From 0d273cc38535d3fb335f6adada6fe4d9e99617f2 Mon Sep 17 00:00:00 2001
From: Derek Nola <derek.nola@suse.com>
Date: Tue, 6 Feb 2024 21:07:12 -0800
Subject: [PATCH] Expand updatecli action to open updates on release branches

Signed-off-by: Derek Nola <derek.nola@suse.com>
---
 .github/workflows/updatecli.yaml         | 41 +++++++++++++++++++++++-
 updatecli/matrix.yaml                    | 10 ++++++
 updatecli/updatecli.d/golang-alpine.yaml |  2 +-
 updatecli/updatecli.d/sonobuoy.yaml      |  2 +-
 updatecli/updatecli.d/trivy.yaml         |  2 +-
 5 files changed, 53 insertions(+), 4 deletions(-)
 create mode 100644 updatecli/matrix.yaml

diff --git a/.github/workflows/updatecli.yaml b/.github/workflows/updatecli.yaml
index e3eee2675324..1ff88ec23e87 100644
--- a/.github/workflows/updatecli.yaml
+++ b/.github/workflows/updatecli.yaml
@@ -38,9 +38,48 @@ jobs:
       - name: Install Updatecli
         uses: updatecli/updatecli-action@v2
 
-      - name: Apply Updatecli
+      - name: Apply Updatecli to master branch
         # Never use '--debug' option, because it might leak the access tokens.
         run: "updatecli apply --clean --config ./updatecli/updatecli.d/ --values ./updatecli/values.yaml"
         env:
           UPDATECLI_GITHUB_ACTOR: ${{ github.actor }}
           UPDATECLI_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  updatecli-matrix:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      issues: write
+      pull-requests: write
+    strategy:
+      matrix:
+        release: [1.26, 1.27, 1.28]
+    if: github.ref == 'refs/heads/master'
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Install Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: 'stable'
+
+      - name: Delete leftover UpdateCLI branches
+        run: |
+          gh pr list --search "is:closed is:pr head:updatecli_" --json headRefName --jq ".[].headRefName" | sort -u > closed_prs_branches.txt
+          gh pr list --search "is:open is:pr head:updatecli_" --json headRefName --jq ".[].headRefName" | sort -u > open_prs_branches.txt
+          for branch in $(comm -23 closed_prs_branches.txt open_prs_branches.txt); do if (git ls-remote --exit-code --heads origin "$branch"); then echo "Deleting leftover UpdateCLI branch - $branch"; git push origin --delete "$branch"; fi done
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Install Updatecli
+        uses: updatecli/updatecli-action@v2
+
+      - name: Inject branch from matrix
+        run: sed -i "s/XXX/${{ matrix.release }}/g" ./updatecli/matrix.yaml
+
+      - name: Apply Updatecli to matrix of release branch
+        # Never use '--debug' option, because it might leak the access tokens.
+        run: "updatecli apply --clean --config ./updatecli/updatecli.d/ --values ./updatecli/matrix.yaml"
+        env:
+          UPDATECLI_GITHUB_ACTOR: ${{ github.actor }}
+          UPDATECLI_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/updatecli/matrix.yaml b/updatecli/matrix.yaml
new file mode 100644
index 000000000000..6890311eecf5
--- /dev/null
+++ b/updatecli/matrix.yaml
@@ -0,0 +1,10 @@
+# This is used as a template to inject the matrix configuration into the updatecli command
+github:
+  user: "github-actions[bot]"
+  email: "41898282+github-actions[bot]@users.noreply.github.com"
+  username: "UPDATECLI_GITHUB_ACTOR"
+  token: "UPDATECLI_GITHUB_TOKEN"
+k3s:
+  org: "k3s-io"
+  repo: "k3s"
+  branch: "release-XXX"
\ No newline at end of file
diff --git a/updatecli/updatecli.d/golang-alpine.yaml b/updatecli/updatecli.d/golang-alpine.yaml
index 0206506cec0f..eb5937beaecf 100644
--- a/updatecli/updatecli.d/golang-alpine.yaml
+++ b/updatecli/updatecli.d/golang-alpine.yaml
@@ -16,7 +16,7 @@ scms:
 
 actions:
   github:
-    title: "Bump golang:alpine image version"
+    title: "[{{ .k3s.branch }}] Bump golang:alpine image version"
     kind: "github/pullrequest"
     scmid: "k3s"
     spec:
diff --git a/updatecli/updatecli.d/sonobuoy.yaml b/updatecli/updatecli.d/sonobuoy.yaml
index 62f241ea5f43..fa9b0422ee64 100644
--- a/updatecli/updatecli.d/sonobuoy.yaml
+++ b/updatecli/updatecli.d/sonobuoy.yaml
@@ -14,7 +14,7 @@ scms:
 
 actions:
   github:
-    title: "Bump Sonobuoy version"
+    title: "[{{ .k3s.branch }}] Bump Sonobuoy version"
     kind: "github/pullrequest"
     scmid: "k3s"
     spec:
diff --git a/updatecli/updatecli.d/trivy.yaml b/updatecli/updatecli.d/trivy.yaml
index f6fae4055322..1617970ef53b 100644
--- a/updatecli/updatecli.d/trivy.yaml
+++ b/updatecli/updatecli.d/trivy.yaml
@@ -16,7 +16,7 @@ scms:
 
 actions:
   github:
-    title: "Bump Trivy version"
+    title: "[{{ .k3s.branch }}] Bump Trivy version"
     kind: "github/pullrequest"
     scmid: "k3s"
     spec: