github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-07-16 08:26:16 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #9146 from fidencio/topic/releases

Browse Source 
release: Update everything in this repo related to the release and its process
This commit is contained in:
Fabiano Fidêncio 2024-02-27 10:30:49 +01:00 committed by GitHub
commit 4aa40f1bbb
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
17 changed files with 309 additions and 1137 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

91
.github/workflows/add-backport-label.yaml vendored
View File

@ -1,91 +0,0 @@
name: Add backport label
on:
pull_request:
types:
- opened
- synchronize
- reopened
- edited
- labeled
- unlabeled
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
jobs:
check-issues:
if: ${{ github.event.label.name != 'auto-backport' }}
runs-on: ubuntu-latest
steps:
- name: Checkout code to get gh-utils script
if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }}
uses: actions/checkout@v4
- name: Determine whether to add label
if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CONTAINS_AUTO_BACKPORT: ${{ contains(github.event.pull_request.labels.*.name, 'auto-backport') }}
id: add_label
run: |
pr=${{ github.event.pull_request.number }}
linked_issues=$(./ci/gh-util.sh \
list-issues-for-pr "$pr" |\
grep -v "^\#" || true)
[ -z "${linked_issues}" ] && {
echo "::error::No linked issues for PR $pr"
exit 1
}
has_bug=false
for issue in $(echo "$linked_issues")
do
labels=$(./ci/gh-util.sh list-labels-for-issue "$issue")
label_names=$(echo $labels | jq -r '.labels[].name' || true)
if [[ "$label_names" =~ "bug" ]]; then
has_bug=true
break
fi
done
has_backport_needed_label=${{ contains(github.event.pull_request.labels.*.name, 'needs-backport') }}
has_no_backport_needed_label=${{ contains(github.event.pull_request.labels.*.name, 'no-backport-needed') }}
echo "add_backport_label=false" >> $GITHUB_OUTPUT
if [ $has_backport_needed_label = true ] || [ $has_bug = true ]; then
if [[ $has_no_backport_needed_label = false ]]; then
echo "add_backport_label=true" >> $GITHUB_OUTPUT
fi
fi
# Do not spam comment, only if auto-backport label is going to be newly added.
echo "auto_backport_added=$CONTAINS_AUTO_BACKPORT" >> $GITHUB_OUTPUT
- name: Add comment
if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') && steps.add_label.outputs.add_backport_label == 'true' && steps.add_label.outputs.auto_backport_added == 'false' }}
uses: actions/github-script@v6
with:
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: 'This issue has been marked for auto-backporting. Add label(s) backport-to-BRANCHNAME to backport to them'
})
# Allow label to be removed by adding no-backport-needed label
- name: Remove auto-backport label
if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') && steps.add_label.outputs.add_backport_label == 'false' }}
uses: andymckay/labeler@e6c4322d0397f3240f0e7e30a33b5c5df2d39e90
with:
remove-labels: "auto-backport"
repo-token: ${{ secrets.GITHUB_TOKEN }}
- name: Add auto-backport label
if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') && steps.add_label.outputs.add_backport_label == 'true' }}
uses: andymckay/labeler@e6c4322d0397f3240f0e7e30a33b5c5df2d39e90
with:
add-labels: "auto-backport"
repo-token: ${{ secrets.GITHUB_TOKEN }}

33
.github/workflows/auto-backport.yaml vendored
View File

@ -1,33 +0,0 @@
on:
pull_request_target:
types: ["labeled", "closed"]
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
jobs:
backport:
name: Backport PR
runs-on: ubuntu-latest
if: |
github.event.pull_request.merged == true
&& contains(github.event.pull_request.labels.*.name, 'auto-backport')
&& (
(github.event.action == 'labeled' && github.event.label.name == 'auto-backport')
|| (github.event.action == 'closed')
)
steps:
- name: Backport Action
uses: sqren/backport-github-action@v8.9.2
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
auto_backport_label_prefix: backport-to-
- name: Info log
if: ${{ success() }}
run: cat /home/runner/.backport/backport.info.log
- name: Debug log
if: ${{ failure() }}
run: cat /home/runner/.backport/backport.debug.log

10
.github/workflows/payload-after-push.yaml vendored
View File

@ -103,9 +103,7 @@ jobs:
- name: Push multi-arch manifest
run: |
docker manifest create quay.io/kata-containers/kata-deploy-ci:kata-containers-latest \
--amend quay.io/kata-containers/kata-deploy-ci:kata-containers-amd64 \
--amend quay.io/kata-containers/kata-deploy-ci:kata-containers-arm64 \
--amend quay.io/kata-containers/kata-deploy-ci:kata-containers-s390x \
--amend quay.io/kata-containers/kata-deploy-ci:kata-containers-ppc64le
docker manifest push quay.io/kata-containers/kata-deploy-ci:kata-containers-latest
./tools/packaging/release/release.sh publish-multiarch-manifest
env:
KATA_DEPLOY_IMAGE_TAGS="kata-containers-latest"
KATA_DEPLOY_REGISTRIES="quay.io/kata-containers/kata-deploy-ci"

10
.github/workflows/release-major.yaml vendored Normal file
View File

@ -0,0 +1,10 @@
name: Major Release
on:
workflow_dispatch
jobs:
major-release:
uses: ./.github/workflows/release.yaml
with:
release-type: major
secrets: inherit

10
.github/workflows/release-minor.yaml vendored Normal file
View File

@ -0,0 +1,10 @@
name: Minor Release
on:
workflow_dispatch
jobs:
minor-release:
uses: ./.github/workflows/release.yaml
with:
release-type: minor
secrets: inherit

