Update notebook image build references (downstream) #28
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| # The aim of this GitHub workflow is to update the params.env file with the latest digest. | |
| name: Update notebook image build commit hashes | |
| on: # yamllint disable-line rule:truthy | |
| workflow_dispatch: | |
| inputs: | |
| branch: | |
| required: true | |
| description: "Provide branch name: " | |
| # Put the scheduler on comment until automate the full release procedure | |
| # schedule: | |
| # - cron: "0 0 * * 5" #Scheduled every Friday | |
| env: | |
| DIGEST_UPDATER_BRANCH: digest-updater-${{ github.run_id }} | |
| BRANCH_NAME: ${{ github.event.inputs.branch || 'main' }} | |
| RELEASE_VERSION_N: 2024a | |
| RELEASE_VERSION_N_1: 2023b | |
| jobs: | |
| initialize: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Install Skopeo CLI | |
| shell: bash | |
| run: | | |
| sudo apt-get -y update | |
| sudo apt-get -y install skopeo | |
| # Checkout the branch | |
| - name: Checkout branch | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ env.BRANCH_NAME }} | |
| # Create a new branch | |
| - name: Create a new branch | |
| run: | | |
| echo ${{ env.DIGEST_UPDATER_BRANCH }} | |
| git checkout -b ${{ env.DIGEST_UPDATER_BRANCH }} | |
| git push --set-upstream origin ${{ env.DIGEST_UPDATER_BRANCH }} | |
| update-n-version: | |
| needs: [initialize] | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Configure Git | |
| run: | | |
| git config --global user.email "github-actions[bot]@users.noreply.github.com" | |
| git config --global user.name "GitHub Actions" | |
| # Get latest build commit from the https://github.com/red-hat-data-services/notebooks/${release_branch} using this as identifier for the latest tag name | |
| - name: Retrive latest commit hash from the release branch | |
| id: hash-n | |
| shell: bash | |
| run: | | |
| PAYLOAD=$(curl --silent -H 'Accept: application/vnd.github.v4.raw' https://api.github.com/repos/red-hat-data-services/notebooks/commits?sha=release-$RELEASE_VERSION_N&per_page=1) | |
| echo "HASH_N=$(echo $PAYLOAD | jq -r '.[0].sha[0:7]')" >> ${GITHUB_OUTPUT} | |
| # Checkout the release branch to apply the updates | |
| - name: Checkout release branch | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ env.DIGEST_UPDATER_BRANCH }} | |
| - name: Fetch digest, and update the params.env file | |
| shell: bash | |
| run: | | |
| echo Latest commit is: ${{ steps.hash-n.outputs.HASH_N }} on ${{ env.RELEASE_VERSION_N}} | |
| IMAGES=("odh-minimal-notebook-image-n" "odh-minimal-gpu-notebook-image-n" "odh-pytorch-gpu-notebook-image-n" "odh-generic-data-science-notebook-image-n" "odh-tensorflow-gpu-notebook-image-n" "odh-trustyai-notebook-image-n" "odh-codeserver-notebook-n") | |
| REGEXES=("v2-${{ env.RELEASE_VERSION_N }}-\d{8}+-${{ steps.hash-n.outputs.HASH_N }}" "cuda-[a-z]+-minimal-[a-z0-9]+-[a-z]+-3.9-${{ env.RELEASE_VERSION_N }}-\d{8}-${{ steps.hash-n.outputs.HASH_N }}" "v2-${{ env.RELEASE_VERSION_N }}-\d{8}+-${{ steps.hash-n.outputs.HASH_N }}" \ | |
| "v2-${{ env.RELEASE_VERSION_N }}-\d{8}+-${{ steps.hash-n.outputs.HASH_N }}" "cuda-[a-z]+-tensorflow-[a-z0-9]+-[a-z]+-3.9-${{ env.RELEASE_VERSION_N }}-\d{8}-${{ steps.hash-n.outputs.HASH_N }}" "v2-${{ env.RELEASE_VERSION_N }}-\d{8}+-${{ steps.hash-n.outputs.HASH_N }}" \ | |
| "codeserver-[a-z0-9]+-[a-z]+-3.9-${{ env.RELEASE_VERSION_N }}-\d{8}-${{ steps.hash-n.outputs.HASH_N }}") | |
| for ((i=0;i<${#IMAGES[@]};++i)); do | |
| image=${IMAGES[$i]} | |
| echo "CHECKING: " $image | |
| regex=${REGEXES[$i]} | |
| img=$(cat manifests/base/params.env | grep -E "${image}=" | cut -d '=' -f2) | |
| registry=$(echo $img | cut -d '@' -f1) | |
