From fa3407beb4cf33e2dc97913e2073240c452b7d36 Mon Sep 17 00:00:00 2001 From: Tom Martensen Date: Fri, 24 Oct 2025 10:48:56 +0200 Subject: [PATCH 1/3] update script --- README.md | 4 +- scripts/bump_go_version.sh | 290 +++++++++++++++++++------------------ 2 files changed, 147 insertions(+), 147 deletions(-) diff --git a/README.md b/README.md index 4ac0c518..485747a1 100644 --- a/README.md +++ b/README.md @@ -36,6 +36,4 @@ To bump the Go version across all Docker images in this repository, use the auto - Clean git working tree (no uncommitted changes) - Push access to the repository -- (Optional) [GitHub CLI](https://cli.github.com/) for automatic PR creation - -If GitHub CLI is not installed, the script will provide a link to manually create the PR. +- [GitHub CLI](https://cli.github.com/) installed and authenticated diff --git a/scripts/bump_go_version.sh b/scripts/bump_go_version.sh index 63c33181..45a241bc 100755 --- a/scripts/bump_go_version.sh +++ b/scripts/bump_go_version.sh @@ -6,184 +6,186 @@ set -euo pipefail -# Colors for output -RED='\033[0;31m' -GREEN='\033[0;32m' -YELLOW='\033[1;33m' -NC='\033[0m' # No Color - function info() { - echo -e "${GREEN}[INFO]${NC} $1" + echo "[INFO] $1" } function error() { - echo -e "${RED}[ERROR]${NC} $1" >&2 + echo "[ERROR] $1" >&2 } function warning() { - echo -e "${YELLOW}[WARNING]${NC} $1" + echo "[WARNING] $1" } -# Check if target version is provided -if [ $# -ne 1 ]; then - error "Usage: $0 " - error "Example: $0 1.24.6" - exit 1 -fi +function update_dockerfiles() { + # Fetch the Go download page + info "Fetching Go download information from https://go.dev/dl/..." + GO_DL_PAGE=$(curl -sSL "https://go.dev/dl/") -TARGET_VERSION="$1" + # Extract SHA256 for linux-amd64 + # The HTML structure looks like: ...go1.24.6.linux-amd64.tar.gz...SHA256_HASH... + SHA256=$(echo "$GO_DL_PAGE" | grep -A 50 "go${TARGET_VERSION}.linux-amd64.tar.gz" | sed -n 's/.*\([a-f0-9]\{64\}\)<\/tt>.*/\1/p' | head -1) -# Validate version format (should be like 1.24.6) -if ! [[ "$TARGET_VERSION" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then - error "Invalid version format: $TARGET_VERSION" - error "Expected format: X.Y.Z (e.g., 1.24.6)" - exit 1 -fi - -info "Target Go version: $TARGET_VERSION" - -# Get the repository root -REPO_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)" -cd "$REPO_ROOT" - -# Ensure we're on a clean working tree -if ! git diff-index --quiet HEAD -- 2>/dev/null; then - error "Working tree is not clean. Please commit or stash your changes first." - exit 1 -fi - -# Fetch the Go download page -info "Fetching Go download information from https://go.dev/dl/..." -GO_DL_PAGE=$(curl -sSL "https://go.dev/dl/") - -# Extract SHA256 for linux-amd64 -# The HTML structure looks like: ...go1.24.6.linux-amd64.tar.gz...SHA256_HASH... -SHA256=$(echo "$GO_DL_PAGE" | grep -A 50 "go${TARGET_VERSION}.linux-amd64.tar.gz" | sed -n 's/.*\([a-f0-9]\{64\}\)<\/tt>.*/\1/p' | head -1) - -if [ -z "$SHA256" ]; then - error "Failed to retrieve SHA256 checksum for Go version $TARGET_VERSION" - error "Please verify the version exists at https://go.dev/dl/" - error "Note: Archived versions may be further down the page" - exit 1 -fi + if [ -z "$SHA256" ]; then + error "Failed to retrieve SHA256 checksum for Go version $TARGET_VERSION" + error "Please verify the version exists at https://go.dev/dl/" + error "Note: Archived versions may be further down the page" + exit 1 + fi -info "Found SHA256: $SHA256" + info "Found SHA256: $SHA256" -# Find all Dockerfiles that contain GOLANG_VERSION -info "Finding Dockerfiles with GOLANG_VERSION..." -mapfile -t DOCKERFILES < <(grep -rl "ARG GOLANG_VERSION=" images/ 2>/dev/null | sort) + # Find all Dockerfiles that contain GOLANG_VERSION + info "Finding Dockerfiles with GOLANG_VERSION..." + mapfile -t DOCKERFILES < <(grep -rl "ARG GOLANG_VERSION=" images/ 2>/dev/null | sort) -if [ ${#DOCKERFILES[@]} -eq 0 ]; then - error "No Dockerfiles found with GOLANG_VERSION argument" - exit 1 -fi - -info "Found ${#DOCKERFILES[@]} Dockerfile(s) to update:" -for dockerfile in "${DOCKERFILES[@]}"; do - info " - $dockerfile" -done - -# Update each Dockerfile -info "Updating Dockerfiles..." -for dockerfile in "${DOCKERFILES[@]}"; do - if [ ! -f "$dockerfile" ]; then - warning "File not found: $dockerfile (skipping)" - continue + if [ ${#DOCKERFILES[@]} -eq 0 ]; then + error "No Dockerfiles found with GOLANG_VERSION argument" + exit 1 fi - info " - Updating $dockerfile" + info "Found ${#DOCKERFILES[@]} Dockerfile(s) to update:" + for dockerfile in "${DOCKERFILES[@]}"; do + info " - $dockerfile" + done + + # Update each Dockerfile + info "Updating Dockerfiles..." + for dockerfile in "${DOCKERFILES[@]}"; do + if [ ! -f "$dockerfile" ]; then + warning "File not found: $dockerfile (skipping)" + continue + fi + + info " - Updating $dockerfile" + + # Update GOLANG_VERSION + if grep -q "ARG GOLANG_VERSION=" "$dockerfile"; then + sed -i.bak "s/ARG GOLANG_VERSION=.*/ARG GOLANG_VERSION=${TARGET_VERSION}/" "$dockerfile" + else + warning " GOLANG_VERSION not found in $dockerfile" + fi + + # Update GOLANG_SHA256 + if grep -q "ARG GOLANG_SHA256=" "$dockerfile"; then + sed -i.bak "s/ARG GOLANG_SHA256=.*/ARG GOLANG_SHA256=${SHA256}/" "$dockerfile" + else + warning " GOLANG_SHA256 not found in $dockerfile" + fi + + # Remove backup files + rm -f "${dockerfile}.bak" + done + + info "All files updated successfully!" + + # Show the changes + info "Changes made:" + git diff +} - # Update GOLANG_VERSION - if grep -q "ARG GOLANG_VERSION=" "$dockerfile"; then - sed -i.bak "s/ARG GOLANG_VERSION=.