More automation for updating dependencies

- Convert update checks in check.sh to mechanical updates. - Use https://www.updatecli.io/ for now, which is not as full-featured as renovatebot or dependabot, but I found it easier to plug arbitrary shell scripts into. - Add updaters for - ubuntu-latest-lts (which is similar to GitHub Action's "ubuntu-latest"). - FreeBSD image used in Cirrus (requires "gcloud auth login" for now, see https://github.com/cirruslabs/cirrus-ci-docs/issues/1315) - littlecheck and widecharwidth - Update all dependencies except Cargo ones. - As a reminder, our version policies are arbitrary and can be changed as needed. - To-do: - Add updaters for GitHub Actions (such as "actions/checkout"). Renovatebot could do that.
2026-06-09 12:11:20 -03:00 · 2025-10-31 03:46:48 +01:00
parent c0b7167082
commit daadd81ab6
14 changed files with 255 additions and 113 deletions
--- a/updatecli.d/cirrus-freebsd.yml
+++ b/updatecli.d/cirrus-freebsd.yml
@@ -0,0 +1,21 @@
+name: "Update FreeBSD image used in Cirrus CI"
+
+sources:
+  freebsd_stable_version:
+    kind: shell
+    spec:
+      shell: bash
+      command: |
+        set -eo pipefail
+        gcloud compute images list --project freebsd-org-cloud-dev --no-standard-images |
+          grep -o '^freebsd-.*-release-amd64-ufs' |
+          tail -1
+targets:
+  cirrus_freebsd_stable_version:
+    name: "Update FreeBSD stable version"
+    sourceid: freebsd_stable_version
+    kind: file
+    spec:
+      file: .cirrus.yml
+      matchpattern: "image: freebsd-.*-release-amd64-ufs.*"
+      replacepattern: 'image: {{ source "freebsd_stable_version" }} # updatecli.d/cirrus-freebsd.yml'
--- a/updatecli.d/docker.yml
+++ b/updatecli.d/docker.yml
@@ -0,0 +1,65 @@
+name: "Update Linux docker images"
+
+sources:
+  alpine_latest_version:
+    kind: dockerimage
+    spec:
+      image: alpine
+      tagfilter: "^[0-9]+\\.[0-9]+$"
+      versionfilter:
+        kind: semver
+  ubuntu_latest_lts_version:
+    kind: shell
+    spec:
+      shell: bash
+      command: |
+        set -eo pipefail
+        curl -fsS https://endoflife.date/api/ubuntu.json |
+          jq -r --arg today "$today" '
+            .[]
+            | select(.lts)
+            | "\(.cycle)"
+          ' |
+          sort --version-sort |
+          tail -1
+  ubuntu_oldest_non_eol_version:
+    kind: shell
+    spec:
+      shell: bash
+      command: |
+        set -eo pipefail
+        today=$(date --iso-8601)
+        curl -fsS https://endoflife.date/api/ubuntu.json |
+          jq -r --arg today "$today" '
+            .[]
+            | select(.eol >= $today)
+            | "\(.cycle)"
+          ' |
+          sort --version-sort |
+          head -1
+
+targets:
+  update_alpine_dockerfile:
+    name: "Update Alpine Linux version"
+    sourceid: alpine_latest_version
+    kind: file
+    spec:
+      file: docker/alpine.Dockerfile
+      matchpattern: "FROM alpine:.*"
+      replacepattern: 'FROM alpine:{{ source "alpine_latest_version" }} # updatecli.d/docker.yml'
+  ubuntu_latest_version_dockerfile:
+    name: "Update oldest non-EOL Ubuntu Linux version"
+    sourceid: ubuntu_latest_lts_version
+    kind: file
+    spec:
+      file: docker/ubuntu-latest-lts.Dockerfile
+      matchpattern: "FROM ubuntu:.*"
+      replacepattern: 'FROM ubuntu:{{ source "ubuntu_latest_lts_version" }} # updatecli.d/docker.yml'
+  ubuntu_oldest_supported_dockerfile:
+    name: "Update oldest non-EOL Ubuntu Linux version"
+    sourceid: ubuntu_oldest_non_eol_version
+    kind: file
+    spec:
+      file: docker/ubuntu-oldest-supported.Dockerfile
+      matchpattern: "FROM ubuntu:.*"
+      replacepattern: 'FROM ubuntu:{{ source "ubuntu_oldest_non_eol_version" }} # updatecli.d/docker.yml'
--- a/updatecli.d/rust.yml
+++ b/updatecli.d/rust.yml
@@ -0,0 +1,39 @@
+name: "Update Rust versions"
+
+sources:
+  rust_stable_version:
+    kind: shell
+    spec:
+      shell: bash
+      command: |
+        set -eo pipefail
+        # Check that we have latest stable.
+        if rustup check | grep ^stable- | grep 'Update available'; then
+            echo >&2 "Rust toolchain 'stable' is stale, please update it"
+            exit 1
+        fi
+        stable_rust_version=$("$(rustup +stable which rustc)" --version | cut -d' ' -f2)
+        echo "${stable_rust_version%.*}"
+  debian_stable_rust_version:
+    kind: shell
+    spec:
+      command: |
+        build_tools/version-available-in-debian.sh stable rustc
+
+targets:
+  update_rust_stable:
+    name: "Update Rust stable"
+    sourceid: rust_stable_version
+    kind: file
+    spec:
+      file: .github/actions/rust-toolchain/action.yml
+      matchpattern: '\(stable\) echo \d+\.\d+ ;;.*'
+      replacepattern: '(stable) echo {{ source "rust_stable_version" }} ;; # updatecli.d/rust.yml'
+  update_msrv:
+    name: "Update MSRV"
+    sourceid: rust_stable_version
+    kind: file
+    spec:
+      file: .github/actions/rust-toolchain/action.yml
+      matchpattern: '\(msrv\)   echo \d+\.\d+ ;;.*'
+      replacepattern: '(msrv)   echo {{ source "debian_stable_rust_version" }} ;; # updatecli.d/rust.yml'