|
1 | 1 | #!/usr/bin/env bash |
2 | 2 | set -e -u -o pipefail |
3 | 3 |
|
4 | | -declare -r SCRIPT_NAME=$(basename "$0") |
5 | | -declare -r SCRIPT_DIR=$(cd $(dirname "$0") && pwd) |
6 | | -declare -r USERNAME=${REGISTRY_USER} |
7 | | -declare -r PASSWORD=${REGISTRY_PASSWORD} |
8 | | - |
9 | | -log() { |
10 | | - local level=$1; shift |
11 | | - echo -e "$level: $@" |
12 | | -} |
13 | | - |
14 | | - |
15 | | -err() { |
16 | | - log "ERROR" "$@" >&2 |
17 | | -} |
18 | | - |
19 | | -info() { |
20 | | - log "INFO" "$@" |
21 | | -} |
22 | | - |
23 | | -die() { |
24 | | - local code=$1; shift |
25 | | - local msg="$@"; shift |
26 | | - err $msg |
27 | | - exit $code |
28 | | -} |
29 | | - |
30 | | -usage() { |
31 | | - local msg="$1" |
32 | | - cat <<-EOF |
33 | | -Error: $msg |
34 | | -
|
35 | | -USAGE: |
36 | | - REGISTRY_USER=<registry user name> REGISTRY_PASSWORD=<registry password> $SCRIPT_NAME |
37 | | -
|
38 | | -Example: |
39 | | - REGISTRY_USER=johnsmith REGISTRY_PASSWORD=pass123 $SCRIPT_NAME |
40 | | -EOF |
41 | | - exit 1 |
42 | | -} |
43 | | - |
44 | | -#declare -r CATALOG_VERSION="release-v0.7" |
45 | | - |
| 4 | +# Images to update |
46 | 5 | declare -A IMAGES=( |
47 | 6 | ["buildah"]="registry.redhat.io/rhel9/buildah" |
48 | | - ["kn"]="registry.redhat.io/openshift-serverless-1/kn-client-kn-rhel8" |
49 | | - ["postgresql"]="registry.redhat.io/rhel9/postgresql-13" |
| 7 | + ["kn"]="registry.redhat.io/openshift-serverless-1/kn-client-kn-rhel9" |
| 8 | + ["postgresql"]="registry.redhat.io/rhel9/postgresql-15" |
50 | 9 | ["skopeo-copy"]="registry.redhat.io/rhel9/skopeo" |
51 | | - ["s2i"]="registry.redhat.io/source-to-image/source-to-image-rhel8" |
| 10 | + ["s2i"]="registry.redhat.io/source-to-image/source-to-image-rhel9" |
52 | 11 | ["ubi-minimal"]="registry.redhat.io/ubi9/ubi-minimal" |
53 | 12 | ["java"]="registry.redhat.io/ubi9/openjdk-17" |
54 | 13 | ) |
55 | 14 |
|
56 | | -registry_login() { |
57 | | - podman login --username=${USERNAME} --password=${PASSWORD} registry.redhat.io |
58 | | -} |
| 15 | +# Find latest version/tag for an image |
| 16 | +find_latest_version() { |
| 17 | + local image=$1 |
| 18 | + # Try to get version from Labels first |
| 19 | + local version=$(skopeo inspect docker://${image} 2>/dev/null | jq -r '.Labels.version // empty') |
59 | 20 |
|
60 | | -find_latest_versions() { |
61 | | - local image_registry=${1:-""} |
62 | | - local latest_version="" |
63 | | - if ! skopeo inspect docker://${image_registry} 2>/dev/null | jq '.Labels.version' | tr -d '"' |
64 | | - then |
65 | | - podman search --list-tags ${image_registry} | grep -v NAME | tr -s ' ' | cut -d ' ' -f 2 | sort -r | grep -v '\-[a-z0-9\.]*$' | head -n 1 |
| 21 | + # If no version label, get latest tag |
| 22 | + if [[ -z "$version" ]]; then |
| 23 | + version=$(skopeo list-tags docker://${image} | jq -r '.Tags[]' | sort -r | grep -v '\-[a-z0-9\.]*$' | head -n 1) |
66 | 24 | fi |
67 | | -} |
68 | 25 |
|
69 | | -find_sha_from_tag() { |
70 | | - local image_url=${1:-""} |
71 | | - podman run --rm docker.io/mplatform/manifest-tool:v2.0.0 --username=${USERNAME} --password=${PASSWORD} inspect $image_url --raw | jq '.digest' | tr -d '"' |
| 26 | + echo "$version" |
72 | 27 | } |
73 | 28 |
|
74 | | -update_image_sha() { |
75 | | - local image_prefix=${1:-""} |
76 | | - shift |
77 | | - local image_sha=${1:-""} |
78 | | - shift |
79 | | - echo replacemnet var = ${image_prefix} |
80 | | - sed -i -E 's%('${image_prefix}').*%\1@'${image_sha}'%' config/openshift/base/operator.yaml |
81 | | - sed -i -E 's%('${image_prefix}').*%\1@'${image_sha}'%' operatorhub/openshift/config.yaml |
82 | | - sed -i -E 's%('${image_prefix}').*%\1@'${image_sha}'%' operatorhub/openshift/release-artifacts/bundle/manifests/*.yaml |
83 | | - find cmd/openshift/operator/kodata/tekton-addon/addons/ -type f -name "*.yaml" -exec sed -i -E 's%('${image_prefix}').*%\1@'${image_sha}'%' {} + |
| 29 | +# Get manifest list digest for an image:tag (multi-arch) |
| 30 | +get_manifest_list_digest() { |
| 31 | + local image_url=$1 |
| 32 | + skopeo inspect --no-tags docker://${image_url} | jq -r '.Digest' |
84 | 33 | } |
85 | 34 |
|
| 35 | +# Update image SHA in YAML files |
| 36 | +update_yaml_files() { |
| 37 | + local image_prefix=$1 |
| 38 | + local image_sha=$2 |
| 39 | + |
| 40 | + echo "Updating: ${image_prefix} -> ${image_sha}" |
86 | 41 |
|
| 42 | + # Update all YAML files |
| 43 | + sed -i -E "s%(${image_prefix}).*%\1@${image_sha}%" config/openshift/base/operator.yaml |
| 44 | + sed -i -E "s%(${image_prefix}).*%\1@${image_sha}%" operatorhub/openshift/config.yaml |
| 45 | + sed -i -E "s%(${image_prefix}).*%\1@${image_sha}%" operatorhub/openshift/release-artifacts/bundle/manifests/*.yaml |
| 46 | + find cmd/openshift/operator/kodata/tekton-addon/addons/ -type f -name "*.yaml" -exec sed -i -E "s%(${image_prefix}).*%\1@${image_sha}%" {} + |
| 47 | +} |
| 48 | + |
| 49 | +# Main |
87 | 50 | main() { |
88 | | - registry_login |
89 | | - for image in ${!IMAGES[@]}; do |
90 | | - latest_version=$(find_latest_versions ${IMAGES[$image]}) |
91 | | - echo latest_version=$latest_version |
92 | | - image_url="${IMAGES[$image]}":"${latest_version}" |
93 | | - echo $image_url |
94 | | - image_sha=$(find_sha_from_tag "${image_url}") |
95 | | - echo image_sha=${image_sha} |
96 | | - update_image_sha "${IMAGES[$image]}" $image_sha |
| 51 | + echo "Updating Red Hat images to latest SHAs..." |
| 52 | + echo |
| 53 | + |
| 54 | + for image_name in "${!IMAGES[@]}"; do |
| 55 | + image_registry="${IMAGES[$image_name]}" |
| 56 | + |
| 57 | + echo "Processing: $image_name" |
| 58 | + latest_version=$(find_latest_version "$image_registry") |
| 59 | + echo " Latest version: $latest_version" |
| 60 | + |
| 61 | + image_url="${image_registry}:${latest_version}" |
| 62 | + image_sha=$(get_manifest_list_digest "$image_url") |
| 63 | + echo " SHA: $image_sha" |
97 | 64 |
|
| 65 | + update_yaml_files "$image_registry" "$image_sha" |
| 66 | + echo |
98 | 67 | done |
99 | 68 |
|
100 | | - return $? |
| 69 | + echo "✓ All images updated successfully" |
101 | 70 | } |
102 | 71 |
|
103 | 72 | main "$@" |
0 commit comments