*/ARG GOLANG_VERSION=${TARGET_VERSION}/" "$dockerfile" - else - warning " GOLANG_VERSION not found in $dockerfile" +function create_pr() { + # Create a new branch + BRANCH_NAME="bump-go-${TARGET_VERSION}" + info "Creating branch: $BRANCH_NAME" + git checkout -b "$BRANCH_NAME" + + # Stage the changes + info "Staging changes..." + for dockerfile in "${DOCKERFILES[@]}"; do + if [ -f "$dockerfile" ]; then + git add "$dockerfile" + fi + done + + # Commit the changes + COMMIT_MSG="Bump Go version to ${TARGET_VERSION} + + Updates GOLANG_VERSION and GOLANG_SHA256 across all Docker images. + + - GOLANG_VERSION: ${TARGET_VERSION} + - GOLANG_SHA256: ${SHA256} + - Archive: go${TARGET_VERSION}.linux-amd64.tar.gz" + + info "Committing changes..." + git commit -m "$COMMIT_MSG" + + # Push the branch + info "Pushing branch to origin..." + if ! git push -u origin "$BRANCH_NAME"; then + error "Failed to push branch. You may need to push manually:" + error " git push -u origin $BRANCH_NAME" + exit 1 fi - # Update GOLANG_SHA256 - if grep -q "ARG GOLANG_SHA256=" "$dockerfile"; then - sed -i.bak "s/ARG GOLANG_SHA256=.*/ARG GOLANG_SHA256=${SHA256}/" "$dockerfile" - else - warning " GOLANG_SHA256 not found in $dockerfile" - fi + # Create a pull request using GitHub CLI + info "Creating pull request..." + PR_TITLE="chore(go): Bump Go version to ${TARGET_VERSION}" + PR_BODY="This PR updates the Go version to ${TARGET_VERSION} across all Docker images. - # Remove backup files - rm -f "${dockerfile}.bak" -done + ## Changes + - Updated \`GOLANG_VERSION\` to ${TARGET_VERSION} + - Updated \`GOLANG_SHA256\` to ${SHA256} -info "All files updated successfully!" + ## Verification + - Archive: \`go${TARGET_VERSION}.linux-amd64.tar.gz\` + - SHA256: \`${SHA256}\` + - Source: https://go.dev/dl/ -# Show the changes -info "Changes made:" -git diff + ## Affected Files + $(printf '%s\n' "${DOCKERFILES[@]}" | sed 's/^/- `/' | sed 's/$/`/')" -# Create a new branch -BRANCH_NAME="bump-go-${TARGET_VERSION}" -info "Creating branch: $BRANCH_NAME" -git checkout -b "$BRANCH_NAME" + PR_URL=$(gh pr create --title "$PR_TITLE" --body "$PR_BODY" --draft) -# Stage the changes -info "Staging changes..." -for dockerfile in "${DOCKERFILES[@]}"; do - if [ -f "$dockerfile" ]; then - git add "$dockerfile" + if [ -n "$PR_URL" ]; then + info "Pull request created successfully!" + info "PR URL: $PR_URL" + else + error "Failed to create pull request" + exit 1 fi -done - -# Commit the changes -COMMIT_MSG="Bump Go version to ${TARGET_VERSION} - -Updates GOLANG_VERSION and GOLANG_SHA256 across all Docker images. - -- GOLANG_VERSION: ${TARGET_VERSION} -- GOLANG_SHA256: ${SHA256} -- Archive: go${TARGET_VERSION}.linux-amd64.tar.gz" + } -info "Committing changes..." -git commit -m "$COMMIT_MSG" +function main() { + update_dockerfiles + create_pr + info "Done! 🎉" +} -# Push the branch -info "Pushing branch to origin..." -if ! git push -u origin "$BRANCH_NAME"; then - error "Failed to push branch. You may need to push manually:" - error " git push -u origin $BRANCH_NAME" +# Check if GitHub CLI is installed +if ! command -v gh &> /dev/null; then + error "GitHub CLI (gh) is required but not installed." + error "Please install it from: https://cli.github.com/" exit 1 fi -# Create a pull request using GitHub CLI -info "Creating pull request..." -PR_TITLE="Bump Go version