Automate Docker updates in CI

ci/images/get-docker-url.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+set -e
+
+version="19.03.7"
+echo "https://download.docker.com/linux/static/stable/x86_64/docker-$version.tgz";

ci/images/setup.sh

@@ -27,9 +27,10 @@ test -f /opt/openjdk/bin/javac
 ###########################################################
 # DOCKER
 ###########################################################
+DOCKER_URL=$( ./get-docker-url.sh )
 
 cd /
-curl -L https://download.docker.com/linux/static/stable/x86_64/docker-19.03.7.tgz | tar zx
+curl -L ${DOCKER_URL} | tar zx
 mv /docker/* /bin/
 chmod +x /bin/docker*
 

ci/parameters.yml

@@ -1,3 +1,4 @@
+docker-upgrade-issue-title: "Upgrade Docker version in CI"
 email-server: "smtp.svc.pivotal.io"
 email-from: "ci@spring.io"
 email-to: ["spring-boot-dev@pivotal.io"]

ci/pipeline.yml

@@ -27,6 +27,14 @@ resources:
     username: ((github-username))
     password: ((github-password))
     branch: ((branch))
+- name: git-repo-ci-docker
+  type: git
+  icon: github-circle
+  source:
+    uri: ((github-repo))
+    username: ((github-username))
+    password: ((github-password))
+    branch: ci-docker-((branch))
 - name: git-repo-windows
   type: git
   source:
@@ -209,6 +217,37 @@ jobs:
         GITHUB_PASSWORD: ((github-password))
         GITHUB_USERNAME: ((github-username))
       image: spring-boot-ci-image
+- name: detect-docker-updates
+  plan:
+  - get: git-repo
+    resource: git-repo-ci-docker
+  - get: every-wednesday
+    trigger: true
+  - get: spring-boot-ci-image
+  - do:
+    - task: detect-docker-updates
+      file: git-repo/ci/tasks/detect-docker-updates.yml
+      params:
+        GITHUB_REPO: spring-boot
+        GITHUB_ORGANIZATION: spring-projects
+        GITHUB_PASSWORD: ((github-password))
+        GITHUB_USERNAME: ((github-username))
+        ISSUE_TITLE: ((docker-upgrade-issue-title))
+      image: spring-boot-ci-image
+    - put: git-repo-ci-docker
+      params:
+        repository: docker-updates-git-repo
+        force: true
+    - task: create-pull-request
+      file: git-repo/ci/tasks/create-pull-request.yml
+      params:
+        BASE_BRANCH: ((branch))
+        BRANCH: ci-docker-((branch))
+        GITHUB_REPO: spring-boot
+        GITHUB_ORGANIZATION: spring-projects
+        GITHUB_PASSWORD: ((github-password))
+        GITHUB_USERNAME: ((github-username))
+        ISSUE_TITLE: ((docker-upgrade-issue-title))
 - name: build
   serial: true
   public: true
@@ -595,6 +634,6 @@ groups:
 - name: "Release"
   jobs: ["stage-milestone", "stage-rc", "stage-release", "promote-milestone", "promote-rc", "promote-release", "sync-to-maven-central"]
 - name: "CI Images"
-  jobs: ["build-spring-boot-ci-images", "detect-jdk-updates", "detect-ubuntu-image-updates"]
+  jobs: ["build-spring-boot-ci-images", "detect-docker-updates", "detect-jdk-updates", "detect-ubuntu-image-updates"]
 - name: "Build Pull Requests"
   jobs: ["build-pull-requests"]

ci/scripts/create-pull-request.sh

@@ -0,0 +1,11 @@
+#!/bin/bash
+set -e
+
+curl \
+  -s \
+	-u ${GITHUB_USERNAME}:${GITHUB_PASSWORD} \
+	-H "Content-type:application/json" \
+	-d "{\"head\":\"${BRANCH}\",\"base\":\"${BASE_BRANCH}\",\"title\":\"${ISSUE_TITLE}\",\"body\":\"\",\"labels\":[\"status: waiting-for-triage\",\"type: task\"]}"  \
+	-f \
+	-X \
+	POST "https://api.github.com/repos/${GITHUB_ORGANIZATION}/${GITHUB_REPO}/pulls" > /dev/null || { echo "Failed to create pull request" >&2; exit 1; }

ci/scripts/detect-docker-updates.sh

@@ -0,0 +1,37 @@
+#!/bin/bash
+
+latest_version=$(curl -I -s https://github.com/docker/docker-ce/releases/latest | grep "location:" | awk '{n=split($0, parts, "/"); print substr(parts[n],2);}' | awk '{$1=$1;print}' | tr -d '\r' | tr -d '\n' )
+
+if [[ $latest_version =~ (beta|rc) ]]; then
+	echo "Skip pre-release versions"
+	exit 0;
+fi
+
+latest="https://download.docker.com/linux/static/stable/x86_64/docker-$latest_version.tgz"
+current=$( git-repo/ci/images/get-docker-url.sh )
+
+if [[ $current = $latest ]]; then
+	echo "Already up-to-date"
+	exit 0;
+fi
+
+existing_tasks=$( curl -s https://api.github.com/repos/${GITHUB_ORGANIZATION}/${GITHUB_REPO}/pulls\?labels\=type:%20task\&state\=open\&creator\=spring-buildmaster )
+existing_upgrade_issues=$( echo "$existing_tasks" | jq -c --arg TITLE "$ISSUE_TITLE" '.[] | select(.title==$TITLE)' )
+
+if [[ ${existing_upgrade_issues} = "" ]]; then
+	pushd git-repo > /dev/null
+	popd > /dev/null
+	git clone git-repo docker-updates-git-repo > /dev/null
+	pushd docker-updates-git-repo > /dev/null
+	# Create changes in dedicated branch
+	branch="ci-docker-$latest_version"
+	git config user.name "Spring Buildmaster" > /dev/null
+	git config user.email "buildmaster@springframework.org" > /dev/null
+	git checkout -b "$branch" origin/master > /dev/null
+	sed -i "s/version=.*/version=\"$latest_version\"/" ci/images/get-docker-url.sh
+	git add ci/images/get-docker-url.sh > /dev/null
+	commit_message="Upgrade to Docker $latest_version in CI"
+	git commit -m "$commit_message" > /dev/null
+else
+	echo "Pull request already exists."
+fi

ci/tasks/create-pull-request.yml

@@ -0,0 +1,14 @@
+---
+platform: linux
+inputs:
+  - name: git-repo
+params:
+  BASE_BRANCH:
+  BRANCH:
+  GITHUB_REPO:
+  GITHUB_ORGANIZATION:
+  GITHUB_PASSWORD:
+  GITHUB_USERNAME:
+  ISSUE_TITLE:
+run:
+  path: git-repo/ci/scripts/create-pull-request.sh

ci/tasks/detect-docker-updates.yml

@@ -0,0 +1,14 @@
+---
+platform: linux
+inputs:
+  - name: git-repo
+outputs:
+  - name: docker-updates-git-repo
+params:
+  GITHUB_REPO:
+  GITHUB_ORGANIZATION:
+  GITHUB_PASSWORD:
+  GITHUB_USERNAME:
+  ISSUE_TITLE:
+run:
+  path: git-repo/ci/scripts/detect-docker-updates.sh