From 70c8a10e4389645af2a3fb9ae9077d52ccc63ef7 Mon Sep 17 00:00:00 2001 From: TuanAnh17N Date: Wed, 19 Feb 2025 18:23:37 +0100 Subject: [PATCH 1/7] check for upstream --- .github/actions/check-upstream/action.yaml | 28 ++++++++++++++++++++++ .github/workflows/update-dockerfile.yaml | 10 ++++++-- 2 files changed, 36 insertions(+), 2 deletions(-) create mode 100644 .github/actions/check-upstream/action.yaml diff --git a/.github/actions/check-upstream/action.yaml b/.github/actions/check-upstream/action.yaml new file mode 100644 index 0000000000..7e2c6529a8 --- /dev/null +++ b/.github/actions/check-upstream/action.yaml @@ -0,0 +1,28 @@ +name: Check Upstream +description: Checks if the repository is upstream (not a fork) using bash. +inputs: + token: + description: GitHub token to query the API + required: true +outputs: + is_upstream: + description: true if repository is upstream, false otherwise +runs: + using: composite + steps: + shell: bash + run: | + # Query the GitHub API for repository data + is_fork=$( + curl -sL -H 'Authorization: Bearer ${{ inputs.token }}' \ + https://api.github.com/repos/${{ github.repository }}) \ + | jq .fork + ) + echo "repo is a fork: ${is_fork}" + if [ "${is_fork}" = true ]; then + echo "Repository is a fork. Not upstream." + echo "is_upstream=false" >> $GITHUB_OUTPUT + else + echo "Repository is upstream." + echo "is_upstream=true" >> $GITHUB_OUTPUT + fi diff --git a/.github/workflows/update-dockerfile.yaml b/.github/workflows/update-dockerfile.yaml index 7765ff1c4b..b08457892a 100644 --- a/.github/workflows/update-dockerfile.yaml +++ b/.github/workflows/update-dockerfile.yaml @@ -25,6 +25,12 @@ jobs: - name: Setup Git Identity uses: ./.github/actions/setup-git-identity + - name: Check if repo is upstream + id: check_upstream + uses: ./.github/actions/check-upstream + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: Get latest Docker version id: get_docker_version run: | @@ -66,7 +72,7 @@ jobs: echo "changes_detected=true" >> $GITHUB_OUTPUT fi - name: Commit and Push Changes - if: steps.check_changes.outputs.changes_detected == 'true' + if: steps.check_changes.outputs.changes_detected == 'true' && steps.check_changes.outputs.changes_detected == 'true' run: | git add Dockerfile.job-image-base git commit -m "Update Dockerfile to use Docker \ @@ -76,7 +82,7 @@ jobs: git push origin $BRANCH --force - name: Create or Update Pull Request - if: steps.check_changes.outputs.changes_detected == 'true' + if: steps.check_changes.outputs.changes_detected == 'true' && steps.check_changes.outputs.changes_detected == 'true' run: | # Check if a pull request for the branch already exists pr_number=$(gh pr list --head $BRANCH --state open --json number --jq '.[].number') From b6fc90abcc1cc651f21213e39ce091224199d423 Mon Sep 17 00:00:00 2001 From: TuanAnh17N Date: Wed, 19 Feb 2025 18:28:28 +0100 Subject: [PATCH 2/7] fix --- .github/actions/check-upstream/action.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/check-upstream/action.yaml b/.github/actions/check-upstream/action.yaml index 7e2c6529a8..492eb7956e 100644 --- a/.github/actions/check-upstream/action.yaml +++ b/.github/actions/check-upstream/action.yaml @@ -1,5 +1,4 @@ name: Check Upstream -description: Checks if the repository is upstream (not a fork) using bash. inputs: token: description: GitHub token to query the API @@ -10,6 +9,7 @@ outputs: runs: using: composite steps: + - name: Check if repository is upstream shell: bash run: | # Query the GitHub API for repository data From 23080d19c7a5c8b79871ca8e123c85a1bc308f3e Mon Sep 17 00:00:00 2001 From: TuanAnh17N Date: Wed, 19 Feb 2025 18:31:42 +0100 Subject: [PATCH 3/7] another fix --- .github/actions/check-upstream/action.yaml | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/.github/actions/check-upstream/action.yaml b/.github/actions/check-upstream/action.yaml index 492eb7956e..ce045f0727 100644 --- a/.github/actions/check-upstream/action.yaml +++ b/.github/actions/check-upstream/action.yaml @@ -12,14 +12,11 @@ runs: - name: Check if repository is upstream shell: bash run: | - # Query the GitHub API for repository data - is_fork=$( - curl -sL -H 