diff --git a/.github/workflows/add-backport-label.yaml b/.github/workflows/add-backport-label.yaml deleted file mode 100644 index 5f033f3cd2..0000000000 --- a/.github/workflows/add-backport-label.yaml +++ /dev/null @@ -1,91 +0,0 @@ -name: Add backport label - -on: - pull_request: - types: - - opened - - synchronize - - reopened - - edited - - labeled - - unlabeled - -concurrency: - group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} - cancel-in-progress: true - -jobs: - check-issues: - if: ${{ github.event.label.name != 'auto-backport' }} - runs-on: ubuntu-latest - steps: - - name: Checkout code to get gh-utils script - if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }} - uses: actions/checkout@v4 - - - name: Determine whether to add label - if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }} - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - CONTAINS_AUTO_BACKPORT: ${{ contains(github.event.pull_request.labels.*.name, 'auto-backport') }} - id: add_label - run: | - pr=${{ github.event.pull_request.number }} - linked_issues=$(./ci/gh-util.sh \ - list-issues-for-pr "$pr" |\ - grep -v "^\#" || true) - [ -z "${linked_issues}" ] && { - echo "::error::No linked issues for PR $pr" - exit 1 - } - has_bug=false - for issue in $(echo "$linked_issues") - do - labels=$(./ci/gh-util.sh list-labels-for-issue "$issue") - - label_names=$(echo $labels | jq -r '.labels[].name' || true) - if [[ "$label_names" =~ "bug" ]]; then - has_bug=true - break - fi - done - - has_backport_needed_label=${{ contains(github.event.pull_request.labels.*.name, 'needs-backport') }} - has_no_backport_needed_label=${{ contains(github.event.pull_request.labels.*.name, 'no-backport-needed') }} - - echo "add_backport_label=false" >> $GITHUB_OUTPUT - if [ $has_backport_needed_label = true ] || [ $has_bug = true ]; then - if [[ $has_no_backport_needed_label = false ]]; then - echo "add_backport_label=true" >> $GITHUB_OUTPUT - fi - fi - - # Do not spam comment, only if auto-backport label is going to be newly added. - echo "auto_backport_added=$CONTAINS_AUTO_BACKPORT" >> $GITHUB_OUTPUT - - - name: Add comment - if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') && steps.add_label.outputs.add_backport_label == 'true' && steps.add_label.outputs.auto_backport_added == 'false' }} - uses: actions/github-script@v6 - with: - script: | - github.rest.issues.createComment({ - issue_number: context.issue.number, - owner: context.repo.owner, - repo: context.repo.repo, - body: 'This issue has been marked for auto-backporting. Add label(s) backport-to-BRANCHNAME to backport to them' - }) - - # Allow label to be removed by adding no-backport-needed label - - name: Remove auto-backport label - if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') && steps.add_label.outputs.add_backport_label == 'false' }} - uses: andymckay/labeler@e6c4322d0397f3240f0e7e30a33b5c5df2d39e90 - with: - remove-labels: "auto-backport" - repo-token: ${{ secrets.GITHUB_TOKEN }} - - - name: Add auto-backport label - if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') && steps.add_label.outputs.add_backport_label == 'true' }} - uses: andymckay/labeler@e6c4322d0397f3240f0e7e30a33b5c5df2d39e90 - with: - add-labels: "auto-backport" - repo-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/auto-backport.yaml b/.github/workflows/auto-backport.yaml deleted file mode 100644 index e2be390227..0000000000 --- a/.github/workflows/auto-backport.yaml +++ /dev/null @@ -1,33 +0,0 @@ -on: - pull_request_target: - types: ["labeled", "closed"] - -concurrency: - group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} - cancel-in-progress: true - -jobs: - backport: - name: Backport PR - runs-on: ubuntu-latest - if: | - github.event.pull_request.merged == true - && contains(github.event.pull_request.labels.*.name, 'auto-backport') - && ( - (github.event.action == 'labeled' && github.event.label.name == 'auto-backport') - || (github.event.action == 'closed') - ) - steps: - - name: Backport Action - uses: sqren/backport-github-action@v8.9.2 - with: - github_token: ${{ secrets.GITHUB_TOKEN }} - auto_backport_label_prefix: backport-to- - - - name: Info log - if: ${{ success() }} - run: cat /home/runner/.backport/backport.info.log - - - name: Debug log - if: ${{ failure() }} - run: cat /home/runner/.backport/backport.debug.log diff --git a/.github/workflows/payload-after-push.yaml b/.github/workflows/payload-after-push.yaml index 7f8d32fb5d..cb0ecdef33 100644 --- a/.github/workflows/payload-after-push.yaml +++ b/.github/workflows/payload-after-push.yaml @@ -103,9 +103,7 @@ jobs: - name: Push multi-arch manifest run: | - docker manifest create quay.io/kata-containers/kata-deploy-ci:kata-containers-latest \ - --amend quay.io/kata-containers/kata-deploy-ci:kata-containers-amd64 \ - --amend quay.io/kata-containers/kata-deploy-ci:kata-containers-arm64 \ - --amend quay.io/kata-containers/kata-deploy-ci:kata-containers-s390x \ - --amend quay.io/kata-containers/kata-deploy-ci:kata-containers-ppc64le - docker manifest push quay.io/kata-containers/kata-deploy-ci:kata-containers-latest + ./tools/packaging/release/release.sh publish-multiarch-manifest + env: + KATA_DEPLOY_IMAGE_TAGS="kata-containers-latest" + KATA_DEPLOY_REGISTRIES="quay.io/kata-containers/kata-deploy-ci" diff --git a/.github/workflows/release-major.yaml b/.github/workflows/release-major.yaml new file mode 100644 index 0000000000..6cdc71cb2e --- /dev/null +++ b/.github/workflows/release-major.yaml @@ -0,0 +1,10 @@ +name: Major Release +on: + workflow_dispatch + +jobs: + major-release: + uses: ./.github/workflows/release.yaml + with: + release-type: major + secrets: inherit \ No newline at end of file diff --git a/.github/workflows/release-minor.yaml b/.github/workflows/release-minor.yaml new file mode 100644 index 0000000000..9b285d03c8 --- /dev/null +++ b/.github/workflows/release-minor.yaml @@ -0,0 +1,10 @@ +name: Minor Release +on: + workflow_dispatch + +jobs: + minor-release: + uses: ./.github/workflows/release.yaml + with: + release-type: minor + secrets: inherit \ No newline at end of file diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 39360b14c1..e54c356f2b 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -1,14 +1,37 @@ -name: Publish Kata release artifacts +name: Release Kata Containers on: - push: - tags: - - '[0-9]+.[0-9]+.[0-9]+*' - -concurrency: - group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} - cancel-in-progress: true + workflow_call: + inputs: + release-type: + required: true + type: string jobs: + release: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Get the new release version + run: | + release_version=$(./tools/packaging/release/release.sh next-release-version) + echo "RELEASE_VERSION=$release_version" >> "$GITHUB_ENV" + env: + RELEASE_TYPE: ${{ inputs.release-type }} + + - name: Update VERSION file + run: | + ./tools/packaging/release/release.sh update-version-file + + - name: Create a new release + run: | + ./tools/packaging/release/release.sh create-new-release + env: + GH_TOKEN: ${{ github.token }} + build-and-push-assets-amd64: uses: ./.github/workflows/release-amd64.yaml with: @@ -55,27 +78,12 @@ jobs: - name: Push multi-arch manifest run: | - # tag the container image we created and push to DockerHub - tag=$(echo $GITHUB_REF | cut -d/ -f3-) - tags=($tag) - tags+=($([[ "$tag" =~ "alpha"|"rc" ]] && echo "latest" || echo "stable")) - # push to quay.io and docker.io - for tag in ${tags[@]}; do - docker manifest create quay.io/kata-containers/kata-deploy:${tag} \ - --amend quay.io/kata-containers/kata-deploy:${tag}-amd64 \ - --amend quay.io/kata-containers/kata-deploy:${tag}-arm64 \ - --amend quay.io/kata-containers/kata-deploy:${tag}-s390x \ - --amend quay.io/kata-containers/kata-deploy:${tag}-ppc64le + tags="$(cat VERSION) latest" + echo "KATA_DEPLOY_IMAGE_TAGS=\"${tags}\"" >> "$GITHUB_ENV" - docker manifest create docker.io/katadocker/kata-deploy:${tag} \ - --amend docker.io/katadocker/kata-deploy:${tag}-amd64 \ - --amend docker.io/katadocker/kata-deploy:${tag}-arm64 \ - --amend docker.io/katadocker/kata-deploy:${tag}-s390x \ - --amend docker.io/katadocker/kata-deploy:${tag}-ppc64le - - docker manifest push quay.io/kata-containers/kata-deploy:${tag} - docker manifest push docker.io/katadocker/kata-deploy:${tag} - done + ./tools/packaging/release/release.sh publish-multiarch-manifest + env: + KATA_DEPLOY_REGISTRIES: "quay.io/kata-containers/kata-deploy docker.io/katadocker/kata-deploy" upload-multi-arch-static-tarball: needs: publish-multi-arch-images @@ -83,19 +91,21 @@ jobs: steps: - uses: actions/checkout@v4 + - name: Set KATA_STATIC_TARBALL env var + run: | + tarball=$(pwd)/kata-static.tar.xz + echo "KATA_STATIC_TARBALL=${tarball}" >> "$GITHUB_ENV" + - name: download-artifacts-amd64 uses: actions/download-artifact@v3 with: name: kata-static-tarball-amd64 - name: push amd64 static tarball to github run: | - tag=$(echo $GITHUB_REF | cut -d/ -f3-) - tarball="kata-static-$tag-amd64.tar.xz" - mv kata-static.tar.xz "$GITHUB_WORKSPACE/${tarball}" - pushd $GITHUB_WORKSPACE - echo "uploading asset '${tarball}' for tag: ${tag}" - GITHUB_TOKEN=${{ secrets.GIT_UPLOAD_TOKEN }} gh release upload "${tag}" "${tarball}" - popd + ./tools/packaging/release/release.sh upload-kata-static-tarball + env: + GH_TOKEN: ${{ github.token }} + ARCHITECTURE: amd64 - name: download-artifacts-arm64 uses: actions/download-artifact@v3 @@ -103,13 +113,10 @@ jobs: name: kata-static-tarball-arm64 - name: push arm64 static tarball to github run: | - tag=$(echo $GITHUB_REF | cut -d/ -f3-) - tarball="kata-static-$tag-arm64.tar.xz" - mv kata-static.tar.xz "$GITHUB_WORKSPACE/${tarball}" - pushd $GITHUB_WORKSPACE - echo "uploading asset '${tarball}' for tag: ${tag}" - GITHUB_TOKEN=${{ secrets.GIT_UPLOAD_TOKEN }} gh release upload "${tag}" "${tarball}" - popd + ./tools/packaging/release/release.sh upload-kata-static-tarball + env: + GH_TOKEN: ${{ github.token }} + ARCHITECTURE: arm4 - name: download-artifacts-s390x uses: actions/download-artifact@v3 @@ -117,13 +124,10 @@ jobs: name: kata-static-tarball-s390x - name: push s390x static tarball to github run: | - tag=$(echo $GITHUB_REF | cut -d/ -f3-) - tarball="kata-static-$tag-s390x.tar.xz" - mv kata-static.tar.xz "$GITHUB_WORKSPACE/${tarball}" - pushd $GITHUB_WORKSPACE - echo "uploading asset '${tarball}' for tag: ${tag}" - GITHUB_TOKEN=${{ secrets.GIT_UPLOAD_TOKEN }} gh release upload "${tag}" "${tarball}" - popd + ./tools/packaging/release/release.sh upload-kata-static-tarball + env: + GH_TOKEN: ${{ github.token }} + ARCHITECTURE: s390x - name: download-artifacts-ppc64le uses: actions/download-artifact@v3 @@ -131,28 +135,20 @@ jobs: name: kata-static-tarball-ppc64le - name: push ppc64le static tarball to github run: | - tag=$(echo $GITHUB_REF | cut -d/ -f3-) - tarball="kata-static-$tag-ppc64le.tar.xz" - mv kata-static.tar.xz "$GITHUB_WORKSPACE/${tarball}" - pushd $GITHUB_WORKSPACE - echo "uploading asset '${tarball}' for tag: ${tag}" - GITHUB_TOKEN=${{ secrets.GIT_UPLOAD_TOKEN }} hub release edit -m "" -a "${tarball}" "${tag}" - popd + ./tools/packaging/release/release.sh upload-kata-static-tarball + env: + GH_TOKEN: ${{ github.token }} + ARCHITECTURE: ppc64le upload-versions-yaml: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: upload versions.yaml - env: - GITHUB_TOKEN: ${{ secrets.GIT_UPLOAD_TOKEN }} run: | - tag=$(echo $GITHUB_REF | cut -d/ -f3-) - pushd $GITHUB_WORKSPACE - versions_file="kata-containers-$tag-versions.yaml" - cp versions.yaml ${versions_file} - gh release upload "${tag}" "${versions_file}" - popd + ./tools/packaging/release/release.sh upload-versions-yaml-file + env: + GH_TOKEN: ${{ github.token }} upload-cargo-vendored-tarball: needs: upload-multi-arch-static-tarball @@ -161,12 +157,9 @@ jobs: - uses: actions/checkout@v4 - name: generate-and-upload-tarball run: | - tag=$(echo $GITHUB_REF | cut -d/ -f3-) - tarball="kata-containers-$tag-vendor.tar.gz" - pushd $GITHUB_WORKSPACE - bash -c "tools/packaging/release/generate_vendor.sh ${tarball}" - GITHUB_TOKEN=${{ secrets.GIT_UPLOAD_TOKEN }} gh release upload "${tag}" "${tarball}" - popd + ./tools/packaging/release/release.sh upload-vendored-code-tarball + env: + GH_TOKEN: ${{ github.token }} upload-libseccomp-tarball: needs: upload-cargo-vendored-tarball @@ -174,21 +167,7 @@ jobs: steps: - uses: actions/checkout@v4 - name: download-and-upload-tarball - env: - GITHUB_TOKEN: ${{ secrets.GIT_UPLOAD_TOKEN }} - GOPATH: ${HOME}/go run: | - pushd $GITHUB_WORKSPACE - ./ci/install_yq.sh - tag=$(echo $GITHUB_REF | cut -d/ -f3-) - versions_yaml="versions.yaml" - version=$(${GOPATH}/bin/yq read ${versions_yaml} "externals.libseccomp.version") - repo_url=$(${GOPATH}/bin/yq read ${versions_yaml} "externals.libseccomp.url") - download_url="${repo_url}/releases/download/v${version}" - tarball="libseccomp-${version}.tar.gz" - asc="${tarball}.asc" - curl -sSLO "${download_url}/${tarball}" - curl -sSLO "${download_url}/${asc}" - gh release upload "${tag}" "${tarball}" - gh release upload "${tag}" "${asc}" - popd + ./tools/packaging/release/release.sh upload-libseccomp-tarball + env: + GH_TOKEN: ${{ github.token }} diff --git a/.github/workflows/require-pr-porting-labels.yaml b/.github/workflows/require-pr-porting-labels.yaml deleted file mode 100644 index e1b0c9c7d8..0000000000 --- a/.github/workflows/require-pr-porting-labels.yaml +++ /dev/null @@ -1,68 +0,0 @@ -# Copyright (c) 2020 Intel Corporation -# -# SPDX-License-Identifier: Apache-2.0 -# - -name: Ensure PR has required porting labels - -on: - pull_request_target: - types: - - opened - - reopened - - labeled - - unlabeled - branches: - - main - -concurrency: - group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} - cancel-in-progress: true - -jobs: - check-pr-porting-labels: - runs-on: ubuntu-latest - steps: - - name: Install hub - if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }} - run: | - HUB_ARCH="amd64" - HUB_VER=$(curl -sL "https://api.github.com/repos/github/hub/releases/latest" |\ - jq -r .tag_name | sed 's/^v//') - curl -sL \ - "https://github.com/github/hub/releases/download/v${HUB_VER}/hub-linux-${HUB_ARCH}-${HUB_VER}.tgz" |\ - tar xz --strip-components=2 --wildcards '*/bin/hub' && \ - sudo install hub /usr/local/bin - - - name: Checkout code to allow hub to communicate with the project - if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }} - uses: actions/checkout@v4 - with: - ref: ${{ github.event.pull_request.head.sha }} - fetch-depth: 0 - - - name: Rebase atop of the latest target branch - if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }} - run: | - ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch" - env: - TARGET_BRANCH: ${{ github.event.pull_request.base.ref }} - - - name: Install porting checker script - run: | - # Clone into a temporary directory to avoid overwriting - # any existing github directory. - pushd $(mktemp -d) &>/dev/null - git clone --single-branch --depth 1 "https://github.com/kata-containers/.github" && cd .github/scripts - sudo install pr-porting-checks.sh /usr/local/bin - popd &>/dev/null - - - name: Stop PR being merged unless it has a correct set of porting labels - if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }} - env: - GITHUB_TOKEN: ${{ secrets.KATA_GITHUB_ACTIONS_TOKEN }} - run: | - pr=${{ github.event.number }} - repo=${{ github.repository }} - - pr-porting-checks.sh "$pr" "$repo" diff --git a/docs/Release-Process.md b/docs/Release-Process.md index a0d08e58b8..3d9c34c3ac 100644 --- a/docs/Release-Process.md +++ b/docs/Release-Process.md @@ -1,71 +1,42 @@ # How to do a Kata Containers Release - This document lists the tasks required to create a Kata Release. +This document lists the tasks required to create a Kata Release. ## Requirements -- [gh](https://cli.github.com) - * Install and configure the GitHub CLI (gh) as detailed at https://docs.github.com/en/github-cli/github-cli/quickstart#prerequisites . - -- GitHub permissions to push tags and create releases in the Kata repository. - -- GPG configured to sign git tags. https://docs.github.com/en/authentication/managing-commit-signature-verification/generating-a-new-gpg-key - -- `gh auth login` should have configured `git push` and `git pull` to use HTTPS along with your GitHub credentials, - * As an alternative, you can still rely on SSH keys to push branches. See https://help.github.com/articles/adding-a-new-ssh-key-to-your-github-account . +- GitHub permissions to run workflows. ## Release Process +### Check GitHub Actions -### Bump the Kata repository +We make use of [GitHub actions](https://github.com/features/actions) in the +[minor](../.github/workflows/release-minor.yaml) and +[major](../.github/workflows/release-major.yaml) files from the +`kata-containers/kata-containers` repository to build and upload release +artifacts. - Bump the repository using the `./update-repository-version.sh` script in the Kata [release](../tools/packaging/release) directory, where: - - `BRANCH=` - - `NEW_VERSION=` - ``` - $ cd ${GOPATH}/src/github.com/kata-containers/kata-containers/tools/packaging/release - $ export NEW_VERSION= - $ export BRANCH= - $ ./update-repository-version.sh -p "$NEW_VERSION" "$BRANCH" - ``` +Those actions are manually triggered and are responsible for generating a new +release (including a new tag), pushing those to the +`kata-containers/kata-containers` repository. -### Merge the bump version Pull request +Check the [actions status +page](https://github.com/kata-containers/kata-containers/actions) to verify all +steps in the actions workflow have completed successfully. On success, a static +tarball containing Kata release artifacts will be uploaded to the [Release +page](https://github.com/kata-containers/kata-containers/releases). - - The above step will create a GitHub pull request in the Kata repository. Trigger the CI using `/test` command on the bump Pull request. - - Check any failures and fix if needed. - - Work with the Kata approvers to verify that the CI works and the pull request is merged. +### Improve the release notes -### Tag the Kata repository +Release notes are auto-generated by the GitHub CLI tool used as part of our +release workflow. However, some manual tweaking may still be necessary in +order to highlight the most important features and bug fixes in a specific +release. - Once the pull request to bump version in the Kata repository is merged, - tag the repository as shown below. - ``` - $ cd ${GOPATH}/src/github.com/kata-containers/kata-containers/tools/packaging/release - $ git checkout - $ git pull - $ ./tag_repos.sh -p -b "$BRANCH" tag - ``` - -### Check Git-hub Actions - - We make use of [GitHub