153
.github/workflows/release.yaml vendored
View File

@ -1,14 +1,37 @@
name: Publish Kata release artifacts
name: Release Kata Containers
on:
push:
tags:
- '[0-9]+.[0-9]+.[0-9]+*'
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
workflow_call:
inputs:
release-type:
required: true
type: string
jobs:
release:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Get the new release version
run: |
release_version=$(./tools/packaging/release/release.sh next-release-version)
echo "RELEASE_VERSION=$release_version" >> "$GITHUB_ENV"
env:
RELEASE_TYPE: ${{ inputs.release-type }}
- name: Update VERSION file
run: |
./tools/packaging/release/release.sh update-version-file
- name: Create a new release
run: |
./tools/packaging/release/release.sh create-new-release
env:
GH_TOKEN: ${{ github.token }}
build-and-push-assets-amd64:
uses: ./.github/workflows/release-amd64.yaml
with:
@ -55,27 +78,12 @@ jobs:
- name: Push multi-arch manifest
run: |
# tag the container image we created and push to DockerHub
tag=$(echo $GITHUB_REF | cut -d/ -f3-)
tags=($tag)
tags+=($([[ "$tag" =~ "alpha"|"rc" ]] && echo "latest" || echo "stable"))
# push to quay.io and docker.io
for tag in ${tags[@]}; do
docker manifest create quay.io/kata-containers/kata-deploy:${tag} \
--amend quay.io/kata-containers/kata-deploy:${tag}-amd64 \
--amend quay.io/kata-containers/kata-deploy:${tag}-arm64 \
--amend quay.io/kata-containers/kata-deploy:${tag}-s390x \
--amend quay.io/kata-containers/kata-deploy:${tag}-ppc64le
tags="$(cat VERSION) latest"
echo "KATA_DEPLOY_IMAGE_TAGS=\"${tags}\"" >> "$GITHUB_ENV"
docker manifest create docker.io/katadocker/kata-deploy:${tag} \
--amend docker.io/katadocker/kata-deploy:${tag}-amd64 \
--amend docker.io/katadocker/kata-deploy:${tag}-arm64 \
--amend docker.io/katadocker/kata-deploy:${tag}-s390x \
--amend docker.io/katadocker/kata-deploy:${tag}-ppc64le
docker manifest push quay.io/kata-containers/kata-deploy:${tag}
docker manifest push docker.io/katadocker/kata-deploy:${tag}
done
./tools/packaging/release/release.sh publish-multiarch-manifest
env:
KATA_DEPLOY_REGISTRIES: "quay.io/kata-containers/kata-deploy docker.io/katadocker/kata-deploy"
upload-multi-arch-static-tarball:
needs: publish-multi-arch-images
@ -83,19 +91,21 @@ jobs:
steps:
- uses: actions/checkout@v4
- name: Set KATA_STATIC_TARBALL env var
run: |
tarball=$(pwd)/kata-static.tar.xz
echo "KATA_STATIC_TARBALL=${tarball}" >> "$GITHUB_ENV"
- name: download-artifacts-amd64
uses: actions/download-artifact@v3
with:
name: kata-static-tarball-amd64
- name: push amd64 static tarball to github
run: |
tag=$(echo $GITHUB_REF | cut -d/ -f3-)
tarball="kata-static-$tag-amd64.tar.xz"
mv kata-static.tar.xz "$GITHUB_WORKSPACE/${tarball}"
pushd $GITHUB_WORKSPACE
echo "uploading asset '${tarball}' for tag: ${tag}"
GITHUB_TOKEN=${{ secrets.GIT_UPLOAD_TOKEN }} gh release upload "${tag}" "${tarball}"
popd
./tools/packaging/release/release.sh upload-kata-static-tarball
env:
GH_TOKEN: ${{ github.token }}
ARCHITECTURE: amd64
- name: download-artifacts-arm64
uses: actions/download-artifact@v3
@ -103,13 +113,10 @@ jobs:
name: kata-static-tarball-arm64
- name: push arm64 static tarball to github
run: |
tag=$(echo $GITHUB_REF | cut -d/ -f3-)
tarball="kata-static-$tag-arm64.tar.xz"
mv kata-static.tar.xz "$GITHUB_WORKSPACE/${tarball}"
pushd $GITHUB_WORKSPACE
echo "uploading asset '${tarball}' for tag: ${tag}"
GITHUB_TOKEN=${{ secrets.GIT_UPLOAD_TOKEN }} gh release upload "${tag}" "${tarball}"
popd
./tools/packaging/release/release.sh upload-kata-static-tarball
env:
GH_TOKEN: ${{ github.token }}
ARCHITECTURE: arm4
- name: download-artifacts-s390x
uses: actions/download-artifact@v3
@ -117,13 +124,10 @@ jobs:
name: kata-static-tarball-s390x
- name: push s390x static tarball to github
run: |
tag=$(echo $GITHUB_REF | cut -d/ -f3-)
tarball="kata-static-$tag-s390x.tar.xz"
mv kata-static.tar.xz "$GITHUB_WORKSPACE/${tarball}"
pushd $GITHUB_WORKSPACE
echo "uploading asset '${tarball}' for tag: ${tag}"
GITHUB_TOKEN=${{ secrets.GIT_UPLOAD_TOKEN }} gh release upload "${tag}" "${tarball}"
popd
./tools/packaging/release/release.sh upload-kata-static-tarball
env:
GH_TOKEN: ${{ github.token }}
ARCHITECTURE: s390x
- name: download-artifacts-ppc64le
uses: actions/download-artifact@v3
@ -131,28 +135,20 @@ jobs:
name: kata-static-tarball-ppc64le
- name: push ppc64le static tarball to github
run: |
tag=$(echo $GITHUB_REF | cut -d/ -f3-)
tarball="kata-static-$tag-ppc64le.tar.xz"
mv kata-static.tar.xz "$GITHUB_WORKSPACE/${tarball}"
pushd $GITHUB_WORKSPACE
echo "uploading asset '${tarball}' for tag: ${tag}"
GITHUB_TOKEN=${{ secrets.GIT_UPLOAD_TOKEN }} hub release edit -m "" -a "${tarball}" "${tag}"
popd
./tools/packaging/release/release.sh upload-kata-static-tarball
env:
GH_TOKEN: ${{ github.token }}
ARCHITECTURE: ppc64le
upload-versions-yaml:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: upload versions.yaml
env:
GITHUB_TOKEN: ${{ secrets.GIT_UPLOAD_TOKEN }}
run: |
tag=$(echo $GITHUB_REF | cut -d/ -f3-)
pushd $GITHUB_WORKSPACE
versions_file="kata-containers-$tag-versions.yaml"
cp versions.yaml ${versions_file}
gh release upload "${tag}" "${versions_file}"
popd
./tools/packaging/release/release.sh upload-versions-yaml-file
env:
GH_TOKEN: ${{ github.token }}
upload-cargo-vendored-tarball:
needs: upload-multi-arch-static-tarball
@ -161,12 +157,9 @@ jobs:
- uses: actions/checkout@v4
- name: generate-and-upload-tarball
run: |
tag=$(echo $GITHUB_REF | cut -d/ -f3-)
tarball="kata-containers-$tag-vendor.tar.gz"
pushd $GITHUB_WORKSPACE
bash -c "tools/packaging/release/generate_vendor.sh ${tarball}"
GITHUB_TOKEN=${{ secrets.GIT_UPLOAD_TOKEN }} gh release upload "${tag}" "${tarball}"
popd
./tools/packaging/release/release.sh upload-vendored-code-tarball
env:
GH_TOKEN: ${{ github.token }}
upload-libseccomp-tarball:
needs: upload-cargo-vendored-tarball
@ -174,21 +167,7 @@ jobs:
steps:
- uses: actions/checkout@v4
- name: download-and-upload-tarball
env:
GITHUB_TOKEN: ${{ secrets.GIT_UPLOAD_TOKEN }}
GOPATH: ${HOME}/go
run: |
pushd $GITHUB_WORKSPACE
./ci/install_yq.sh
tag=$(echo $GITHUB_REF | cut -d/ -f3-)
versions_yaml="versions.yaml"
version=$(${GOPATH}/bin/yq read ${versions_yaml} "externals.libseccomp.version")
repo_url=$(${GOPATH}/bin/yq read ${versions_yaml} "externals.libseccomp.url")
download_url="${repo_url}/releases/download/v${version}"
tarball="libseccomp-${version}.tar.gz"
asc="${tarball}.asc"
curl -sSLO "${download_url}/${tarball}"
curl -sSLO "${download_url}/${asc}"
gh release upload "${tag}" "${tarball}"
gh release upload "${tag}" "${asc}"
popd
./tools/packaging/release/release.sh upload-libseccomp-tarball
env:
GH_TOKEN: ${{ github.token }}

