From cf4561004d024ff5ad2b5733a38a6c65711b2bf9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jes=C3=BAs=20Miguel=20Benito=20Calzada?= Date: Thu, 20 Oct 2022 16:54:33 +0200 Subject: [PATCH] Fix the jobs sync from/to bitnami in the GHA's "kubeapps general" workflow (#5524) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This commit performs mainly the following changes: * Remove the use of unnecessary SSH keys from the jobs sync_from_bitnami and sync_to_bitnami in the GHA kubeapps general workflow. * Make the bash scripts used by the jobs mentioned above, more reliable by making them use the git over SSH protocol when needed for avoiding the interactive request of credentials, instead of relying on the existence of obscure git configurations in the runner that make this process transparent. * Refactor those scripts to try to make them more easily understandable and maintainable, mainly by renaming variables and adding documentation. * Fix a bug in the setup job of the GHA's kubeapps general workflow, that provoked the output variable "triggered_from_fork" to be filled with the wrong value in certain scenarios. * Add some steps to the job mentioned above that show in the output the information about the GitHub event and the PR context that triggered the workflow. Signed-off-by: Jesús Benito Calzada --- .circleci/config.yml | 20 ++- .github/workflows/kubeapps.yaml | 71 +++++----- script/chart_sync.sh | 40 +++--- script/chart_sync_utils.sh | 229 +++++++++++++++++++++++++------ script/chart_upstream_checker.sh | 48 ++++--- 5 files changed, 290 insertions(+), 118 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index c01f4b9db60..c2b868a84cb 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -275,6 +275,17 @@ common_envars: &common_envars OLM_VERSION: << pipeline.parameters.OLM_VERSION >> POSTGRESQL_VERSION: << pipeline.parameters.POSTGRESQL_VERSION >> RUST_VERSION: << pipeline.parameters.RUST_VERSION >> + CI_BOT_USERNAME: << pipeline.parameters.CI_BOT_USERNAME >> + CI_BOT_EMAIL: << pipeline.parameters.CI_BOT_EMAIL >> + CI_BOT_GPG: << pipeline.parameters.CI_BOT_GPG >> + CI_BOT_FORKED_CHARTS_DEPLOYKEY_FILENAME: << pipeline.parameters.CI_BOT_FORKED_CHARTS_DEPLOYKEY_FILENAME >> + CHARTS_REPO_ORIGINAL: << pipeline.parameters.CHARTS_REPO_ORIGINAL >> + BRANCH_CHARTS_REPO_ORIGINAL: << pipeline.parameters.BRANCH_CHARTS_REPO_ORIGINAL >> + CHARTS_REPO_FORKED: << pipeline.parameters.CHARTS_REPO_FORKED >> + BRANCH_CHARTS_REPO_FORKED: << pipeline.parameters.BRANCH_CHARTS_REPO_FORKED >> + KUBEAPPS_REPO: << pipeline.parameters.KUBEAPPS_REPO >> + BRANCH_KUBEAPPS_REPO: << pipeline.parameters.BRANCH_KUBEAPPS_REPO >> + README_GENERATOR_REPO: << pipeline.parameters.README_GENERATOR_REPO >> common_gke_envars: &common_gke_envars USE_MULTICLUSTER_OIDC_ENV: "false" @@ -855,9 +866,10 @@ jobs: - <<: *setup_gpg - add_ssh_keys: fingerprints: + # Deployment key uploaded to the kubeapps/kubeapps repository + - << pipeline.parameters.CI_BOT_KUBEAPPS_KUBEAPPS_DEPLOYKEY_FINGERPRINT >> # Deployment key uploaded to the kubeapps-bot/charts repository - << pipeline.parameters.CI_BOT_FORKED_CHARTS_DEPLOYKEY_FINGERPRINT >> - - run: # This is a key pair: https://circleci.com/docs/2.0/gh-bb-integration/ # public key uploaded to GitHub as a deploy key with write permissions in both kubeapps and kubeapps-bot/charts @@ -866,6 +878,8 @@ jobs: command: | eval "$(ssh-agent -s)" # the name is always "id_rsa_"+fingerprint without ":"" + # Deployment key uploaded to the kubeapps/kubeapps repository + ssh-add ~/.ssh/<< pipeline.parameters.CI_BOT_KUBEAPPS_KUBEAPPS_DEPLOYKEY_FILENAME >> # Deployment key uploaded to the kubeapps-bot/charts repository ssh-add ~/.ssh/<< pipeline.parameters.CI_BOT_FORKED_CHARTS_DEPLOYKEY_FILENAME >> - run: @@ -874,7 +888,7 @@ jobs: # This token is passed as a GITHUB_TOKEN env var via CircleCI name: Run the chart_sync script command: | - ./script/chart_sync.sh << pipeline.parameters.CI_BOT_USERNAME >> << pipeline.parameters.CI_BOT_EMAIL >> << pipeline.parameters.CI_BOT_GPG >> << pipeline.parameters.CHARTS_REPO_ORIGINAL >> << pipeline.parameters.BRANCH_CHARTS_REPO_ORIGINAL >> << pipeline.parameters.CHARTS_REPO_FORKED >> << pipeline.parameters.BRANCH_CHARTS_REPO_FORKED >> + ./script/chart_sync.sh $CI_BOT_USERNAME $CI_BOT_EMAIL $CI_BOT_GPG $CI_BOT_FORKED_CHARTS_DEPLOYKEY_FILENAME $CHARTS_REPO_ORIGINAL $BRANCH_CHARTS_REPO_ORIGINAL $CHARTS_REPO_FORKED $BRANCH_CHARTS_REPO_FORKED sync_chart_from_bitnami: environment: <<: *common_envars @@ -912,7 +926,7 @@ jobs: # This token is passed as a GITHUB_TOKEN env var via CircleCI name: Run the check_upstream_chart script command: | - ./script/chart_upstream_checker.sh << pipeline.parameters.CI_BOT_USERNAME >> << pipeline.parameters.CI_BOT_EMAIL >> << pipeline.parameters.CI_BOT_GPG >> << pipeline.parameters.CI_BOT_FORKED_CHARTS_DEPLOYKEY_FILENAME >> << pipeline.parameters.CHARTS_REPO_ORIGINAL >> << pipeline.parameters.BRANCH_CHARTS_REPO_ORIGINAL >> << pipeline.parameters.CHARTS_REPO_FORKED >> << pipeline.parameters.BRANCH_CHARTS_REPO_FORKED >> << pipeline.parameters.KUBEAPPS_REPO >> << pipeline.parameters.BRANCH_KUBEAPPS_REPO >> << pipeline.parameters.README_GENERATOR_REPO >> + ./script/chart_upstream_checker.sh $CI_BOT_USERNAME $CI_BOT_EMAIL $CI_BOT_GPG $CI_BOT_FORKED_CHARTS_DEPLOYKEY_FILENAME $CHARTS_REPO_ORIGINAL $BRANCH_CHARTS_REPO_ORIGINAL $CHARTS_REPO_FORKED $BRANCH_CHARTS_REPO_FORKED $KUBEAPPS_REPO $BRANCH_KUBEAPPS_REPO $README_GENERATOR_REPO report_srp: environment: <<: *common_envars diff --git a/.github/workflows/kubeapps.yaml b/.github/workflows/kubeapps.yaml index 242ddc6b579..ba24039d507 100644 --- a/.github/workflows/kubeapps.yaml +++ b/.github/workflows/kubeapps.yaml @@ -5,8 +5,6 @@ name: Kubeapps general pipeline on: push: - branches: - - main pull_request: branches: - main @@ -75,8 +73,19 @@ jobs: running_on_tag: ${{ steps.set-outputs.outputs.running_on_tag }} triggered_from_fork: ${{ steps.set-outputs.outputs.triggered_from_fork }} steps: + - name: Show GitHub event + env: + EVENT_CONTEXT: ${{ toJSON(github.event) }} + run: echo $EVENT_CONTEXT | jq + - name: Show PR context + env: + PR_CONTEXT: ${{ toJSON(github.event.pull_request) }} + run: echo $EVENT_CONTEXT | jq - name: Set outputs id: set-outputs + env: + PR_CONTEXT: ${{ toJSON(github.event.pull_request) }} + PR_SOURCE_REPO_NAME: ${{ github.event.pull_request.head.repo.full_name }} run: | if [[ "${GITHUB_REPOSITORY}" == "${KUBEAPPS_REPO}" ]]; then echo "img_prefix=${IMG_PREFIX}" >> $GITHUB_OUTPUT @@ -87,10 +96,10 @@ jobs: fi; # Check if the workflow is triggered due to a PR from an external fork - if [[ "${{ github.event.pull_request.head.repo.full_name }}" == "${GITHUB_REPOSITORY}" ]]; then - echo "triggered_from_fork=false" >> $GITHUB_OUTPUT - else + if [[ ("${PR_CONTEXT}" != "" && "${PR_CONTEXT}" != null) && "${PR_SOURCE_REPO_NAME}" != "${GITHUB_REPOSITORY}" ]]; then echo "triggered_from_fork=true" >> $GITHUB_OUTPUT + else + echo "triggered_from_fork=false" >> $GITHUB_OUTPUT fi if [[ ${GITHUB_REF_TYPE} == "tag" ]]; then @@ -330,7 +339,7 @@ jobs: # Push images to docker.io/kubeapps/[image]-ci:[dev-tag] push_dev_images: - # If the workflow is triggered from a PR from an external fork, secrets won't be available, so we cannot login into dockerhub + # If the workflow is triggered from a PR from an external fork, secrets won't be available, so we cannot log into dockerhub if: needs.setup.outputs.triggered_from_fork == 'false' runs-on: ubuntu-latest needs: @@ -532,21 +541,15 @@ jobs: steps: - uses: actions/checkout@v3 - name: "Install CLI tools" + env: + GPG_KEY_PUBLIC: ${{ secrets.GPG_KEY_PUBLIC }} + GPG_KEY_PRIVATE: ${{ secrets.GPG_KEY_PRIVATE }} run: | source ./script/lib/libcitools.sh - + installGithubCLI ${GITHUB_VERSION} - installSemver {SEMVER_VERSION} - installGPGKey ${{secrets.GPG_KEY_PUBLIC}} ${{secrets.GPG_KEY_PRIVATE}} ${CI_BOT_GPG} ${CI_BOT_EMAIL} - - name: "Install SSH key: Kubeapps Deploy Key" - uses: shimataro/ssh-key-action@v2 - with: - key: ${{ secrets.SSH_KEY_KUBEAPPS_DEPLOY }} - name: ${{ needs.setup.outputs.ssh_key_kubeapps_deploy_filename }} - known_hosts: | - |1|2YkQ4jjACcc/1rgSBszyeEuKxW4=|hO4GB0XMwQj1gYQDmaS304aU8Tc= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== - if_key_exists: ignore - + installSemver ${SEMVER_VERSION} + installGPGKey ${GPG_KEY_PUBLIC} ${GPG_KEY_PRIVATE} ${CI_BOT_GPG} ${CI_BOT_EMAIL} - name: "Install SSH key: Forked Charts Deploy Key" uses: shimataro/ssh-key-action@v2 with: @@ -556,20 +559,18 @@ jobs: |1|2YkQ4jjACcc/1rgSBszyeEuKxW4=|hO4GB0XMwQj1gYQDmaS304aU8Tc= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== if_key_exists: ignore - # This is a key pair - # public key uploaded to GitHub as a deploy key with write permissions, + # public key uploaded to GitHub as a deployment key with write permissions, # private key stored as a secret. name: Start ssh-agent and configure the key run: | eval "$(ssh-agent -s)" - # Deployment key uploaded to the vmware-tanzu/kubeapps repository - ssh-add ~/.ssh/${SSH_KEY_KUBEAPPS_DEPLOY_FILENAME} # Deployment key uploaded to the kubeapps-bot/charts repository ssh-add ~/.ssh/${SSH_KEY_FORKED_CHARTS_DEPLOY_FILENAME} - - - # Assuming there is a personal access token created in GitHub granted with the scopes + - # Assuming there is a personal access token created in GitHub granted with the scopes # "repo:status", "public_repo" and "read:org" - # This token is passed as a GITHUB_TOKEN from CI name: Run the check_upstream_chart script + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | ./script/chart_upstream_checker.sh \ ${CI_BOT_USERNAME} \ @@ -588,17 +589,21 @@ jobs: sync_chart_to_bitnami: needs: - setup + - local_e2e_tests if: needs.setup.outputs.running_on_tag == 'true' runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - name: "Install CLI tools" + env: + GPG_KEY_PUBLIC: ${{ secrets.GPG_KEY_PUBLIC }} + GPG_KEY_PRIVATE: ${{ secrets.GPG_KEY_PRIVATE }} run: | source ./script/lib/libcitools.sh - + installGithubCLI ${GITHUB_VERSION} - installSemver {SEMVER_VERSION} - installGPGKey ${{secrets.GPG_KEY_PUBLIC}} ${{secrets.GPG_KEY_PRIVATE}} ${CI_BOT_GPG} ${CI_BOT_EMAIL} + installSemver ${SEMVER_VERSION} + installGPGKey ${GPG_KEY_PUBLIC} ${GPG_KEY_PRIVATE} ${CI_BOT_GPG} ${CI_BOT_EMAIL} - name: "Install SSH key: Forked Charts Deploy Key" uses: shimataro/ssh-key-action@v2 with: @@ -608,22 +613,24 @@ jobs: |1|2YkQ4jjACcc/1rgSBszyeEuKxW4=|hO4GB0XMwQj1gYQDmaS304aU8Tc= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== if_key_exists: ignore - # This is a key pair - # public key uploaded to GitHub as a deploy key with write permissions, + # public key uploaded to GitHub as a deployment key with write permissions, # private key stored as a secret. name: Start ssh-agent and configure the key run: | eval "$(ssh-agent -s)" # Deployment key uploaded to the kubeapps-bot/charts repository ssh-add ~/.ssh/${SSH_KEY_FORKED_CHARTS_DEPLOY_FILENAME} - - # Assuming there is a personal access token created in GitHub granted with the scopes - # "repo:status", "public_repo" and "read:org" - # This token is passed as a GITHUB_TOKEN from CI - name: Run the chart_sync script + - name: Run the chart_sync script + env: + # Assuming there is a personal access token created in GitHub granted with the scopes + # "repo:status", "public_repo" and "read:org" + GITHUB_TOKEN: ${{ secrets.KUBEAPPS_BOT_GITHUB_TOKEN }} run: | ./script/chart_sync.sh \ ${CI_BOT_USERNAME} \ ${CI_BOT_EMAIL} \ ${CI_BOT_GPG} \ + ${SSH_KEY_FORKED_CHARTS_DEPLOY_FILENAME} \ ${CHARTS_REPO_ORIGINAL} \ ${BRANCH_CHARTS_REPO_ORIGINAL} \ ${CHARTS_REPO_FORKED} \ diff --git a/script/chart_sync.sh b/script/chart_sync.sh index 2a0773c6fd1..4f226c08794 100755 --- a/script/chart_sync.sh +++ b/script/chart_sync.sh @@ -14,23 +14,31 @@ source "$ROOT_DIR/script/chart_sync_utils.sh" USERNAME=${1:?Missing git username} EMAIL=${2:?Missing git email} GPG_KEY=${3:?Missing git gpg key} -CHARTS_REPO_ORIGINAL=${4:?Missing base chart repository} -BRANCH_CHARTS_REPO_ORIGINAL=${5:?Missing base chart repository branch} -CHARTS_REPO_FORKED=${6:?Missing forked chart repository} -BRANCH_CHARTS_REPO_FORKED=${7:?Missing forked chart repository branch} -DEV_MODE=${8:-false} +CHARTS_FORK_SSH_KEY_FILENAME=${4:?Missing forked ssh key filename} +CHARTS_REPO_UPSTREAM=${5:?Missing chart repository upstream (eg. bitnami/charts)} +CHARTS_REPO_UPSTREAM_BRANCH=${6:?Missing chart repository upstream\'s main branch name (eg. main)} +CHARTS_REPO_FORK=${7:?Missing chart repository fork (eg. kubeapps-bot/charts)} +CHARTS_REPO_FORK_BRANCH=${8:?Missing chart repository fork\'s main branch name (eg. main)} +DEV_MODE=${9:-false} +LOCAL_KUBEAPPS_REPO_PATH=${PROJECT_DIR:?PROJECT_DIR not defined} +info "LOCAL_KUBEAPPS_REPO_PATH: ${LOCAL_KUBEAPPS_REPO_PATH}" info "USERNAME: ${USERNAME}" info "EMAIL: ${EMAIL}" info "GPG_KEY: ${GPG_KEY}" -info "CHARTS_REPO_ORIGINAL: ${CHARTS_REPO_ORIGINAL}" -info "BRANCH_CHARTS_REPO_ORIGINAL: ${BRANCH_CHARTS_REPO_ORIGINAL}" -info "CHARTS_REPO_FORKED: ${CHARTS_REPO_FORKED}" -info "BRANCH_CHARTS_REPO_FORKED: ${BRANCH_CHARTS_REPO_FORKED}" +info "CHARTS_FORK_SSH_KEY_FILENAME: ${CHARTS_FORK_SSH_KEY_FILENAME}" +info "CHARTS_REPO_UPSTREAM: ${CHARTS_REPO_UPSTREAM}" +info "CHARTS_REPO_UPSTREAM_BRANCH: ${CHARTS_REPO_UPSTREAM_BRANCH}" +info "CHARTS_REPO_FORK: ${CHARTS_REPO_FORK}" +info "CHARTS_REPO_FORK_BRANCH: ${CHARTS_REPO_FORK_BRANCH}" info "DEV_MODE: ${DEV_MODE}" +if [[ "${DEV_MODE}" == "true" ]]; then + set -x +fi + currentVersion=$(grep -oP '(?<=^version: ).*' <"${KUBEAPPS_CHART_DIR}/Chart.yaml") -externalVersion=$(curl -s "https://raw.githubusercontent.com/${CHARTS_REPO_ORIGINAL}/${BRANCH_CHARTS_REPO_ORIGINAL}/${CHART_REPO_PATH}/Chart.yaml" | grep -oP '(?<=^version: ).*') +externalVersion=$(curl -s "https://raw.githubusercontent.com/${CHARTS_REPO_UPSTREAM}/${CHARTS_REPO_UPSTREAM_BRANCH}/${CHART_REPO_PATH}/Chart.yaml" | grep -oP '(?<=^version: ).*') semverCompare=$(semver compare "${currentVersion}" "${externalVersion}") info "currentVersion: ${currentVersion}" @@ -43,17 +51,15 @@ if [[ ${semverCompare} -gt 0 ]]; then CHARTS_FORK_LOCAL_PATH=$(mktemp -u)/charts mkdir -p "${CHARTS_FORK_LOCAL_PATH}" - git clone "https://github.com/${CHARTS_REPO_FORKED}" "${CHARTS_FORK_LOCAL_PATH}" --depth 1 --no-single-branch - info "Repo cloned: https://github.com/${CHARTS_REPO_FORKED}" + GIT_SSH_COMMAND="ssh -i ~/.ssh/${CHARTS_FORK_SSH_KEY_FILENAME}" git clone "git@github.com:${CHARTS_REPO_FORK}" "${CHARTS_FORK_LOCAL_PATH}" --depth 1 --no-single-branch configUser "${CHARTS_FORK_LOCAL_PATH}" "${USERNAME}" "${EMAIL}" "${GPG_KEY}" - configUser "${PROJECT_DIR}" "${USERNAME}" "${EMAIL}" "${GPG_KEY}" - info "Repos configured" + configUser "${LOCAL_KUBEAPPS_REPO_PATH}" "${USERNAME}" "${EMAIL}" "${GPG_KEY}" - latestVersion=$(latestReleaseTag "${PROJECT_DIR}") + latestVersion=$(latestReleaseTag "${LOCAL_KUBEAPPS_REPO_PATH}") prBranchName="kubeapps-bump-${currentVersion}" - updateRepoWithLocalChanges "${CHARTS_FORK_LOCAL_PATH}" "${latestVersion}" "${CHARTS_REPO_ORIGINAL}" "${BRANCH_CHARTS_REPO_ORIGINAL}" "${BRANCH_CHARTS_REPO_FORKED}" - commitAndSendExternalPR "${CHARTS_FORK_LOCAL_PATH}" "${prBranchName}" "${currentVersion}" "${CHARTS_REPO_ORIGINAL}" "${BRANCH_CHARTS_REPO_ORIGINAL}" "${DEV_MODE}" + updateRepoWithLocalChanges "${CHARTS_FORK_LOCAL_PATH}" "${latestVersion}" "${CHARTS_FORK_SSH_KEY_FILENAME}" "${CHARTS_REPO_UPSTREAM}" "${CHARTS_REPO_UPSTREAM_BRANCH}" "${CHARTS_REPO_FORK_BRANCH}" + commitAndSendExternalPR "${CHARTS_FORK_LOCAL_PATH}" "${prBranchName}" "${currentVersion}" "${CHARTS_REPO_UPSTREAM}" "${CHARTS_REPO_UPSTREAM_BRANCH}" "${CHARTS_FORK_SSH_KEY_FILENAME}" "${DEV_MODE}" elif [[ ${semverCompare} -lt 0 ]]; then echo "Skipping Chart sync. WARNING Current chart version (${currentVersion}) is less than the chart external version (${externalVersion})" else diff --git a/script/chart_sync_utils.sh b/script/chart_sync_utils.sh index 6971b766335..b8241a988b4 100755 --- a/script/chart_sync_utils.sh +++ b/script/chart_sync_utils.sh @@ -23,7 +23,16 @@ PR_INTERNAL_TEMPLATE_FILE="${PROJECT_DIR}/script/tpl/PR_internal_chart_template. PR_EXTERNAL_TEMPLATE_FILE="${PROJECT_DIR}/script/tpl/PR_external_chart_template.md" RELEASE_NOTES_TEMPLATE_FILE="${PROJECT_DIR}/script/tpl/release_notes.md" -# Returns the tag for the latest release + +######################################################################################################################## +# Returns the tag for the latest release of the given repo. +# Globals: +# None +# Arguments: +# $1 - TARGET_REPO: Path to the git repo from which to extract the tag. +# Returns: +# Name of the latest tag found in the given repo. +######################################################################################################################## latestReleaseTag() { local TARGET_REPO=${1:?} info "getting latest release from ${TARGET_REPO}" @@ -32,6 +41,18 @@ latestReleaseTag() { git -C "${TARGET_REPO}/.git" describe --tags "$(git rev-list --tags --max-count=1)" } +######################################################################################################################## +# Configs Git for a given repository with the given params. +# Globals: +# None +# Arguments: +# $1 - TARGET_REPO: Path to the git repo to configure. +# $2 - USERNAME: Username for git commits. +# $3 - EMAIL: Email for git commits. +# $4 - GPG_KEY: GPG key to sign off the commits. +# Returns: +# None +######################################################################################################################## configUser() { local TARGET_REPO=${1:?} local USERNAME=${2:?} @@ -48,6 +69,20 @@ configUser() { cd - } +######################################################################################################################## +# For the given Kubeapps service and Helm chart's values file, it replaces the image for the service to make it point +# to the production version of the image (the one generated by Bitnami folks), and to the latest tag available for that +# image, instead of pointing to `latest` version as the local chart does. +# Note: this function is used when updating the Bitnami chart with the latest changes from the local Helm chart. +# Globals: +# None +# Arguments: +# $1 - SERVICE: Name of the Kubeapps service (eg. kubeapps-apis) +# $2 - FILE: Path to the Helm chart's values.yaml file in the local chart. It is the file in which the substitution +# is done. +# Returns: +# None +######################################################################################################################## replaceImage_latestToProduction() { local SERVICE=${1:?} local FILE=${2:?} @@ -88,6 +123,20 @@ replaceImage_latestToProduction() { rm "${FILE}.bk" } +######################################################################################################################## +# For the given Kubeapps service and Helm chart's values file, it replaces the image for the service to make it point +# to the development version of the image (the one generated in our CI/CD pipeline) instead of the production one +# generated by Bitnami, and to the `latest` tag, instead of the specific latest tag available for the image. +# Note: this function is used when updating the local Helm chart with the latest changes from the Bitnami chart. +# Globals: +# None +# Arguments: +# $1 - SERVICE: Name of the Kubeapps service (eg. kubeapps-apis) +# $2 - FILE: Path to the Helm chart's values.yaml file in the local chart. It is the file in which the substitution +# is done. +# Returns: +# None +######################################################################################################################## replaceImage_productionToLatest() { local SERVICE=${1:?} local FILE=${2:?