diff --git a/.github/workflows/fork-ci-reusable.yml b/.github/workflows/fork-ci-reusable.yml index a28f582..adbd652 100644 --- a/.github/workflows/fork-ci-reusable.yml +++ b/.github/workflows/fork-ci-reusable.yml @@ -108,6 +108,9 @@ jobs: DOCKER_REGISTRY: ${{ needs.determine_docker_registry_and_tag.outputs.docker_registry }} DOCKER_TAG: ${{ needs.determine_docker_registry_and_tag.outputs.docker_tag }} GOPROXY: ${{ secrets.goproxy || 'direct' }} + BASE_IMAGE_DOCA_FULL_RT_HOST: nvcr.io/nvidia/doca/doca:3.0.0-full-rt-host + BASE_IMAGE_GO_DISTROLESS_DEV: nvcr.io/nvidia/distroless/go:v3.1.12-dev + BASE_IMAGE_GO_DISTROLESS: nvcr.io/nvidia/distroless/go:v3.1.12 strategy: matrix: component: ${{ fromJSON(inputs.components) }} diff --git a/.github/workflows/sync-dockerfile-images.yml b/.github/workflows/sync-dockerfile-images.yml new file mode 100644 index 0000000..caa3988 --- /dev/null +++ b/.github/workflows/sync-dockerfile-images.yml @@ -0,0 +1,61 @@ +name: Sync Dockerfile image tags to reusable workflow + +on: + push: + branches: + - main + +permissions: + contents: write + pull-requests: write + actions: write + +jobs: + sync: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Extract image tags from Dockerfile + id: extract + run: | + doca=$(awk '/ AS BASE_IMAGE_DOCA_FULL_RT_HOST/ {print $2; exit}' Dockerfile) + go_dev=$(awk '/ AS BASE_IMAGE_GO_DISTROLESS_DEV/ {print $2; exit}' Dockerfile) + go_base=$(awk '/ AS BASE_IMAGE_GO_DISTROLESS($|\s)/ {print $2; exit}' Dockerfile) + echo "doca=$doca" >> $GITHUB_OUTPUT + echo "go_dev=$go_dev" >> $GITHUB_OUTPUT + echo "go_base=$go_base" >> $GITHUB_OUTPUT + - name: Update fork-ci-reusable.yml envs if needed + id: update + env: + DOCA: ${{ steps.extract.outputs.doca }} + GO_DEV: ${{ steps.extract.outputs.go_dev }} + GO_BASE: ${{ steps.extract.outputs.go_base }} + run: | + file=.github/workflows/fork-ci-reusable.yml + sed -E -i "s#^([[:space:]]*BASE_IMAGE_DOCA_FULL_RT_HOST:)\s*.*#\\1 ${DOCA}#" "$file" + sed -E -i "s#^([[:space:]]*BASE_IMAGE_GO_DISTROLESS_DEV:)\s*.*#\\1 ${GO_DEV}#" "$file" + sed -E -i "s#^([[:space:]]*BASE_IMAGE_GO_DISTROLESS:)\s*.*#\\1 ${GO_BASE}#" "$file" + if git diff --quiet --exit-code -- "$file"; then + echo "changed=false" >> $GITHUB_OUTPUT + else + echo "changed=true" >> $GITHUB_OUTPUT + fi + - name: Create Pull Request + if: steps.update.outputs.changed == 'true' + env: + GH_TOKEN: ${{ secrets.GH_TOKEN_NVIDIA_CI_CD }} + run: | + git config user.name "nvidia-ci-cd" + git config user.email "svc-cloud-orch-gh@nvidia.com" + BRANCH="chore/sync-dockerfile-images-$(date +%Y%m%d%H%M%S)" + git checkout -b "$BRANCH" + git add .github/workflows/fork-ci-reusable.yml + git commit -m "chore: sync image tags in fork-ci-reusable.yml from Dockerfile" + git push --set-upstream origin "$BRANCH" + gh pr create \ + --title "chore: sync image tags in fork-ci-reusable.yml" \ + --body $'This PR updates the following envs in `.github/workflows/fork-ci-reusable.yml` based on `Dockerfile`:\n- BASE_IMAGE_DOCA_FULL_RT_HOST\n- BASE_IMAGE_GO_DISTROLESS_DEV\n- BASE_IMAGE_GO_DISTROLESS' \ + --base main \ + --head "$BRANCH" + + diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..b7ebefb --- /dev/null +++ b/Dockerfile @@ -0,0 +1,4 @@ +# This is a dummy Dockerfile for getting dependabot PRs for version updates +FROM nvcr.io/nvidia/doca/doca:3.1.0-full-rt-host AS BASE_IMAGE_DOCA_FULL_RT_HOST +FROM nvcr.io/nvidia/distroless/go:v3.1.13-dev AS BASE_IMAGE_GO_DISTROLESS_DEV +FROM nvcr.io/nvidia/distroless/go:v3.1.13 AS BASE_IMAGE_GO_DISTROLESS \ No newline at end of file