nodejs
/
docker-node
mirror of https://github.com/nodejs/docker-node.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Automating docker-node part of the official Node Docker images release process (#1646) 

Co-authored-by: Simen Bekkhus <sbekkhus91@gmail.com>
Co-authored-by: Pedro Henrique <pedro.silva@wisenet.inf.br>
This commit is contained in:
Pedro Silva 2022-03-10 18:18:08 -03:00 committed by GitHub
parent 652749b524
commit 62262f41d4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 189 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
.github/workflows/automatic-updates.yml vendored Normal file
View File

@ -0,0 +1,54 @@
name: Automatically update Docker image versions
on:
schedule:
- cron: "*/15 * * * *"
jobs:
build:
runs-on: ubuntu-latest
if: github.repository_owner == 'nodejs'
steps:
- uses: actions/checkout@v3
- name: Run automation script
uses: actions/github-script@v6
id: updt
with:
script: |
const { default: script } = await import(`${process.env.GITHUB_WORKSPACE}/build-automation.mjs`);
await script(github);
- name: Create update PR
id: cpr
uses: peter-evans/create-pull-request@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
branch: update-branch
base: main
commit-message: "Update to ${{ steps.updt.outputs.updated-versions }}"
title: "Update to ${{ steps.updt.outputs.updated-versions }}"
delete-branch: true
team-reviewers: |
@nodejs/docker
- name: Check CI status periodically
uses: actions/github-script@v6
with:
script: |
const { default: script } = await import(`${process.env.GITHUB_WORKSPACE}/check-pr-status.mjs`);
await script(github, '${{ github.repository }}', ${{ steps.cpr.outputs.pull-request-number }});
- name: Auto-approve the PR
uses: juliangruber/approve-pull-request-action@v1
with:
# Cannot use `GITHUB_TOKEN` as it's not allowed to approve own PR
github-token: ${{ secrets.GH_API_TOKEN }}
number: ${{ steps.cpr.outputs.pull-request-number }}
- name: Merge PR
uses: juliangruber/merge-pull-request-action@v1
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
number: ${{ steps.cpr.outputs.pull-request-number }}

