=$(curl -s -S -f -L "https://${CHANNEL}.release.flatcar-linux.net/amd64-usr/current/flatcar_production_image_packages.txt" | grep -o 'coreos-kernel.*' | cut -d '-' -f 3- | cut -d . -f 1-2) - git clone --depth=1 --no-checkout https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux - versionMaintenance=$(git -C linux ls-remote --tags origin | cut -f2 | sed -n "/refs\/tags\/v${KV_MAIN}\.[0-9]*$/s/^refs\/tags\/v//p" | sort -ruV | head -1) - rm -rf linux - maintenanceBranch=$(curl -s -S -f -L "https://${CHANNEL}.release.flatcar-linux.net/amd64-usr/current/version.txt" | grep -m 1 FLATCAR_BUILD= | cut -d = -f 2-) - echo ::set-output name=VERSION_MAINTENANCE::$(echo ${versionMaintenance}) - echo ::set-output name=BASE_BRANCH_MAINTENANCE::$(echo flatcar-${maintenanceBranch}) - - name: Set up Flatcar SDK - id: setup-flatcar-sdk - run: .github/workflows/setup-flatcar-sdk.sh - - name: Apply patch for maintenance branch - id: apply-patch-maintenance - env: - TARGET: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - BASE_BRANCH: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - PATH: ${{ steps.setup-flatcar-sdk.outputs.path }} - VERSION_NEW: ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - PACKAGES_CONTAINER: ${{ steps.setup-flatcar-sdk.outputs.PACKAGES_CONTAINER }} - SDK_NAME: ${{ steps.setup-flatcar-sdk.outputs.SDK_NAME }} - run: .github/workflows/kernel-apply-patch.sh - - name: Create pull request for maintenance branch - uses: peter-evans/create-pull-request@v3 - if: steps.apply-patch-maintenance.outputs.UPDATE_NEEDED == 1 - with: - token: ${{ secrets.GITHUB_TOKEN }} - base: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - branch: linux-${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }}-${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - author: Flatcar Buildbot - committer: Flatcar Buildbot - title: Upgrade Linux Kernel for ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - commit-message: Upgrade Linux Kernel in maintenance branch from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - body: Upgrade Linux Kernel in ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - labels: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-beta.yml b/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-beta.yml deleted file mode 100644 index ca21f3b47c..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-beta.yml +++ /dev/null @@ -1,51 +0,0 @@ -name: Get the latest Kernel release for the Beta maintenance branch -on: - schedule: - - cron: '0 7 * * *' - workflow_dispatch: - -jobs: - get-kernel-release: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - - name: Fetch latest Kernel release - id: fetch-latest-release - env: - CHANNEL: beta - run: | - KV_MAIN=$(curl -s -S -f -L "https://${CHANNEL}.release.flatcar-linux.net/amd64-usr/current/flatcar_production_image_packages.txt" | grep -o 'coreos-kernel.*' | cut -d '-' -f 3- | cut -d . -f 1-2) - git clone --depth=1 --no-checkout https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux - versionMaintenance=$(git -C linux ls-remote --tags origin | cut -f2 | sed -n "/refs\/tags\/v${KV_MAIN}\.[0-9]*$/s/^refs\/tags\/v//p" | sort -ruV | head -1) - rm -rf linux - maintenanceBranch=$(curl -s -S -f -L "https://${CHANNEL}.release.flatcar-linux.net/amd64-usr/current/version.txt" | grep -m 1 FLATCAR_BUILD= | cut -d = -f 2-) - echo ::set-output name=VERSION_MAINTENANCE::$(echo ${versionMaintenance}) - echo ::set-output name=BASE_BRANCH_MAINTENANCE::$(echo flatcar-${maintenanceBranch}) - - name: Set up Flatcar SDK - id: setup-flatcar-sdk - run: .github/workflows/setup-flatcar-sdk.sh - - name: Apply patch for maintenance branch - id: apply-patch-maintenance - env: - TARGET: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - BASE_BRANCH: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - PATH: ${{ steps.setup-flatcar-sdk.outputs.path }} - VERSION_NEW: ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - PACKAGES_CONTAINER: ${{ steps.setup-flatcar-sdk.outputs.PACKAGES_CONTAINER }} - SDK_NAME: ${{ steps.setup-flatcar-sdk.outputs.SDK_NAME }} - run: .github/workflows/kernel-apply-patch.sh - - name: Create pull request for maintenance branch - uses: peter-evans/create-pull-request@v3 - if: steps.apply-patch-maintenance.outputs.UPDATE_NEEDED == 1 - with: - token: ${{ secrets.GITHUB_TOKEN }} - base: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - branch: linux-${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }}-${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - author: Flatcar Buildbot - committer: Flatcar Buildbot - title: Upgrade Linux Kernel for ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - commit-message: Upgrade Linux Kernel in maintenance branch from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - body: Upgrade Linux Kernel in ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - labels: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-lts-2021.yml b/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-lts-2021.yml deleted file mode 100644 index 184e6c3931..