Check Supported Alpine Version #185
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Check Supported Alpine Version | |
on: | |
schedule: | |
- cron: "0 17 * * *" | |
workflow_dispatch: | |
jobs: | |
create-prs: | |
permissions: | |
contents: write | |
pull-requests: write | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: v8 | |
- name: Get current Alpine version | |
id: alpine-current | |
run: | | |
version=$(sed -n 's/^FROM alpine:\(.*\)/\1/p' Dockerfile.goreleaser) | |
echo "version=$version" >> $GITHUB_OUTPUT | |
- name: Get latest Alpine tag semantic version, not 'latest' | |
id: alpine-latest | |
run: | | |
version=$(curl -s https://hub.docker.com/v2/repositories/library/alpine/tags/?page_size=100 | jq -r '.results[].name' | grep -E '^[0-9]+\.[0-9]+\.[0-9]+$' | sort -V | tail -n 1) | |
echo "version=$version" >> $GITHUB_OUTPUT | |
- name: Update from ${{ steps.alpine-current.outputs.version }} to alpine:${{ steps.alpine-latest.outputs.version }} | |
id: update-alpine | |
if: steps.alpine-current.outputs.version != steps.alpine-latest.outputs.version | |
run: ./scripts/update-alpine-version.sh ${{ steps.alpine-latest.outputs.version }} | |
- name: Create pull request | |
if: steps.update-alpine.outcome == 'success' | |
uses: peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
add-paths: | | |
Dockerfile | |
Dockerfile.goreleaser | |
branch: "launchdarklyreleasebot/update-to-alpine${{ steps.alpine-latest.outputs.version }}-${{ matrix.branch }}" | |
author: "LaunchDarklyReleaseBot <[email protected]>" | |
committer: "LaunchDarklyReleaseBot <[email protected]>" | |
labels: ${{ matrix.branch }} | |
title: "fix(deps): update Dockerfiles from ${{ steps.alpine-current.outputs.version }} to alpine:${{ steps.alpine-latest.outputs.version }}" | |
commit-message: "Bumps from ${{ steps.alpine-current.outputs.version }} -> alpine:${{ steps.alpine-latest.outputs.version }}" | |
body: | | |
It's time to update Relay's Docker image Alpine versions. Alpine updates should generally be consumed | |
as soon as possible since they contain patches for CVEs. | |
| | Current repo configuration | Desired repo configuration | | |
|-------------|------------------------------------|---------------------------------------------------------------------------------------------------------------------| | |
| Alpine Version | ${{ steps.alpine-current.outputs.version }} | [alpine:${{ steps.alpine-latest.outputs.version }}](https://hub.docker.com/_/alpine/tags) | | |
This PR's change was generated by running: | |
```bash | |
./scripts/update-alpine-version.sh ${{ steps.alpine-latest.outputs.version }} | |
``` | |
- [ ] I have triggered CI on this PR (either close & reopen this PR in Github UI, or `git commit -m "run ci" --allow-empty && git push`) |