From c17173f001b2a74babb5b8d17b6f42b5ceb510fe Mon Sep 17 00:00:00 2001 From: Jiawei Huang Date: Wed, 11 Dec 2024 10:04:57 -0800 Subject: [PATCH] Add sempahore auto go-build workflow This change adds a semaphore workflow to trigger calico/go-build pin update. We improved calico/go-build to trigger this workflow when there is a new release tag pushed to the go-build repository. --- .semaphore/update-go-build-pins.yml | 25 +++++++++++++++++++++++++ Makefile | 2 ++ lib.Makefile | 29 +++++++++++++++++++++++++++++ 3 files changed, 56 insertions(+) create mode 100644 .semaphore/update-go-build-pins.yml diff --git a/.semaphore/update-go-build-pins.yml b/.semaphore/update-go-build-pins.yml new file mode 100644 index 00000000000..2c8a4875267 --- /dev/null +++ b/.semaphore/update-go-build-pins.yml @@ -0,0 +1,25 @@ +version: v1.0 +name: Trigger calico/go-build update +agent: + machine: + type: f1-standard-2 + os_image: ubuntu2204 + +execution_time_limit: + minutes: 30 + +global_job_config: + prologue: + commands: + - checkout + +blocks: + - name: Auto calico/go-build update + task: + secrets: + - name: marvin-github-token + jobs: + - name: Auto calico/go-build update + commands: + - CONFIRM=true make git-config + - CONFIRM=true GITHUB_TOKEN=${MARVIN_GITHUB_TOKEN} make trigger-auto-pin-update-process diff --git a/Makefile b/Makefile index 8e3e1ed9ea2..a888296883c 100644 --- a/Makefile +++ b/Makefile @@ -190,6 +190,8 @@ endif python:3 \ bash -c '/usr/local/bin/python release/get-contributors.py >> /code/AUTHORS.md' +update-pins: update-go-build-pin + ############################################################################### # Post-release validation ############################################################################### diff --git a/lib.Makefile b/lib.Makefile index 09d0ed261a4..98ce703a62e 100644 --- a/lib.Makefile +++ b/lib.Makefile @@ -337,6 +337,31 @@ define update_replace_pin fi' endef +# Get the latest release tag from projectcalico/go-build. +GO_BUILD_REPO=https://github.com/projectcalico/go-build.git +define get_go_build_version + $(shell git ls-remote --tags --refs --sort=-version:refname $(GO_BUILD_REPO) | head -n 1 | awk -F '/' '{print $$NF}') +endef + +# update_go_build updates the GO_BUILD_VER in metadata.mk or Makefile. +# for annotated git tags, we need to remove the trailing `^{}`. +# for the obsoleted vx.y go-build version, we need to remove the leading `v` for bash string comparison to work properly. +define update_go_build_pin + $(eval new_ver := $(subst ^{},,$(call get_go_build_version))) + $(eval old_ver := $(subst v,,$(shell grep -E "^GO_BUILD_VER" $(1) | cut -d'=' -f2 | xargs))) + + @echo "current GO_BUILD_VER=$(old_ver)" + @echo "latest GO_BUILD_VER=$(new_ver)" + + bash -c '\ + if [[ "$(new_ver)" > "$(old_ver)" ]]; then \ + sed -i "s/^GO_BUILD_VER[[:space:]]*=.*/GO_BUILD_VER=$(new_ver)/" $(1); \ + echo "GO_BUILD_VER is updated to $(new_ver)"; \ + else \ + echo "no need to update GO_BUILD_VER"; \ + fi' +endef + GIT_REMOTE?=origin API_BRANCH?=$(PIN_BRANCH) API_REPO?=github.com/projectcalico/calico/api @@ -393,6 +418,9 @@ update-cni-plugin-pin: replace-cni-pin: $(call update_replace_pin,github.com/projectcalico/calico/cni-plugin,$(CNI_REPO),$(CNI_BRANCH)) +update-go-build-pin: + $(call update_go_build_pin,$(GIT_GO_BUILD_UPDATE_COMMIT_FILE)) + git-status: git status --porcelain @@ -453,6 +481,7 @@ GIT_PR_BRANCH_BASE?=$(SEMAPHORE_GIT_BRANCH) PIN_UPDATE_BRANCH?=semaphore-auto-pin-updates-$(GIT_PR_BRANCH_BASE) GIT_PR_BRANCH_HEAD?=$(PIN_UPDATE_BRANCH) GIT_PIN_UPDATE_COMMIT_FILES?=go.mod go.sum +GIT_GO_BUILD_UPDATE_COMMIT_FILE?=metadata.mk GIT_PIN_UPDATE_COMMIT_EXTRA_FILES?=$(GIT_COMMIT_EXTRA_FILES) GIT_COMMIT_FILES?=$(GIT_PIN_UPDATE_COMMIT_FILES) $(GIT_PIN_UPDATE_COMMIT_EXTRA_FILES)