68
.github/workflows/require-pr-porting-labels.yaml vendored
View File

@ -1,68 +0,0 @@
# Copyright (c) 2020 Intel Corporation
#
# SPDX-License-Identifier: Apache-2.0
#
name: Ensure PR has required porting labels
on:
pull_request_target:
types:
- opened
- reopened
- labeled
- unlabeled
branches:
- main
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
jobs:
check-pr-porting-labels:
runs-on: ubuntu-latest
steps:
- name: Install hub
if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }}
run: |
HUB_ARCH="amd64"
HUB_VER=$(curl -sL "https://api.github.com/repos/github/hub/releases/latest" |\
jq -r .tag_name | sed 's/^v//')
curl -sL \
"https://github.com/github/hub/releases/download/v${HUB_VER}/hub-linux-${HUB_ARCH}-${HUB_VER}.tgz" |\
tar xz --strip-components=2 --wildcards '*/bin/hub' && \
sudo install hub /usr/local/bin
- name: Checkout code to allow hub to communicate with the project
if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }}
uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha }}
fetch-depth: 0
- name: Rebase atop of the latest target branch
if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }}
run: |
./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch"
env:
TARGET_BRANCH: ${{ github.event.pull_request.base.ref }}
- name: Install porting checker script
run: |
# Clone into a temporary directory to avoid overwriting
# any existing github directory.
pushd $(mktemp -d) &>/dev/null
git clone --single-branch --depth 1 "https://github.com/kata-containers/.github" && cd .github/scripts
sudo install pr-porting-checks.sh /usr/local/bin
popd &>/dev/null
- name: Stop PR being merged unless it has a correct set of porting labels
if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }}
env:
GITHUB_TOKEN: ${{ secrets.KATA_GITHUB_ACTIONS_TOKEN }}
run: |
pr=${{ github.event.number }}
repo=${{ github.repository }}
pr-porting-checks.sh "$pr" "$repo"

81
docs/Release-Process.md
View File

@ -1,71 +1,42 @@
# How to do a Kata Containers Release
This document lists the tasks required to create a Kata Release.
This document lists the tasks required to create a Kata Release.
## Requirements
- [gh](https://cli.github.com)
* Install and configure the GitHub CLI (gh) as detailed at https://docs.github.com/en/github-cli/github-cli/quickstart#prerequisites .
- GitHub permissions to push tags and create releases in the Kata repository.
- GPG configured to sign git tags. https://docs.github.com/en/authentication/managing-commit-signature-verification/generating-a-new-gpg-key
- `gh auth login` should have configured `git push` and `git pull` to use HTTPS along with your GitHub credentials,
* As an alternative, you can still rely on SSH keys to push branches. See https://help.github.com/articles/adding-a-new-ssh-key-to-your-github-account .
- GitHub permissions to run workflows.
## Release Process
### Check GitHub Actions
### Bump the Kata repository
We make use of [GitHub actions](https://github.com/features/actions) in the
[minor](../.github/workflows/release-minor.yaml) and
[major](../.github/workflows/release-major.yaml) files from the
`kata-containers/kata-containers` repository to build and upload release
artifacts.
Bump the repository using the `./update-repository-version.sh` script in the Kata [release](../tools/packaging/release) directory, where:
- `BRANCH=<the-branch-you-want-to-bump>`
- `NEW_VERSION=<the-new-kata-version>`
```
$ cd ${GOPATH}/src/github.com/kata-containers/kata-containers/tools/packaging/release
$ export NEW_VERSION=<the-new-kata-version>
$ export BRANCH=<the-branch-you-want-to-bump>
$ ./update-repository-version.sh -p "$NEW_VERSION" "$BRANCH"
```
Those actions are manually triggered and are responsible for generating a new
release (including a new tag), pushing those to the
`kata-containers/kata-containers` repository.
### Merge the bump version Pull request
Check the [actions status
page](https://github.com/kata-containers/kata-containers/actions) to verify all
steps in the actions workflow have completed successfully. On success, a static
tarball containing Kata release artifacts will be uploaded to the [Release
page](https://github.com/kata-containers/kata-containers/releases).
- The above step will create a GitHub pull request in the Kata repository. Trigger the CI using `/test` command on the bump Pull request.
- Check any failures and fix if needed.
- Work with the Kata approvers to verify that the CI works and the pull request is merged.
### Improve the release notes
### Tag the Kata repository
Release notes are auto-generated by the GitHub CLI tool used as part of our
release workflow. However, some manual tweaking may still be necessary in
order to highlight the most important features and bug fixes in a specific
release.
Once the pull request to bump version in the Kata repository is merged,
tag the repository as shown below.
```
$ cd ${GOPATH}/src/github.com/kata-containers/kata-containers/tools/packaging/release
$ git checkout <kata-branch-to-release>
$ git pull
$ ./tag_repos.sh -p -b "$BRANCH" tag
```
### Check Git-hub Actions
We make use of [GitHub actions](https://github.com/features/actions) in this [file](../.github/workflows/release.yaml) in the `kata-containers/kata-containers` repository to build and upload release artifacts. This action is auto triggered with the above step when a new tag is pushed to the `kata-containers/kata-containers` repository.
Check the [actions status page](https://github.com/kata-containers/kata-containers/actions) to verify all steps in the actions workflow have completed successfully. On success, a static tarball containing Kata release artifacts will be uploaded to the [Release page](https://github.com/kata-containers/kata-containers/releases).
### Create release notes
We have the `./release-notes.sh` script in the [release](../tools/packaging/release) directory to create release notes that include a short-log of the commits.
Run the script as shown below:
```
$ cd ${GOPATH}/src/github.com/kata-containers/kata-containers/tools/packaging/release
# Note: OLD_VERSION is where the script should start to get changes.
$ ./release-notes.sh ${OLD_VERSION} ${NEW_VERSION} > notes.md
# Edit the `notes.md` file to review and make any changes to the release notes.
# Add the release notes in the project's GitHub.
$ gh release edit "${NEW_VERSION}" -F notes.md
```
With this in mind, please, poke @channel on #kata-dev and people who worked on
the release will be able to contribute to that.
### Announce the release
Publish in [Slack and Kata mailing list](https://github.com/kata-containers/community#join-us) that new release is ready.
Publish in [Slack and Kata mailing
list](https://github.com/kata-containers/community#join-us) that new release is
ready.

45
tools/packaging/kata-deploy/kata-cleanup/base/kata-cleanup-stable.yaml
View File

@ -1,45 +0,0 @@
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: kubelet-kata-cleanup
namespace: kube-system
spec:
selector:
matchLabels:
name: kubelet-kata-cleanup
template:
metadata:
labels:
name: kubelet-kata-cleanup
spec:
serviceAccountName: kata-deploy-sa
hostPID: true
nodeSelector:
katacontainers.io/kata-runtime: cleanup
containers:
- name: kube-kata-cleanup
image: quay.io/kata-containers/kata-deploy:stable
imagePullPolicy: Always
command: ["bash", "-c", "/opt/kata-artifacts/scripts/kata-deploy.sh reset"]
env:
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: DEBUG
value: "false"
- name: SHIMS
value: "clh dragonball fc qemu-nvidia-gpu qemu-sev qemu-snp qemu-tdx qemu"
- name: DEFAULT_SHIM
value: "qemu"
- name: CREATE_RUNTIMECLASSES
value: "false"
- name: CREATE_DEFAULT_RUNTIMECLASS
value: "false"
securityContext:
privileged: true
updateStrategy:
rollingUpdate:
maxUnavailable: 1
type: RollingUpdate

70
tools/packaging/kata-deploy/kata-deploy/base/kata-deploy-stable.yaml
View File

@ -1,70 +0,0 @@
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: kata-deploy
namespace: kube-system
spec:
selector:
matchLabels:
name: kata-deploy
template:
metadata:
labels:
name: kata-deploy
spec:
serviceAccountName: kata-deploy-sa
hostPID: true
containers:
- name: kube-kata
image: quay.io/kata-containers/kata-deploy:stable
imagePullPolicy: Always
lifecycle:
preStop:
exec:
command: ["bash", "-c", "/opt/kata-artifacts/scripts/kata-deploy.sh cleanup"]
command: ["bash", "-c", "/opt/kata-artifacts/scripts/kata-deploy.sh install"]
env:
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: DEBUG
value: "false"
- name: SHIMS
value: "clh cloud-hypervisor dragonball fc qemu qemu-nvidia-gpu qemu-sev qemu-snp qemu-tdx"
- name: DEFAULT_SHIM
value: "qemu"
- name: CREATE_RUNTIMECLASSES
value: "false"
- name: CREATE_DEFAULT_RUNTIMECLASS
value: "false"
securityContext:
privileged: true
volumeMounts:
- name: crio-conf
mountPath: /etc/crio/
- name: containerd-conf
mountPath: /etc/containerd/
- name: kata-artifacts
mountPath: /opt/kata/
- name: local-bin
mountPath: /usr/local/bin/
volumes:
- name: crio-conf
hostPath:
path: /etc/crio/
- name: containerd-conf
hostPath:
path: /etc/containerd/
- name: kata-artifacts
hostPath:
path: /opt/kata/
type: DirectoryOrCreate
- name: local-bin
hostPath:
path: /usr/local/bin/
updateStrategy:
rollingUpdate:
maxUnavailable: 1
type: RollingUpdate

13
tools/packaging/kata-deploy/kata-deploy/overlays/stable/env_stable_conf.yaml
View File

@ -1,13 +0,0 @@
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: kata-deploy
namespace: kube-system
spec:
template:
spec:
containers:
- name: kube-kata
env:
- name: SHIMS
value: "clh cloud-hypervisor dragonball fc qemu qemu-nvidia-gpu qemu-sev qemu-snp qemu-tdx"

11
tools/packaging/kata-deploy/kata-deploy/overlays/stable/kustomization.yaml
View File

@ -1,11 +0,0 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ../../base
images:
- name: quay.io/kata-containers/kata-deploy
newTag: stable
patches:
- path: env_stable_conf.yaml

193
tools/packaging/release/release.sh Executable file
View File

@ -0,0 +1,193 @@
#!/usr/bin/env bash
#
# Copyright (c) 2024 Intel Corporation
#
# SPDX-License-Identifier: Apache-2.0
#
set -o errexit
set -o nounset
set -o pipefail
set -o errtrace
[ -n "${DEBUG:-}" ] && set -o xtrace
this_script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
repo_root_dir="$(cd "$this_script_dir/../../../" && pwd)"
IFS=' ' read -a IMAGE_TAGS <<< "${KATA_DEPLOY_IMAGE_TAGS:-}"
IFS=' ' read -a REGISTRIES <<< "${KATA_DEPLOY_REGISTRIES:-}"
GH_TOKEN="${GH_TOKEN:-}"
ARCHITECTURE="${ARCHITECURE:-}"
KATA_STATIC_TARBALL="${KATA_STATIC_TARBALL:-}"
RELEASE_VERSION="${RELEASE_VERSION:-}"
RELEASE_TYPE="${RELEASE_TYPE:-minor}"
function _die()
{
echo >&2 "ERROR: $*"
exit 1
}
function _check_required_env_var()
{
local env_var
case ${1} in
KATA_DEPLOY_IMAGE_TAGS) env_var="${KATA_DEPLOY_IMAGE_TAGS}" ;;
KATA_DEPLOY_REGISTRIES) env_var="${KATA_DEPLOY_REGISTRIES}" ;;
*) >&2 _die "Invalid environment variable \"${1}\"" ;;
esac
[ -z "${env_var}" ] && \
_die "\"${1}\" environment variable is required but was not set"
}
function _next_release_version()
{
local current_release=$(cat "${repo_root_dir}/VERSION")
local current_major
local current_everything_else
local next_major
local next_minor
IFS="." read current_major current_minor current_everything_else <<< ${current_release}
case ${RELEASE_TYPE} in
major)
next_major=$(expr $current_major + 1)
next_minor=0
;;
minor)
next_major=${current_major}
# TODO: As we're moving from an alpha release to the
# new scheme, this check is needed for the very first
# release, after that it can be dropped and only the
# else part can be kept.
if grep -qE "alpha|rc" <<< ${current_everything_else}; then
next_minor=${current_minor}
else
next_minor=$(expr $current_minor + 1)
fi
;;
*)
_die "${RELEASE_TYPE} is not a valid release type, it must be: major or minor"
;;
esac
next_release_number="${next_major}.${next_minor}.0"
echo "test-${next_release_number}"
}
function _update_version_file()
{
_check_required_env_var "RELEASE_VERSION"
git config user.email "katacontainersbot@gmail.com"
git config user.name "Kata Containers Bot"
echo "${RELEASE_VERSION}" > "${repo_root_dir}/VERSION"
git diff
git add "${repo_root_dir}/VERSION"
git commit -s -m "release: Kata Containers ${RELEASE_VERSION}"
git push
}
function _create_new_release()
{
_check_required_env_var "RELEASE_VERSION"
_check_required_env_var "GH_TOKEN"
gh release create ${RELEASE_VERSION} --generate-notes --title "Kata Containers ${RELEASE_VERSION}"
}
function _publish_multiarch_manifest()
{
_check_required_env_var "KATA_DEPLOY_IMAGE_TAGS"
_check_required_env_var "KATA_DEPLOY_REGISTRIES"
for registry in ${REGISTRIES[@]}; do
for tag in ${IMAGE_TAGS[@]}; do
docker manifest create ${registry}:${tag} \
--amend ${registry}:${tag}-amd64 \
--amend ${registry}:${tag}-arm64 \
--amend ${registry}:${tag}-s390x \
--amend ${registry}:${tag}-ppc64le
docker manifest push ${registry}:${tag}
done
done
}
function _upload_kata_static_tarball()
{
_check_required_env_var "GH_TOKEN"
_check_required_env_var "ARCHITECTURE"
_check_required_env_var "KATA_STATIC_TARBALL"
[ -z "${RELEASE_VERSION}" ] && RELEASE_VERSION=$(cat "${repo_root_dir}/VERSION")
new_tarball_name="kata-static-${RELEASE_VERSION}-${ARCHITECTURE}.tar.xz"
mv ${KATA_STATIC_TARBALL} "${new_tarball_name}"
echo "uploading asset '${new_tarball_name}' (${ARCHITECTURE}) for tag: ${RELEASE_VERSION}"
gh release upload "${RELEASE_VERSION}" "${new_tarball_name}"
}
function _upload_versions_yaml_file()
{
[ -z "${RELEASE_VERSION}" ] && RELEASE_VERSION=$(cat "${repo_root_dir}/VERSION")
versions_file="kata-containers-${RELEASE_VERSION}-versions.yaml"
cp "${repo_root_dir}/versions.yaml" ${versions_file}
gh release upload "${RELEASE_VERSION}" "${versions_file}"
}
function _upload_vendored_code_tarball()
{
_check_required_env_var "GH_TOKEN"
[ -z "${RELEASE_VERSION}" ] && RELEASE_VERSION=$(cat "${repo_root_dir}/VERSION")
vendored_code_tarball="kata-containers-${RELEASE_VERSION}-vendor.tar.gz"
bash -c "${repo_root_dir}/tools/packaging/release/generate_vendor.sh ${vendored_code_tarball}"
gh release upload "${RELEASE_VERSION}" "${vendored_code_tarball}"
}
function _upload_libseccomp_tarball()
{
_check_required_env_var "GH_TOKEN"
[ -z "${RELEASE_VERSION}" ] && RELEASE_VERSION=$(cat "${repo_root_dir}/VERSION")
INSTALL_IN_GO_PATH=false ${repo_root_dir}/ci/install_yq.sh
versions_yaml="versions.yaml"
version=$(/usr/local/bin/yq read ${versions_yaml} "externals.libseccomp.version")
repo_url=$(/usr/local/bin/yq read ${versions_yaml} "externals.libseccomp.url")
download_url="${repo_url}releases/download/v${version}"
tarball="libseccomp-${version}.tar.gz"
asc="${tarball}.asc"
curl -sSLO "${download_url}/${tarball}"
curl -sSLO "${download_url}/${asc}"
gh release upload "${RELEASE_VERSION}" "${tarball}"
gh release upload "${RELEASE_VERSIOB}" "${asc}"
}
function main()
{
action="${1:-}"
case "${action}" in
publish-multiarch-manifest) _publish_multiarch_manifest ;;
update-version-file) _update_version_file ;;
next-release-version) _next_release_version;;
create-new-release) _create_new_release ;;
upload-kata-static-tarball) _upload_kata_static_tarball ;;
upload-versions-yaml-file) _upload_versions_yaml_file ;;
upload-vendored-code-tarball) _upload_vendored_code_tarball ;;
upload-libseccomp-tarball) _upload_libseccomp_tarball ;;
*) >&2 _die "Invalid argument" ;;
esac
}
main "$@"

239
tools/packaging/release/tag_repos.sh
View File

@ -1,239 +0,0 @@
#!/usr/bin/env bash
#
# Copyright (c) 2018 Intel Corporation
#
# SPDX-License-Identifier: Apache-2.0
#
set -o errexit
set -o nounset
set -o pipefail
tmp_dir=$(mktemp -d -t tag-repos-tmp.XXXXXXXXXX)
script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
script_name="$(basename "${BASH_SOURCE[0]}")"
OWNER=${OWNER:-"kata-containers"}
PROJECT="Kata Containers"
PUSH="${PUSH:-"false"}"
branch="main"
readonly URL_RAW_FILE="https://raw.githubusercontent.com/${OWNER}"
#The runtime version is used as reference of latest release
# This is set to the right value later.
kata_version=""
# Set if a new stable branch is created
stable_branch=""
source "${script_dir}/../scripts/lib.sh"
function usage() {
cat <<EOF
Usage: ${script_name} [options] <args>
This script creates a new release for ${PROJECT}.
It tags and create release for:
EOF
for r in "${repos[@]}"; do
echo " - ${r}"
done
cat <<EOF
Args:
status : Get Current ${PROJECT} tags status
pre-release <target-version>: Takes a version to check all the components match with it (but not the runtime)
tag : Create tags for ${PROJECT}
Options:
-b <branch>: branch were will check the version.
-h : Show this help
-p : push tags
EOF
}
finish() {
rm -rf "$tmp_dir"
}
trap finish EXIT
die() {
echo >&2 "ERROR: $*"
exit 1
}
info() {
echo "INFO: $*"
}
repos=(
"kata-containers"
)
# The pre-release option at the check_versions function receives
# the runtime VERSION in order to check all the components match with it,
# this has the purpose that all the components have the same version before
# merging the runtime version
check_versions() {
version_to_check=${1:-}
if [ -z "${version_to_check}" ];then
info "Query the version from latest runtime in branch ${branch}"
else
kata_version="${version_to_check}"
fi
info "Tagging ${PROJECT} with version ${kata_version}"
info "Check all repos has version ${kata_version} in VERSION file"
for repo in "${repos[@]}"; do
if [ ! -z "${version_to_check}" ] && [ "${repo}" == "runtime" ]; then
info "Not checking runtime because we want the rest of repos are in ${version_to_check}"
continue
fi
repo_version=$(curl -Ls "${URL_RAW_FILE}/${repo}/${branch}/VERSION" | grep -v -P "^#")
info "${repo} is in $repo_version"
[ "${repo_version}" == "${kata_version}" ] || die "${repo} is not in version ${kata_version}"
done
}
do_tag(){
local tag=${1:-}
[ -n "${tag}" ] || die "No tag not provided"
if git rev-parse -q --verify "refs/tags/${tag}"; then
info "$repo already has tag"
else
info "Creating tag ${tag} for ${repo}"
git tag -a "${tag}" -s -m "${PROJECT} release ${tag}"
fi
}
tag_repos() {
info "Creating tag ${kata_version} in all repos"
for repo in "${repos[@]}"; do
git clone --quiet "https://github.com/${OWNER}/${repo}.git"
pushd "${repo}" >>/dev/null
git fetch origin
git checkout "${branch}"
version_from_file=$(cat ./VERSION)
info "Check VERSION file has ${kata_version}"
if [ "${version_from_file}" != "${kata_version}" ];then
die "mismatch: VERSION file (${version_from_file}) and runtime version ${kata_version}"
else
echo "OK"
fi
git fetch origin --tags
tag="$kata_version"
if [[ "packaging" == "${repo}" ]];then
do_tag "${tag}-kernel-config"
fi
do_tag "${tag}"
if [ "${branch}" == "main" ]; then
if echo "${tag}" | grep -oP '.*-rc0$'; then
info "This is a rc0 for main - creating stable branch"
stable_branch=$(echo ${tag} | awk 'BEGIN{FS=OFS="."}{print $1 "." $2}')
stable_branch="stable-${stable_branch}"
info "creating branch ${stable_branch} for ${repo}"
git checkout -b "${stable_branch}" "${branch}"
fi
fi
popd >>/dev/null
done
}
push_tags() {
info "Pushing tags to repos"
get_gh
for repo in "${repos[@]}"; do
pushd "${repo}" >>/dev/null
${gh_cli} repo set-default "${OWNER}/${repo}"
if [ $(${gh_cli} config get git_protocol) = ssh ]; then
git remote set-url --push origin "git@github.com:${OWNER}/${repo}.git"
fi
tag="$kata_version"
if [[ "packaging" == "${repo}" ]];then
ktag="${tag}-kernel-config"
info "Push tag ${ktag} for ${repo}"
git push origin "${ktag}"
fi
info "Push tag ${tag} for ${repo}"
git push origin "${tag}"
create_github_release "${PWD}" "${tag}"
if [ "${stable_branch}" != "" ]; then
info "Pushing stable ${stable_branch} branch for ${repo}"
git push origin ${stable_branch}
fi
popd >>/dev/null
done
}
create_github_release() {
repo_dir=${1:-}
tag=${2:-}
[ -d "${repo_dir}" ] || die "No repository directory"
[ -n "${tag}" ] || die "No tag specified"
if ! "${gh_cli}" release view "${tag}"; then
info "Creating Github release"
if [[ "$tag" =~ "-rc" ]]; then
rc_args="-p"
fi
rc_args=${rc_args:-}
pushd "${repo_dir}"
"${gh_cli}" release create ${rc_args} --title "${PROJECT} ${tag}" "${tag}" --notes ""
popd
else
info "Github release already created"
fi
}
main () {
while getopts "b:hp" opt; do
case $opt in
b) branch="${OPTARG}" ;;
h) usage && exit 0 ;;
p) PUSH="true" ;;
esac
done
shift $((OPTIND - 1))
subcmd=${1:-""}
shift || true
kata_version=$(curl -Ls "${URL_RAW_FILE}/kata-containers/${branch}/VERSION" | grep -v -P "^#")
[ -z "${subcmd}" ] && usage && exit 0
pushd "${tmp_dir}" >>/dev/null
case "${subcmd}" in
status)
check_versions
;;
pre-release)
local target_version=${1:-}
[ -n "${target_version}" ] || die "No version provided"
check_versions "${target_version}"
;;
tag)
check_versions
tag_repos
if [ "${PUSH}" == "true" ]; then
push_tags
else
info "tags not pushed, use -p option to push the tags"
fi
;;
*)
usage && die "Invalid argument ${subcmd}"
;;
esac
popd >>/dev/null
}
main "$@"

26
tools/packaging/release/tag_repos_test.sh
View File

@ -1,26 +0,0 @@
#!/usr/bin/env bash
#
# Copyright (c) 2018 Intel Corporation
#
# SPDX-License-Identifier: Apache-2.0
#
set -o errexit
set -o nounset
set -o pipefail
echo "Check tag_repos.sh show help"
./release/tag_repos.sh | grep Usage
echo "Check tag_repos.sh -h option"
./release/tag_repos.sh -h | grep Usage
echo "Check tag_repos.sh status"
./release/tag_repos.sh status | grep kata-containers
echo "Check tag_repos.sh pre-release"
./release/tag_repos.sh pre-release $(curl -sL https://raw.githubusercontent.com/kata-containers/kata-containers/main/VERSION) | grep "Not checking runtime"
echo "Check tag_repos.sh pre-release with invalid information"
./release/tag_repos.sh pre-release 1000000 | grep "ERROR" || true

339
tools/packaging/release/update-repository-version.sh
View File

@ -1,339 +0,0 @@
#!/usr/bin/env bash
#
# Copyright (c) 2018 Intel Corporation
#
# SPDX-License-Identifier: Apache-2.0
#
set -o errexit
set -o nounset
set -o pipefail
readonly script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
readonly script_name="$(basename "${BASH_SOURCE[0]}")"
readonly tmp_dir=$(mktemp -t -d pr-bump.XXXX)
OWNER="${OWNER:-kata-containers}"
readonly organization="$OWNER"
PUSH="false"
GOPATH=${GOPATH:-${HOME}/go}
source "${script_dir}/../scripts/lib.sh"
cleanup() {
[ -d "${tmp_dir}" ] && rm -rf "${tmp_dir}"
}
trap cleanup EXIT
handle_error() {
local exit_code="${?}"
local line_number="${1:-}"
echo "Failed at $line_number: ${BASH_COMMAND}"
exit "${exit_code}"
}
trap 'handle_error $LINENO' ERR
get_changes() {
local current_version="$1"
[ -n "${current_version}" ] || die "current version not provided"
# If for some reason there is not a tag this could fail
# better fail and write the error in the PR
if ! changes=$(git log --oneline "${current_version}..HEAD"); then
echo "failed to get logs"
fi
if [ "${changes}" == "" ]; then
echo "Version bump no changes"
return
fi
# list all PRs merged from $current_version to HEAD
git log --merges "${current_version}..HEAD" | awk '/Merge pull/{getline; getline;print }' | while read pr; do
echo "- ${pr}"
done
echo ""
# list all commits added in this new version.
git log --oneline "${current_version}..HEAD" --no-merges
}
generate_kata_deploy_commit() {
local new_version="$1"
[ -n "$new_version" ] || die "no new version"
printf "release: Adapt kata-deploy for %s" "${new_version}"
printf "\n
kata-deploy files must be adapted to a new release. The cases where it
happens are when the release goes from -> to:
* main -> stable:
* kata-deploy-stable / kata-cleanup-stable: are removed
* stable -> stable:
* kata-deploy / kata-cleanup: bump the release to the new one.
There are no changes when doing an alpha release, as the files on the
\"main\" branch always point to the \"latest\" and \"stable\" tags."
}
generate_revert_kata_deploy_commit() {
local new_version="$1"
[ -n "$new_version" ] || die "no new version"
printf "release: Revert kata-deploy changes after %s release" "${new_version}"
printf "\n
As %s has been released, let's switch the kata-deploy / kata-cleanup
tags back to \"latest\", and re-add the kata-deploy-stable and the
kata-cleanup-stable files." "${new_version}"
}
generate_commit() {
local new_version="$1"
local current_version="$2"
[ -n "$new_version" ] || die "no new version"
[ -n "$current_version" ] || die "no current version"
printf "release: Kata Containers %s\n\n" "${new_version}"
get_changes "$current_version"
}
bump_repo() {
local repo="${1:-}"
local new_version="${2:-}"
local target_branch="${3:-}"
[ -n "${repo}" ] || die "repository not provided"
[ -n "${new_version}" ] || die "no new version"
[ -n "${target_branch}" ] || die "no target branch"
local remote_repo="${organization}/${repo}"
local remote_github="https://github.com/${remote_repo}.git"
info "Update $repo to version $new_version"
info "remote: ${remote_github}"
git clone --quiet "${remote_github}"
pushd "${repo}" >>/dev/null
local kata_deploy_dir="tools/packaging/kata-deploy"
local kata_deploy_base="${kata_deploy_dir}/kata-deploy/base"
local kata_cleanup_base="${kata_deploy_dir}/kata-cleanup/base"
local kata_deploy_yaml="${kata_deploy_base}/kata-deploy.yaml"
local kata_cleanup_yaml="${kata_cleanup_base}/kata-cleanup.yaml"
local kata_deploy_stable_yaml="${kata_deploy_base}/kata-deploy-stable.yaml"
local kata_cleanup_stable_yaml="${kata_cleanup_base}/kata-cleanup-stable.yaml"
local tests_dir="tests"
local kubernetes_tests_dir="${tests_dir}/integration/kubernetes"
local kubernetes_tests_runner="${kubernetes_tests_dir}/gha-run.sh"
local kata_deploy_tests_dir="${tests_dir}/functional/kata-deploy"
local kata_deploy_tests_runner="${kata_deploy_tests_dir}/kata-deploy.bats"
branch="${new_version}-branch-bump"
git fetch origin "${target_branch}"
git checkout "origin/${target_branch}" -b "${branch}"
local current_version="$(egrep -v '^(#|$)' ./VERSION)"
info "Updating VERSION file"
echo "${new_version}" >VERSION
if git diff --exit-code; then
info "${repo} already in version ${new_version}"
return 0
fi
if [ "${repo}" == "kata-containers" ]; then
# Here there are 3 scenarios of what we can do, based on
# which branch we're targetting:
#
# 1) [main] ------> [main] NO-OP
# "alpha0" "alpha1"
#
# +----------------+----------------+
# | from | to |
# -------------------+----------------+----------------+
# kata-deploy | "latest" | "latest" |
# -------------------+----------------+----------------+
# kata-deploy-stable | "stable | "stable" |
# -------------------+----------------+----------------+
#
#
# 2) [main] ------> [stable] Update kata-deploy and
# "alpha2" "rc0" get rid of kata-deploy-stable
#
# +----------------+----------------+
# | from | to |
# -------------------+----------------+----------------+
# kata-deploy | "latest" | "latest" |
# -------------------+----------------+----------------+
# kata-deploy-stable | "stable" | REMOVED |
# -------------------+----------------+----------------+
#
#
# 3) [stable] ------> [stable] Update kata-deploy
# "x.y.z" "x.y.(z+1)"
#
# +----------------+----------------+
# | from | to |
# -------------------+----------------+----------------+
# kata-deploy | "x.y.z" | "x.y.(z+1)" |
# -------------------+----------------+----------------+
# kata-deploy-stable | NON-EXISTENT | NON-EXISTENT |
# -------------------+----------------+----------------+
local registry="quay.io/kata-containers/kata-deploy"
info "Updating kata-deploy / kata-cleanup image tags"
local version_to_replace="${current_version}"
local replacement="${new_version}"
local need_commit=false
if [ "${target_branch}" == "main" ];then
if [[ "${new_version}" =~ "rc" ]]; then
## We are bumping from alpha to RC, should drop kata-deploy-stable yamls.
git rm "${kata_deploy_stable_yaml}"
git rm "${kata_cleanup_stable_yaml}"
need_commit=true
fi
elif [[ ! "${new_version}" =~ "rc" ]]; then
## We are on a stable branch and creating new stable releases.
## Need to change kata-deploy / kata-cleanup to use the stable tags.
if [[ "${version_to_replace}" =~ "rc" ]]; then
## Coming from "rcX" so from the latest tag.
version_to_replace="latest"
fi
sed -i "s#${registry}:${version_to_replace}#${registry}:${replacement}#g" "${kata_deploy_yaml}"
sed -i "s#${registry}:${version_to_replace}#${registry}:${replacement}#g" "${kata_cleanup_yaml}"
sed -i "s#${registry}:${version_to_replace}#${registry}:${replacement}#g" "${kubernetes_tests_runner}"
sed -i "s#${registry}:${version_to_replace}#${registry}:${replacement}#g" "${kata_deploy_tests_runner}"
git diff
git add "${kata_deploy_yaml}"
git add "${kata_cleanup_yaml}"
git add "${kubernetes_tests_runner}"
git add "${kata_deploy_tests_runner}"
need_commit=true
fi
if [ "${need_commit}" == "true" ]; then
info "Creating the commit with the kata-deploy changes"
local commit_msg="$(generate_kata_deploy_commit $new_version)"
git commit -s -m "${commit_msg}"
local kata_deploy_commit="$(git rev-parse HEAD)"
fi
fi
info "Creating PR message"
local pr_title="# Kata Containers ${new_version}"
local notes_file="${tmp_dir}/notes.md"
cat <<EOF >"${notes_file}"
$(get_changes "$current_version")
EOF
printf "%s\n\n" "${pr_title}"
cat "${notes_file}"
if (echo "${current_version}" | grep "alpha") && (echo "${new_version}" | grep -v "alpha");then
info "update move from alpha, check if new version is rc0"
if echo "$new_version" | grep -v "rc0"; then
die "bump should be from alpha to rc0"
fi
info "OK"
fi
git add VERSION
info "Creating commit with new changes"
commit_msg="$(generate_commit $new_version $current_version)"
git commit -s -m "${commit_msg}"
if [[ ${PUSH} == "true" ]]; then
get_gh
gh_id=$(${gh_cli} auth status --hostname github.com | awk 'match($0, /Logged in to github.com as ([^ ]+)/, line) { print substr($0, line[1, "start"], line[1, "length"]) }')
info "Forking remote"
${gh_cli} repo set-default "${remote_repo}"
${gh_cli} repo fork --remote --remote-name=fork
info "Push to fork"
git push fork -f "${branch}"
info "Create PR"
out=""
out=$(LC_ALL=C LANG=C "${gh_cli}" pr create --base "${target_branch}" --title "${pr_title}" --body-file "${notes_file}" --head "${gh_id}:${branch}" 2>&1) || echo "$out" | grep "already exists"
fi
if [ "${repo}" == "kata-containers" ] && [ "${target_branch}" == "main" ] && [[ "${new_version}" =~ "rc" ]]; then
reverting_kata_deploy_changes_branch="revert-kata-deploy-changes-after-${new_version}-release"
git checkout -b "${reverting_kata_deploy_changes_branch}"
git revert --no-edit ${kata_deploy_commit} >>/dev/null
commit_msg="$(generate_revert_kata_deploy_commit $new_version)"
info "Creating the commit message reverting the kata-deploy changes"
git commit --amend -s -m "${commit_msg}"
pr_title=$(echo "${commit_msg}" | head -1)
echo "${commit_msg}" | tail -n +3 >"${notes_file}"
echo "" >>"${notes_file}"
echo "Only merge this commit after ${new_version} release is successfully tagged!" >>"${notes_file}"
if [[ ${PUSH} == "true" ]]; then
info "Push \"${reverting_kata_deploy_changes_branch}\" to fork"
git push fork -f "${reverting_kata_deploy_changes_branch}"
info "Create \"${reverting_kata_deploy_changes_branch}\" PR"
out=""
out=$(LC_ALL=C LANG=C "${gh_cli}" pr create --base "${target_branch}" --title "${pr_title}" --body-file "${notes_file}" --head "${gh_id}:${reverting_kata_deploy_changes_branch}" 2>&1) || echo "$out" | grep "already exists"
fi
fi
popd >>/dev/null
}
usage() {
exit_code="$1"
cat <<EOF
Usage:
${script_name} [options] <args>
Args:
<new-version> : New version to bump the repository
<target-branch> : The base branch to create to PR
Example:
${script_name} 1.10
Options
-h : Show this help
-p : create a PR
EOF
exit "$exit_code"
}
repos=(
"kata-containers"
)
main(){
while getopts "hp" opt; do
case $opt in
h) usage 0 ;;
p) PUSH="true" ;;
esac
done
shift $((OPTIND - 1))
new_version="${1:-}"
target_branch="${2:-}"
[ -n "${new_version}" ] || { echo "ERROR: no new version" && usage 1; }
[ -n "${target_branch}" ] || die "no target branch"
for repo in "${repos[@]}"
do
pushd "$tmp_dir" >>/dev/null
bump_repo "${repo}" "${new_version}" "${target_branch}"
popd >>/dev/null
done
}
main $@