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-lts-2021.yml +++ /dev/null @@ -1,51 +0,0 @@ -name: Get the latest Kernel release for the LTS-2021 maintenance branch -on: - schedule: - - cron: '0 7 * * *' - workflow_dispatch: - -jobs: - get-kernel-release: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - - name: Fetch latest Kernel release - id: fetch-latest-release - env: - CHANNEL: lts - run: | - KV_MAIN=5.4 - git clone --depth=1 --no-checkout https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux - versionMaintenance=$(git -C linux ls-remote --tags origin | cut -f2 | sed -n "/refs\/tags\/v${KV_MAIN}\.[0-9]*$/s/^refs\/tags\/v//p" | sort -ruV | head -1) - rm -rf linux - maintenanceBranch=2605 - echo ::set-output name=VERSION_MAINTENANCE::$(echo ${versionMaintenance}) - echo ::set-output name=BASE_BRANCH_MAINTENANCE::$(echo flatcar-lts-${maintenanceBranch}) - - name: Set up Flatcar SDK - id: setup-flatcar-sdk - run: .github/workflows/setup-flatcar-sdk.sh - - name: Apply patch for maintenance branch - id: apply-patch-maintenance - env: - TARGET: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - BASE_BRANCH: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - PATH: ${{ steps.setup-flatcar-sdk.outputs.path }} - VERSION_NEW: ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - PACKAGES_CONTAINER: ${{ steps.setup-flatcar-sdk.outputs.PACKAGES_CONTAINER }} - SDK_NAME: ${{ steps.setup-flatcar-sdk.outputs.SDK_NAME }} - run: .github/workflows/kernel-apply-patch.sh - - name: Create pull request for maintenance branch - uses: peter-evans/create-pull-request@v3 - if: steps.apply-patch-maintenance.outputs.UPDATE_NEEDED == 1 - with: - token: ${{ secrets.GITHUB_TOKEN }} - base: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - branch: linux-${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }}-${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - author: Flatcar Buildbot - committer: Flatcar Buildbot - title: Upgrade Linux Kernel for ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - commit-message: Upgrade Linux Kernel in maintenance branch from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - body: Upgrade Linux Kernel in ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - labels: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-lts.yml b/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-lts.yml deleted file mode 100644 index cd03aceabd..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-lts.yml +++ /dev/null @@ -1,51 +0,0 @@ -name: Get the latest Kernel release for the current LTS maintenance branch -on: - schedule: - - cron: '0 7 * * *' - workflow_dispatch: - -jobs: - get-kernel-release: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - - name: Fetch latest Kernel release - id: fetch-latest-release - env: - CHANNEL: lts - run: | - KV_MAIN=$(curl -s -S -f -L "https://${CHANNEL}.release.flatcar-linux.net/amd64-usr/current/flatcar_production_image_packages.txt" | grep -o 'coreos-kernel.*' | cut -d '-' -f 3- | cut -d . -f 1-2) - git clone --depth=1 --no-checkout https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux - versionMaintenance=$(git -C linux ls-remote --tags origin | cut -f2 | sed -n "/refs\/tags\/v${KV_MAIN}\.[0-9]*$/s/^refs\/tags\/v//p" | sort -ruV | head -1) - rm -rf linux - maintenanceBranch=$(curl -s -S -f -L "https://${CHANNEL}.release.flatcar-linux.net/amd64-usr/current/version.txt" | grep -m 1 FLATCAR_BUILD= | cut -d = -f 2-) - echo ::set-output name=VERSION_MAINTENANCE::$(echo ${versionMaintenance}) - echo ::set-output name=BASE_BRANCH_MAINTENANCE::$(echo flatcar-${maintenanceBranch}) - - name: Set up Flatcar SDK - id: setup-flatcar-sdk - run: .github/workflows/setup-flatcar-sdk.sh - - name: Apply patch for maintenance branch - id: apply-patch-maintenance - env: - TARGET: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - BASE_BRANCH: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - PATH: ${{ steps.setup-flatcar-sdk.outputs.path }} - VERSION_NEW: ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - PACKAGES_CONTAINER: ${{ steps.setup-flatcar-sdk.outputs.PACKAGES_CONTAINER }} - SDK_NAME: ${{ steps.setup-flatcar-sdk.outputs.SDK_NAME }} - run: .github/workflows/kernel-apply-patch.sh - - name: Create pull request for maintenance branch - uses: peter-evans/create-pull-request@v3 - if: steps.apply-patch-maintenance.outputs.UPDATE_NEEDED == 1 - with: - token: ${{ secrets.GITHUB_TOKEN }} - base: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - branch: linux-${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }}-${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - author: Flatcar Buildbot - committer: Flatcar Buildbot - title: Upgrade Linux Kernel for ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - commit-message: Upgrade Linux Kernel in maintenance branch from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - body: Upgrade Linux Kernel in ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - labels: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-main.yml b/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-main.yml deleted file mode 100644 index 9c45e24520..