actions](https://github.com/features/actions) in this [file](../.github/workflows/release.yaml) in the `kata-containers/kata-containers` repository to build and upload release artifacts. This action is auto triggered with the above step when a new tag is pushed to the `kata-containers/kata-containers` repository. - - Check the [actions status page](https://github.com/kata-containers/kata-containers/actions) to verify all steps in the actions workflow have completed successfully. On success, a static tarball containing Kata release artifacts will be uploaded to the [Release page](https://github.com/kata-containers/kata-containers/releases). - -### Create release notes - - We have the `./release-notes.sh` script in the [release](../tools/packaging/release) directory to create release notes that include a short-log of the commits. - - Run the script as shown below: - - ``` - $ cd ${GOPATH}/src/github.com/kata-containers/kata-containers/tools/packaging/release - # Note: OLD_VERSION is where the script should start to get changes. - $ ./release-notes.sh ${OLD_VERSION} ${NEW_VERSION} > notes.md - # Edit the `notes.md` file to review and make any changes to the release notes. - # Add the release notes in the project's GitHub. - $ gh release edit "${NEW_VERSION}" -F notes.md - ``` +With this in mind, please, poke @channel on #kata-dev and people who worked on +the release will be able to contribute to that. ### Announce the release - Publish in [Slack and Kata mailing list](https://github.com/kata-containers/community#join-us) that new release is ready. +Publish in [Slack and Kata mailing +list](https://github.com/kata-containers/community#join-us) that new release is +ready. diff --git a/tools/packaging/kata-deploy/kata-cleanup/base/kata-cleanup-stable.yaml b/tools/packaging/kata-deploy/kata-cleanup/base/kata-cleanup-stable.yaml deleted file mode 100644 index a36ea3b9c7..0000000000 --- a/tools/packaging/kata-deploy/kata-cleanup/base/kata-cleanup-stable.yaml +++ /dev/null @@ -1,45 +0,0 @@ ---- -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: kubelet-kata-cleanup - namespace: kube-system -spec: - selector: - matchLabels: - name: kubelet-kata-cleanup - template: - metadata: - labels: - name: kubelet-kata-cleanup - spec: - serviceAccountName: kata-deploy-sa - hostPID: true - nodeSelector: - katacontainers.io/kata-runtime: cleanup - containers: - - name: kube-kata-cleanup - image: quay.io/kata-containers/kata-deploy:stable - imagePullPolicy: Always - command: ["bash", "-c", "/opt/kata-artifacts/scripts/kata-deploy.sh reset"] - env: - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - name: DEBUG - value: "false" - - name: SHIMS - value: "clh dragonball fc qemu-nvidia-gpu qemu-sev qemu-snp qemu-tdx qemu" - - name: DEFAULT_SHIM - value: "qemu" - - name: CREATE_RUNTIMECLASSES - value: "false" - - name: CREATE_DEFAULT_RUNTIMECLASS - value: "false" - securityContext: - privileged: true - updateStrategy: - rollingUpdate: - maxUnavailable: 1 - type: RollingUpdate diff --git a/tools/packaging/kata-deploy/kata-deploy/base/kata-deploy-stable.yaml b/tools/packaging/kata-deploy/kata-deploy/base/kata-deploy-stable.yaml deleted file mode 100644 index cf78b8e5c7..0000000000 --- a/tools/packaging/kata-deploy/kata-deploy/base/kata-deploy-stable.yaml +++ /dev/null @@ -1,70 +0,0 @@ ---- -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: kata-deploy - namespace: kube-system -spec: - selector: - matchLabels: - name: kata-deploy - template: - metadata: - labels: - name: kata-deploy - spec: - serviceAccountName: kata-deploy-sa - hostPID: true - containers: - - name: kube-kata - image: quay.io/kata-containers/kata-deploy:stable - imagePullPolicy: Always - lifecycle: - preStop: - exec: - command: ["bash", "-c", "/opt/kata-artifacts/scripts/kata-deploy.sh cleanup"] - command: ["bash", "-c", "/opt/kata-artifacts/scripts/kata-deploy.sh install"] - env: - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - name: DEBUG - value: "false" - - name: SHIMS - value: "clh cloud-hypervisor dragonball fc qemu qemu-nvidia-gpu qemu-sev qemu-snp qemu-tdx" - - name: DEFAULT_SHIM - value: "qemu" - - name: CREATE_RUNTIMECLASSES - value: "false" - - name: CREATE_DEFAULT_RUNTIMECLASS - value: "false" - securityContext: - privileged: true - volumeMounts: - - name: crio-conf - mountPath: /etc/crio/ - - name: containerd-conf - mountPath: /etc/containerd/ - - name: kata-artifacts - mountPath: /opt/kata/ - - name: local-bin - mountPath: /usr/local/bin/ - volumes: - - name: crio-conf - hostPath: - path: /etc/crio/ - - name: containerd-conf - hostPath: - path: /etc/containerd/ - - name: kata-artifacts - hostPath: - path: /opt/kata/ - type: DirectoryOrCreate - - name: local-bin - hostPath: - path: /usr/local/bin/ - updateStrategy: - rollingUpdate: - maxUnavailable: 1 - type: RollingUpdate diff --git a/tools/packaging/kata-deploy/kata-deploy/overlays/stable/env_stable_conf.yaml b/tools/packaging/kata-deploy/kata-deploy/overlays/stable/env_stable_conf.yaml deleted file mode 100644 index 6f14f28842..0000000000 --- a/tools/packaging/kata-deploy/kata-deploy/overlays/stable/env_stable_conf.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: kata-deploy - namespace: kube-system -spec: - template: - spec: - containers: - - name: kube-kata - env: - - name: SHIMS - value: "clh cloud-hypervisor dragonball fc qemu qemu-nvidia-gpu qemu-sev qemu-snp qemu-tdx" diff --git a/tools/packaging/kata-deploy/kata-deploy/overlays/stable/kustomization.yaml b/tools/packaging/kata-deploy/kata-deploy/overlays/stable/kustomization.yaml deleted file mode 100644 index 6225193ee5..0000000000 --- a/tools/packaging/kata-deploy/kata-deploy/overlays/stable/kustomization.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: -- ../../base - -images: -- name: quay.io/kata-containers/kata-deploy - newTag: stable - -patches: -- path: env_stable_conf.yaml diff --git a/tools/packaging/release/release.sh b/tools/packaging/release/release.sh new file mode 100755 index 0000000000..46675c1bd9 --- /dev/null +++ b/tools/packaging/release/release.sh @@ -0,0 +1,193 @@ +#!