| latest_tag=$(skopeo inspect docker://$img | jq -r --arg regex "$regex" '.RepoTags | map(select(. | test($regex))) | .[0]') | |
| digest=$(skopeo inspect docker://$registry:$latest_tag | jq .Digest | tr -d '"') | |
| output=$registry@$digest | |
| echo "NEW: " $output | |
| sed -i "s|${image}=.*|${image}=$output|" manifests/base/params.env | |
| done | |
| if [[ $(git status --porcelain | wc -l) -gt 0 ]]; then | |
| git fetch origin ${{ env.DIGEST_UPDATER_BRANCH }} && git pull origin ${{ env.DIGEST_UPDATER_BRANCH }} && git add manifests/base/params.env && git commit -m "Update images for release N via ${{ env.DIGEST_UPDATER_BRANCH }} GitHub action" && git push origin ${{ env.DIGEST_UPDATER_BRANCH }} | |
| else | |
| echo "There were no changes detected in the images for the ${{ env.RELEASE_VERSION_N}}" | |
| fi | |
| - name: Fetch digest, and update the commit.env file | |
| run: | | |
| echo Latest commit is: ${{ steps.hash-n.outputs.HASH_N }} on ${{ env.RELEASE_VERSION_N}} | |
| COMMIT=("odh-minimal-notebook-image-commit-n" | |
| "odh-minimal-gpu-notebook-image-commit-n" | |
| "odh-pytorch-gpu-notebook-image-commit-n" | |
| "odh-generic-data-science-notebook-image-commit-n" | |
| "odh-tensorflow-gpu-notebook-image-commit-n" | |
| "odh-trustyai-notebook-image-commit-n" | |
| "odh-codeserver-notebook-n") | |
| for val in "${COMMIT[@]}"; do | |
| echo $val | |
| sed -i "s|${val}=.*|${val}=${{ steps.hash-n.outputs.HASH_N }}|" manifests/base/commit.env | |
| done | |
| if [[ $(git status --porcelain | wc -l) -gt 0 ]]; then | |
| git fetch origin ${{ env.DIGEST_UPDATER_BRANCH }} && git pull origin ${{ env.DIGEST_UPDATER_BRANCH }} && git add manifests/base/commit.env && git commit -m "Update image commits for release N via ${{ env.DIGEST_UPDATER_BRANCH }} GitHub action" && git push origin ${{ env.DIGEST_UPDATER_BRANCH }} | |
| else | |
| echo "There were no changes detected in the images for the ${{ env.RELEASE_VERSION_N}}" | |
| fi | |
| update-n-1-version: | |
| needs: [initialize, update-n-version] | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Configure Git | |
| run: | | |
| git config --global user.email "github-actions[bot]@users.noreply.github.com" | |
| git config --global user.name "GitHub Actions" | |
| # Get latest build commit from the https://github.com/red-hat-data-services/notebooks/${release_branch} using this as identifier for the latest tag name | |
| - name: Retrive latest commit hash from the release branch | |
| id: hash-n-1 | |
| shell: bash | |
| run: | | |
| PAYLOAD=$(curl --silent -H 'Accept: application/vnd.github.v4.raw' https://api.github.com/repos/red-hat-data-services/notebooks/commits?sha=release-$RELEASE_VERSION_N_1&per_page=1) | |
| echo "HASH_N_1=$(echo $PAYLOAD | jq -r '.[0].sha[0:7]')" >> ${GITHUB_OUTPUT} | |
| # Checkout the release branch to apply the updates | |
| - name: Checkout release branch | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ env.DIGEST_UPDATER_BRANCH }} | |
| - name: Fetch digest, and update the params.env file | |
| shell: bash | |
| run: | | |
| echo Latest commit is: ${{ steps.hash-n-1.outputs.HASH_N_1 }} on ${{ env.RELEASE_VERSION_N_1}} | |
| IMAGES=("odh-minimal-notebook-image-n-1" "odh-minimal-gpu-notebook-image-n-1" "odh-pytorch-gpu-notebook-image-n-1" "odh-generic-data-science-notebook-image-n-1" "odh-tensorflow-gpu-notebook-image-n-1" "odh-trustyai-notebook-image-n-1" "odh-codeserver-notebook-n-1") | |
| REGEXES=("v2-${{ env.RELEASE_VERSION_N_1 }}-\d{8}+-${{ steps.hash-n-1.outputs.HASH_N_1 }}" "cuda-[a-z]+-minimal-[a-z0-9]+-[a-z]+-3.9-${{ env.RELEASE_VERSION_N_1 }}-\d{8}-${{ steps.hash-n-1.outputs.HASH_N_1 }}" "v2-${{ env.RELEASE_VERSION_N_1 }}-\d{8}+-${{ steps.hash-n-1.outputs.HASH_N_1 }}" \ | |
