diff --git a/.github/actions/build-push-image-with-apko/action.yml b/.github/actions/build-push-image-with-apko/action.yml index e2b474b56b..eb5314ed79 100644 --- a/.github/actions/build-push-image-with-apko/action.yml +++ b/.github/actions/build-push-image-with-apko/action.yml @@ -19,6 +19,11 @@ inputs: default: '' required: false + overwrite: + description: 'Overwrite the existing image tag' + default: 'false' + required: false + runs: using: "composite" steps: @@ -35,7 +40,7 @@ runs: fi - uses: chainguard-images/actions/apko-publish@main - if: ${{ steps.check-image-exists.outputs.image-exists == 'false' }} + if: ${{ inputs.overwrite == 'true' || steps.check-image-exists.outputs.image-exists == 'false' }} with: config: ${{ inputs.apko-config }} archs: x86_64 diff --git a/.github/workflows/alpha.yaml b/.github/workflows/alpha.yaml index d06d5149c5..bd72dd9f55 100644 --- a/.github/workflows/alpha.yaml +++ b/.github/workflows/alpha.yaml @@ -32,42 +32,6 @@ jobs: registry-password: ${{ secrets.DOCKERHUB_PASSWORD }} - build-rqlite: - runs-on: ubuntu-20.04 - steps: - - uses: actions/checkout@v4 - - uses: ./.github/actions/build-push-image-with-apko - with: - apko-config: deploy/rqlite/apko.yaml - image-name: index.docker.io/kotsadm/rqlite:alpha - registry-username: ${{ secrets.DOCKERHUB_USER }} - registry-password: ${{ secrets.DOCKERHUB_PASSWORD }} - - - build-minio: - runs-on: ubuntu-20.04 - steps: - - uses: actions/checkout@v4 - - uses: ./.github/actions/build-push-image-with-apko - with: - apko-config: deploy/minio/apko.yaml - image-name: index.docker.io/kotsadm/minio:alpha - registry-username: ${{ secrets.DOCKERHUB_USER }} - registry-password: ${{ secrets.DOCKERHUB_PASSWORD }} - - - build-dex: - runs-on: ubuntu-20.04 - steps: - - uses: actions/checkout@v4 - - uses: ./.github/actions/build-push-image-with-apko - with: - apko-config: deploy/dex/apko.yaml - image-name: index.docker.io/kotsadm/dex:alpha - registry-username: ${{ secrets.DOCKERHUB_USER }} - registry-password: ${{ secrets.DOCKERHUB_PASSWORD }} - - build-kotsadm: runs-on: ubuntu-20.04 needs: [generate-tag] @@ -113,7 +77,7 @@ jobs: id: scan uses: aquasecurity/trivy-action@master with: - image-ref: "docker.io/kotsadm/rqlite:alpha" + image-ref: "docker.io/kotsadm/rqlite:${{ steps.dotenv.outputs.RQLITE_TAG }}" format: 'template' template: '@/contrib/sarif.tpl' output: 'rqlite-scan-output.sarif' @@ -140,7 +104,7 @@ jobs: id: scan uses: aquasecurity/trivy-action@master with: - image-ref: "docker.io/kotsadm/minio:alpha" + image-ref: "docker.io/kotsadm/minio:${{ steps.dotenv.outputs.MINIO_TAG }}" format: 'template' template: '@/contrib/sarif.tpl' output: 'minio-scan-output.sarif' @@ -168,7 +132,7 @@ jobs: id: scan uses: aquasecurity/trivy-action@master with: - image-ref: "docker.io/kotsadm/dex:alpha" + image-ref: "docker.io/kotsadm/dex:${{ steps.dotenv.outputs.DEX_TAG }}" format: 'template' template: '@/contrib/sarif.tpl' output: 'dex-scan-output.sarif' @@ -218,7 +182,7 @@ jobs: id: scan uses: aquasecurity/trivy-action@master with: - image-ref: "docker.io/replicated/local-volume-provider:${{ steps.dotenv.outputs.lvp_tag }}" + image-ref: "docker.io/replicated/local-volume-provider:${{ steps.dotenv.outputs.LVP_TAG }}" format: 'template' template: '@/contrib/sarif.tpl' output: 'scan-output.sarif' diff --git a/.github/workflows/build-test.yaml b/.github/workflows/build-test.yaml index 26f272b486..c7219f65ca 100644 --- a/.github/workflows/build-test.yaml +++ b/.github/workflows/build-test.yaml @@ -423,10 +423,11 @@ jobs: with: path: .image.env - - uses: ./.github/actions/build-push-image-with-apko - with: - apko-config: deploy/minio/apko.yaml - image-name: ttl.sh/automated-${{ github.run_id }}/minio:${{ steps.dotenv.outputs.MINIO_TAG }} + - name: push minio + run: | + docker pull kotsadm/minio:${{ steps.dotenv.outputs.MINIO_TAG }} + docker tag kotsadm/minio:${{ steps.dotenv.outputs.MINIO_TAG }} ttl.sh/automated-${{ github.run_id }}/minio:${{ steps.dotenv.outputs.MINIO_TAG }} + docker push ttl.sh/automated-${{ github.run_id }}/minio:${{ steps.dotenv.outputs.MINIO_TAG }} push-rqlite: @@ -447,11 +448,11 @@ jobs: with: path: .image.env - - uses: ./.github/actions/build-push-image-with-apko - with: - apko-config: deploy/rqlite/apko.yaml - image-name: ttl.sh/automated-${{ github.run_id }}/rqlite:${{ steps.dotenv.outputs.RQLITE_TAG }} - + - name: push rqlite + run: | + docker pull kotsadm/rqlite:${{ steps.dotenv.outputs.RQLITE_TAG }} + docker tag kotsadm/rqlite:${{ steps.dotenv.outputs.RQLITE_TAG }} ttl.sh/automated-${{ github.run_id }}/rqlite:${{ steps.dotenv.outputs.RQLITE_TAG }} + docker push ttl.sh/automated-${{ github.run_id }}/rqlite:${{ steps.dotenv.outputs.RQLITE_TAG }} push-dex: runs-on: ubuntu-20.04 @@ -471,11 +472,11 @@ jobs: with: path: .image.env - - uses: ./.github/actions/build-push-image-with-apko - with: - apko-config: deploy/dex/apko.yaml - image-name: ttl.sh/automated-${{ github.run_id }}/dex:${{ steps.dotenv.outputs.DEX_TAG }} - + - name: push dex + run: | + docker pull kotsadm/dex:${{ steps.dotenv.outputs.DEX_TAG }} + docker tag kotsadm/dex:${{ steps.dotenv.outputs.DEX_TAG }} ttl.sh/automated-${{ github.run_id }}/dex:${{ steps.dotenv.outputs.DEX_TAG }} + docker push ttl.sh/automated-${{ github.run_id }}/dex:${{ steps.dotenv.outputs.DEX_TAG }} # only run validate-kurl-addon if changes to "deploy/kurl/kotsadm/template/**" kurl-addon-changes-filter: diff --git a/.github/workflows/image-deps-updater.yaml b/.github/workflows/image-deps-updater.yaml new file mode 100644 index 0000000000..e016e0b5fc --- /dev/null +++ b/.github/workflows/image-deps-updater.yaml @@ -0,0 +1,117 @@ +name: Update image deps + +on: + schedule: + - cron: '0 0 * * *' + workflow_dispatch: + inputs: + overwrite: + description: 'Overwrite the existing image tags' + required: false + default: 'false' +jobs: + build-3rd-party-images: + runs-on: ubuntu-20.04 + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Get tags + id: get-tags + run: | + minio_yaml=$(curl -s --fail --show-error https://raw.githubusercontent.com/wolfi-dev/os/main/minio.yaml) + minio_version=$(echo "$minio_yaml" | grep "version:" | awk '{print $2}' | tr -d '\n') + minio_epoch=$(echo "$minio_yaml" | grep "epoch:" | awk '{print $2}' | tr -d '\n') + + rqlite_yaml=$(curl -s --fail --show-error https://raw.githubusercontent.com/wolfi-dev/os/main/rqlite.yaml) + rqlite_version=$(echo "$rqlite_yaml" | grep "version:" | awk '{print $2}' | tr -d '\n') + rqlite_epoch=$(echo "$rqlite_yaml" | grep "epoch:" | awk '{print $2}' | tr -d '\n') + + dex_yaml=$(curl -s --fail --show-error https://raw.githubusercontent.com/wolfi-dev/os/main/dex.yaml) + dex_version=$(echo "$dex_yaml" | grep "version:" | awk '{print $2}' | tr -d '\n') + dex_epoch=$(echo "$dex_yaml" | grep "epoch:" | awk '{print $2}' | tr -d '\n') + + { + echo "minio-tag=$minio_version-$minio_epoch" + echo "rqlite-tag=$rqlite_version-$rqlite_epoch" + echo "dex-tag=$dex_version-$dex_epoch" + } >> "$GITHUB_OUTPUT" + + - name: Build and push minio image + uses: ./.github/actions/build-push-image-with-apko + with: + apko-config: deploy/minio/apko.yaml + image-name: index.docker.io/kotsadm/minio:${{ steps.get-tags.outputs.minio-tag }} + registry-username: ${{ secrets.DOCKERHUB_USER }} + registry-password: ${{ secrets.DOCKERHUB_PASSWORD }} + overwrite: ${{ github.event.inputs.overwrite }} + + - name: Build and push rqlite image + uses: ./.github/actions/build-push-image-with-apko + with: + apko-config: deploy/rqlite/apko.yaml + image-name: index.docker.io/kotsadm/rqlite:${{ steps.get-tags.outputs.rqlite-tag }} + registry-username: ${{ secrets.DOCKERHUB_USER }} + registry-password: ${{ secrets.DOCKERHUB_PASSWORD }} + overwrite: ${{ github.event.inputs.overwrite }} + + - name: Build and push dex image + uses: ./.github/actions/build-push-image-with-apko + with: + apko-config: deploy/dex/apko.yaml + image-name: index.docker.io/kotsadm/dex:${{ steps.get-tags.outputs.dex-tag }} + registry-username: ${{ secrets.DOCKERHUB_USER }} + registry-password: ${{ secrets.DOCKERHUB_PASSWORD }} + overwrite: ${{ github.event.inputs.overwrite }} + + update-image-deps: + needs: [build-3rd-party-images] + runs-on: ubuntu-20.04 + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup Go + uses: actions/setup-go@v4 + with: + go-version: '^1.20.0' + + - name: Run Update Script + env: + GITHUB_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + go run ./cmd/imagedeps + + - name: Create Pull Request # creates a PR if there are differences + uses: peter-evans/create-pull-request@v5 + id: cpr + with: + token: ${{ secrets.GITHUB_TOKEN }} + commit-message: Update KOTS image dependency tags + title: 'Automated KOTS Image Dependency Tag Update' + branch: automation/image-dependencies + delete-branch: true + labels: | + automated-pr + images + type::security + draft: false + base: "main" + body: "Automated changes by the [image-deps-updater](https://github.com/replicatedhq/kots/blob/main/.github/workflows/image-deps-updater.yaml) GitHub action" + + - name: Check outputs + if: ${{ steps.cpr.outputs.pull-request-number }} + run: | + echo "Pull Request Number - ${{ steps.cpr.outputs.pull-request-number }}" + echo "Pull Request URL - ${{ steps.cpr.outputs.pull-request-url }}" + + - name: Slack Notification + if: ${{ steps.cpr.outputs.pull-request-number }} + uses: slackapi/slack-github-action@v1.24.0 + with: + payload: | + { + "pull_request_url": "${{steps.cpr.outputs.pull-request-url}}" + } + env: + SLACK_WEBHOOK_URL: ${{ secrets.KOTS_IMAGE_DEPS_SLACK_WEBHOOK }} diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index daabb41492..791d90d77b 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -26,42 +26,6 @@ jobs: git tag "$GIT_TAG" git push origin "$GIT_TAG" - image-deps-updater: - runs-on: ubuntu-20.04 - steps: - - name: Checkout - uses: actions/checkout@v4 - - name: Setup Go - uses: actions/setup-go@v4 - with: - go-version: '^1.20.0' - - name: Run Update Script - env: - GITHUB_AUTH_TOKEN: ${{ secrets.NIGHTLY_GH_PAT }} - run: | - go run ./cmd/imagedeps - - name: Create Pull Request # creates a PR if there are differences - uses: peter-evans/create-pull-request@v5 - id: cpr - with: - token: ${{ secrets.NIGHTLY_GH_PAT }} - commit-message: update kots image dependency tags - title: 'Automated Kots Image Dependency Tag Update' - branch: automation/image-dependencies - delete-branch: true - labels: | - automated-pr - images - type::security - draft: false - base: "main" - body: "Automated changes by the [release](https://github.com/replicatedhq/kots/blob/main/.github/workflows/release.yaml) GitHub action" - - - name: Check outputs - run: | - echo "Pull Request Number - ${{ steps.cpr.outputs.pull-request-number }}" - echo "Pull Request URL - ${{ steps.cpr.outputs.pull-request-url }}" - build-kotsadm-migrations: runs-on: ubuntu-20.04 needs: [generate-tag] @@ -146,63 +110,6 @@ jobs: name: kots path: ./bin/kots - build-minio: - runs-on: ubuntu-20.04 - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Read image tags from env file - uses: falti/dotenv-action@v1 - id: dotenv - with: - path: .image.env - - - uses: ./.github/actions/build-push-image-with-apko - with: - apko-config: deploy/minio/apko.yaml - image-name: index.docker.io/kotsadm/minio:${{ steps.dotenv.outputs.MINIO_TAG }} - registry-username: ${{ secrets.DOCKERHUB_USER }} - registry-password: ${{ secrets.DOCKERHUB_PASSWORD }} - - build-rqlite: - runs-on: ubuntu-20.04 - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Read image tags from env file - uses: falti/dotenv-action@v1 - id: dotenv - with: - path: .image.env - - - uses: ./.github/actions/build-push-image-with-apko - with: - apko-config: deploy/rqlite/apko.yaml - image-name: index.docker.io/kotsadm/rqlite:${{ steps.dotenv.outputs.RQLITE_TAG }} - registry-username: ${{ secrets.DOCKERHUB_USER }} - registry-password: ${{ secrets.DOCKERHUB_PASSWORD }} - - build-dex: - runs-on: ubuntu-20.04 - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Read image tags from env file - uses: falti/dotenv-action@v1 - id: dotenv - with: - path: .image.env - - - uses: ./.github/actions/build-push-image-with-apko - with: - apko-config: deploy/dex/apko.yaml - image-name: index.docker.io/kotsadm/dex:${{ steps.dotenv.outputs.DEX_TAG }} - registry-username: ${{ secrets.DOCKERHUB_USER }} - registry-password: ${{ secrets.DOCKERHUB_PASSWORD }} - build-kotsadm: runs-on: ubuntu-20.04 needs: [generate-tag] @@ -224,7 +131,7 @@ jobs: build-release: runs-on: ubuntu-20.04 - needs: [generate-tag, build-kotsadm-migrations, build-kotsadm, build-minio, build-rqlite, build-dex] + needs: [generate-tag, build-kotsadm-migrations, build-kotsadm] steps: - name: Checkout uses: actions/checkout@v4 diff --git a/cmd/imagedeps/image-spec b/cmd/imagedeps/image-spec index 5bdafba0c5..2b81f185a7 100644 --- a/cmd/imagedeps/image-spec +++ b/cmd/imagedeps/image-spec @@ -1,5 +1,5 @@ -minio kotsadm/minio -rqlite kotsadm/rqlite -dex kotsadm/dex +minio kotsadm/minio ^([0-9]|[1-9][0-9]*)\.([0-9]|[1-9][0-9]*)\.([0-9]|[1-9][0-9]*)-([0-9]|[1-9][0-9]*)$ +rqlite kotsadm/rqlite ^([0-9]|[1-9][0-9]*)\.([0-9]|[1-9][0-9]*)\.([0-9]|[1-9][0-9]*)-([0-9]|[1-9][0-9]*)$ +dex kotsadm/dex ^([0-9]|[1-9][0-9]*)\.([0-9]|[1-9][0-9]*)\.([0-9]|[1-9][0-9]*)-([0-9]|[1-9][0-9]*)$ schemahero schemahero/schemahero ^([0-9]|[1-9][0-9]*)\.([0-9]|[1-9][0-9]*)\.([0-9]|[1-9][0-9]*)$ lvp replicated/local-volume-provider ^v([0-9]|[1-9][0-9]*)\.([0-9]|[1-9][0-9]*)\.([0-9]|[1-9][0-9]*)$ \ No newline at end of file diff --git a/cmd/imagedeps/main.go b/cmd/imagedeps/main.go index 470116b44a..a6238fca5a 100644 --- a/cmd/imagedeps/main.go +++ b/cmd/imagedeps/main.go @@ -55,9 +55,9 @@ var ( replacers = []*replacer{ getMakefileReplacer("Makefile"), getMakefileReplacer("migrations/Makefile"), - getApkoFileReplacer("deploy/minio/apko.yaml", "minio"), - getApkoFileReplacer("deploy/rqlite/apko.yaml", "rqlite"), - getApkoFileReplacer("deploy/dex/apko.yaml", "dex"), + getApkoFileReplacer("deploy/minio/apko.yaml"), + getApkoFileReplacer("deploy/rqlite/apko.yaml"), + getApkoFileReplacer("deploy/dex/apko.yaml"), } ) @@ -230,11 +230,11 @@ func getDockerfileReplacer(path string) *replacer { } } -func getApkoFileReplacer(path string, pkg string) *replacer { +func getApkoFileReplacer(path string) *replacer { return &replacer{ path: path, regexFn: func(ir *ImageRef) string { - return fmt.Sprintf(`- %s~\d+\.\d+\.\d+`, ir.name) + return fmt.Sprintf(`- %s~\d+\.\d+\.\d+(?:-\d+)?`, ir.name) }, valueFn: func(ir *ImageRef) string { return ir.GetApkoFileLine(ir.name) diff --git a/cmd/imagedeps/main_test.go b/cmd/imagedeps/main_test.go index 5354fee1a8..96b6762366 100644 --- a/cmd/imagedeps/main_test.go +++ b/cmd/imagedeps/main_test.go @@ -13,9 +13,32 @@ import ( ) var ( - minioTag = "0.20231101.183725" - rqliteTag = "7.21.4" - dexTag = "2.37.0" + minioTags = []string{ + "0.20231101.183725-2", + "0.20231101.183725-1", + "0.20231101.183725-0", + "0.20231101.183725", + "0.20231100.183724", + "0.20231031.183723", + "0.20231030.183722", + } + + rqliteTags = []string{ + "7.21.4-1", + "7.21.4-0", + "7.21.4", + "7.20.3", + "7.19.2", + "6.18.1", + } + + dexTags = []string{ + "2.37.0-0", + "2.37.0", + "2.36.0", + "2.35.0", + "2.34.0", + } schemaheroTags = []string{ "0.13.2", @@ -56,12 +79,15 @@ func TestFunctional(t *testing.T) { { name: "minio", fn: getTagFinder( - withWolfiGetTag( - func(_ string) (string, error) { - return minioTag, nil + withRepoGetTags( + func(_ string) ([]string, error) { + return minioTags, nil }, ), ), + replacers: []*replacer{ + getApkoFileReplacer("test.apko.yaml"), + }, }, { name: "schemahero", @@ -80,22 +106,28 @@ func TestFunctional(t *testing.T) { { name: "rqlite", fn: getTagFinder( - withWolfiGetTag( - func(_ string) (string, error) { - return rqliteTag, nil + withRepoGetTags( + func(_ string) ([]string, error) { + return rqliteTags, nil }, ), ), + replacers: []*replacer{ + getApkoFileReplacer("test.apko.yaml"), + }, }, { name: "dex", fn: getTagFinder( - withWolfiGetTag( - func(_ string) (string, error) { - return dexTag, nil + withRepoGetTags( + func(_ string) ([]string, error) { + return dexTags, nil }, ), ), + replacers: []*replacer{ + getApkoFileReplacer("test.apko.yaml"), + }, }, { name: "lvp", diff --git a/cmd/imagedeps/tag-finder.go b/cmd/imagedeps/tag-finder.go index 85cad39fb1..831e69efb8 100644 --- a/cmd/imagedeps/tag-finder.go +++ b/cmd/imagedeps/tag-finder.go @@ -3,7 +3,6 @@ package main import ( "context" "fmt" - "io" "net/http" "os" "path" @@ -15,7 +14,6 @@ import ( "github.com/google/go-github/v39/github" "github.com/heroku/docker-registry-client/registry" "golang.org/x/oauth2" - "gopkg.in/yaml.v2" ) type ImageRef struct { @@ -49,7 +47,6 @@ func (ir ImageRef) GetApkoFileLine(pkg string) string { return fmt.Sprintf("- %s~%s", pkg, ir.tag) } -type getTagFn func(string) (string, error) type getTagsFn func(string) ([]string, error) type getReleaseFn func(string, string) ([]*github.RepositoryRelease, error) type tagFinderFn func(inputLine string) (*ImageRef, error) @@ -73,7 +70,6 @@ func getFilter(expression string) (filterFn, error) { type configuration struct { repositoryTagsFinder getTagsFn releaseFinder getReleaseFn - wolfiTagFinder getTagFn } // pass to getTagFinder to override the repository tag finder @@ -90,20 +86,12 @@ func withGithubReleaseTagFinder(fn getReleaseFn) func(c *configuration) { } } -// pass to getTagFinder to override the wolfi tag finder -func withWolfiGetTag(fn getTagFn) func(c *configuration) { - return func(c *configuration) { - c.wolfiTagFinder = fn - } -} - // returns a tag finder function that returns information about an image and it's latest tag. func getTagFinder(opts ...func(c *configuration)) tagFinderFn { // set defaults config := configuration{ repositoryTagsFinder: getRegistryTags, releaseFinder: getReleases, - wolfiTagFinder: getLatestTagFromWolfi, } // apply options for _, opt := range opts { @@ -136,19 +124,19 @@ func getTagFinder(opts ...func(c *configuration)) tagFinderFn { switch imageName { case minioReference: - latestReleaseTag, err = config.wolfiTagFinder("minio") + latestReleaseTag, err = getLatestTagFromRegistry("kotsadm/minio", config.repositoryTagsFinder, matcherFn) if err != nil { - return nil, fmt.Errorf("failed to get latest minio tag from wolfi %w", err) + return nil, fmt.Errorf("failed to get release tag for %s %w", imageName, err) } case dexReference: - latestReleaseTag, err = config.wolfiTagFinder("dex") + latestReleaseTag, err = getLatestTagFromRegistry("kotsadm/dex", config.repositoryTagsFinder, matcherFn) if err != nil { - return nil, fmt.Errorf("failed to get latest dex tag from wolfi %w", err) + return nil, fmt.Errorf("failed to get release tag for %s %w", imageName, err) } case rqliteReference: - latestReleaseTag, err = config.wolfiTagFinder("rqlite") + latestReleaseTag, err = getLatestTagFromRegistry("kotsadm/rqlite", config.repositoryTagsFinder, matcherFn) if err != nil { - return nil, fmt.Errorf("failed to get latest rqlite tag from wolfi %w", err) + return nil, fmt.Errorf("failed to get release tag for %s %w", imageName, err) } case schemaheroReference: latestReleaseTag, err = getLatestTagFromRegistry("schemahero/schemahero", config.repositoryTagsFinder, matcherFn) @@ -291,31 +279,3 @@ func getRegistryTags(untaggedRef string) ([]string, error) { } return tags, nil } - -func getLatestTagFromWolfi(pkg string) (string, error) { - resp, err := http.Get(fmt.Sprintf("https://raw.githubusercontent.com/wolfi-dev/os/main/%s.yaml", pkg)) - if err != nil { - return "", fmt.Errorf("failed to get %s.yaml from wolfi-dev/os: %w", pkg, err) - } - defer resp.Body.Close() - - if resp.StatusCode != http.StatusOK { - return "", fmt.Errorf("unexpected status code %d", resp.StatusCode) - } - - body, err := io.ReadAll(resp.Body) - if err != nil { - return "", fmt.Errorf("failed to read body %w", err) - } - - var yamlData struct { - Package struct { - Version string `yaml:"version"` - } `yaml:"package"` - } - if err := yaml.Unmarshal(body, &yamlData); err != nil { - return "", fmt.Errorf("failed to unmarshal yaml %w", err) - } - - return yamlData.Package.Version, nil -} diff --git a/cmd/imagedeps/testdata/dex/.image.env b/cmd/imagedeps/testdata/dex/.image.env index 3077a28796..e017ba16d3 100644 --- a/cmd/imagedeps/testdata/dex/.image.env +++ b/cmd/imagedeps/testdata/dex/.image.env @@ -1,4 +1,4 @@ # Generated file, do not modify. This file is generated from a text file containing a list of images. The # most recent tag is interpolated from the source repository and used to generate a fully qualified image # name. -DEX_TAG='2.37.0' \ No newline at end of file +DEX_TAG='2.37.0-0' \ No newline at end of file diff --git a/cmd/imagedeps/testdata/dex/constants.go b/cmd/imagedeps/testdata/dex/constants.go index 0a50c62152..66da32d43e 100644 --- a/cmd/imagedeps/testdata/dex/constants.go +++ b/cmd/imagedeps/testdata/dex/constants.go @@ -5,5 +5,5 @@ package image // image name. const ( - Dex = "kotsadm/dex:2.37.0" + Dex = "kotsadm/dex:2.37.0-0" ) diff --git a/cmd/imagedeps/testdata/dex/input-spec b/cmd/imagedeps/testdata/dex/input-spec index a48afc0a87..572ef7e9ba 100644 --- a/cmd/imagedeps/testdata/dex/input-spec +++ b/cmd/imagedeps/testdata/dex/input-spec @@ -1 +1 @@ -dex kotsadm/dex \ No newline at end of file +dex kotsadm/dex ^([0-9]|[1-9][0-9]*)\.([0-9]|[1-9][0-9]*)\.([0-9]|[1-9][0-9]*)-([0-9]|[1-9][0-9]*)$ \ No newline at end of file diff --git a/cmd/imagedeps/testdata/dex/replacers/expected/test.apko.yaml b/cmd/imagedeps/testdata/dex/replacers/expected/test.apko.yaml new file mode 100644 index 0000000000..5ff9a0f64e --- /dev/null +++ b/cmd/imagedeps/testdata/dex/replacers/expected/test.apko.yaml @@ -0,0 +1,26 @@ +contents: + repositories: + - https://packages.wolfi.dev/os + keyring: + - https://packages.wolfi.dev/os/wolfi-signing.rsa.pub + packages: + - dex~2.37.0-0 + - gomplate + - bash + - busybox + - wolfi-baselayout + +accounts: + groups: + - groupname: dex + gid: 1001 + users: + - username: dex + uid: 1001 + gid: 1001 + run-as: dex + +entrypoint: + command: docker-entrypoint + +cmd: dex serve /etc/dex/config.docker.yaml diff --git a/cmd/imagedeps/testdata/dex/replacers/input/test.apko.yaml b/cmd/imagedeps/testdata/dex/replacers/input/test.apko.yaml new file mode 100644 index 0000000000..484f0b1abb --- /dev/null +++ b/cmd/imagedeps/testdata/dex/replacers/input/test.apko.yaml @@ -0,0 +1,26 @@ +contents: + repositories: + - https://packages.wolfi.dev/os + keyring: + - https://packages.wolfi.dev/os/wolfi-signing.rsa.pub + packages: + - dex~2.36.0 + - gomplate + - bash + - busybox + - wolfi-baselayout + +accounts: + groups: + - groupname: dex + gid: 1001 + users: + - username: dex + uid: 1001 + gid: 1001 + run-as: dex + +entrypoint: + command: docker-entrypoint + +cmd: dex serve /etc/dex/config.docker.yaml diff --git a/cmd/imagedeps/testdata/minio/.image.env b/cmd/imagedeps/testdata/minio/.image.env index d97660f84f..42885dee48 100644 --- a/cmd/imagedeps/testdata/minio/.image.env +++ b/cmd/imagedeps/testdata/minio/.image.env @@ -1,4 +1,4 @@ # Generated file, do not modify. This file is generated from a text file containing a list of images. The # most recent tag is interpolated from the source repository and used to generate a fully qualified image # name. -MINIO_TAG='0.20231101.183725' \ No newline at end of file +MINIO_TAG='0.20231101.183725-2' \ No newline at end of file diff --git a/cmd/imagedeps/testdata/minio/constants.go b/cmd/imagedeps/testdata/minio/constants.go index d68ed5eead..0253a92aad 100644 --- a/cmd/imagedeps/testdata/minio/constants.go +++ b/cmd/imagedeps/testdata/minio/constants.go @@ -5,5 +5,5 @@ package image // image name. const ( - Minio = "kotsadm/minio:0.20231101.183725" + Minio = "kotsadm/minio:0.20231101.183725-2" ) diff --git a/cmd/imagedeps/testdata/minio/input-spec b/cmd/imagedeps/testdata/minio/input-spec index 128028b8c1..78a8c6ed90 100644 --- a/cmd/imagedeps/testdata/minio/input-spec +++ b/cmd/imagedeps/testdata/minio/input-spec @@ -1 +1 @@ -minio kotsadm/minio \ No newline at end of file +minio kotsadm/minio ^([0-9]|[1-9][0-9]*)\.([0-9]|[1-9][0-9]*)\.([0-9]|[1-9][0-9]*)-([0-9]|[1-9][0-9]*)$ \ No newline at end of file diff --git a/cmd/imagedeps/testdata/minio/replacers/expected/test.apko.yaml b/cmd/imagedeps/testdata/minio/replacers/expected/test.apko.yaml new file mode 100644 index 0000000000..a07f428801 --- /dev/null +++ b/cmd/imagedeps/testdata/minio/replacers/expected/test.apko.yaml @@ -0,0 +1,24 @@ +contents: + repositories: + - https://packages.wolfi.dev/os + keyring: + - https://packages.wolfi.dev/os/wolfi-signing.rsa.pub + packages: + - minio~0.20231101.183725-2 + - mc + - bash + - busybox + - wolfi-baselayout + +accounts: + groups: + - groupname: minio + gid: 1001 + users: + - username: minio + uid: 1001 + gid: 1001 + run-as: minio + +entrypoint: + command: minio diff --git a/cmd/imagedeps/testdata/minio/replacers/input/test.apko.yaml b/cmd/imagedeps/testdata/minio/replacers/input/test.apko.yaml new file mode 100644 index 0000000000..5280ecd15c --- /dev/null +++ b/cmd/imagedeps/testdata/minio/replacers/input/test.apko.yaml @@ -0,0 +1,24 @@ +contents: + repositories: + - https://packages.wolfi.dev/os + keyring: + - https://packages.wolfi.dev/os/wolfi-signing.rsa.pub + packages: + - minio~0.20231101.183725-1 + - mc + - bash + - busybox + - wolfi-baselayout + +accounts: + groups: + - groupname: minio + gid: 1001 + users: + - username: minio + uid: 1001 + gid: 1001 + run-as: minio + +entrypoint: + command: minio diff --git a/cmd/imagedeps/testdata/rqlite/.image.env b/cmd/imagedeps/testdata/rqlite/.image.env index d6f44088a3..33ee59c27c 100644 --- a/cmd/imagedeps/testdata/rqlite/.image.env +++ b/cmd/imagedeps/testdata/rqlite/.image.env @@ -1,4 +1,4 @@ # Generated file, do not modify. This file is generated from a text file containing a list of images. The # most recent tag is interpolated from the source repository and used to generate a fully qualified image # name. -RQLITE_TAG='7.21.4' \ No newline at end of file +RQLITE_TAG='7.21.4-1' \ No newline at end of file diff --git a/cmd/imagedeps/testdata/rqlite/constants.go b/cmd/imagedeps/testdata/rqlite/constants.go index 455a24f3a8..390384a462 100644 --- a/cmd/imagedeps/testdata/rqlite/constants.go +++ b/cmd/imagedeps/testdata/rqlite/constants.go @@ -5,5 +5,5 @@ package image // image name. const ( - Rqlite = "kotsadm/rqlite:7.21.4" + Rqlite = "kotsadm/rqlite:7.21.4-1" ) diff --git a/cmd/imagedeps/testdata/rqlite/input-spec b/cmd/imagedeps/testdata/rqlite/input-spec index fb3664fced..e265eb88eb 100644 --- a/cmd/imagedeps/testdata/rqlite/input-spec +++ b/cmd/imagedeps/testdata/rqlite/input-spec @@ -1 +1 @@ -rqlite kotsadm/rqlite ^([0-9]|[1-9][0-9]*)\.([0-9]|[1-9][0-9]*)\.([0-9]|[1-9][0-9]*)$ +rqlite kotsadm/rqlite ^([0-9]|[1-9][0-9]*)\.([0-9]|[1-9][0-9]*)\.