From fb2ef32c04f6609e358de75b1aeca57554ac1fcd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Fri, 23 Feb 2024 17:20:04 +0100 Subject: [PATCH 01/16] release: Introduce the release.sh helper MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit For now this script does nothing, but we're introducing it in order to redduce the diffs for the next commits in this series. My intention is to have as much as possible related to the release as part of this helper script, and it'll be populated function by function while replacing content that's "hard coded" (and duplicated) on different GitHub actions. Signed-off-by: Fabiano Fidêncio --- tools/packaging/release/release.sh | 39 ++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100755 tools/packaging/release/release.sh diff --git a/tools/packaging/release/release.sh b/tools/packaging/release/release.sh new file mode 100755 index 0000000000..a2356d674a --- /dev/null +++ b/tools/packaging/release/release.sh @@ -0,0 +1,39 @@ +#!/usr/bin/env bash +# +# Copyright (c) 2024 Intel Corporation +# +# SPDX-License-Identifier: Apache-2.0 +# + +set -o errexit +set -o nounset +set -o pipefail +set -o errtrace + +[ -n "${DEBUG:-}" ] && set -o xtrace + +this_script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +repo_root_dir="$(cd "$this_script_dir/../../../" && pwd)" + +function _die() +{ + echo >&2 "ERROR: $*" + exit 1 +} + +function _info() +{ + echo "INFO: $*" +} + +function main() +{ + action="${1:-}" + _info "DO NOT USE this script, it does nothing!" + + case "${action}" in + *) >&2 _die "Invalid argument" ;; + esac +} + +main "$@" From a45988766cface57fb0d78f0f6d0b9ec3dcbf979 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Fri, 23 Feb 2024 17:54:03 +0100 Subject: [PATCH 02/16] release: Add _publish_multiarch_manifest() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This function, as it names says, will be used to publish multiarch manifests for the Kata Containers CI and Kata Containers releases. Signed-off-by: Fabiano Fidêncio --- .github/workflows/payload-after-push.yaml | 10 +++---- .github/workflows/release.yaml | 26 ++++------------ tools/packaging/release/release.sh | 36 +++++++++++++++++++++-- 3 files changed, 43 insertions(+), 29 deletions(-) diff --git a/.github/workflows/payload-after-push.yaml b/.github/workflows/payload-after-push.yaml index 7f8d32fb5d..cb0ecdef33 100644 --- a/.github/workflows/payload-after-push.yaml +++ b/.github/workflows/payload-after-push.yaml @@ -103,9 +103,7 @@ jobs: - name: Push multi-arch manifest run: | - docker manifest create quay.io/kata-containers/kata-deploy-ci:kata-containers-latest \ - --amend quay.io/kata-containers/kata-deploy-ci:kata-containers-amd64 \ - --amend quay.io/kata-containers/kata-deploy-ci:kata-containers-arm64 \ - --amend quay.io/kata-containers/kata-deploy-ci:kata-containers-s390x \ - --amend quay.io/kata-containers/kata-deploy-ci:kata-containers-ppc64le - docker manifest push quay.io/kata-containers/kata-deploy-ci:kata-containers-latest + ./tools/packaging/release/release.sh publish-multiarch-manifest + env: + KATA_DEPLOY_IMAGE_TAGS="kata-containers-latest" + KATA_DEPLOY_REGISTRIES="quay.io/kata-containers/kata-deploy-ci" diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 39360b14c1..9a1248accc 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -55,27 +55,13 @@ jobs: - name: Push multi-arch manifest run: | - # tag the container image we created and push to DockerHub - tag=$(echo $GITHUB_REF | cut -d/ -f3-) - tags=($tag) - tags+=($([[ "$tag" =~ "alpha"|"rc" ]] && echo "latest" || echo "stable")) - # push to quay.io and docker.io - for tag in ${tags[@]}; do - docker manifest create quay.io/kata-containers/kata-deploy:${tag} \ - --amend quay.io/kata-containers/kata-deploy:${tag}-amd64 \ - --amend quay.io/kata-containers/kata-deploy:${tag}-arm64 \ - --amend quay.io/kata-containers/kata-deploy:${tag}-s390x \ - --amend quay.io/kata-containers/kata-deploy:${tag}-ppc64le + tags="$(echo $GITHUB_REF | cut -d/ -f3-)" + tags+=" $([[ \"${tag}\" =~ \"alpha\"|\"rc\" ]] && echo \"latest\" || echo \"stable\"))" + echo "KATA_DEPLOY_IMAGE_TAGS=\"${tags}\"" >> "$GITHUB_ENV" - docker manifest create docker.io/katadocker/kata-deploy:${tag} \ - --amend docker.io/katadocker/kata-deploy:${tag}-amd64 \ - --amend docker.io/katadocker/kata-deploy:${tag}-arm64 \ - --amend docker.io/katadocker/kata-deploy:${tag}-s390x \ - --amend docker.io/katadocker/kata-deploy:${tag}-ppc64le - - docker manifest push quay.io/kata-containers/kata-deploy:${tag} - docker manifest push docker.io/katadocker/kata-deploy:${tag} - done + ./tools/packaging/release/release.sh publish-multiarch-manifest + env: + KATA_DEPLOY_REGISTRIES: "quay.io/kata-containers/kata-deploy docker.io/katadocker/kata-deploy" upload-multi-arch-static-tarball: needs: publish-multi-arch-images diff --git a/tools/packaging/release/release.sh b/tools/packaging/release/release.sh index a2356d674a..86707bdf59 100755 --- a/tools/packaging/release/release.sh +++ b/tools/packaging/release/release.sh @@ -15,23 +15,53 @@ set -o errtrace this_script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" repo_root_dir="$(cd "$this_script_dir/../../../" && pwd)" +IFS=' ' read -a IMAGE_TAGS <<< "${KATA_DEPLOY_IMAGE_TAGS:-}" +IFS=' ' read -a REGISTRIES <<< "${KATA_DEPLOY_REGISTRIES:-}" + function _die() { echo >&2 "ERROR: $*" exit 1 } -function _info() +function _check_required_env_var() { - echo "INFO: $*" + local env_var + + case ${1} in + KATA_DEPLOY_IMAGE_TAGS) env_var="${KATA_DEPLOY_IMAGE_TAGS}" ;; + KATA_DEPLOY_REGISTRIES) env_var="${KATA_DEPLOY_REGISTRIES}" ;; + *) >&2 _die "Invalid environment variable \"${1}\"" ;; + esac + + [ -z "${env_var}" ] && \ + _die "\"${1}\" environment variable is required but was not set" +} + +function _publish_multiarch_manifest() +{ + _check_required_env_var "KATA_DEPLOY_IMAGE_TAGS" + _check_required_env_var "KATA_DEPLOY_REGISTRIES" + + for registry in ${REGISTRIES[@]}; do + for tag in ${IMAGE_TAGS[@]}; do + docker manifest create ${registry}:${tag} \ + --amend ${registry}:${tag}-amd64 \ + --amend ${registry}:${tag}-arm64 \ + --amend ${registry}:${tag}-s390x \ + --amend ${registry}:${tag}-ppc64le + + docker manifest push ${registry}:${tag} + done + done } function main() { action="${1:-}" - _info "DO NOT USE this script, it does nothing!" case "${action}" in + publish-multiarch-manifest) _publish_multiarch_manifest ;; *) >&2 _die "Invalid argument" ;; esac } From 50011e89a0a47cfc639394f826cf3d1769a011e0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Fri, 23 Feb 2024 18:07:05 +0100 Subject: [PATCH 03/16] release: Add _upload_kata_static_tarball MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This function, as it names says, will be used to upload the kata-static.tar.xz tarballs generated during the release process. Signed-off-by: Fabiano Fidêncio --- .github/workflows/release.yaml | 49 +++++++++++++----------------- tools/packaging/release/release.sh | 19 ++++++++++++ 2 files changed, 40 insertions(+), 28 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 