| "v2-${{ env.RELEASE_VERSION_N_1 }}-\d{8}+-${{ steps.hash-n-1.outputs.HASH_N_1 }}" "cuda-[a-z]+-tensorflow-[a-z0-9]+-[a-z]+-3.9-${{ env.RELEASE_VERSION_N_1 }}-\d{8}-${{ steps.hash-n-1.outputs.HASH_N_1 }}" "v2-${{ env.RELEASE_VERSION_N_1 }}-\d{8}+-${{ steps.hash-n-1.outputs.HASH_N_1 }}" \ | |
| "codeserver-[a-z0-9]+-[a-z]+-3.9-${{ env.RELEASE_VERSION_N_1 }}-\d{8}-${{ steps.hash-n-1.outputs.HASH_N_1 }}") | |
| for ((i=0;i<${#IMAGES[@]};++i)); do | |
| image=${IMAGES[$i]} | |
| echo "CHECKING: " $image | |
| regex=${REGEXES[$i]} | |
| img=$(cat manifests/base/params.env | grep -E "${image}=" | cut -d '=' -f2) | |
| registry=$(echo $img | cut -d '@' -f1) | |
| latest_tag=$(skopeo inspect docker://$img | jq -r --arg regex "$regex" '.RepoTags | map(select(. | test($regex))) | .[0]') | |
| digest=$(skopeo inspect docker://$registry:$latest_tag | jq .Digest | tr -d '"') | |
| output=$registry@$digest | |
| echo "NEW: " $output | |
| sed -i "s|${image}=.*|${image}=$output|" manifests/base/params.env | |
| done | |
| if [[ $(git status --porcelain | wc -l) -gt 0 ]]; then | |
| git fetch origin ${{ env.DIGEST_UPDATER_BRANCH }} && git pull origin ${{ env.DIGEST_UPDATER_BRANCH }} && git add manifests/base/params.env && git commit -m "Update images for release N-1 via ${{ env.DIGEST_UPDATER_BRANCH }} GitHub action" && git push origin ${{ env.DIGEST_UPDATER_BRANCH }} | |
| else | |
| echo "There were no changes detected in the images for the ${{ env.RELEASE_VERSION_N}}" | |
| fi | |
| - name: Fetch digest, and update the commit.env file | |
| run: | | |
| echo Latest commit is: ${{ steps.hash-n-1.outputs.HASH_N_1 }} on ${{ env.RELEASE_VERSION_N_1}} | |
| COMMIT=("odh-minimal-notebook-image-commit-n-1" | |
| "odh-minimal-gpu-notebook-image-commit-n-1" | |
| "odh-pytorch-gpu-notebook-image-commit-n-1" | |
| "odh-generic-data-science-notebook-image-commit-n-1" | |
| "odh-tensorflow-gpu-notebook-image-commit-n-1" | |
| "odh-trustyai-notebook-image-commit-n-1" | |
| "odh-codeserver-notebook-n-1") | |
| for val in "${COMMIT[@]}"; do | |
| echo $val | |
| sed -i "s|${val}=.*|${val}=${{ steps.hash-n-1.outputs.HASH_N_1 }}|" manifests/base/commit.env | |
| done | |
| if [[ $(git status --porcelain | wc -l) -gt 0 ]]; then | |
| git fetch origin ${{ env.DIGEST_UPDATER_BRANCH }} && git pull origin ${{ env.DIGEST_UPDATER_BRANCH }} && git add manifests/base/commit.env && git commit -m "Update image commits for release N-1 via ${{ env.DIGEST_UPDATER_BRANCH }} GitHub action" && git push origin ${{ env.DIGEST_UPDATER_BRANCH }} | |
| else | |
| echo "There were no changes detected in the images for the ${{ env.RELEASE_VERSION_N}}" | |
| fi | |
| open-pull-request: | |
| needs: [update-n-version, update-n-1-version] | |
| runs-on: ubuntu-latest | |
| permissions: | |
| pull-requests: write | |
| steps: | |
| - name: Checkout repo | |
| uses: actions/checkout@v4 | |
| - name: pull-request | |
| uses: repo-sync/pull-request@v2 | |
| with: | |
| source_branch: ${{ env.DIGEST_UPDATER_BRANCH }} | |
| destination_branch: ${{ env.BRANCH_NAME}} | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| pr_label: "automated pr" | |
| pr_title: "[Digest Updater Action] Update Notebook Images" | |
| pr_body: | | |
| :rocket: This is an automated Pull Request. | |
| Created by `/.github/workflows/notebooks-digest-updater-upstream.yaml` | |
| This PR updates the following files: | |
| - `manifests/base/params.env` file with the latest updated SHA digests of the notebooks (N & N-1). | |
| - `manifests/base/commit.env` file with the latest commit (N & N-1). | |
| :exclamation: **IMPORTANT NOTE**: Remember to delete the ` ${{ env.DIGEST_UPDATER_BRANCH }}` branch after merging the changes |