rackerlabs
diff --git a/‎.dockerignore‎
Lines changed: 1 addition & 0 deletions b/‎.dockerignore‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎.github/renovate/matchOpenStackHelm.json‎
Lines changed: 6 additions & 9 deletions b/‎.github/renovate/matchOpenStackHelm.json‎
Lines changed: 6 additions & 9 deletions
diff --git a/‎.github/workflows/build-container-images.yaml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/build-container-images.yaml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/build-dexop.yaml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/build-dexop.yaml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/build-ironic-images.yaml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/build-ironic-images.yaml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/code-test.yaml‎
Lines changed: 24 additions & 13 deletions b/‎.github/workflows/code-test.yaml‎
Lines changed: 24 additions & 13 deletions
diff --git a/‎.github/workflows/containers.yaml‎
Lines changed: 5 additions & 3 deletions b/‎.github/workflows/containers.yaml‎
Lines changed: 5 additions & 3 deletions
diff --git a/‎.github/workflows/mkdocs.yaml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/mkdocs.yaml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/no-pr-images.yaml‎
Lines changed: 76 additions & 0 deletions b/‎.github/workflows/no-pr-images.yaml‎
Lines changed: 76 additions & 0 deletions
diff --git a/‎.github/workflows/understackctl-release.yaml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/understackctl-release.yaml‎
Lines changed: 1 addition & 1 deletion
@@ -0,0 +1 @@
+.venv
@@ -3,20 +3,17 @@
   "customManagers": [
     {
       "customType": "regex",
-      "fileMatch": ["apps.*\\.ya?ml$"],
+      "managerFilePatterns": [
+        "/apps.*\\.ya?ml$/"
+      ],
       "matchStrings": [
-        "component:\\s['\"]?(?<depName>.*?)['\"]?\\s*(repoUrl:\\s['\"]?(?<repoUrl>.*?)['\"]\\s*)?chartVersion:\\s['\"]?(?<currentValue>.*?)['\"]?"
+        "component:\\s['\"]?(?<depName>[\\w\\-]+)['\"]?\\s*(repoURL:\\s['\"]?(?<repoUrl>[\\w:\/\\-\\.]+)['\"]?\\s*)?chartVersion:\\s['\"]?(?<currentValue>[\\w\\.\\-\\+]+)['\"]?"
       ],
       "datasourceTemplate": "helm",
       "registryUrlTemplate": "{{#if repoUrl }}{{repoUrl}}{{else}}https://tarballs.opendev.org/openstack/openstack-helm{{/if}}",
-      "packageNameTemplate": "openstack-helm/{{depName}}",
+      "depNameTemplate": "openstack-helm/{{depName}}",
+      "packageNameTemplate": "{{depName}}",
       "versioningTemplate": "helm"
     }
-  ],
-  "packageRules": [
-    {
-      "matchPackageNames": ["openstack-helm/**"],
-      "groupName": "openstack-helm"
-    }
   ]
 }
@@ -30,7 +30,7 @@ jobs:
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3
+        uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3
 
       - name: Login to ghcr.io
         uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3
 
@@ -18,7 +18,7 @@ jobs:
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3
+        uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3
 
       - name: Login to ghcr.io
         uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3
 
@@ -129,7 +129,7 @@ jobs:
 
       - name: Publish Release
         id: create_release
-        uses: softprops/action-gh-release@da05d552573ad5aba039eaac05058a918a7bf631 # v2
+        uses: softprops/action-gh-release@72f2c25fcb47643c292f7107632f7a47c1df5cd8 # v2
         with:
           name: understack-images
           tag_name: understack-images-${{ env.TIMESTAMP }}
 
@@ -20,38 +20,49 @@ concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
 
 jobs:
-  python:
+  discover:
+    runs-on: ubuntu-latest
+    outputs:
+      projects: ${{ steps.set-projects.outputs.projects }}
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+      - name: Find all projects with pyproject.toml
+        id: set-projects
+        run: |
+          # grabs all paths with pyproject.toml, snips the 2nd dir, grabs only unique ones, makes a JSON list
+          projects=$(find python -mindepth 2 ! -wholename 'python/understack-tests/*' -name pyproject.toml | awk -F/ '{print $2}' | sort -u | jq -R -s -c 'split("\n")[:-1]')
+          echo "projects=$projects" >> "$GITHUB_OUTPUT"
+
+  uv:
+    needs: [discover]
     runs-on: ubuntu-latest
 
     strategy:
       matrix:
-        project:
-          - understack-workflows
-          - understack-flavor-matcher
-          - neutron-understack
+        project: ${{ fromJson(needs.discover.outputs.projects) }}
 
     defaults:
       run:
         working-directory: ./python/${{ matrix.project }}
 
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
-      - run: pipx install poetry==1.7.1 && poetry self add 'poetry-dynamic-versioning[plugin]'
-      - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5
+      - uses: astral-sh/setup-uv@bd01e18f51369d5a26f1651c3cb451d3417e3bba # v6
+      - uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5
         with:
           python-version-file: python/${{ matrix.project }}/pyproject.toml
-          cache: "poetry"
-      - run: poetry install --sync --with test
-      - run: poetry build
-      - run: "poetry run pytest --cov --cov-report xml:coverage.xml"
-      - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
+      - run: uv sync
+      - run: uv build --wheel
+      - run: "uv run pytest --cov --cov-report xml:coverage.xml"
+      - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4
         with:
           name: coverage-${{ matrix.project }}
           path: python/${{ matrix.project }}/coverage.xml
           retention-days: 1
 
