che icon indicating copy to clipboard operation
che copied to clipboard
verified publisher icon eclipse-che

add UDI dockerfiles to update-base-images GHA for weekly updates

Open nickboldt opened this issue 3 years ago • 0 comments

Is your task related to a problem? Please describe

In https://github.com/eclipse-che/che-release/blob/main/.github/workflows/update-base-images.yml#L9-L38 we list a number of Che projects which get weekly checks & PR generation when base images need updating.

The https://github.com/devfile/developer-images project should also be wired up to ensure base images are kept current w/ the latest CVE fixes.

Describe the solution you'd like

  1. Add https://github.com/devfile/developer-images into https://github.com/eclipse-che/che-release/blob/main/.github/workflows/update-base-images.yml#L9-L38
  2. Add comment lines into the dockerfiles that need to be kept current in https://github.com/devfile/developer-images

Comment lines must be in the form # https://repo-or-registry/organization/image

If a specific regex is required (eg., "must start with 7."), you can append that like this:

# https://quay.io/eclipse/che-machine-exec#^7\.

More examples here:

  • https://github.com/che-incubator/che-code/blob/main/build/dockerfiles/assembly.Dockerfile#L13-L17
  • https://github.com/che-incubator/che-code/blob/main/build/dockerfiles/linux-libc.Dockerfile#L9-L10

  1. verify it works by running https://github.com/eclipse-che/che-release/actions/workflows/update-base-images.yml

  2. merge PRs by running https://github.com/eclipse-che/che-release/blob/main/utils/approvePRs.sh

Describe alternatives you've considered

No response

Additional context

No response

nickboldt avatar Jul 21 '22 15:07 nickboldt