feat(container)!: Update kube-prometheus-stack ( 67.11.0 → 68.0.0 ) #184

Workflow file for this run

.github/workflows/pre-pull-images.yaml at 4f94223

	---
	# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
	name: "Pre-pull Images"

	on:
	pull_request:
	branches: ["main"]
	paths:
	- kubernetes//apps/
	- kubernetes//flux/
	- kubernetes/shared/**

	concurrency:
	group: ${{ github.workflow }}-${{ github.event.number \|\| github.ref }}
	cancel-in-progress: true

	env:
	HOMEBREW_NO_ANALYTICS: "1"

	jobs:
	changed-clusters:
	name: Changed Clusters
	runs-on: ubuntu-latest
	outputs:
	matrix: ${{ steps.changed-clusters.outputs.all_changed_and_modified_files }}
	steps:
	- name: Configure 1password
	uses: 1password/load-secrets-action/configure@v2
	with:
	service-account-token: ${{ secrets.ONEPASS_SA_TOKEN }}

	- name: Get Secrets
	uses: 1password/load-secrets-action@v2
	with:
	export-env: true
	env:
	BOT_APP_ID: op://Kubernetes/github-bot/BOT_APP_ID
	BOT_APP_PRIVATE_KEY: op://Kubernetes/github-bot/BOT_APP_PRIVATE_KEY

	- name: Generate Token
	uses: actions/create-github-app-token@v1
	id: app-token
	with:
	app-id: ${{ env.BOT_APP_ID }}
	private-key: ${{ env.BOT_APP_PRIVATE_KEY }}

	- name: Checkout
	uses: actions/checkout@v4
	with:
	token: ${{ steps.app-token.outputs.token }}
	fetch-depth: 0

	- name: Get Changed Clusters
	id: changed-clusters
	uses: tj-actions/changed-files@v45
	with:
	files: kubernetes/**
	files_ignore: kubernetes/shared/**
	dir_names: true
	dir_names_max_depth: 2
	matrix: true

	- name: List All Changed Clusters
	run: echo ${{ steps.changed-clusters.outputs.all_changed_and_modified_files }}

	extract-images:
	name: Extract Images
	runs-on: ubuntu-latest
	needs: ["changed-clusters"]
	strategy:
	matrix:
	branches: ["default", "pull"]
	paths: ${{ fromJSON(needs.changed-clusters.outputs.matrix) }}
	fail-fast: false
	outputs:
	default: ${{ steps.extract-images.outputs.default }}
	pull: ${{ steps.extract-images.outputs.pull }}
	steps:
	- name: Configure 1password
	uses: 1password/load-secrets-action/configure@v2
	with:
	service-account-token: ${{ secrets.ONEPASS_SA_TOKEN }}

	- name: Get Secrets
	uses: 1password/load-secrets-action@v2
	with:
	export-env: true
	env:
	BOT_APP_ID: op://Kubernetes/github-bot/BOT_APP_ID
	BOT_APP_PRIVATE_KEY: op://Kubernetes/github-bot/BOT_APP_PRIVATE_KEY

	- name: Generate Token
	uses: actions/create-github-app-token@v1
	id: app-token
	with:
	app-id: ${{ env.BOT_APP_ID }}
	private-key: ${{ env.BOT_APP_PRIVATE_KEY }}

	- name: Checkout
	uses: actions/checkout@v4
	with:
	token: "${{ steps.app-token.outputs.token }}"
	ref: "${{ matrix.branches == 'default' && github.event.repository.default_branch \|\| '' }}"

	- name: Gather Images
	uses: docker://ghcr.io/allenporter/flux-local:v7.0.0
	with:
	args: >-
	get cluster
	--path /github/workspace/${{ matrix.paths }}/flux
	--enable-images
	--output yaml
	--output-file images.yaml

	- name: Extract Images
	id: extract-images
	run: \|
	images=$(yq --indent=0 --output-format=json \
	'[.. \| .images? \| select(. != null)] \| flatten \| sort \| unique' images.yaml \
	)
	echo "${{ matrix.branches }}=${images}" >> $GITHUB_OUTPUT

	compare-images:
	name: Compare Images
	runs-on: ubuntu-latest
	needs: ["extract-images"]
	outputs:
	images: ${{ steps.compare-images.outputs.images }}
	steps:
	- name: Compare Images
	id: compare-images
	run: \|
	images=$(jq --compact-output --null-input \
	--argjson f1 '${{ needs.extract-images.outputs.default }}' \
	--argjson f2 '${{ needs.extract-images.outputs.pull }}' \
	'$f2 - $f1' \
	)
	echo "images=${images}" >> $GITHUB_OUTPUT

	pre-pull-images:
	if: ${{ needs.compare-images.outputs.images != '[]' }}
	name: Pre-pull Images
	runs-on: ["home-ops-runner"]
	needs: ["compare-images", "changed-clusters"]
	strategy:
	matrix:
	images: ${{ fromJSON(needs.compare-images.outputs.images) }}
	paths: ${{ fromJSON(needs.changed-clusters.outputs.matrix) }}
	max-parallel: 4
	fail-fast: false
	steps:
	- name: Grab Cluster Name
	run: \|
	cluster="${{ matrix.paths }}"
	cluster="${cluster/kubernetes\//}"
	echo "cluster=${cluster^^}" >> $GITHUB_ENV

	- name: Configure 1password
	uses: 1password/load-secrets-action/configure@v2
	with:
	service-account-token: ${{ secrets.ONEPASS_SA_TOKEN }}

	- name: Get Secrets
	uses: 1password/load-secrets-action@v2
	with:
	export-env: true
	env:
	TALOSCONFIG_BASE64: op://Kubernetes/kubernetes/TALOSCONFIG_${{ env.cluster }}_BASE64

	- name: Write talosconfig
	id: talosconfig
	uses: timheuer/base64-to-file@v1
	with:
	encodedString: "${{ env.TALOSCONFIG_BASE64 }}"
	fileName: talosconfig

	- name: Setup Homebrew
	uses: Homebrew/actions/setup-homebrew@master

	- name: Setup Workflow Tools
	run: brew install siderolabs/tap/talosctl

	- name: Pre-pull Image
	env:
	TALOSCONFIG: ${{ steps.talosconfig.outputs.filePath }}
	run: \|
	NODE=$(talosctl config info --output json \| jq --raw-output '.nodes[]' \| shuf -n 1)
	talosctl -n $NODE image pull ${{ matrix.images }}

	# Summarize matrix https://github.community/t/status-check-for-a-matrix-jobs/127354/7
	pre-pull-images-success:
	if: ${{ always() }}
	needs: ["pre-pull-images"]
	name: Pre-pull Images Successful
	runs-on: ubuntu-latest
	steps:
	- if: ${{ contains(needs..result, 'failure') \|\| contains(needs..result, 'cancelled') }}
	name: Check matrix status
	run: exit 1

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat(container)!: Update kube-prometheus-stack ( 67.11.0 → 68.0.0 ) #184

Workflow file

feat(container)!: Update kube-prometheus-stack ( 67.11.0 → 68.0.0 ) #184

Jobs

Run details

Workflow file for this run