+
   coverage-upload:
-    needs: python
+    needs: [uv]
     runs-on: ubuntu-latest
     steps:
       - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4
 
@@ -37,7 +37,7 @@ jobs:
 
     steps:
       - name: setup docker buildx
-        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3
+        uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3
       - name: login to ghcr.io
         uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3
         with:
@@ -80,7 +80,7 @@ jobs:
 
     steps:
       - name: setup docker buildx
-        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3
+        uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3
       - name: login to ghcr.io
         uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3
         with:
@@ -126,10 +126,11 @@ jobs:
           - name: ironic-nautobot-client
           - name: nova-flavors
           - name: ansible
+          - name: understack-tests
 
     steps:
       - name: setup docker buildx
-        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3
+        uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3
       - name: login to ghcr.io
         uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3
         with:
@@ -186,6 +187,7 @@ jobs:
           - ironic-nautobot-client
           - nova-flavors
           - ansible
+          - understack-tests
 
     steps:
       - name: clean up PR container
 
@@ -30,7 +30,7 @@ jobs:
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
       - name: markdownlint
-        uses: nosborn/github-action-markdown-cli@58bcfd1af530d87a13d51b76e6713b52602e3613 # v3.4.0
+        uses: nosborn/github-action-markdown-cli@508d6cefd8f0cc99eab5d2d4685b1d5f470042c1 # v3.5.0
         with:
           files: docs
           config_file: .markdownlint.yml
 
@@ -0,0 +1,76 @@
+name: Check for ephemeral PR images
+on:
+  # push:
+  pull_request:
+
+
+jobs:
+  check-files:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+
+      - name: Check files matching glob patterns for pr-\d+ pattern
+        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7
+        with:
+          script: |
+            const fs = require('fs');
+            const prPattern = /ghcr\.io\/rackerlabs\/understack.*pr-\d+/
+
+            // Define glob patterns for files to check for reference to PR images
+            const globPatterns = [
+              '**/*.yml',
+              '**/*.yaml',
+              '**/Dockerfile*',
+              '**/.env*',
+            ];
+
+            // Exclude files from checks
+            const excludePatterns = [
+              '!**/.git/**',
+              '!**/docs/**',
+              '!**/ansible/**'
+            ];
+
+            // Combine include and exclude patterns
+            const allPatterns = [...globPatterns, ...excludePatterns];
+
+            core.info('Inspecting files matching following glob patterns:');
+            globPatterns.forEach(pattern => core.info(`  Include: ${pattern}`));
+            excludePatterns.forEach(pattern => core.info(`  Exclude: ${pattern}`));
+            core.info('');
+
+            const globber = await glob.create(allPatterns.join('\n'));
+            const filesToCheck = await globber.glob();
+
+            core.info(`Found ${filesToCheck.length} files matching glob patterns:`);
+            filesToCheck.forEach(file => core.debug(`  - ${file}`));
+            core.debug('');
+
+            let hasPatternMatch = false;
+            const matchedFiles = [];
+
+            for (const filePath of filesToCheck) {
+              try {
+                const fileContent = fs.readFileSync(filePath, 'utf8');
+
+                if (prPattern.test(fileContent)) {
+                  hasPatternMatch = true;
+                  matchedFiles.push(filePath);
+                  core.error(`❌ Ephemeral container image reference found in: ${filePath}`);
+                } else {
+                  core.debug(`✅ No pattern found in: ${filePath}`);
+                }
+              } catch (error) {
+                core.info(`Error reading file ${filePath}: ${error.message}`);
+              }
+            }
+
+            if (hasPatternMatch) {
+              core.setFailed(`Pattern 'pr-\\d+' found in ${matchedFiles.length} files: ${matchedFiles.join(', ')}`);
+              core.info(`Please switch to a different tag before merging as this container image will not be available after PR is merged`)
+              core.info(`Alternatively, if this is intended, edit .github/workflows/no-pr-images.yaml -> excludePatterns.`)
+            } else {
+              core.info(`✅ All ${filesToCheck.length} files checked - no pr-\\d+ pattern found`);
+            }
@@ -38,7 +38,7 @@ jobs:
           make build-all package-all checksums
 
       - name: Upload release artifacts
-        uses: softprops/action-gh-release@da05d552573ad5aba039eaac05058a918a7bf631 # v2
+        uses: softprops/action-gh-release@72f2c25fcb47643c292f7107632f7a47c1df5cd8 # v2
         with:
           files: |
             go/understackctl/build/*.zip