/usr/bin/env bash +# +# Copyright (c) 2024 Intel Corporation +# +# SPDX-License-Identifier: Apache-2.0 +# + +set -o errexit +set -o nounset +set -o pipefail +set -o errtrace + +[ -n "${DEBUG:-}" ] && set -o xtrace + +this_script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +repo_root_dir="$(cd "$this_script_dir/../../../" && pwd)" + +IFS=' ' read -a IMAGE_TAGS <<< "${KATA_DEPLOY_IMAGE_TAGS:-}" +IFS=' ' read -a REGISTRIES <<< "${KATA_DEPLOY_REGISTRIES:-}" +GH_TOKEN="${GH_TOKEN:-}" +ARCHITECTURE="${ARCHITECURE:-}" +KATA_STATIC_TARBALL="${KATA_STATIC_TARBALL:-}" +RELEASE_VERSION="${RELEASE_VERSION:-}" +RELEASE_TYPE="${RELEASE_TYPE:-minor}" + +function _die() +{ + echo >&2 "ERROR: $*" + exit 1 +} + +function _check_required_env_var() +{ + local env_var + + case ${1} in + KATA_DEPLOY_IMAGE_TAGS) env_var="${KATA_DEPLOY_IMAGE_TAGS}" ;; + KATA_DEPLOY_REGISTRIES) env_var="${KATA_DEPLOY_REGISTRIES}" ;; + *) >&2 _die "Invalid environment variable \"${1}\"" ;; + esac + + [ -z "${env_var}" ] && \ + _die "\"${1}\" environment variable is required but was not set" +} + +function _next_release_version() +{ + local current_release=$(cat "${repo_root_dir}/VERSION") + local current_major + local current_everything_else + local next_major + local next_minor + + IFS="." read current_major current_minor current_everything_else <<< ${current_release} + + case ${RELEASE_TYPE} in + major) + next_major=$(expr $current_major + 1) + next_minor=0 + ;; + minor) + next_major=${current_major} + # TODO: As we're moving from an alpha release to the + # new scheme, this check is needed for the very first + # release, after that it can be dropped and only the + # else part can be kept. + if grep -qE "alpha|rc" <<< ${current_everything_else}; then + next_minor=${current_minor} + else + next_minor=$(expr $current_minor + 1) + fi + ;; + *) + _die "${RELEASE_TYPE} is not a valid release type, it must be: major or minor" + ;; + esac + + next_release_number="${next_major}.${next_minor}.0" + echo "test-${next_release_number}" +} + +function _update_version_file() +{ + _check_required_env_var "RELEASE_VERSION" + + git config user.email "katacontainersbot@gmail.com" + git config user.name "Kata Containers Bot" + + echo "${RELEASE_VERSION}" > "${repo_root_dir}/VERSION" + git diff + git add "${repo_root_dir}/VERSION" + git commit -s -m "release: Kata Containers ${RELEASE_VERSION}" + git push +} + +function _create_new_release() +{ + _check_required_env_var "RELEASE_VERSION" + _check_required_env_var "GH_TOKEN" + + gh release create ${RELEASE_VERSION} --generate-notes --title "Kata Containers ${RELEASE_VERSION}" +} + +function _publish_multiarch_manifest() +{ + _check_required_env_var "KATA_DEPLOY_IMAGE_TAGS" + _check_required_env_var "KATA_DEPLOY_REGISTRIES" + + for registry in ${REGISTRIES[@]}; do + for tag in ${IMAGE_TAGS[@]}; do + docker manifest create ${registry}:${tag} \ + --amend ${registry}:${tag}-amd64 \ + --amend ${registry}:${tag}-arm64 \ + --amend ${registry}:${tag}-s390x \ + --amend ${registry}:${tag}-ppc64le + + docker manifest push ${registry}:${tag} + done + done +} + +function _upload_kata_static_tarball() +{ + _check_required_env_var "GH_TOKEN" + _check_required_env_var "ARCHITECTURE" + _check_required_env_var "KATA_STATIC_TARBALL" + + [ -z "${RELEASE_VERSION}" ] && RELEASE_VERSION=$(cat "${repo_root_dir}/VERSION") + + new_tarball_name="kata-static-${RELEASE_VERSION}-${ARCHITECTURE}.tar.xz" + mv ${KATA_STATIC_TARBALL} "${new_tarball_name}" + echo "uploading asset '${new_tarball_name}' (${ARCHITECTURE}) for tag: ${RELEASE_VERSION}" + gh release upload "${RELEASE_VERSION}" "${new_tarball_name}" +} + +function _upload_versions_yaml_file() +{ + [ -z "${RELEASE_VERSION}" ] && RELEASE_VERSION=$(cat "${repo_root_dir}/VERSION") + + versions_file="kata-containers-${RELEASE_VERSION}-versions.yaml" + cp "${repo_root_dir}/versions.yaml" ${versions_file} + gh release upload "${RELEASE_VERSION}" "${versions_file}" +} + +function _upload_vendored_code_tarball() +{ + _check_required_env_var "GH_TOKEN" + + [ -z "${RELEASE_VERSION}" ] && RELEASE_VERSION=$(cat "${repo_root_dir}/VERSION") + + vendored_code_tarball="kata-containers-${RELEASE_VERSION}-vendor.tar.gz" + bash -c "${repo_root_dir}/tools/packaging/release/generate_vendor.sh ${vendored_code_tarball}" + gh release upload "${RELEASE_VERSION}" "${vendored_code_tarball}" +} + +function _upload_libseccomp_tarball() +{ + _check_required_env_var "GH_TOKEN" + + [ -z "${RELEASE_VERSION}" ] && RELEASE_VERSION=$(cat "${repo_root_dir}/VERSION") + + INSTALL_IN_GO_PATH=false ${repo_root_dir}/ci/install_yq.sh + + versions_yaml="versions.yaml" + version=$(/usr/local/bin/yq read ${versions_yaml} "externals.libseccomp.version") + repo_url=$(/usr/local/bin/yq read ${versions_yaml} "externals.libseccomp.url") + download_url="${repo_url}releases/download/v${version}" + tarball="libseccomp-${version}.tar.gz" + asc="${tarball}.asc" + curl -sSLO "${download_url}/${tarball}" + curl -sSLO "${download_url}/${asc}" + gh release upload "${RELEASE_VERSION}" "${tarball}" + gh release upload "${RELEASE_VERSIOB}" "${asc}" +} + +function main() +{ + action="${1:-}" + + case "${action}" in + publish-multiarch-manifest) _publish_multiarch_manifest ;; + update-version-file) _update_version_file ;; + next-release-version) _next_release_version;; + create-new-release) _create_new_release ;; + upload-kata-static-tarball) _upload_kata_static_tarball ;; + upload-versions-yaml-file) _upload_versions_yaml_file ;; + upload-vendored-code-tarball) _upload_vendored_code_tarball ;; + upload-libseccomp-tarball) _upload_libseccomp_tarball ;; + *) >&2 _die "Invalid argument" ;; + esac +} + +main "$@" diff --git a/tools/packaging/release/tag_repos.sh b/tools/packaging/release/tag_repos.sh deleted file mode 100755 index ece0cd561d..0000000000 --- a/tools/packaging/release/tag_repos.sh +++ /dev/null @@ -1,239 +0,0 @@ -#!