104
build-automation.mjs Normal file
View File

@ -0,0 +1,104 @@
import { promisify } from "util";
import child_process from "child_process";
const exec = promisify(child_process.exec);
// a function that queries the Node.js release website for new versions,
// compare the available ones with the ones we use in this repo
// and returns whether we should update or not
const checkIfThereAreNewVersions = async (github) => {
try {
const { stdout: versionsOutput } = await exec(". ./functions.sh && get_versions", { shell: "bash" });
const supportedVersions = versionsOutput.trim().split(" ");
let latestSupportedVersions = {};
for (let supportedVersion of supportedVersions) {
const { stdout } = await exec(`ls ${supportedVersion}`);
const { stdout: fullVersionOutput } = await exec(`. ./functions.sh && get_full_version ./${supportedVersion}/${stdout.trim().split("\n")[0]}`, { shell: "bash" });
console.log(fullVersionOutput);
latestSupportedVersions[supportedVersion] = { fullVersion: fullVersionOutput.trim() };
}
const { data: availableVersionsJson } = await github.request('https://nodejs.org/download/release/index.json');
// filter only more recent versions of availableVersionsJson for each major version in latestSupportedVersions' keys
// e.g. if latestSupportedVersions = { "12": "12.22.10", "14": "14.19.0", "16": "16.14.0", "17": "17.5.0" }
// and availableVersions = ["Node.js 12.22.10", "Node.js 12.24.0", "Node.js 14.19.0", "Node.js 14.22.0", "Node.js 16.14.0", "Node.js 16.16.0", "Node.js 17.5.0", "Node.js 17.8.0"]
// return { "12": "12.24.0", "14": "14.22.0", "16": "16.16.0", "17": "17.8.0" }
let filteredNewerVersions = {};
for (let availableVersion of availableVersionsJson) {
const [availableMajor, availableMinor, availablePatch] = availableVersion.version.split("v")[1].split(".");
if (latestSupportedVersions[availableMajor] == null) {
continue;
}
const [_latestMajor, latestMinor, latestPatch] = latestSupportedVersions[availableMajor].fullVersion.split(".");
if (latestSupportedVersions[availableMajor] && (Number(availableMinor) > Number(latestMinor) || (availableMinor === latestMinor && Number(availablePatch) > Number(latestPatch)))) {
filteredNewerVersions[availableMajor] = { fullVersion: `${availableMajor}.${availableMinor}.${availablePatch}` };
}
}
return {
shouldUpdate: Object.keys(filteredNewerVersions).length > 0 && JSON.stringify(filteredNewerVersions) !== JSON.stringify(latestSupportedVersions),
versions: filteredNewerVersions,
}
} catch (error) {
console.error(error);
process.exit(1);
}
};
// a function that queries the Node.js unofficial release website for new musl versions and security releases,
// and returns relevant information
const checkForMuslVersionsAndSecurityReleases = async (github, versions) => {
try {
const { data: unofficialBuildsIndexText } = await github.request('https://unofficial-builds.nodejs.org/download/release/index.json');
for (let version of Object.keys(versions)) {
const { data: unofficialBuildsWebsiteText } = await github.request(`https://unofficial-builds.nodejs.org/download/release/v${versions[version].fullVersion}`);
versions[version].muslBuildExists = unofficialBuildsWebsiteText.includes("musl");
versions[version].isSecurityRelease = unofficialBuildsIndexText.find(indexVersion => indexVersion.version === `v${versions[version].fullVersion}`)?.security;
}
return versions;
} catch (error) {
console.error(error);
process.exit(1);
}
};
export default async function(github) {
// if there are no new versions, exit gracefully
// if there are new versions,
// check for musl builds
// then run update.sh
const { shouldUpdate, versions } = await checkIfThereAreNewVersions(github);
if (!shouldUpdate) {
console.log("No new versions found. No update required.");
process.exit(0);
} else {
const newVersions = await checkForMuslVersionsAndSecurityReleases(github, versions);
let updatedVersions = [];
for (let version of Object.keys(newVersions)) {
if (newVersions[version].muslBuildExists) {
const { stdout } = await exec(`./update.sh ${newVersions[version].isSecurityRelease ? "-s " : ""}${version}`);
console.log(stdout);
updatedVersions.push(newVersions[version].fullVersion);
} else {
console.log(`There's no musl build for version ${newVersions[version].fullVersion} yet.`);
process.exit(0);
}
}
console.log(`::set-output name=updated-versions::${updatedVersions.join(',')}`);
const { stdout } = (await exec(`git diff`));
console.log(stdout);
}
}

29
check-pr-status.mjs Normal file
View File

@ -0,0 +1,29 @@
// fetch /repos/{owner}/{repo}/pulls/{pull_number}
// and check its mergeable_state
// if "clean", exit with status code 0
// else exit with error
import { setTimeout } from 'timers/promises';
const tries = 10;
const retryDelay = 30000;
export default async function(github, repository, pull_number) {
const [owner, repo] = repository.split('/');
await setTimeout(retryDelay);
for (let t = 0; t < tries; t++) {
try {
const { data } = await github.rest.pulls.get({owner, repo, pull_number})
console.log(data);
if (data.mergeable_state === 'clean') {
process.exit(0);
}
await setTimeout(retryDelay);
} catch (error) {
console.error(error);
process.exit(1);
}
}
process.exit(1);
}

2
functions.sh
View File

@ -1,6 +1,8 @@
#!/usr/bin/env bash
#
# Utlity functions
# Don't change this file unless needed
# The GitHub Action for automating new builds rely on this file
info() {
printf "%s\\n" "$@"