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-main.yml +++ /dev/null @@ -1,49 +0,0 @@ -name: Get the latest Kernel release for main -on: - schedule: - - cron: '0 7 * * *' - workflow_dispatch: - -jobs: - get-kernel-release: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - - name: Fetch latest Kernel release - id: fetch-latest-release - env: - KV_MAIN: "5.15" - run: | - git clone --depth=1 --no-checkout https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux - versionMain=$(git -C linux ls-remote --tags origin | cut -f2 | sed -n "/refs\/tags\/v${KV_MAIN}\.[0-9]*$/s/^refs\/tags\/v//p" | sort -ruV | head -1) - rm -rf linux - echo ::set-output name=VERSION_MAIN::$(echo ${versionMain}) - echo ::set-output name=BASE_BRANCH_MAIN::main - - name: Set up Flatcar SDK - id: setup-flatcar-sdk - run: .github/workflows/setup-flatcar-sdk.sh - - name: Apply patch for main - id: apply-patch-main - env: - TARGET: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAIN }} - BASE_BRANCH: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAIN }} - PATH: ${{ steps.setup-flatcar-sdk.outputs.path }} - VERSION_NEW: ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} - PACKAGES_CONTAINER: ${{ steps.setup-flatcar-sdk.outputs.PACKAGES_CONTAINER }} - SDK_NAME: ${{ steps.setup-flatcar-sdk.outputs.SDK_NAME }} - run: .github/workflows/kernel-apply-patch.sh - - name: Create pull request for main - uses: peter-evans/create-pull-request@v3 - if: steps.apply-patch-main.outputs.UPDATE_NEEDED == 1 - with: - token: ${{ secrets.GITHUB_TOKEN }} - base: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAIN }} - branch: linux-${{ steps.fetch-latest-release.outputs.VERSION_MAIN }}-main - author: Flatcar Buildbot - committer: Flatcar Buildbot - title: Upgrade Linux Kernel in main from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} - commit-message: Upgrade Linux Kernel in main from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} - body: Upgrade Linux Kernel in main from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAIN }} - labels: main diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-stable.yml b/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-stable.yml deleted file mode 100644 index 2196470a75..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/.github/workflows/kernel-releases-stable.yml +++ /dev/null @@ -1,51 +0,0 @@ -name: Get the latest Kernel release for the Stable maintenance branch -on: - schedule: - - cron: '0 7 * * *' - workflow_dispatch: - -jobs: - get-kernel-release: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - - name: Fetch latest Kernel release - id: fetch-latest-release - env: - CHANNEL: stable - run: | - KV_MAIN=$(curl -s -S -f -L "https://${CHANNEL}.release.flatcar-linux.net/amd64-usr/current/flatcar_production_image_packages.txt" | grep -o 'coreos-kernel.*' | cut -d '-' -f 3- | cut -d . -f 1-2) - git clone --depth=1 --no-checkout https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux - versionMaintenance=$(git -C linux ls-remote --tags origin | cut -f2 | sed -n "/refs\/tags\/v${KV_MAIN}\.[0-9]*$/s/^refs\/tags\/v//p" | sort -ruV | head -1) - rm -rf linux - maintenanceBranch=$(curl -s -S -f -L "https://${CHANNEL}.release.flatcar-linux.net/amd64-usr/current/version.txt" | grep -m 1 FLATCAR_BUILD= | cut -d = -f 2-) - echo ::set-output name=VERSION_MAINTENANCE::$(echo ${versionMaintenance}) - echo ::set-output name=BASE_BRANCH_MAINTENANCE::$(echo flatcar-${maintenanceBranch}) - - name: Set up Flatcar SDK - id: setup-flatcar-sdk - run: .github/workflows/setup-flatcar-sdk.sh - - name: Apply patch for maintenance branch - id: apply-patch-maintenance - env: - TARGET: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - BASE_BRANCH: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - PATH: ${{ steps.setup-flatcar-sdk.outputs.path }} - VERSION_NEW: ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - PACKAGES_CONTAINER: ${{ steps.setup-flatcar-sdk.outputs.PACKAGES_CONTAINER }} - SDK_NAME: ${{ steps.setup-flatcar-sdk.outputs.SDK_NAME }} - run: .github/workflows/kernel-apply-patch.sh - - name: Create pull request for maintenance branch - uses: peter-evans/create-pull-request@v3 - if: steps.apply-patch-maintenance.outputs.UPDATE_NEEDED == 1 - with: - token: ${{ secrets.GITHUB_TOKEN }} - base: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - branch: linux-${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }}-${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} - author: Flatcar Buildbot - committer: Flatcar Buildbot - title: Upgrade Linux Kernel for ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - commit-message: Upgrade Linux Kernel in maintenance branch from ${{ steps.apply-patch-maintenance.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - body: Upgrade Linux Kernel in ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }} from ${{ steps.apply-patch-main.outputs.VERSION_OLD }} to ${{ steps.fetch-latest-release.outputs.VERSION_MAINTENANCE }} - labels: ${{ steps.fetch-latest-release.outputs.BASE_BRANCH_MAINTENANCE }}