/usr/bin/env bash -# -# Copyright (c) 2018 Intel Corporation -# -# SPDX-License-Identifier: Apache-2.0 -# - -set -o errexit -set -o nounset -set -o pipefail - -tmp_dir=$(mktemp -d -t tag-repos-tmp.XXXXXXXXXX) -script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" -script_name="$(basename "${BASH_SOURCE[0]}")" -OWNER=${OWNER:-"kata-containers"} -PROJECT="Kata Containers" -PUSH="${PUSH:-"false"}" -branch="main" -readonly URL_RAW_FILE="https://raw.githubusercontent.com/${OWNER}" -#The runtime version is used as reference of latest release -# This is set to the right value later. -kata_version="" -# Set if a new stable branch is created -stable_branch="" - -source "${script_dir}/../scripts/lib.sh" - -function usage() { - - cat < -This script creates a new release for ${PROJECT}. -It tags and create release for: -EOF - for r in "${repos[@]}"; do - echo " - ${r}" - done - - cat <: Takes a version to check all the components match with it (but not the runtime) -tag : Create tags for ${PROJECT} - -Options: --b : branch were will check the version. --h : Show this help --p : push tags - -EOF - -} - -finish() { - rm -rf "$tmp_dir" -} - -trap finish EXIT - -die() { - echo >&2 "ERROR: $*" - exit 1 -} - -info() { - echo "INFO: $*" -} - -repos=( - "kata-containers" -) - - -# The pre-release option at the check_versions function receives -# the runtime VERSION in order to check all the components match with it, -# this has the purpose that all the components have the same version before -# merging the runtime version -check_versions() { - version_to_check=${1:-} - if [ -z "${version_to_check}" ];then - info "Query the version from latest runtime in branch ${branch}" - else - kata_version="${version_to_check}" - fi - - info "Tagging ${PROJECT} with version ${kata_version}" - info "Check all repos has version ${kata_version} in VERSION file" - - for repo in "${repos[@]}"; do - if [ ! -z "${version_to_check}" ] && [ "${repo}" == "runtime" ]; then - info "Not checking runtime because we want the rest of repos are in ${version_to_check}" - continue - fi - repo_version=$(curl -Ls "${URL_RAW_FILE}/${repo}/${branch}/VERSION" | grep -v -P "^#") - info "${repo} is in $repo_version" - [ "${repo_version}" == "${kata_version}" ] || die "${repo} is not in version ${kata_version}" - done -} - -do_tag(){ - local tag=${1:-} - [ -n "${tag}" ] || die "No tag not provided" - if git rev-parse -q --verify "refs/tags/${tag}"; then - info "$repo already has tag" - else - info "Creating tag ${tag} for ${repo}" - git tag -a "${tag}" -s -m "${PROJECT} release ${tag}" - fi -} - -tag_repos() { - - info "Creating tag ${kata_version} in all repos" - for repo in "${repos[@]}"; do - git clone --quiet "https://github.com/${OWNER}/${repo}.git" - pushd "${repo}" >>/dev/null - git fetch origin - git checkout "${branch}" - version_from_file=$(cat ./VERSION) - info "Check VERSION file has ${kata_version}" - if [ "${version_from_file}" != "${kata_version}" ];then - die "mismatch: VERSION file (${version_from_file}) and runtime version ${kata_version}" - else - echo "OK" - fi - git fetch origin --tags - tag="$kata_version" - if [[ "packaging" == "${repo}" ]];then - do_tag "${tag}-kernel-config" - fi - - do_tag "${tag}" - - if [ "${branch}" == "main" ]; then - if echo "${tag}" | grep -oP '.*-rc0$'; then - info "This is a rc0 for main - creating stable branch" - stable_branch=$(echo ${tag} | awk 'BEGIN{FS=OFS="."}{print $1 "." $2}') - stable_branch="stable-${stable_branch}" - info "creating branch ${stable_branch} for ${repo}" - git checkout -b "${stable_branch}" "${branch}" - - fi - fi - - popd >>/dev/null - done -} - -push_tags() { - info "Pushing tags to repos" - get_gh - for repo in "${repos[@]}"; do - pushd "${repo}" >>/dev/null - ${gh_cli} repo set-default "${OWNER}/${repo}" - if [ $(${gh_cli} config get git_protocol) = ssh ]; then - git remote set-url --push origin "git@github.com:${OWNER}/${repo}.git" - fi - tag="$kata_version" - if [[ "packaging" == "${repo}" ]];then - ktag="${tag}-kernel-config" - info "Push tag ${ktag} for ${repo}" - git push origin "${ktag}" - fi - info "Push tag ${tag} for ${repo}" - git push origin "${tag}" - create_github_release "${PWD}" "${tag}" - if [ "${stable_branch}" != "" ]; then - info "Pushing stable ${stable_branch} branch for ${repo}" - git push origin ${stable_branch} - fi - popd >>/dev/null - done -} - -create_github_release() { - repo_dir=${1:-} - tag=${2:-} - [ -d "${repo_dir}" ] || die "No repository directory" - [ -n "${tag}" ] || die "No tag specified" - if ! "${gh_cli}" release view "${tag}"; then - info "Creating Github release" - if [[ "$tag" =~ "-rc" ]]; then - rc_args="-p" - fi - rc_args=${rc_args:-} - pushd "${repo_dir}" - "${gh_cli}" release create ${rc_args} --title "${PROJECT} ${tag}" "${tag}" --notes "" - popd - else - info "Github release already created" - fi -} - -main () { - while getopts "b:hp" opt; do - case $opt in - b) branch="${OPTARG}" ;; - h) usage && exit 0 ;; - p) PUSH="true" ;; - esac - done - shift $((OPTIND - 1)) - - subcmd=${1:-""} - shift || true - kata_version=$(curl -Ls "${URL_RAW_FILE}/kata-containers/${branch}/VERSION" | grep -v -P "^#") - - [ -z "${subcmd}" ] && usage && exit 0 - - pushd "${tmp_dir}" >>/dev/null - - case "${subcmd}" in - status) - check_versions - ;; - pre-release) - local target_version=${1:-} - [ -n "${target_version}" ] || die "No version provided" - check_versions "${target_version}" - ;; - tag) - check_versions - tag_repos - if [ "${PUSH}" == "true" ]; then - push_tags - else - info "tags not pushed, use -p option to push the tags" - fi - ;; - *) - usage && die "Invalid argument ${subcmd}" - ;; - - esac - - popd >>/dev/null -} -main "$@" diff --git a/tools/packaging/release/tag_repos_test.sh b/tools/packaging/release/tag_repos_test.sh deleted file mode 100755 index b88161e9ac..0000000000 --- a/tools/packaging/release/tag_repos_test.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/usr/bin/env bash -# -# Copyright (c) 2018 Intel Corporation -# -# SPDX-License-Identifier: Apache-2.0 -# - -set -o errexit -set -o nounset -set -o pipefail - -echo "Check tag_repos.sh show help" -./release/tag_repos.sh | grep Usage - -echo "Check tag_repos.sh -h option" -./release/tag_repos.sh -h | grep Usage - -echo "Check tag_repos.sh status" -./release/tag_repos.sh status | grep kata-containers - -echo "Check tag_repos.sh pre-release" -./release/tag_repos.sh pre-release $(curl -sL https://raw.githubusercontent.com/kata-containers/kata-containers/main/VERSION) | grep "Not checking runtime" - -echo "Check tag_repos.sh pre-release with invalid information" -./release/tag_repos.sh pre-release 1000000 | grep "ERROR" || true - diff --git a/tools/packaging/release/update-repository-version.sh b/tools/packaging/release/update-repository-version.sh deleted file mode 100755 index d9509dca1a..0000000000 --- a/tools/packaging/release/update-repository-version.sh +++ /dev/null @@ -1,339 +0,0 @@ -#!