'Authorization: Bearer ${{ inputs.token }}' \ - https://api.github.com/repos/${{ github.repository }}) \ - | jq .fork - ) + # Query the GitHub API for repository data and extract the "fork" field + is_fork=$(curl -sL -H "Authorization: Bearer ${{ inputs.token }}" \ + "https://api.github.com/repos/${{ github.repository }}" | jq -r .fork) echo "repo is a fork: ${is_fork}" - if [ "${is_fork}" = true ]; then + if [ "${is_fork}" = "true" ]; then echo "Repository is a fork. Not upstream." echo "is_upstream=false" >> $GITHUB_OUTPUT else From db75b70f9e03017fde75e1051f6c3b26b6175ff4 Mon Sep 17 00:00:00 2001 From: TuanAnh17N Date: Wed, 19 Feb 2025 18:44:21 +0100 Subject: [PATCH 4/7] format --- .github/actions/check-upstream/action.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/actions/check-upstream/action.yaml b/.github/actions/check-upstream/action.yaml index ce045f0727..7609c5b33a 100644 --- a/.github/actions/check-upstream/action.yaml +++ b/.github/actions/check-upstream/action.yaml @@ -13,8 +13,10 @@ runs: shell: bash run: | # Query the GitHub API for repository data and extract the "fork" field - is_fork=$(curl -sL -H "Authorization: Bearer ${{ inputs.token }}" \ - "https://api.github.com/repos/${{ github.repository }}" | jq -r .fork) + is_fork=$( + curl -sL -H "Authorization: Bearer ${{ inputs.token }}" \ + https://api.github.com/repos/${{ github.repository }} | jq -r .fork + ) echo "repo is a fork: ${is_fork}" if [ "${is_fork}" = "true" ]; then echo "Repository is a fork. Not upstream." From 8fe567b9eed52a2c491cd83fb89215c6618f5a5e Mon Sep 17 00:00:00 2001 From: TuanAnh17N Date: Wed, 19 Feb 2025 18:45:52 +0100 Subject: [PATCH 5/7] another format --- .github/actions/check-upstream/action.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/actions/check-upstream/action.yaml b/.github/actions/check-upstream/action.yaml index 7609c5b33a..297ed73f6e 100644 --- a/.github/actions/check-upstream/action.yaml +++ b/.github/actions/check-upstream/action.yaml @@ -12,13 +12,13 @@ runs: - name: Check if repository is upstream shell: bash run: | - # Query the GitHub API for repository data and extract the "fork" field + # Query the GitHub API for repository data and extract the 'fork' field is_fork=$( - curl -sL -H "Authorization: Bearer ${{ inputs.token }}" \ + curl -sL -H 'Authorization: Bearer ${{ inputs.token }}'' \ https://api.github.com/repos/${{ github.repository }} | jq -r .fork ) echo "repo is a fork: ${is_fork}" - if [ "${is_fork}" = "true" ]; then + if [ "${is_fork}" = true ]; then echo "Repository is a fork. Not upstream." echo "is_upstream=false" >> $GITHUB_OUTPUT else From 707bce2aa17b48710228919516babe508bb52f12 Mon Sep 17 00:00:00 2001 From: TuanAnh17N Date: Wed, 19 Feb 2025 18:46:47 +0100 Subject: [PATCH 6/7] another format... --- .github/actions/check-upstream/action.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/check-upstream/action.yaml b/.github/actions/check-upstream/action.yaml index 297ed73f6e..1da1c0e5f8 100644 --- a/.github/actions/check-upstream/action.yaml +++ b/.github/actions/check-upstream/action.yaml @@ -14,7 +14,7 @@ runs: run: | # Query the GitHub API for repository data and extract the 'fork' field is_fork=$( - curl -sL -H 'Authorization: Bearer ${{ inputs.token }}'' \ + curl -sL -H 'Authorization: Bearer ${{ inputs.token }}' \ https://api.github.com/repos/${{ github.repository }} | jq -r .fork ) echo "repo is a fork: ${is_fork}" From 334c1de79a44d56174dd15a57aaeb30ebc96cfc5 Mon Sep 17 00:00:00 2001 From: Gardener-CICD Bot Date: Thu, 20 Feb 2025 01:43:10 +0000 Subject: [PATCH 7/7] Update Dockerfile to use Docker 28.0.0 and Buildx v0.21.0 --- Dockerfile.job-image-base | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile.job-image-base b/Dockerfile.job-image-base index 27e72ce894..b625231816 100644 --- a/Dockerfile.job-image-base +++ b/Dockerfile.job-image-base @@ -17,11 +17,11 @@ FROM alpine:3 ARG DOCKER_CHANNEL=stable -ARG DOCKER_VERSION=27.5.1 +ARG DOCKER_VERSION=28.0.0 ENV PATH=$PATH:/opt/docker ARG TARGETARCH -ARG DOCKER_BUILDX_VERSION=v0.20.1 +ARG DOCKER_BUILDX_VERSION=v0.21.0 COPY apk-packages.blacklist . COPY --from=builder /pkgs/usr /usr