Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Automate updates of existing helm charts #983

Conversation

adamkpickering
Copy link
Collaborator

@adamkpickering adamkpickering commented Mar 6, 2024

rancher/partner-charts adds a Rancher-specific layer to a variety of upstream charts. These charts are updated frequently, and the Rancher versions of these charts don't get updated unless we go through a manual process to do so. This process has most recently been done by @marcosbc. We want to automate this process so that updates happen more frequently (i.e. daily) and don't sap our attention.

This PR introduces two new workflows:

  1. update-main-source.yml: runs bin/partner-charts-ci auto daily in order to update the main-source branch
  2. update-main.yml: syncs assets/ and index.yaml from the main-source to the main branch when changes are pushed to the main-source branch

There are a lot of things with this repo that I'd like to change. However, this PR is just about automating what we have. We can make further improvements later.

@adamkpickering adamkpickering requested a review from a team as a code owner March 6, 2024 20:49
@adamkpickering adamkpickering requested a review from marcosbc March 6, 2024 20:50
Copy link
Contributor

@nicholasSUSE nicholasSUSE left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry @adamkpickering, I have no idea what this is about, could you provide a description?

Copy link
Collaborator

@marcosbc marcosbc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should also remove the .github/workflows/sync-fork.yml file given that it will not be applicable anymore.

# checkout action only fetches main-source, so we need to fetch main branch also
git fetch origin main --depth 1
git checkout main
git checkout main-source -- index.yaml assets
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The original action also removes the assets folder and the index.yaml file before executing the checkout. Have you tested that it works?

Copy link
Collaborator Author

@adamkpickering adamkpickering Mar 8, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think I should have left that in. I'll add it back, if it fits with creating an auto-merged PR that is.

run: |
scripts/pull-ci-scripts
bin/partner-charts-ci auto
git push origin main-source
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Instead of pushing directly to the branches, wouldn't it be better to create PRs for each individual change, with auto-merge enabled?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What do you mean by "each individual change"? Are you suggesting that this automation should create a PR that is merged automatically every time it runs? If so, I can't think of a benefit to doing this - can you please elaborate?

If this isn't what you meant, can you clarify?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

By creating a PR (even with auto merge enabled), it forces an execution of the CI scripts to validate the change. Currently, this executes partner-charts-ci validate (see .github/workflows/pull-request.yml). If something went wrong, we would have the ability to stop the change from getting merged.

git checkout main-source -- assets index.yaml
git commit -m "Update partner charts"
git push origin
TITLE="Update partner charts"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For automated pull requests we usually use [AUTOMATED] Title.

@adamkpickering adamkpickering force-pushed the automate-the-publishing-process branch 2 times, most recently from c98acc0 to cf786cc Compare March 9, 2024 01:17
@adamkpickering adamkpickering force-pushed the automate-the-publishing-process branch from f86f826 to 33fdb42 Compare March 9, 2024 02:54
@adamkpickering adamkpickering changed the title Release partner charts daily Automate updates of existing helm charts Mar 9, 2024
marcosbc
marcosbc previously approved these changes Mar 11, 2024
Copy link
Collaborator

@marcosbc marcosbc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!


- name: Update main-source branch
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@adamkpickering 🤔 Which one?

Without this option, xargs will run the `gh pr close` command with
no arguments when `gh pr list` outputs no PRs. Adding this option
prevents the error that can result.
git diff --quiet main-source "$BRANCH" && exit 0

# close all existing PRs from branches starting with "auto-update"
gh pr --repo "$GITHUB_REPOSITORY" list --search 'head:auto-update' --json 'headRefName' --jq '.[] | join("\n")' | \
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One possible issue is that you should always make sure that this Ubuntu latest image has JQ installed; otherwise, it will break.
My Ubuntu did not come with it installed.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think this command requires jq - it's just an option. Looking at the dependencies of the gh package, only git is listed. So they must build jq, or its syntax, into gh somehow?

@adamkpickering adamkpickering merged commit 56b0cc5 into rancher:main-source Mar 12, 2024
1 check passed
@adamkpickering adamkpickering deleted the automate-the-publishing-process branch March 12, 2024 19:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants