Docker-Provider/.github/workflows/telegraf-upgrade.yml at ci_prod · microsoft/Docker-Provider · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
name: Telegraf Package Upgrade

on:
  schedule:
    # Run daily at 10 AM UTC
    - cron: '0 10 * * *'
  workflow_dispatch:

permissions:
  contents: write
  pull-requests: write

jobs:
  check-telegraf:
    name: Check for new telegraf-agent on PMC
    runs-on: ubuntu-latest
    steps:
      - name: Generate a token
        id: generate-token
        uses: actions/create-github-app-token@v3
        with:
          app-id: ${{ vars.APP_ID }}
          private-key: ${{ secrets.APP_PRIVATE_KEY }}

      - name: Checkout repository
        uses: actions/checkout@v4
        with:
          ref: ci_prod

      - name: Check for new telegraf version
        id: check
        run: |
          set -euo pipefail

          PMC_URL="https://packages.microsoft.com/azurelinux/3.0/prod/cloud-native/x86_64/Packages/t/"

          # Get latest telegraf-agent version from PMC (format: telegraf-agent-1.38.2-1)
          LATEST_PKG=$(curl -sf "$PMC_URL" \
            | grep -oP 'telegraf-agent-\K[0-9]+\.[0-9]+\.[0-9]+-[0-9]+(?=\.azl3)' \
            | sort -V | tail -1)

          if [ -z "$LATEST_PKG" ]; then
            echo "ERROR: Could not determine latest telegraf version from PMC"
            exit 1
          fi

          # Extract version (e.g., 1.38.2) and full package ref (e.g., 1.38.2-1)
          LATEST_VERSION=$(echo "$LATEST_PKG" | grep -oP '^[0-9]+\.[0-9]+\.[0-9]+')
          echo "latest_version=$LATEST_VERSION" >> "$GITHUB_OUTPUT"
          echo "latest_pkg=$LATEST_PKG" >> "$GITHUB_OUTPUT"

          # Get current version from setup.sh
          CURRENT_VERSION=$(grep -oP 'telegraf-agent-\K[0-9]+\.[0-9]+\.[0-9]+' kubernetes/linux/setup.sh)
          echo "current_version=$CURRENT_VERSION" >> "$GITHUB_OUTPUT"

          echo "PMC latest: telegraf-agent-$LATEST_PKG"
          echo "setup.sh:  telegraf-agent-$CURRENT_VERSION"

          if [ "$LATEST_VERSION" = "$CURRENT_VERSION" ]; then
            echo "Telegraf is already up to date ($CURRENT_VERSION)"
            echo "needs_update=false" >> "$GITHUB_OUTPUT"
          else
            echo "New version available: $LATEST_VERSION (current: $CURRENT_VERSION)"
            echo "needs_update=true" >> "$GITHUB_OUTPUT"
          fi

      - name: Check for existing PR
        if: steps.check.outputs.needs_update == 'true'
        id: existing_pr
        env:
          GH_TOKEN: ${{ steps.generate-token.outputs.token }}
        run: |
          EXISTING=$(gh pr list \
            --search "Upgrade telegraf-agent to ${{ steps.check.outputs.latest_version }} in:title" \
            --state open \
            --json number \
            --jq 'length')
          if [ "$EXISTING" -gt 0 ]; then
            echo "PR already exists for version ${{ steps.check.outputs.latest_version }}"
            echo "exists=true" >> "$GITHUB_OUTPUT"
          else
            echo "exists=false" >> "$GITHUB_OUTPUT"
          fi

      - name: Fetch upstream release notes
        if: steps.check.outputs.needs_update == 'true' && steps.existing_pr.outputs.exists == 'false'
        id: release_notes
        run: |
          set -euo pipefail

          LATEST="${{ steps.check.outputs.latest_version }}"

          # Fetch release notes from influxdata/telegraf (best-effort, unauthenticated)
          NOTES=""
          if NOTES=$(curl -sf "https://api.github.com/repos/influxdata/telegraf/releases/tags/v${LATEST}" | python3 -c 'import sys,json,re; body=json.load(sys.stdin)["body"]; print(re.split(r"\n### Packages\b", body)[0].rstrip())' 2>/dev/null); then
            # Truncate if too long (keep under 30k chars to stay within GitHub PR body limits)
            if [ "${#NOTES}" -gt 30000 ]; then
              NOTES="${NOTES:0:30000}

          ... _(truncated — see full release notes link above)_"
            fi
          else
            NOTES="_Could not fetch release notes. See the links above for full details._"
          fi

          # Output multiline release notes using unique EOF delimiter
          DELIM="RELEASE_NOTES_$(head -c 16 /dev/urandom | base64 | tr -dc 'A-Za-z0-9')"
          echo "notes<<${DELIM}" >> "$GITHUB_OUTPUT"
          printf '%s\n' "$NOTES" >> "$GITHUB_OUTPUT"
          echo "${DELIM}" >> "$GITHUB_OUTPUT"

      - name: Update setup.sh and create PR
        if: steps.check.outputs.needs_update == 'true' && steps.existing_pr.outputs.exists == 'false'
        env:
          GH_TOKEN: ${{ steps.generate-token.outputs.token }}
          RELEASE_NOTES: ${{ steps.release_notes.outputs.notes }}
        run: |
          set -euo pipefail

          CURRENT="${{ steps.check.outputs.current_version }}"
          LATEST="${{ steps.check.outputs.latest_version }}"
          BRANCH="auto/upgrade-telegraf-${LATEST}"

          # Update version in setup.sh
          sed -i "s/telegraf-agent-${CURRENT}/telegraf-agent-${LATEST}/g" kubernetes/linux/setup.sh

          # Verify the change was made
          grep "telegraf-agent-${LATEST}" kubernetes/linux/setup.sh

          # Configure git
          git config user.name "github-actions[bot]"
          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"

          # Create branch, commit, push
          git checkout -b "$BRANCH"
          git add kubernetes/linux/setup.sh
          git commit -m "Upgrade telegraf-agent to ${LATEST}

          Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>"
          git push origin "$BRANCH" --force

          # Write PR body to a file (avoids shell quoting issues with release notes)
          {
            echo "## Summary"
            echo "Automated upgrade of \`telegraf-agent\` package from \`${CURRENT}\` to \`${LATEST}\`."
            echo ""
            echo "New package detected on [PMC](https://packages.microsoft.com/azurelinux/3.0/prod/cloud-native/x86_64/Packages/t/)."
            echo ""
            echo "### Changes"
            echo "- Updated \`kubernetes/linux/setup.sh\`: \`telegraf-agent-${CURRENT}\` → \`telegraf-agent-${LATEST}\`"
            echo ""
            echo "### Upstream Release Notes"
            echo "[Full release notes](https://github.com/influxdata/telegraf/releases/tag/v${LATEST}) | [Compare changes](https://github.com/influxdata/telegraf/compare/v${CURRENT}...v${LATEST})"
            echo ""
            echo "<details><summary>Release notes for v${LATEST}</summary>"
            echo ""
            echo "${RELEASE_NOTES}"
            echo ""
            echo "</details>"
            echo ""
            echo "_This PR was created automatically by the telegraf upgrade workflow._"
          } > /tmp/pr-body.md

          # Create PR
          gh pr create \
            --title "Upgrade telegraf-agent to ${LATEST}" \
            --body-file /tmp/pr-body.md \
            --base ci_prod \
            --head "$BRANCH"

          # Trigger ADO build pipeline on the PR
          gh pr comment "$BRANCH" --body "/azp run"