feat: add update pipeline to update containers in app.yaml

Signed-off-by: Olivier Vernin <[email protected]>

.github/updatecli/updatecli.d/apps/containers.tpl

@@ -0,0 +1,83 @@
+#
+# This policy updates container image tags defined in files app.yaml
+# containers to monitor must be specified in the values file:
+# .github/updatecli/values.d/apps.yaml
+# 
+# The app/container policy generates one update pipeline per app where an app can contain multiple containers
+# To show generated pipeline you can run (from the root repository)
+#   updatecli manifest show --config .github/updatecli/updatecli.d/apps/containers.tpl --values .github/updatecli/values.d/scm.yaml --values .github/updatecli/values.d/apps.yaml
+# To test what this policy would change
+#   updatecli diff --config .github/updatecli/updatecli.d/apps/containers.tpl --values .github/updatecli/values.d/scm.yaml --values .github/updatecli/values.d/apps.yaml
+
+{{ $github := .github }}
+
+{{ range $id, $app := .apps }}
+---
+name: 'deps: bump container {{ $id }} tag'
+pipelineid: 'containers/{{ $id }}'
+sources:
+  {{ range $i, $container := $app }}
+  {{ $container.image }}:
+    name: 'Get latest tag for {{ $container.image }}'
+    kind: 'dockerimage'
+    spec:
+      image: '{{ $container.image }}'
+      {{ if $container.tagfilter }}
+      tagfilter: '{{ $container.tagfilter }}'
+      {{ end }}
+      {{ if $container.versionfilter }}
+      versionfilter:
+{{ $container.versionfilter  | toYaml | indent 8 }}
+      {{ end }}
+  {{ end }}
+
+targets:
+  {{ range $i, $container := $app }}
+  {{ if eq $i 0 }}
+  manifest:
+    name: 'Update {{ $id }} /manifest.yaml'
+    kind: 'yaml'
+    sourceid: '{{ $container.image }}'
+    scmid: 'kubernetes-marketplace'
+    spec:
+      file: '{{ $id }}/manifest.yaml'
+      key: '$.version'
+  {{ end }}
+
+  {{ $container.image }}:
+    name: 'Update {{ $id }}/app.yaml'
+    kind: 'file'
+    scmid: 'kubernetes-marketplace'
+    disablesourceinput: true
+    spec:
+      file: '{{ $id }}/app.yaml'
+      matchpattern: '(?m)image: {{ $container.image }}:(.*)'
+      replacepattern: 'image: {{ $container.image }}:{{ "{{" }} source "{{ $container.image }}" {{ "}}" }}'
+  {{ end }}
+
+# Define git repository configuration to know where to push changes
+# Values are templated and provided via the values.yaml so we can easily 
+# adapt to the repository owner.
+scms:
+  kubernetes-marketplace:
+    kind: "github"
+    spec:
+      user: "{{ $github.user }}"
+      email: "{{ $github.email }}"
+      owner: "{{ $github.owner }}"
+      repository: "{{ $github.repository }}"
+      branch: "{{ $github.branch }}"
+      username: '{{ requiredEnv "UPDATECLI_GITHUB_ACTOR" }}'
+      token: '{{ requiredEnv "UPDATECLI_GITHUB_TOKEN" }}'
+
+actions:  
+  kubernetes-marketplace:
+    kind: "github/pullrequest"
+    scmid: "kubernetes-marketplace"
+    spec:
+      title: 'deps: bump container tag for {{ $id }}'
+      usetitleforautomerge: true
+      mergemethod: squash
+      labels:
+        - enhancement 
+{{ end }}

.github/updatecli/values.d/apps.yaml

@@ -0,0 +1,79 @@
+# The "apps" value is used by the Updatecli policy named "updatecli.d/apps/containers.tpl"
+# to automate docker image tag
+# apps is a map of container's array
+# The map id represents the directory name for a specific app.yaml file
+# the container array represents the container that needs to be updated for a specific app.yaml
+# container image specifies the container image that needs to be updated in the file <id>/app.yaml
+# The container tagfilter allows to restrict tags retrieved from a remote registry by using a regular expression.
+# container versionfilter provides parameters to specify version pattern and its type like regex, semver, or just latest.
+#
+# Please note that the version of the first container will be used as the manifest version in the file manifest.yaml
+apps:
+  civo-cluster-autoscaler:
+    - image: registry.k8s.io/autoscaling/cluster-autoscaler
+      versionfilter:
+        kind: semver
+  ferretdb:
+    - image: ghcr.io/ferretdb/ferretdb
+      versionfilter:
+        kind: semver
+    - image: postgres
+      tagfilter: '^(\d*).(\d*)$'
+      versionfilter:
+        kind: semver
+  ghost:
+    - image: ghost
+      versionfilter:
+        kind: semver
+        strict: true
+  joomla:
+    - image: joomla
+      versionfilter:
+        kind: semver
+  keycloak:
+    - image: quay.io/keycloak/keycloak
+      versionfilter:
+        kind: semver
+  kubesphere:
+    - image: kubesphere/ks-installer
+      versionfilter:
+        kind: semver
+  mariadb:
+    - image: mariadb
+      versionfilter:
+        kind: semver
+        pattern: '*'
+  nextcloud:
+    - image: nextcloud
+      versionfilter:
+        kind: semver
+  postgresql:
+    - image: postgres
+      tagfilter: '^(\d*).(\d*)$'
+      versionfilter:
+        kind: semver
+  rabbitmq:
+    - image: rabbitmq
+      tagfilter: '^(\d*)\.(\d*)\.(\d*)-management$'
+      versionfilter:
+        kind: semver
+        # for the semver constraint to work, we must explicitely mention
+        # that we want to include pre-release using the pattern >=0.0.0-0
+        pattern: '>=0.0.0-0'
+  redis:
+    - image: redis
+      tagfilter: '^(\d*).(\d*)-alpine$'
+  volcano:
+    - image: volcanosh/vc-webhook-manager
+      tagfilter: '^v(\d*).(\d*).(\d*)$'
+      versionfilter:
+        kind: semver
+    - image: volcanosh/vc-scheduler
+      tagfilter: '^v(\d*).(\d*).(\d*)$'
+      versionfilter:
+        kind: semver
+    - image: volcanosh/vc-controller-manager
+      tagfilter: '^v(\d*).(\d*).(\d*)$'
+      versionfilter:
+        kind: semver
+