} @@ -111,15 +160,33 @@ replaceImage_productionToLatest() { rm "${FILE}.bk" } +######################################################################################################################## +# Syncs the fork of the charts repo with its upstream, then updates the local copy with the information from the local +# chart stored in the kubeapps repo, and applying to it the new version extracted from the passed TARGET_TAG param. +# Globals: +# KUBEAPPS_CHART_DIR: Path of the Kubeapps chart in the Kubeapps repo. +# CHART_REPO_PATH: Path of the Kubeapps chart in the charts repo. +# Arguments: +# $1 - CHARTS_REPO_FORK_LOCAL_PATH: Path to the clone of the bitnami/charts repo in the local machine. +# $2 - TARGET_TAG: Tag from which to take the new version for the Helm chart. +# $3 - CHARTS_FORK_SSH_KEY_FILENAME: Filename of the SSH key to connect with the remote charts repo fork. +# $4 - CHARTS_REPO_UPSTREAM: Name of the upstream version of the bitnami/charts repo without the GitHub part (eg. bitnami/charts). +# $5 - CHARTS_REPO_UPSTREAM_BRANCH: Name of the main branch in the upstream of the charts repo. +# $6 - CHARTS_REPO_FORK_BRANCH: Name of the main branch in the origin remove of the fork of charts repo. +# Returns: +# 0 - Success +# 1 - Failure +######################################################################################################################## updateRepoWithLocalChanges() { - local TARGET_REPO=${1:?} + local CHARTS_REPO_FORK_LOCAL_PATH=${1:?} local TARGET_TAG=${2:?} - local CHARTS_REPO_ORIGINAL=${3:?} - local BRANCH_CHARTS_REPO_ORIGINAL=${4:?} - local BRANCH_CHARTS_REPO_FORKED=${5:?} + local CHARTS_FORK_SSH_KEY_FILENAME=${3:?} + local CHARTS_REPO_UPSTREAM=${4:?} + local CHARTS_REPO_UPSTREAM_BRANCH=${5:?} + local CHARTS_REPO_FORK_BRANCH=${6:?} local targetTagWithoutV=${TARGET_TAG#v} - local targetChartPath="${TARGET_REPO}/${CHART_REPO_PATH}" + local targetChartPath="${CHARTS_REPO_FORK_LOCAL_PATH}/${CHART_REPO_PATH}" local chartYaml="${targetChartPath}/Chart.yaml" if [ ! -f "${chartYaml}" ]; then @@ -127,12 +194,10 @@ updateRepoWithLocalChanges() { return 1 fi # Fetch latest upstream changes, and commit&push them to the forked charts repo - git -C "${TARGET_REPO}" remote add upstream "https://github.com/${CHARTS_REPO_ORIGINAL}.git" - info "Added upstream: https://github.com/${CHARTS_REPO_ORIGINAL}.git" - git -C "${TARGET_REPO}" pull upstream "${BRANCH_CHARTS_REPO_ORIGINAL}" - info "Pulled branch: ${BRANCH_CHARTS_REPO_ORIGINAL}" - git -C "${TARGET_REPO}" push origin "${BRANCH_CHARTS_REPO_FORKED}" - info "Pushed repo to forked repo: ${BRANCH_CHARTS_REPO_FORKED}" + git -C "${CHARTS_REPO_FORK_LOCAL_PATH}" remote add upstream "https://github.com/${CHARTS_REPO_UPSTREAM}.git" + git -C "${CHARTS_REPO_FORK_LOCAL_PATH}" pull upstream "${CHARTS_REPO_UPSTREAM_BRANCH}" + # https://superuser.com/questions/232373/how-to-tell-git-which-private-key-to-use + GIT_SSH_COMMAND="ssh -i ~/.ssh/${CHARTS_FORK_SSH_KEY_FILENAME}" git -C "${CHARTS_REPO_FORK_LOCAL_PATH}" push origin "${CHARTS_REPO_FORK_BRANCH}" rm -rf "${targetChartPath}" cp -R "${KUBEAPPS_CHART_DIR}" "${targetChartPath}" @@ -150,16 +215,34 @@ updateRepoWithLocalChanges() { replaceImage_latestToProduction kubeapps-apis "${targetChartPath}/values.yaml" } +######################################################################################################################## +# Syncs the fork of the charts repo with its upstream, then updates the local Helm chart stored in the kubeapps repo +# with the chart information taken from the bitnami charts repo, and applying to it the new version extracted from the +# passed TARGET_TAG param. +# Globals: +# KUBEAPPS_CHART_DIR: Path of the Kubeapps chart in the Kubeapps repo. +# CHART_REPO_PATH: Path of the Kubeapps chart in the charts repo. +# Arguments: +# $1 - CHARTS_REPO_FORK_LOCAL_PATH: Path to the clone of the bitnami/charts repo in the local machine. +# $2 - TARGET_TAG: Tag from which to take the new version for the Helm chart. +# $3 - CHARTS_FORK_SSH_KEY_FILENAME: Filename of the SSH key to connect with the remote charts repo fork. +# $4 - CHARTS_REPO_UPSTREAM: Name of the upstream version of the bitnami/charts repo without the GitHub part (eg. bitnami/charts). +# $5 - CHARTS_REPO_UPSTREAM_BRANCH: Name of the main branch in the upstream of the charts repo. +# $6 - CHARTS_REPO_FORK_BRANCH: Name of the main branch in the origin remove of the fork of charts repo. +# Returns: +# 0 - Success +# 1 - Failure +######################################################################################################################## updateRepoWithRemoteChanges() { - local TARGET_REPO=${1:?} + local CHARTS_REPO_FORK_LOCAL_PATH=${1:?} local TARGET_TAG=${2:?} - local FORKED_SSH_KEY_FILENAME=${3:?} - local CHARTS_REPO_ORIGINAL=${4:?} - local BRANCH_CHARTS_REPO_ORIGINAL=${5:?} - local BRANCH_CHARTS_REPO_FORKED=${6:?} + local CHARTS_FORK_SSH_KEY_FILENAME=${3:?} + local CHARTS_REPO_UPSTREAM=${4:?} + local CHARTS_REPO_UPSTREAM_BRANCH=${5:?} + local CHARTS_REPO_FORK_BRANCH=${6:?