/usr/bin/env bash -# -# Copyright (c) 2018 Intel Corporation -# -# SPDX-License-Identifier: Apache-2.0 -# - -set -o errexit -set -o nounset -set -o pipefail - -readonly script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" -readonly script_name="$(basename "${BASH_SOURCE[0]}")" - -readonly tmp_dir=$(mktemp -t -d pr-bump.XXXX) -OWNER="${OWNER:-kata-containers}" -readonly organization="$OWNER" -PUSH="false" -GOPATH=${GOPATH:-${HOME}/go} - -source "${script_dir}/../scripts/lib.sh" - -cleanup() { - [ -d "${tmp_dir}" ] && rm -rf "${tmp_dir}" -} - -trap cleanup EXIT - -handle_error() { - local exit_code="${?}" - local line_number="${1:-}" - echo "Failed at $line_number: ${BASH_COMMAND}" - exit "${exit_code}" -} -trap 'handle_error $LINENO' ERR - -get_changes() { - local current_version="$1" - [ -n "${current_version}" ] || die "current version not provided" - - # If for some reason there is not a tag this could fail - # better fail and write the error in the PR - if ! changes=$(git log --oneline "${current_version}..HEAD"); then - echo "failed to get logs" - fi - if [ "${changes}" == "" ]; then - echo "Version bump no changes" - return - fi - - # list all PRs merged from $current_version to HEAD - git log --merges "${current_version}..HEAD" | awk '/Merge pull/{getline; getline;print }' | while read pr; do - echo "- ${pr}" - done - - echo "" - - # list all commits added in this new version. - git log --oneline "${current_version}..HEAD" --no-merges -} - -generate_kata_deploy_commit() { - local new_version="$1" - [ -n "$new_version" ] || die "no new version" - - printf "release: Adapt kata-deploy for %s" "${new_version}" - - printf "\n -kata-deploy files must be adapted to a new release. The cases where it -happens are when the release goes from -> to: -* main -> stable: - * kata-deploy-stable / kata-cleanup-stable: are removed - -* stable -> stable: - * kata-deploy / kata-cleanup: bump the release to the new one. - -There are no changes when doing an alpha release, as the files on the -\"main\" branch always point to the \"latest\" and \"stable\" tags." -} - -generate_revert_kata_deploy_commit() { - local new_version="$1" - [ -n "$new_version" ] || die "no new version" - - printf "release: Revert kata-deploy changes after %s release" "${new_version}" - - printf "\n -As %s has been released, let's switch the kata-deploy / kata-cleanup -tags back to \"latest\", and re-add the kata-deploy-stable and the -kata-cleanup-stable files." "${new_version}" -} - -generate_commit() { - local new_version="$1" - local current_version="$2" - - [ -n "$new_version" ] || die "no new version" - [ -n "$current_version" ] || die "no current version" - - printf "release: Kata Containers %s\n\n" "${new_version}" - - get_changes "$current_version" -} - -bump_repo() { - local repo="${1:-}" - local new_version="${2:-}" - local target_branch="${3:-}" - [ -n "${repo}" ] || die "repository not provided" - [ -n "${new_version}" ] || die "no new version" - [ -n "${target_branch}" ] || die "no target branch" - local remote_repo="${organization}/${repo}" - local remote_github="https://github.com/${remote_repo}.git" - info "Update $repo to version $new_version" - - info "remote: ${remote_github}" - - git clone --quiet "${remote_github}" - - pushd "${repo}" >>/dev/null - - local kata_deploy_dir="tools/packaging/kata-deploy" - local kata_deploy_base="${kata_deploy_dir}/kata-deploy/base" - local kata_cleanup_base="${kata_deploy_dir}/kata-cleanup/base" - local kata_deploy_yaml="${kata_deploy_base}/kata-deploy.yaml" - local kata_cleanup_yaml="${kata_cleanup_base}/kata-cleanup.yaml" - local kata_deploy_stable_yaml="${kata_deploy_base}/kata-deploy-stable.yaml" - local kata_cleanup_stable_yaml="${kata_cleanup_base}/kata-cleanup-stable.yaml" - - local tests_dir="tests" - local kubernetes_tests_dir="${tests_dir}/integration/kubernetes" - local kubernetes_tests_runner="${kubernetes_tests_dir}/gha-run.sh" - local kata_deploy_tests_dir="${tests_dir}/functional/kata-deploy" - local kata_deploy_tests_runner="${kata_deploy_tests_dir}/kata-deploy.bats" - - branch="${new_version}-branch-bump" - git fetch origin "${target_branch}" - git checkout "origin/${target_branch}" -b "${branch}" - - local current_version="$(egrep -v '^(#|$)' ./VERSION)" - - info "Updating VERSION file" - echo "${new_version}" >VERSION - if git diff --exit-code; then - info "${repo} already in version ${new_version}" - return 0 - fi - - if [ "${repo}" == "kata-containers" ]; then - # Here there are 3 scenarios of what we can do, based on - # which branch we're targetting: - # - # 1) [main] ------> [main] NO-OP - # "alpha0" "alpha1" - # - # +----------------+----------------+ - # | from | to | - # -------------------+----------------+----------------+ - # kata-deploy | "latest" | "latest" | - # -------------------+----------------+----------------+ - # kata-deploy-stable | "stable | "stable" | - # -------------------+----------------+----------------+ - # - # - # 2) [main] ------> [stable] Update kata-deploy and - # "alpha2" "rc0" get rid of kata-deploy-stable - # - # +----------------+----------------+ - # | from | to | - # -------------------+----------------+----------------+ - # kata-deploy | "latest" | "latest" | - # -------------------+----------------+----------------+ - # kata-deploy-stable | "stable" | REMOVED | - # -------------------+----------------+----------------+ - # - # - # 3) [stable] ------> [stable] Update kata-deploy - # "x.y.z" "x.y.(z+1)" - # - # +----------------+----------------+ - # | from | to | - # -------------------+----------------+----------------+ - # kata-deploy | "x.y.z" | "x.y.