[PATCH 1/1] ci: pin debian container based on commit date
0 views
Skip to first unread message
Felix Moessbauer
May 13, 2024, 10:17:54 AMMay 13
to kas-...@googlegroups.com, jan.k...@siemens.com, Felix Moessbauer
The ci container is based on a reproducible debian base container.
This container was selected based on the most recent tag for the
requested distribution (e.g. bookworm-<date>-slim). However, when
re-building old tags in the CI, the selected date needs to match the
commit date and not the current date. This logic is implemented in this
patch.
Signed-off-by: Felix Moessbauer <felix.mo...@siemens.com>
---
.github/actions/docker-init/action.yml | 7 +++++--
scripts/lower-bound.py | 9 +++++++++
2 files changed, 14 insertions(+), 2 deletions(-)
create mode 100755 scripts/lower-bound.py
diff --git a/.github/actions/docker-init/action.yml b/.github/actions/docker-init/action.yml
index 92fb5a9a9..64a525659 100644
--- a/.github/actions/docker-init/action.yml
+++ b/.github/actions/docker-init/action.yml
@@ -33,9 +33,12 @@ runs:
- name: Determine Debian tag
run: |
+ COMMIT_DATE=$(date -d @$(git log -1 --pretty=%ct) +%Y%m%d)
DEBIAN_RELEASE=$(grep -m 1 'ARG DEBIAN_TAG=' Dockerfile | sed 's/.*DEBIAN_TAG=\(.*\)-.*/\1/')
- echo "DEBIAN_TAG=$(podman image search --list-tags debian --limit 1000000000 | \
- grep "$DEBIAN_RELEASE-.*-slim" | sort -r | head -1 | sed 's/.*[ ]\+//')" >> $GITHUB_ENV
+ echo "DEBIAN_TAG=$(podman search --list-tags docker.io/debian --limit 1000000000 | \
+ grep "$DEBIAN_RELEASE-.*-slim" | sort -r | sed 's/.*[ ]\+//' | \
+ ./scripts/lower-bound.py $DEBIAN_RELEASE-$COMMIT_DATE-slim )" \
+ >> $GITHUB_ENV
shell: bash
- name: Prepare repository for COPY-in
diff --git a/scripts/lower-bound.py b/scripts/lower-bound.py
new file mode 100755
index 000000000..00681df77
--- /dev/null
+++ b/scripts/lower-bound.py
@@ -0,0 +1,9 @@
+#!/usr/bin/env python3
+# takes a reverse-sorted, line separated list and
+# returns the first element that is equal or smaller
+# than the first argument
+import sys
+for line in sys.stdin:
+ if line.rstrip() <= sys.argv[1]:
+ print(line.rstrip())
+ break
--
2.39.2
This container was selected based on the most recent tag for the
requested distribution (e.g. bookworm-<date>-slim). However, when
re-building old tags in the CI, the selected date needs to match the
commit date and not the current date. This logic is implemented in this
patch.
Signed-off-by: Felix Moessbauer <felix.mo...@siemens.com>
---
.github/actions/docker-init/action.yml | 7 +++++--
scripts/lower-bound.py | 9 +++++++++
2 files changed, 14 insertions(+), 2 deletions(-)
create mode 100755 scripts/lower-bound.py
diff --git a/.github/actions/docker-init/action.yml b/.github/actions/docker-init/action.yml
index 92fb5a9a9..64a525659 100644
--- a/.github/actions/docker-init/action.yml
+++ b/.github/actions/docker-init/action.yml
@@ -33,9 +33,12 @@ runs:
- name: Determine Debian tag
run: |
+ COMMIT_DATE=$(date -d @$(git log -1 --pretty=%ct) +%Y%m%d)
DEBIAN_RELEASE=$(grep -m 1 'ARG DEBIAN_TAG=' Dockerfile | sed 's/.*DEBIAN_TAG=\(.*\)-.*/\1/')
- echo "DEBIAN_TAG=$(podman image search --list-tags debian --limit 1000000000 | \
- grep "$DEBIAN_RELEASE-.*-slim" | sort -r | head -1 | sed 's/.*[ ]\+//')" >> $GITHUB_ENV
+ echo "DEBIAN_TAG=$(podman search --list-tags docker.io/debian --limit 1000000000 | \
+ grep "$DEBIAN_RELEASE-.*-slim" | sort -r | sed 's/.*[ ]\+//' | \
+ ./scripts/lower-bound.py $DEBIAN_RELEASE-$COMMIT_DATE-slim )" \
+ >> $GITHUB_ENV
shell: bash
- name: Prepare repository for COPY-in
diff --git a/scripts/lower-bound.py b/scripts/lower-bound.py
new file mode 100755
index 000000000..00681df77
--- /dev/null
+++ b/scripts/lower-bound.py
@@ -0,0 +1,9 @@
+#!/usr/bin/env python3
+# takes a reverse-sorted, line separated list and
+# returns the first element that is equal or smaller
+# than the first argument
+import sys
+for line in sys.stdin:
+ if line.rstrip() <= sys.argv[1]:
+ print(line.rstrip())
+ break
--
2.39.2
Jan Kiszka
May 14, 2024, 9:33:16 AMMay 14
to Felix Moessbauer, kas-...@googlegroups.com
Jan
--
Siemens AG, Technology
Linux Expert Center
Reply all
Reply to author
Forward
0 new messages