} local targetTagWithoutV=${TARGET_TAG#v} - local targetChartPath="${TARGET_REPO}/${CHART_REPO_PATH}" + local targetChartPath="${CHARTS_REPO_FORK_LOCAL_PATH}/${CHART_REPO_PATH}" local remoteChartYaml="${targetChartPath}/Chart.yaml" local localChartYaml="${KUBEAPPS_CHART_DIR}/Chart.yaml" @@ -168,17 +251,18 @@ updateRepoWithRemoteChanges() { return 1 fi # Fetch latest upstream changes, and commit&push them to the forked charts repo - git -C "${TARGET_REPO}" remote add upstream "https://github.com/${CHARTS_REPO_ORIGINAL}.git" - git -C "${TARGET_REPO}" pull upstream "${BRANCH_CHARTS_REPO_ORIGINAL}" - + git -C "${CHARTS_REPO_FORK_LOCAL_PATH}" remote add upstream "https://github.com/${CHARTS_REPO_UPSTREAM}.git" + git -C "${CHARTS_REPO_FORK_LOCAL_PATH}" pull upstream "${CHARTS_REPO_UPSTREAM_BRANCH}" # https://superuser.com/questions/232373/how-to-tell-git-which-private-key-to-use - GIT_SSH_COMMAND="ssh -i ~/.ssh/${FORKED_SSH_KEY_FILENAME}" git -C "${TARGET_REPO}" push origin "${BRANCH_CHARTS_REPO_FORKED}" - + GIT_SSH_COMMAND="ssh -i ~/.ssh/${CHARTS_FORK_SSH_KEY_FILENAME}" git -C "${CHARTS_REPO_FORK_LOCAL_PATH}" push origin "${CHARTS_REPO_FORK_BRANCH}" rm -rf "${KUBEAPPS_CHART_DIR}" cp -R "${targetChartPath}" "${KUBEAPPS_CHART_DIR}" + # Update Chart.yaml with new version sed -i.bk "s/appVersion: "${targetTagWithoutV}"/appVersion: DEVEL/g" "${localChartYaml}" rm "${KUBEAPPS_CHART_DIR}/Chart.yaml.bk" + info "New version ${targetTagWithoutV} applied to file ${localChartYaml}" + # Replace images for the latest available # TODO: use the IMAGES_TO_PUSH var already set in the CI config replaceImage_productionToLatest dashboard "${KUBEAPPS_CHART_DIR}/values.yaml" @@ -188,10 +272,22 @@ updateRepoWithRemoteChanges() { replaceImage_productionToLatest kubeapps-apis "${KUBEAPPS_CHART_DIR}/values.yaml" } +######################################################################################################################## +# Generates the README file for the given Helm chart, using the given readme generator repo. +# Globals: +# None +# Arguments: +# $1 - README_GENERATOR_REPO: ID of the readme-generator GitHub repository (eg. bitnami-labs/readme-generator-for-helm) +# $2 - CHART_PATH: Local path to the Helm chart for which the README is generated. +# Returns: +# None +######################################################################################################################## + generateReadme() { local README_GENERATOR_REPO=${1:?} local CHART_PATH=${2:?} + info "Generating Helm charts' README" TMP_DIR=$(mktemp -u)/readme local chartReadmePath="${CHART_PATH}/README.md" local chartValuesPath="${CHART_PATH}/values.yaml" @@ -203,22 +299,41 @@ generateReadme() { node bin/index.js -r "${chartReadmePath}" -v "${chartValuesPath}" } +######################################################################################################################## +# Files a PR to update the Helm chart in the bitnami/charts repository to a new version. +# Globals: +# KUBEAPPS_CHART_DIR: Path of the Kubeapps chart in the Kubeapps repo. +# CHART_REPO_PATH: Path of the Kubeapps chart in the charts repo. +# Arguments: +# $1 - LOCAL_CHARTS_REPO_PATH: Path to the clone of the bitnami/charts repo in the local machine. +# $2 - TARGET_BRANCH: Name of the branch to create for the PR. +# $3 - CHART_VERSION: New version for the chart. +# $4 - CHARTS_REPO_UPSTREAM: Name of the upstream version of the bitnami/charts repo without the GitHub part (eg. bitnami/charts). +# $5 - CHARTS_REPO_UPSTREAM_BRANCH: Name of the main branch in the upstream of the charts repo. +# $6 - CHARTS_FORK_SSH_KEY_FILENAME: Name of the file with the SSH private key to connect with the upstream of the charts fork. +# $7 - DEV_MODE: Indicates if it should be run in development mode, in this case we add a disclaimer to the PR description +# alerting that it's a development PR and shouldn't be taken into account, between other customizations (branch name, etc). +# Returns: +# 0 - Success +# 1 - Failure +######################################################################################################################## commitAndSendExternalPR() { - local TARGET_REPO=${1:?} + local LOCAL_CHARTS_REPO_PATH=${1:?} local TARGET_BRANCH=${2:?} local CHART_VERSION=${3:?} - local CHARTS_REPO_ORIGINAL=${4:?} - local BRANCH_CHARTS_REPO_ORIGINAL=${5:?} - local DEV_MODE=${6-false} + local CHARTS_REPO_UPSTREAM=${4:?} + local CHARTS_REPO_UPSTREAM_BRANCH=${5:?} + local CHARTS_FORK_SSH_KEY_FILENAME=${6:?} + local DEV_MODE=${7-false} - local targetChartPath="${TARGET_REPO}/${CHART_REPO_PATH}" + local targetChartPath="${LOCAL_CHARTS_REPO_PATH}/${CHART_REPO_PATH}" local chartYaml="${targetChartPath}/Chart.yaml" if [ ! -f "${chartYaml}" ]; then echo "Wrong repo path. You should provide the root of the repository" >/dev/stderr return 1 fi - cd "${TARGET_REPO}" + cd "${LOCAL_CHARTS_REPO_PATH}" if [[ ! $(git diff-index HEAD) ]]; then echo "Not found any change to commit" >/dev/stderr cd - @@ -228,10 +343,11 @@ commitAndSendExternalPR() { PR_TITLE="[bitnami/kubeapps] Bump chart version to ${CHART_VERSION}" if [[ "${DEV_MODE}" == "true" ]]; then - TARGET_BRANCH="${TARGET_BRANCH}-DEV" - PR_TITLE="DEV - ${PR_TITLE}" + timestamp=$(date +%s) + TARGET_BRANCH="${TARGET_BRANCH}-DEV-${timestamp}" + PR_TITLE="DEV - ${PR_TITLE} - ${timestamp}" tmpfile=$(mktemp) - echo "# THIS IS A DEVELOPMENT PR, DO NOT MERGE!"|cat - "${PR_EXTERNAL_TEMPLATE_FILE}" > "$tmpfile" && mv "$tmpfile" "${PR_EXTERNAL_TEMPLATE_FILE}" + echo "# :warning: THIS IS A DEVELOPMENT PR, DO NOT MERGE!"|cat - "${PR_EXTERNAL_TEMPLATE_FILE}" > "$tmpfile" && mv "$tmpfile" "${PR_EXTERNAL_TEMPLATE_FILE}" fi sed -i.bk -e "s//$(git config user.name)/g" "${PR_EXTERNAL_TEMPLATE_FILE}" @@ -240,21 +356,42 @@ commitAndSendExternalPR() { git add --all . git commit --signoff -m "kubeapps: bump chart version to ${CHART_VERSION}" # NOTE: This expects to have a loaded SSH key - if [[ $(git ls-remote origin "${TARGET_BRANCH}" | wc -l) -eq 0 ]]; then - git push -u origin "${TARGET_BRANCH}" - gh pr create -d -B "${BRANCH_CHARTS_REPO_ORIGINAL}" -R "${CHARTS_REPO_ORIGINAL}" -F "${PR_EXTERNAL_TEMPLATE_FILE}" --title "${PR_TITLE}" + if [[ $(GIT_SSH_COMMAND="ssh -i ~/.ssh/${CHARTS_FORK_SSH_KEY_FILENAME}" git ls-remote origin "${TARGET_BRANCH}" | wc -l) -eq 0 ]]; then + GIT_SSH_COMMAND="ssh -i ~/.ssh/${CHARTS_FORK_SSH_KEY_FILENAME}" git push -u origin "${TARGET_BRANCH}" + if [[ "${DEV_MODE}" != "true" ]]; then + gh pr create -d -B "${CHARTS_REPO_UPSTREAM_BRANCH}" -R "${CHARTS_REPO_UPSTREAM}" -F "${PR_EXTERNAL_TEMPLATE_FILE}" --title "${PR_TITLE}" + else + echo "Skipping external PR because we are running in DEV_MODE" + fi else - echo "The remote branch '${TARGET_BRANCH}' already exists, please check if there is already an open PR at the repository '${CHARTS_REPO_ORIGINAL}'" + echo "The remote branch '${TARGET_BRANCH}' already exists, please check if there is already an open PR at the repository '${CHARTS_REPO_UPSTREAM}'" + return 1 fi cd - } +######################################################################################################################## +# Updates the local Helm chart to a new version and files a PR against the upstream Kubeapps repo. +# Globals: +# KUBEAPPS_CHART_DIR: Path of the Kubeapps chart in the Kubeapps repo. +# Arguments: +# $1 - LOCAL_REPO_PATH: Path to the clone of the Kubeapps repo in the local machine. +# $2 - TARGET_BRANCH: Name of the branch to create for the PR. +# $3 - CHART_VERSION: New version for the chart. +# $4 - UPSTREAM_REPO: Name of the upstream version of the kubeapps repo without the GitHub part (eg. vmware-tanzu/kubeapps). +# $5 - UPSTREAM_MAIN_BRANCH: Name of the main branch in the upstream repo. +# $6 - DEV_MODE: Indicates if it should be run in development mode, in this case we add a disclaimer to the PR description +# alerting that it's a development PR and shouldn't be taken into account, between other customizations (branch name, etc). +# Returns: +# 0 - Success +# 1 - Failure +######################################################################################################################## commitAndSendInternalPR() { - local TARGET_REPO=${1:?} + local LOCAL_REPO_PATH=${1:?} local TARGET_BRANCH=${2:?} local CHART_VERSION=${3:?} - local KUBEAPPS_REPO=${4:?} - local BRANCH_KUBEAPPS_REPO=${5:?} + local UPSTREAM_REPO=${4:?} + local UPSTREAM_MAIN_BRANCH=${5:?} local DEV_MODE=${6:-false} local targetChartPath="${KUBEAPPS_CHART_DIR}/Chart.yaml" @@ -265,7 +402,7 @@ commitAndSendInternalPR() { return 1 fi - cd "${TARGET_REPO}" + cd "${LOCAL_REPO_PATH}" if [[ ! $(git diff-index HEAD) ]]; then echo "Not found any change to commit" >/dev/stderr cd - @@ -275,10 +412,11 @@ commitAndSendInternalPR() { PR_TITLE="Sync chart with bitnami/kubeapps chart (version ${CHART_VERSION})" if [[ "${DEV_MODE}" == "true" ]]; then - TARGET_BRANCH="${TARGET_BRANCH}-DEV" - PR_TITLE="DEV - ${PR_TITLE}" + timestamp=$(date +%s) + TARGET_BRANCH="${TARGET_BRANCH}-DEV-${timestamp}" + PR_TITLE="DEV - ${PR_TITLE} - ${timestamp}" tmpfile=$(mktemp) - echo "# THIS IS A DEVELOPMENT PR, DO NOT MERGE!"|cat - "${PR_INTERNAL_TEMPLATE_FILE}" > "$tmpfile" && mv "$tmpfile" "${PR_INTERNAL_TEMPLATE_FILE}" + echo "# :warning: THIS IS A DEVELOPMENT PR, DO NOT MERGE!"|cat - "${PR_INTERNAL_TEMPLATE_FILE}" > "$tmpfile" && mv "$tmpfile" "${PR_INTERNAL_TEMPLATE_FILE}" fi git checkout -b "${TARGET_BRANCH}" @@ -287,9 +425,10 @@ commitAndSendInternalPR() { # NOTE: This expects to have a loaded SSH key if [[ $(git ls-remote origin "${TARGET_BRANCH}" | wc -l) -eq 0 ]]; then git push -u origin "${TARGET_BRANCH}" - gh pr create -d -B "${BRANCH_KUBEAPPS_REPO}" -R "${KUBEAPPS_REPO}" -F "${PR_INTERNAL_TEMPLATE_FILE}" --title "${PR_TITLE}" + gh pr create -d -B "${UPSTREAM_MAIN_BRANCH}" -R "${UPSTREAM_REPO}" -F "${PR_INTERNAL_TEMPLATE_FILE}" --title "${PR_TITLE}" else - echo "The remote branch '${TARGET_BRANCH}' already exists, please check if there is already an open PR at the repository '${KUBEAPPS_REPO}'" + echo "The remote branch '${TARGET_BRANCH}' already exists, please check if there is already an open PR at the repository '${UPSTREAM_REPO}'" + return 1 fi cd - } diff --git a/script/chart_upstream_checker.sh