Skip to content

sourcegraph.com: write bot to incorporate image tag updates in dhall pipeline

Created by: ggilmore

Part of https://github.com/sourcegraph/sourcegraph/issues/13340

We can't regress on sourcegraph.com running the latest sourcegraph/sourcegraph images. However, currently Renovate only updates YAML, but we want to enforce that the dhall generation pipeline is the source of truth.

We'll need to write a small tool that translates Kubernetes image definitions into the structured dhall representation (needed for modifications) e.x:

"index.sourcegraph.net/sourcegraph/frontend:insiders@sha256:123tsf"` -> 

{ name = "sourcegraph/frontend", tag = "insiders", digest = Some "123tsf", index = Some "index.sourcegraph.net" }`

We'll need to run this tool after every commit to https://github.com/sourcegraph/deploy-sourcegraph-dot-com. It'll need to:

  1. pick up the image tag changes (if Renovate made a commit)
  2. modify the dhall generation pipeline file to pick up this change (this be achieved by importing the dhall expression from a relative file, or use environment variables)
  3. commit this change back to the repository (will be a no-op if the images don't change - this is how we avoid an endless loop)
  4. re-run the entire dhall generation pipeline to create the modified Kubernetes YAML files