ci: add script to open pr to update bazel builder version

[healthy-pod]

Release note: None
Part of: CRDB-11061

[cockroach-teamcity]

This change is 

[healthy-pod]

Corresponding build config: Open New Bazel Builder Image PR

[rail]

In overall it looks great! Just a teeny fix.

[rail]

Can you use a temp directory (mktemp -d) instead of hardcoded /tmp/cocroach for a few reasons:

• harder to predict (and attack)
• no need to rely on absence of the directory - you would need to make sure it doesn't exist or empty before cloning - otherwise git fails.

Also, can you rm -rf that directory, so we clean after it's done. Maybe add all needed cleanup command to a function and trap it? But we should be careful using trap - IIRC there is one already sourced, and only one can be used.

[healthy-pod]

Moved the clone and key to a temp dir which gets cleaned at the end

[rail]

Or you use the absolute path when you call gh.

[rail]

One more nit. Can you move the gh setup part up, so we fail early if we cannot install it for some reason.

[rail]

Why do you need to move the key under /tmp? I don't think it'll be cleaned up in this case.

[healthy-pod]

Moved it to the temp dir along with the clone

[rail]

Sorry for missing some pieces in the first review. This is almost ready. :)

[rail]

One more nit. Can you move the gh setup part up, so we fail early if we cannot install it for some reason.

[rail]

I don't think this command is going to work, because the key lives in a different spot now.

I have a suggestion. How about using GIT_SSH_COMMAND="ssh -i $dir/.cockroach-teamcity-key" git "$@" instead. This way you don't need to move the key anywhere.

[rail]

If the suggestions above make sense, you can get rid of the mv line.

[rail]

LGTM,

[healthy-pod]

TFTR!

bors r=rail

[craig]

Build succeeded:

• Bazel Essential CI (Cockroach)