to ${TARGET_VERSION}" -PR_BODY="This PR updates the Go version to ${TARGET_VERSION} across all Docker images. +# Check if target version is provided +if [ $# -ne 1 ]; then + error "Usage: $0 " + error "Example: $0 1.24.6" + exit 1 +fi -## Changes -- Updated \`GOLANG_VERSION\` to ${TARGET_VERSION} -- Updated \`GOLANG_SHA256\` to ${SHA256} +TARGET_VERSION="$1" -## Verification -- Archive: \`go${TARGET_VERSION}.linux-amd64.tar.gz\` -- SHA256: \`${SHA256}\` -- Source: https://go.dev/dl/ +# Validate version format (should be like 1.24.6) +if ! [[ "$TARGET_VERSION" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then + error "Invalid version format: $TARGET_VERSION" + error "Expected format: X.Y.Z (e.g., 1.24.6)" + exit 1 +fi -## Affected Files -$(printf '%s\n' "${DOCKERFILES[@]}" | sed 's/^/- `/' | sed 's/$/`/')" +info "Target Go version: $TARGET_VERSION" -if command -v gh &> /dev/null; then - PR_URL=$(gh pr create --title "$PR_TITLE" --body "$PR_BODY" --web 2>&1 | tee /dev/tty | grep -o 'https://github.com/[^[:space:]]*' || true) +# Get the repository root +REPO_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)" +cd "$REPO_ROOT" - if [ -n "$PR_URL" ]; then - info "Pull request created successfully!" - info "PR URL: $PR_URL" - else - warning "GitHub CLI installed but PR creation may have failed." - warning "Please check the output above or create the PR manually at:" - warning " https://github.com/stackrox/rox-ci-image/compare/$BRANCH_NAME" - fi -else - warning "GitHub CLI (gh) is not installed." - warning "Please create a pull request manually at:" - warning " https://github.com/stackrox/rox-ci-image/compare/$BRANCH_NAME" - warning "" - warning "Or install GitHub CLI: https://cli.github.com/" +# Ensure we're on a clean working tree +if ! git diff-index --quiet HEAD -- 2>/dev/null; then + error "Working tree is not clean. Please commit or stash your changes first." + exit 1 fi -info "Done! 🎉" +main "$@" From 5fd6b1ce9c68ba78a96b597bccf8a25d3a4abbfe Mon Sep 17 00:00:00 2001 From: Tom Martensen Date: Fri, 24 Oct 2025 11:06:06 +0200 Subject: [PATCH 2/3] fix PR body --- scripts/bump_go_version.sh | 22 +++++++++------------- 1 file changed, 9 insertions(+), 13 deletions(-) diff --git a/scripts/bump_go_version.sh b/scripts/bump_go_version.sh index 45a241bc..b82dc5de 100755 --- a/scripts/bump_go_version.sh +++ b/scripts/bump_go_version.sh @@ -79,10 +79,6 @@ function update_dockerfiles() { done info "All files updated successfully!" - - # Show the changes - info "Changes made:" - git diff } function create_pr() { @@ -124,17 +120,17 @@ function create_pr() { PR_TITLE="chore(go): Bump Go version to ${TARGET_VERSION}" PR_BODY="This PR updates the Go version to ${TARGET_VERSION} across all Docker images. - ## Changes - - Updated \`GOLANG_VERSION\` to ${TARGET_VERSION} - - Updated \`GOLANG_SHA256\` to ${SHA256} +## Changes +- Updated \`GOLANG_VERSION\` to ${TARGET_VERSION} +- Updated \`GOLANG_SHA256\` to ${SHA256} - ## Verification - - Archive: \`go${TARGET_VERSION}.linux-amd64.tar.gz\` - - SHA256: \`${SHA256}\` - - Source: https://go.dev/dl/ +## Verification +- Archive: \`go${TARGET_VERSION}.linux-amd64.tar.gz\` +- SHA256: \`${SHA256}\` +- Source: https://go.dev/dl/ - ## Affected Files - $(printf '%s\n' "${DOCKERFILES[@]}" | sed 's/^/- `/' | sed 's/$/`/')" +## Affected Files +$(printf '%s\n' "${DOCKERFILES[@]}" | sed 's/^/- `/' | sed 's/$/`/')" PR_URL=$(gh pr create --title "$PR_TITLE" --body "$PR_BODY" --draft) From 978590ac6dba0edcfd9a1a53c98b35f0a3d61ae5 Mon Sep 17 00:00:00 2001 From: Tom Martensen Date: Fri, 24 Oct 2025 11:06:38 +0200 Subject: [PATCH 3/3] Bump Go version to 1.24.8 Updates GOLANG_VERSION and GOLANG_SHA256 across all Docker images. - GOLANG_VERSION: 1.24.8 - GOLANG_SHA256: 6842c516ca66c89d648a7f1dbe28e28c47b61b59f8f06633eb2ceb1188e9251d - Archive: go1.24.8.linux-amd64.tar.gz --- images/scanner-build.Dockerfile | 4 ++-- images/stackrox-build.Dockerfile | 4 ++-- images/stackrox-ui-test.Dockerfile | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/images/scanner-build.Dockerfile b/images/scanner-build.Dockerfile index b0f098e6..3f4fe1b7 100644 --- a/images/scanner-build.Dockerfile +++ b/images/scanner-build.Dockerfile @@ -35,8 +35,8 @@ RUN dnf update -y && \ dnf clean all && \ rm -rf /var/cache/dnf /var/cache/yum -ARG GOLANG_VERSION=1.24.4 -ARG GOLANG_SHA256=77e5da33bb72aeaef1ba4418b6fe511bc4d041873cbf82e5aa6318740df98717 +ARG GOLANG_VERSION=1.24.8 +ARG GOLANG_SHA256=6842c516ca66c89d648a7f1dbe28e28c47b61b59f8f06633eb2ceb1188e9251d ENV GOPATH /go ENV PATH $GOPATH/bin:/usr/local/go/bin:$PATH RUN url="https://dl.google.com/go/go${GOLANG_VERSION}.linux-amd64.tar.gz" && \ diff --git a/images/stackrox-build.Dockerfile b/images/stackrox-build.Dockerfile index 477493e5..dc85e7e1 100644 --- a/images/stackrox-build.Dockerfile +++ b/images/stackrox-build.Dockerfile @@ -55,8 +55,8 @@ RUN dnf update -y && \ dnf clean all && \ rm -rf /var/cache/dnf /var/cache/yum -ARG GOLANG_VERSION=1.24.4 -ARG GOLANG_SHA256=77e5da33bb72aeaef1ba4418b6fe511bc4d041873cbf82e5aa6318740df98717 +ARG GOLANG_VERSION=1.24.8 +ARG GOLANG_SHA256=6842c516ca66c89d648a7f1dbe28e28c47b61b59f8f06633eb2ceb1188e9251d ENV GOPATH /go ENV PATH $GOPATH/bin:/usr/local/go/bin:$PATH RUN url="https://dl.google.com/go/go${GOLANG_VERSION}.linux-amd64.tar.gz" && \ diff --git a/images/stackrox-ui-test.Dockerfile b/images/stackrox-ui-test.Dockerfile index ebc4edbf..4f2b70d0 100644 --- a/images/stackrox-ui-test.Dockerfile +++ b/images/stackrox-ui-test.Dockerfile @@ -72,8 +72,8 @@ RUN dnf update -y \ && dnf clean all \ && rm -rf /var/cache/dnf /var/cache/yum -ARG GOLANG_VERSION=1.24.4 -ARG GOLANG_SHA256=77e5da33bb72aeaef1ba4418b6fe511bc4d041873cbf82e5aa6318740df98717 +ARG GOLANG_VERSION=1.24.8 +ARG GOLANG_SHA256=6842c516ca66c89d648a7f1dbe28e28c47b61b59f8f06633eb2ceb1188e9251d ENV GOPATH /go ENV PATH $GOPATH/bin:/usr/local/go/bin:$PATH RUN url="https://dl.google.com/go/go${GOLANG_VERSION}.linux-amd64.tar.gz" && \