launchdarkly · cwaldren-ld · Jun 5, 2024 · Jun 5, 2024 · Jun 5, 2024 · Jun 5, 2024
@@ -0,0 +1,68 @@
+name: Check Supported Alpine Version
+on:
+  schedule:
+    - cron: "0 17 * * *"
+  workflow_dispatch:
+  push:
+
+jobs:
+  create-prs:
+    permissions:
+      contents: write
+      pull-requests: write
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        branch: ["v7", "v8"]
+      fail-fast: false
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ github.ref }}
+
+      - name: Get current Alpine version
+        id: alpine-current
+        run: |
+          version=$(sed -n 's/^FROM \(.*\)/\1/p' Dockerfile.goreleaser)
+          echo "version=$version" >> $GITHUB_OUTPUT
+      - name: Get latest Alpine tag semantic version, not 'latest'
+        id: alpine-latest
+        run: |
+          version=$(curl -s https://hub.docker.com/v2/repositories/library/alpine/tags/?page_size=100 | jq -r '.results[].name' | grep -E '^[0-9]+\.[0-9]+\.[0-9]+$' | sort -V | tail -n 1)
+          echo "version=$version" >> $GITHUB_OUTPUT
+
+      - name: Update from ${{ steps.alpine-current.outputs.version }} to alpine:${{ steps.alpine-latest.outputs.version }}
+        id: update-alpine
+        if: steps.alpine-current.outputs.version != steps.alpine-latest.outputs.version
+        run: ./scripts/update-alpine-version.sh ${{ steps.alpine-latest.outputs.version }}
+
+      - name: Create pull request
+        if: steps.update-alpine.outcome == 'success'
+        uses: peter-evans/create-pull-request@v6
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          add-paths: |
+            Dockerfile
+            Dockerfile.goreleaser
+          branch: "launchdarklyreleasebot/update-to-alpine${{ steps.alpine-latest.outputs.version }}-${{ matrix.branch }}"
+          author: "LaunchDarklyReleaseBot <[email protected]>"
+          committer: "LaunchDarklyReleaseBot <[email protected]>"
+          labels: ${{ matrix.branch }}
+          title: "fix(deps): update Dockerfiles from ${{ steps.alpine-current.outputs.version }} to alpine:${{ steps.alpine-latest.outputs.version }}"
+          commit-message: "Bumps from ${{ steps.alpine-current.outputs.version }} -> alpine:${{ steps.alpine-latest.outputs.version }}"
+          body: |
+            It's time to update Relay's Docker image Alpine versions. Alpine updates should generally be consumed
+            as soon as possible since they contain patches for CVEs. 
+
+
+            |             | Current repo configuration         | Desired repo configuration                                                                                          |
+            |-------------|------------------------------------|---------------------------------------------------------------------------------------------------------------------|
+            | Alpine Version      | ${{ steps.alpine-current.outputs.version }}      | [alpine:${{ steps.alpine-latest.outputs.version }}](https://hub.docker.com/_/alpine/tags)           |
+
+
+            This PR's change was generated by running:
+            ```bash
+            ./scripts/update-alpine-version.sh ${{ steps.alpine-latest.outputs.version  }}
+            ```
+
+            - [ ] I have triggered CI on this PR (either close & reopen this PR in Github UI, or `git commit -m "run ci" --allow-empty && git push`)