([0-9]|[1-9][0-9]*)-([0-9]|[1-9][0-9]*)$ diff --git a/cmd/imagedeps/testdata/rqlite/replacers/expected/test.apko.yaml b/cmd/imagedeps/testdata/rqlite/replacers/expected/test.apko.yaml new file mode 100644 index 0000000000..f552669dd0 --- /dev/null +++ b/cmd/imagedeps/testdata/rqlite/replacers/expected/test.apko.yaml @@ -0,0 +1,26 @@ +contents: + repositories: + - https://packages.wolfi.dev/os + keyring: + - https://packages.wolfi.dev/os/wolfi-signing.rsa.pub + packages: + - rqlite~7.21.4-1 + - rqlite-oci-entrypoint + - bash + - busybox + - wolfi-baselayout + +accounts: + groups: + - groupname: rqlite + gid: 1001 + users: + - username: rqlite + uid: 1001 + gid: 1001 + run-as: rqlite + +entrypoint: + command: docker-entrypoint.sh + +cmd: rqlite diff --git a/cmd/imagedeps/testdata/rqlite/replacers/input/test.apko.yaml b/cmd/imagedeps/testdata/rqlite/replacers/input/test.apko.yaml new file mode 100644 index 0000000000..d1f34f3069 --- /dev/null +++ b/cmd/imagedeps/testdata/rqlite/replacers/input/test.apko.yaml @@ -0,0 +1,26 @@ +contents: + repositories: + - https://packages.wolfi.dev/os + keyring: + - https://packages.wolfi.dev/os/wolfi-signing.rsa.pub + packages: + - rqlite~7.21.4-0 + - rqlite-oci-entrypoint + - bash + - busybox + - wolfi-baselayout + +accounts: + groups: + - groupname: rqlite + gid: 1001 + users: + - username: rqlite + uid: 1001 + gid: 1001 + run-as: rqlite + +entrypoint: + command: docker-entrypoint.sh + +cmd: rqlite diff --git a/cmd/imagedeps/testdata/schemahero/replacers/input/test.Dockerfile b/cmd/imagedeps/testdata/schemahero/replacers/input/test.Dockerfile index 9d6d0c6bee..b37975cc67 100644 --- a/cmd/imagedeps/testdata/schemahero/replacers/input/test.Dockerfile +++ b/cmd/imagedeps/testdata/schemahero/replacers/input/test.Dockerfile @@ -1,4 +1,4 @@ -ARG SCHEMAHERO_TAG=0.13.2 +ARG SCHEMAHERO_TAG=0.13.1 FROM schemahero/schemahero:$SCHEMAHERO_TAG ENV ENV_VAR_1=fake diff --git a/cmd/imagedeps/testdata/schemahero/replacers/input/test.mk b/cmd/imagedeps/testdata/schemahero/replacers/input/test.mk index bee96aacc7..1110517176 100644 --- a/cmd/imagedeps/testdata/schemahero/replacers/input/test.mk +++ b/cmd/imagedeps/testdata/schemahero/replacers/input/test.mk @@ -1,5 +1,5 @@ CURRENT_USER := $(shell id -u -n) -SCHEMAHERO_TAG ?= 0.13.2 +SCHEMAHERO_TAG ?= 0.13.1 .PHONY: test test: diff --git a/kustomize/overlays/kotsstore/minio/statefulset.yaml b/kustomize/overlays/kotsstore/minio/statefulset.yaml index 9f2d4afaea..a988e4f1d5 100644 --- a/kustomize/overlays/kotsstore/minio/statefulset.yaml +++ b/kustomize/overlays/kotsstore/minio/statefulset.yaml @@ -43,8 +43,8 @@ spec: name: minio - name: MINIO_BROWSER value: "on" - image: kotsadm/minio:alpha - imagePullPolicy: Always + image: kotsadm/minio:0.20231101.183725 + imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 httpGet: diff --git a/migrations/kustomize/overlays/dev/rqlite.yaml b/migrations/kustomize/overlays/dev/rqlite.yaml index 4bf62ace05..c5a64d8404 100644 --- a/migrations/kustomize/overlays/dev/rqlite.yaml +++ b/migrations/kustomize/overlays/dev/rqlite.yaml @@ -59,8 +59,8 @@ spec: spec: containers: - name: rqlite - image: kotsadm/rqlite:alpha - imagePullPolicy: Always + image: kotsadm/rqlite:7.21.4 + imagePullPolicy: IfNotPresent args: - -disco-mode=dns - -disco-config={"name":"kotsadm-rqlite-headless"} diff --git a/migrations/kustomize/overlays/okteto/rqlite.yaml b/migrations/kustomize/overlays/okteto/rqlite.yaml index 4bf62ace05..c5a64d8404 100644 --- a/migrations/kustomize/overlays/okteto/rqlite.yaml +++ b/migrations/kustomize/overlays/okteto/rqlite.yaml @@ -59,8 +59,8 @@ spec: spec: containers: - name: rqlite - image: kotsadm/rqlite:alpha - imagePullPolicy: Always + image: kotsadm/rqlite:7.21.4 + imagePullPolicy: IfNotPresent args: - -disco-mode=dns - -disco-config={"name":"kotsadm-rqlite-headless"}