(z+1)" | - # -------------------+----------------+----------------+ - # kata-deploy-stable | NON-EXISTENT | NON-EXISTENT | - # -------------------+----------------+----------------+ - - local registry="quay.io/kata-containers/kata-deploy" - - info "Updating kata-deploy / kata-cleanup image tags" - local version_to_replace="${current_version}" - local replacement="${new_version}" - local need_commit=false - if [ "${target_branch}" == "main" ];then - if [[ "${new_version}" =~ "rc" ]]; then - ## We are bumping from alpha to RC, should drop kata-deploy-stable yamls. - git rm "${kata_deploy_stable_yaml}" - git rm "${kata_cleanup_stable_yaml}" - - need_commit=true - fi - elif [[ ! "${new_version}" =~ "rc" ]]; then - ## We are on a stable branch and creating new stable releases. - ## Need to change kata-deploy / kata-cleanup to use the stable tags. - if [[ "${version_to_replace}" =~ "rc" ]]; then - ## Coming from "rcX" so from the latest tag. - version_to_replace="latest" - fi - sed -i "s#${registry}:${version_to_replace}#${registry}:${replacement}#g" "${kata_deploy_yaml}" - sed -i "s#${registry}:${version_to_replace}#${registry}:${replacement}#g" "${kata_cleanup_yaml}" - - sed -i "s#${registry}:${version_to_replace}#${registry}:${replacement}#g" "${kubernetes_tests_runner}" - sed -i "s#${registry}:${version_to_replace}#${registry}:${replacement}#g" "${kata_deploy_tests_runner}" - - git diff - - git add "${kata_deploy_yaml}" - git add "${kata_cleanup_yaml}" - git add "${kubernetes_tests_runner}" - git add "${kata_deploy_tests_runner}" - - need_commit=true - fi - - if [ "${need_commit}" == "true" ]; then - info "Creating the commit with the kata-deploy changes" - local commit_msg="$(generate_kata_deploy_commit $new_version)" - git commit -s -m "${commit_msg}" - local kata_deploy_commit="$(git rev-parse HEAD)" - fi - fi - - info "Creating PR message" - local pr_title="# Kata Containers ${new_version}" - local notes_file="${tmp_dir}/notes.md" - cat <"${notes_file}" -$(get_changes "$current_version") - -EOF - printf "%s\n\n" "${pr_title}" - cat "${notes_file}" - - if (echo "${current_version}" | grep "alpha") && (echo "${new_version}" | grep -v "alpha");then - info "update move from alpha, check if new version is rc0" - if echo "$new_version" | grep -v "rc0"; then - die "bump should be from alpha to rc0" - fi - info "OK" - fi - - git add VERSION - info "Creating commit with new changes" - commit_msg="$(generate_commit $new_version $current_version)" - git commit -s -m "${commit_msg}" - - if [[ ${PUSH} == "true" ]]; then - get_gh - gh_id=$(${gh_cli} auth status --hostname github.com | awk 'match($0, /Logged in to github.com as ([^ ]+)/, line) { print substr($0, line[1, "start"], line[1, "length"]) }') - info "Forking remote" - ${gh_cli} repo set-default "${remote_repo}" - ${gh_cli} repo fork --remote --remote-name=fork - info "Push to fork" - git push fork -f "${branch}" - info "Create PR" - out="" - out=$(LC_ALL=C LANG=C "${gh_cli}" pr create --base "${target_branch}" --title "${pr_title}" --body-file "${notes_file}" --head "${gh_id}:${branch}" 2>&1) || echo "$out" | grep "already exists" - fi - - if [ "${repo}" == "kata-containers" ] && [ "${target_branch}" == "main" ] && [[ "${new_version}" =~ "rc" ]]; then - reverting_kata_deploy_changes_branch="revert-kata-deploy-changes-after-${new_version}-release" - git checkout -b "${reverting_kata_deploy_changes_branch}" - - git revert --no-edit ${kata_deploy_commit} >>/dev/null - commit_msg="$(generate_revert_kata_deploy_commit $new_version)" - info "Creating the commit message reverting the kata-deploy changes" - git commit --amend -s -m "${commit_msg}" - - pr_title=$(echo "${commit_msg}" | head -1) - echo "${commit_msg}" | tail -n +3 >"${notes_file}" - echo "" >>"${notes_file}" - echo "Only merge this commit after ${new_version} release is successfully tagged!" >>"${notes_file}" - - if [[ ${PUSH} == "true" ]]; then - info "Push \"${reverting_kata_deploy_changes_branch}\" to fork" - git push fork -f "${reverting_kata_deploy_changes_branch}" - info "Create \"${reverting_kata_deploy_changes_branch}\" PR" - out="" - out=$(LC_ALL=C LANG=C "${gh_cli}" pr create --base "${target_branch}" --title "${pr_title}" --body-file "${notes_file}" --head "${gh_id}:${reverting_kata_deploy_changes_branch}" 2>&1) || echo "$out" | grep "already exists" - fi - fi - - popd >>/dev/null -} - -usage() { - exit_code="$1" - cat < -Args: - : New version to bump the repository - : The base branch to create to PR -Example: - ${script_name} 1.10 -Options - -h : Show this help - -p : create a PR -EOF - exit "$exit_code" -} - -repos=( - "kata-containers" -) - -main(){ - while getopts "hp" opt; do - case $opt in - h) usage 0 ;; - p) PUSH="true" ;; - esac - done - - shift $((OPTIND - 1)) - - - new_version="${1:-}" - target_branch="${2:-}" - [ -n "${new_version}" ] || { echo "ERROR: no new version" && usage 1; } - [ -n "${target_branch}" ] || die "no target branch" - for repo in "${repos[@]}" - do - pushd "$tmp_dir" >>/dev/null - bump_repo "${repo}" "${new_version}" "${target_branch}" - popd >>/dev/null - done - -} -main $@ diff --git a/tools/packaging/release/update-repository-version_test.sh b/tools/packaging/release/update-repository-version_test.sh deleted file mode 100755 index 2274541bb5..0000000000 --- a/tools/packaging/release/update-repository-version_test.sh +++ /dev/null @@ -1,54 +0,0 @@ -#!/usr/bin/env bash -# -#Copyright (c) 2018 Intel Corporation -# -#SPDX-License-Identifier: Apache-2.0 -# - -set -o errexit -set -o nounset -set -o pipefail - -readonly script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" -out="" - -handle_error() { - echo "not ok" - echo "output: ${out}" -} - -OK() { - echo "ok" -} -output_should_contain() { - local output="$1" - local text_to_find="$2" - [ -n "$output" ] - [ -n "$text_to_find" ] - echo "${output}" | grep "${text_to_find}" -} - -trap handle_error ERR - -echo "Missing args show help" -out=$("${script_dir}/update-repository-version.sh" 2>&1) || (($? != 0)) -echo "${out}" | grep Usage >>/dev/null -output_should_contain "${out}" "Usage" -OK - -echo "Missing version show help" -out=$("${script_dir}/update-repository-version.sh" 2>&1) || (($? != 0)) -echo "${out}" | grep Usage >>/dev/null -echo "${out}" | grep "no new version" >>/dev/null -OK - -echo "help option" -out=$("${script_dir}/update-repository-version.sh" -h) -output_should_contain "${out}" "Usage" -OK - -echo "Local update version update should work" -new_version="50.0.0-rc0" -out=$("${script_dir}/update-repository-version.sh" "${new_version}" "main" 2>&1) -output_should_contain "${out}" "release: Kata Containers ${new_version}" -OK