b/script/chart_upstream_checker.sh index 862ba859836..ae6a64df84f 100755 --- a/script/chart_upstream_checker.sh +++ b/script/chart_upstream_checker.sh @@ -15,30 +15,36 @@ USERNAME=${1:?Missing git username} EMAIL=${2:?Missing git email} GPG_KEY=${3:?Missing git gpg key} FORKED_SSH_KEY_FILENAME=${4:?Missing forked ssh key filename} -CHARTS_REPO_ORIGINAL=${5:?Missing base chart repository} -BRANCH_CHARTS_REPO_ORIGINAL=${6:?Missing base chart repository} -CHARTS_REPO_FORKED=${7:?Missing forked chart repository} -BRANCH_CHARTS_REPO_FORKED=${8:?Missing forked chart repository} -KUBEAPPS_REPO=${9:?Missing kubeapps repository} -BRANCH_KUBEAPPS_REPO=${10:?Missing kubeapps repository branch} +CHARTS_REPO_UPSTREAM=${5:?Missing base chart repository} +CHARTS_REPO_UPSTREAM_BRANCH=${6:?Missing base chart repository} +CHARTS_REPO_FORK=${7:?Missing forked chart repository} +CHARTS_REPO_FORK_BRANCH=${8:?Missing forked chart repository} +KUBEAPPS_REPO_UPSTREAM=${9:?Missing kubeapps repository} +KUBEAPPS_REPO_UPSTREAM_BRANCH=${10:?Missing kubeapps repository branch} README_GENERATOR_REPO=${11:?Missing readme generator repository} DEV_MODE=${12:-false} +LOCAL_KUBEAPPS_REPO_PATH=${PROJECT_DIR:?PROJECT_DIR not defined} +info "LOCAL_KUBEAPPS_REPO_PATH: ${LOCAL_KUBEAPPS_REPO_PATH}" info "USERNAME: ${USERNAME}" info "EMAIL: ${EMAIL}" info "GPG_KEY: ${GPG_KEY}" info "FORKED_SSH_KEY_FILENAME: ${FORKED_SSH_KEY_FILENAME}" -info "CHARTS_REPO_ORIGINAL: ${CHARTS_REPO_ORIGINAL}" -info "BRANCH_CHARTS_REPO_ORIGINAL: ${BRANCH_CHARTS_REPO_ORIGINAL}" -info "CHARTS_REPO_FORKED: ${CHARTS_REPO_FORKED}" -info "BRANCH_CHARTS_REPO_FORKED: ${BRANCH_CHARTS_REPO_FORKED}" -info "KUBEAPPS_REPO: ${KUBEAPPS_REPO}" -info "BRANCH_KUBEAPPS_REPO: ${BRANCH_KUBEAPPS_REPO}" +info "CHARTS_REPO_UPSTREAM: ${CHARTS_REPO_UPSTREAM}" +info "CHARTS_REPO_UPSTREAM_BRANCH: ${CHARTS_REPO_UPSTREAM_BRANCH}" +info "CHARTS_REPO_FORK: ${CHARTS_REPO_FORK}" +info "CHARTS_REPO_FORK_BRANCH: ${CHARTS_REPO_FORK_BRANCH}" +info "KUBEAPPS_REPO_UPSTREAM: ${KUBEAPPS_REPO_UPSTREAM}" +info "KUBEAPPS_REPO_UPSTREAM_BRANCH: ${KUBEAPPS_REPO_UPSTREAM_BRANCH}" info "README_GENERATOR_REPO: ${README_GENERATOR_REPO}" info "DEV_MODE: ${DEV_MODE}" +if [[ "${DEV_MODE}" == "true" ]]; then + set -x +fi + currentVersion=$(grep -oP '(?<=^version: ).*' <"${KUBEAPPS_CHART_DIR}/Chart.yaml") -externalVersion=$(curl -s "https://raw.githubusercontent.com/${CHARTS_REPO_ORIGINAL}/${BRANCH_CHARTS_REPO_ORIGINAL}/${CHART_REPO_PATH}/Chart.yaml" | grep -oP '(?<=^version: ).*') +externalVersion=$(curl -s "https://raw.githubusercontent.com/${CHARTS_REPO_UPSTREAM}/${CHARTS_REPO_UPSTREAM_BRANCH}/${CHART_REPO_PATH}/Chart.yaml" | grep -oP '(?<=^version: ).*') semverCompare=$(semver compare "${currentVersion}" "${externalVersion}") info "currentVersion: ${currentVersion}" @@ -47,23 +53,23 @@ info "externalVersion: ${externalVersion}" # If current version is less than the chart external version, then retrieve the changes and send an internal PR with them if [[ ${semverCompare} -lt 0 ]]; then echo "Current chart version (${currentVersion}) is less than the chart external version (${externalVersion})" - TMP_DIR=$(mktemp -u)/charts - mkdir -p "${TMP_DIR}" + LOCAL_CHARTS_REPO_FORK=$(mktemp -u)/charts + mkdir -p "${LOCAL_CHARTS_REPO_FORK}" - git clone "https://github.com/${CHARTS_REPO_FORKED}" "${TMP_DIR}" --depth 1 --no-single-branch - configUser "${TMP_DIR}" "${USERNAME}" "${EMAIL}" "${GPG_KEY}" - configUser "${PROJECT_DIR}" "${USERNAME}" "${EMAIL}" "${GPG_KEY}" + GIT_SSH_COMMAND="ssh -i ~/.ssh/${FORKED_SSH_KEY_FILENAME}" git clone "git@github.com:${CHARTS_REPO_FORK}" "${LOCAL_CHARTS_REPO_FORK}" --depth 1 --no-single-branch + configUser "${LOCAL_CHARTS_REPO_FORK}" "${USERNAME}" "${EMAIL}" "${GPG_KEY}" + configUser "${LOCAL_KUBEAPPS_REPO_PATH}" "${USERNAME}" "${EMAIL}" "${GPG_KEY}" - latestVersion=$(latestReleaseTag "${PROJECT_DIR}") + latestVersion=$(latestReleaseTag "${LOCAL_KUBEAPPS_REPO_PATH}") prBranchName="sync-chart-changes-${externalVersion}" if [[ "${DEV_MODE}" == "true" ]]; then prBranchName="${prBranchName}-DEV" fi - updateRepoWithRemoteChanges "${TMP_DIR}" "${latestVersion}" "${FORKED_SSH_KEY_FILENAME}" "${CHARTS_REPO_ORIGINAL}" "${BRANCH_CHARTS_REPO_ORIGINAL}" "${BRANCH_CHARTS_REPO_FORKED}" + updateRepoWithRemoteChanges "${LOCAL_CHARTS_REPO_FORK}" "${latestVersion}" "${FORKED_SSH_KEY_FILENAME}" "${CHARTS_REPO_UPSTREAM}" "${CHARTS_REPO_UPSTREAM_BRANCH}" "${CHARTS_REPO_FORK_BRANCH}" generateReadme "${README_GENERATOR_REPO}" "${KUBEAPPS_CHART_DIR}" - commitAndSendInternalPR "${PROJECT_DIR}" "${prBranchName}" "${externalVersion}" "${KUBEAPPS_REPO}" "${BRANCH_KUBEAPPS_REPO}" "${DEV_MODE}" + commitAndSendInternalPR "${LOCAL_KUBEAPPS_REPO_PATH}" "${prBranchName}" "${externalVersion}" "${KUBEAPPS_REPO_UPSTREAM}" "${KUBEAPPS_REPO_UPSTREAM_BRANCH}" "${DEV_MODE}" elif [[ ${semverCompare} -gt 0 ]]; then echo "Skipping Chart sync. WARNING Current chart version (${currentVersion}) is greater than the chart external version (${externalVersion})" else