54
tools/packaging/release/update-repository-version_test.sh
View File

@ -1,54 +0,0 @@
#!/usr/bin/env bash
#
#Copyright (c) 2018 Intel Corporation
#
#SPDX-License-Identifier: Apache-2.0
#
set -o errexit
set -o nounset
set -o pipefail
readonly script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
out=""
handle_error() {
echo "not ok"
echo "output: ${out}"
}
OK() {
echo "ok"
}
output_should_contain() {
local output="$1"
local text_to_find="$2"
[ -n "$output" ]
[ -n "$text_to_find" ]
echo "${output}" | grep "${text_to_find}"
}
trap handle_error ERR
echo "Missing args show help"
out=$("${script_dir}/update-repository-version.sh" 2>&1) || (($? != 0))
echo "${out}" | grep Usage >>/dev/null
output_should_contain "${out}" "Usage"
OK
echo "Missing version show help"
out=$("${script_dir}/update-repository-version.sh" 2>&1) || (($? != 0))
echo "${out}" | grep Usage >>/dev/null
echo "${out}" | grep "no new version" >>/dev/null
OK
echo "help option"
out=$("${script_dir}/update-repository-version.sh" -h)
output_should_contain "${out}" "Usage"
OK
echo "Local update version update should work"
new_version="50.0.0-rc0"
out=$("${script_dir}/update-repository-version.sh" "${new_version}" "main" 2>&1)
output_should_contain "${out}" "release: Kata Containers ${new_version}"
OK