updatecli: use shared updatecli policies (#191)

Author: v1v

.ci/update-specs.yml

@@ -0,0 +1,2 @@
+spec_path: utils/ecs-logging/spec.json
+signedcommit: true

.ci/updatecli/values.d/ecs-logging-specs.yml

@@ -0,0 +1,9 @@
+scm:
+  enabled: true
+  owner: elastic
+  repository: ecs-logging-nodejs
+  branch: main
+  # begin update-compose policy values
+  user: obltmachine
+  email: [email protected]
+  # end update-compose policy values

.ci/updatecli/values.d/scm.yml

@@ -0,0 +1,3 @@
+spec:
+  files:
+    - "update-compose.yaml"

.ci/updatecli/values.d/update-compose.yml

@@ -11,15 +11,35 @@ permissions:
   contents: read
 
 jobs:
-  bump:
+  compose:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: read
     steps:
+      - uses: actions/checkout@v4
 
-      - uses: actions/checkout@v3
+      - uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - uses: elastic/oblt-actions/updatecli/run@v1
+        with:
+          command: --experimental compose diff
+        env:
+          GITHUB_TOKEN: ${{ secrets.UPDATECLI_GH_TOKEN }}
+
+      - uses: elastic/oblt-actions/updatecli/run@v1
+        with:
+          command: --experimental compose apply
+        env:
+          GITHUB_TOKEN: ${{ secrets.UPDATECLI_GH_TOKEN }}
 
-      - uses: elastic/apm-pipeline-library/.github/actions/updatecli@current
+      - if: failure()
+        uses: elastic/oblt-actions/slack/send@v1
         with:
-          vaultUrl: ${{ secrets.VAULT_ADDR }}
-          vaultRoleId: ${{ secrets.VAULT_ROLE_ID }}
-          vaultSecretId: ${{ secrets.VAULT_SECRET_ID }}
-          pipeline: ./.ci/update-specs.yml
+          bot-token: ${{ secrets.SLACK_BOT_TOKEN }}
+          channel-id: "#apm-agent-nodejs"
+          message: ":traffic_cone: updatecli failed for `${{ github.repository }}@${{ github.ref_name }}`, @robots-ci please look what's going on <https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}|here>"

.github/workflows/update-specs.yml

@@ -0,0 +1,14 @@
+# Config file for `updatecli compose ...`.
+# https://www.updatecli.io/docs/core/compose/
+policies:
+  - name: Handle ecs-logging specs
+    policy: ghcr.io/elastic/oblt-updatecli-policies/apm/ecs-logging-specs:0.3.0@sha256:6c765407764d391d6d65b04c54ba409977decc24a000d5b8d7839f58bcd07c5b
+    values:
+      - .ci/updatecli/values.d/scm.yml
+      - .ci/updatecli/values.d/ecs-logging-specs.yml
+
+  - name: Update Updatecli policies
+    policy: ghcr.io/updatecli/policies/autodiscovery/updatecli:0.4.0@sha256:254367f5b1454fd6032b88b314450cd3b6d5e8d5b6c953eb242a6464105eb869
+    values:
+      - .ci/updatecli/values.d/scm.yml
+      - .ci/updatecli/values.d/update-compose.yml