9a1248accc..3ff8d72d49 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -69,19 +69,21 @@ jobs: steps: - uses: actions/checkout@v4 + - name: Set KATA_STATIC_TARBALL env var + run: | + tarball=$(pwd)/kata-static.tar.xz + echo "KATA_STATIC_TARBALL=${tarball}" >> "$GITHUB_ENV" + - name: download-artifacts-amd64 uses: actions/download-artifact@v3 with: name: kata-static-tarball-amd64 - name: push amd64 static tarball to github run: | - tag=$(echo $GITHUB_REF | cut -d/ -f3-) - tarball="kata-static-$tag-amd64.tar.xz" - mv kata-static.tar.xz "$GITHUB_WORKSPACE/${tarball}" - pushd $GITHUB_WORKSPACE - echo "uploading asset '${tarball}' for tag: ${tag}" - GITHUB_TOKEN=${{ secrets.GIT_UPLOAD_TOKEN }} gh release upload "${tag}" "${tarball}" - popd + ./tools/packaging/release/release.sh upload-kata-static-tarball + env: + GH_TOKEN: ${{ github.token }} + ARCHITECTURE: amd64 - name: download-artifacts-arm64 uses: actions/download-artifact@v3 @@ -89,13 +91,10 @@ jobs: name: kata-static-tarball-arm64 - name: push arm64 static tarball to github run: | - tag=$(echo $GITHUB_REF | cut -d/ -f3-) - tarball="kata-static-$tag-arm64.tar.xz" - mv kata-static.tar.xz "$GITHUB_WORKSPACE/${tarball}" - pushd $GITHUB_WORKSPACE - echo "uploading asset '${tarball}' for tag: ${tag}" - GITHUB_TOKEN=${{ secrets.GIT_UPLOAD_TOKEN }} gh release upload "${tag}" "${tarball}" - popd + ./tools/packaging/release/release.sh upload-kata-static-tarball + env: + GH_TOKEN: ${{ github.token }} + ARCHITECTURE: arm4 - name: download-artifacts-s390x uses: actions/download-artifact@v3 @@ -103,13 +102,10 @@ jobs: name: kata-static-tarball-s390x - name: push s390x static tarball to github run: | - tag=$(echo $GITHUB_REF | cut -d/ -f3-) - tarball="kata-static-$tag-s390x.tar.xz" - mv kata-static.tar.xz "$GITHUB_WORKSPACE/${tarball}" - pushd $GITHUB_WORKSPACE - echo "uploading asset '${tarball}' for tag: ${tag}" - GITHUB_TOKEN=${{ secrets.GIT_UPLOAD_TOKEN }} gh release upload "${tag}" "${tarball}" - popd + ./tools/packaging/release/release.sh upload-kata-static-tarball + env: + GH_TOKEN: ${{ github.token }} + ARCHITECTURE: s390x - name: download-artifacts-ppc64le uses: actions/download-artifact@v3 @@ -117,13 +113,10 @@ jobs: name: kata-static-tarball-ppc64le - name: push ppc64le static tarball to github run: | - tag=$(echo $GITHUB_REF | cut -d/ -f3-) - tarball="kata-static-$tag-ppc64le.tar.xz" - mv kata-static.tar.xz "$GITHUB_WORKSPACE/${tarball}" - pushd $GITHUB_WORKSPACE - echo "uploading asset '${tarball}' for tag: ${tag}" - GITHUB_TOKEN=${{ secrets.GIT_UPLOAD_TOKEN }} hub release edit -m "" -a "${tarball}" "${tag}" - popd + ./tools/packaging/release/release.sh upload-kata-static-tarball + env: + GH_TOKEN: ${{ github.token }} + ARCHITECTURE: ppc64le upload-versions-yaml: runs-on: ubuntu-latest diff --git a/tools/packaging/release/release.sh b/tools/packaging/release/release.sh index 86707bdf59..21d3fab362 100755 --- a/tools/packaging/release/release.sh +++ b/tools/packaging/release/release.sh @@ -17,6 +17,10 @@ repo_root_dir="$(cd "$this_script_dir/../../../" && pwd)" IFS=' ' read -a IMAGE_TAGS <<< "${KATA_DEPLOY_IMAGE_TAGS:-}" IFS=' ' read -a REGISTRIES <<< "${KATA_DEPLOY_REGISTRIES:-}" +GH_TOKEN="${GH_TOKEN:-}" +ARCHITECTURE="${ARCHITECURE:-}" +KATA_STATIC_TARBALL="${KATA_STATIC_TARBALL:-}" +RELEASE_VERSION="${RELEASE_VERSION:-}" function _die() { @@ -56,12 +60,27 @@ function _publish_multiarch_manifest() done } +function _upload_kata_static_tarball() +{ + _check_required_env_var "GH_TOKEN" + _check_required_env_var "ARCHITECTURE" + _check_required_env_var "KATA_STATIC_TARBALL" + + [ -z "${RELEASE_VERSION}" ] && RELEASE_VERSION=$(cat "${repo_root_dir}/VERSION") + + new_tarball_name="kata-static-${RELEASE_VERSION}-${ARCHITECTURE}.tar.xz" + mv ${KATA_STATIC_TARBALL} "${new_tarball_name}" + echo "uploading asset '${new_tarball_name}' (${ARCHITECTURE}) for tag: ${RELEASE_VERSION}" + gh release upload "${RELEASE_VERSION}" "${new_tarball_name}" +} + function main() { action="${1:-}" case "${action}" in publish-multiarch-manifest) _publish_multiarch_manifest ;; + upload-kata-static-tarball) _upload_kata_static_tarball ;; *) >&2 _die "Invalid argument" ;; esac } From 94b30fcb14797bbae46001ee3e3fc31bffdf811d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Fri, 23 Feb 2024 18:36:48 +0100 Subject: [PATCH 04/16] release: Add _upload_versions_yaml_file() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As the name says, this function will be used to upload the versions.yaml file during a given release process of the project. Signed-off-by: Fabiano Fidêncio --- .github/workflows/release.yaml | 11 +++-------- tools/packaging/release/release.sh | 10 ++++++++++ 2 files changed, 13 insertions(+), 8 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 3ff8d72d49..1e41d4a545 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -123,15 +123,10 @@ jobs: steps: - uses: actions/checkout@v4 - name: upload versions.yaml - env: - GITHUB_TOKEN: ${{ secrets.GIT_UPLOAD_TOKEN }} run: | - tag=$(echo $GITHUB_REF | cut -d/ -f3-) - pushd $GITHUB_WORKSPACE - versions_file="kata-containers-$tag-versions.yaml" - cp versions.yaml ${versions_file} - gh release upload "${tag}" "${versions_file}" - popd + ./tools/packaging/release/release.sh upload-versions-yaml-file + env: + GH_TOKEN: ${{ github.token }} upload-cargo-vendored-tarball: needs: upload-multi-arch-static-tarball diff --git a/tools/packaging/release/release.sh b/tools/packaging/release/release.sh index 21d3fab362..93cc410d58 100755 --- a/tools/packaging/release/release.sh +++ b/tools/packaging/release/release.sh @@ -74,6 +74,15 @@ function _upload_kata_static_tarball() gh release upload "${RELEASE_VERSION}" "${new_tarball_name}" } +function _upload_versions_yaml_file() +{ + [ -z "${RELEASE_VERSION}" ] && RELEASE_VERSION=$(cat "${repo_root_dir}/VERSION") + + versions_file="kata-containers-${RELEASE_VERSION}-versions.yaml" + cp "${repo_root_dir}/versions.yaml" ${versions_file} + gh release upload "${RELEASE_VERSION}" "${versions_file}" +} + function main() { action="${1:-}" @@ -81,6 +90,7 @@ function main() case "${action}" in publish-multiarch-manifest) _publish_multiarch_manifest ;; upload-kata-static-tarball) _upload_kata_static_tarball ;; + upload-versions-yaml-file) _upload_versions_yaml_file ;; *) >&2 _die "Invalid argument" ;; esac } From d517fa54ac4bdcee515bda2b7894c5c84b21dfbb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Fri, 23 Feb 2024 18:39:12 +0100 Subject: [PATCH 05/16] release: Add _upload_vendored_code_tarball() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As hinted by the name of the function, this is used to generate and upload the vendored code we have as its own tarball. Signed-off-by: Fabiano Fidêncio --- .github/workflows/release.yaml | 9 +++------ tools/packaging/release/release.sh | 12 ++++++++++++ 2 files changed, 15 insertions(+), 6 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 1e41d4a545..d88d70dbbf 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -135,12 +135,9 @@ jobs: - uses: actions/checkout@v4 - name: generate-and-upload-tarball run: | - tag=$(echo $GITHUB_REF | cut -d/ -f3-) - tarball="kata-containers-$tag-vendor.tar.gz" - pushd $GITHUB_WORKSPACE - bash -c "tools/packaging/release/generate_vendor.sh ${tarball}" - GITHUB_TOKEN=${{ secrets.GIT_UPLOAD_TOKEN }} gh release upload "${tag}" "${tarball}" - popd + ./tools/packaging/release/release.sh upload-vendored-code-tarball + env: + GH_TOKEN: ${{ github.token }} upload-libseccomp-tarball: needs: upload-cargo-vendored-tarball diff --git a/tools/packaging/release/release.sh b/tools/packaging/release/release.sh index 93cc410d58..ea13ec7a93 100755 --- a/tools/packaging/release/release.sh +++ b/tools/packaging/release/release.sh @@ -83,6 +83,17 @@ function _upload_versions_yaml_file() gh release upload "${RELEASE_VERSION}" "${versions_file}" } +function _upload_vendored_code_tarball() +{ + _check_required_env_var "GH_TOKEN" + + [ -z "${RELEASE_VERSION}" ] && RELEASE_VERSION=$(cat "${repo_root_dir}/VERSION") + + vendored_code_tarball="kata-containers-${RELEASE_VERSION}-vendor.tar.gz" + bash -c "${repo_root_dir}/tools/packaging/release/generate_vendor.sh ${vendored_code_tarball}" + gh release upload "${RELEASE_VERSION}" "${vendored_code_tarball}" +} + function main() { action="${1:-}" @@ -91,6 +102,7 @@ function main() publish-multiarch-manifest) _publish_multiarch_manifest ;; upload-kata-static-tarball) _upload_kata_static_tarball ;; upload-versions-yaml-file) _upload_versions_yaml_file ;; + upload-vendored-code-tarball) _upload_vendored_code_tarball ;; *) >&2 _die "Invalid argument" ;; esac } From fd699625febb5f40af2742a30b38e90a6d8e87d9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Fri, 23 Feb 2024 20:01:23 +0100 Subject: [PATCH 06/16] release: Add _upload_libseccomp_tarball() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As the name of the function says, it's responsible for uploading the libseccomp source tarballs as par of our release process. Signed-off-by: Fabiano Fidêncio --- .github/workflows/release.yaml | 20 +++----------------- tools/packaging/release/release.sh | 21 +++++++++++++++++++++ 2 files changed, 24 insertions(+), 17 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index d88d70dbbf..bfe6202728 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -145,21 +145,7 @@ jobs: steps: - uses: actions/checkout@v4 - name: download-and-upload-tarball - env: - GITHUB_TOKEN: ${{ secrets.GIT_UPLOAD_TOKEN }} - GOPATH: ${HOME}/go run: | - pushd $GITHUB_WORKSPACE - ./ci/install_yq.sh - tag=$(echo $GITHUB_REF | cut -d/ -f3-) - versions_yaml="versions.yaml" - version=$(${GOPATH}/bin/yq read ${versions_yaml} "externals.libseccomp.version") - repo_url=$(${GOPATH}/bin/yq read ${versions_yaml} "externals.libseccomp.url") - download_url="${repo_url}/releases/download/v${version}" - tarball="libseccomp-${version}.tar.gz" - asc="${tarball}.asc" - curl -sSLO "${download_url}/${tarball}" - curl -sSLO "${download_url}/${asc}" - gh release upload "${tag}" "${tarball}" - gh release upload "${tag}" "${asc}" - popd + ./tools/packaging/release/release.sh upload-libseccomp-tarball + env: + GH_TOKEN: ${{ github.token }} diff --git a/tools/packaging/release/release.sh b/tools/packaging/release/release.sh index ea13ec7a93..b4ccb4fcae 100755 --- a/tools/packaging/release/release.sh +++ b/tools/packaging/release/release.sh @@ -94,6 +94,26 @@ function _upload_vendored_code_tarball() gh release upload "${RELEASE_VERSION}" "${vendored_code_tarball}" } +function _upload_libseccomp_tarball() +{ + _check_required_env_var "GH_TOKEN" + + [ -z "${RELEASE_VERSION}" ] && RELEASE_VERSION=$(cat "${repo_root_dir}/VERSION") + + INSTALL_IN_GO_PATH=false ${repo_root_dir}/ci/install_yq.sh + + versions_yaml="versions.yaml" + version=$(/usr/local/bin/yq read ${versions_yaml} "externals.libseccomp.version") + repo_url=$(/usr/local/bin/yq read ${versions_yaml} "externals.libseccomp.url") + download_url="${repo_url}releases/download/v${version}" + tarball="libseccomp-${version}.tar.gz" + asc="${tarball}.asc" + curl -sSLO "${download_url}/${tarball}" + curl -sSLO "${download_url}/${asc}" + gh release upload "${RELEASE_VERSION}" "${tarball}" + gh release upload "${RELEASE_VERSIOB}" "${asc}" +} + function main() { action="${1:-}" @@ -103,6 +123,7 @@ function main() upload-kata-static-tarball) _upload_kata_static_tarball ;; upload-versions-yaml-file) _upload_versions_yaml_file ;; upload-vendored-code-tarball) _upload_vendored_code_tarball ;; + upload-libseccomp-tarball) _upload_libseccomp_tarball ;; *) >&2 _die "Invalid argument" ;; esac } From a99f9026e114e13abe0d540045836347ee216082 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Fri, 23 Feb 2024 20:10:34 +0100 Subject: [PATCH 07/16] release: Add _create_new_release() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This is a helper function that will be used to create a new release as part of our release process workflow (which will still be modified). Signed-off-by: Fabiano Fidêncio --- tools/packaging/release/release.sh | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/tools/packaging/release/release.sh b/tools/packaging/release/release.sh index b4ccb4fcae..474fdad7a0 100755 --- a/tools/packaging/release/release.sh +++ b/tools/packaging/release/release.sh @@ -42,6 +42,14 @@ function _check_required_env_var() _die "\"${1}\" environment variable is required but was not set" } +function _create_new_release() +{ + _check_required_env_var "RELEASE_VERSION" + _check_required_env_var "GH_TOKEN" + + gh release create ${RELEASE_VERSION} --generate-notes --title "Kata Containers ${RELEASE_VERSION}" +} + function _publish_multiarch_manifest() { _check_required_env_var "KATA_DEPLOY_IMAGE_TAGS" @@ -120,6 +128,7 @@ function main() case "${action}" in publish-multiarch-manifest) _publish_multiarch_manifest ;; + create-new-release) _create_new_release ;; upload-kata-static-tarball) _upload_kata_static_tarball ;; upload-versions-yaml-file) _upload_versions_yaml_file ;; upload-vendored-code-tarball) _upload_vendored_code_tarball ;; From 4675364d8d2ffcf2a68619dc703c97363618b89b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Fri, 23 Feb 2024 20:12:05 +0100 Subject: [PATCH 08/16] release: Add _update_version_file() function MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Let's add a function that will be responsible for bumping the project's version in the VERSION file, and push it to the branch as part of the release process that will be introduced. Signed-off-by: Fabiano Fidêncio --- tools/packaging/release/release.sh | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/tools/packaging/release/release.sh b/tools/packaging/release/release.sh index 474fdad7a0..298ae7c4f9 100755 --- a/tools/packaging/release/release.sh +++ b/tools/packaging/release/release.sh @@ -42,6 +42,20 @@ function _check_required_env_var() _die "\"${1}\" environment variable is required but was not set" } +function _update_version_file() +{ + _check_required_env_var "RELEASE_VERSION" + + git config user.email "katacontainersbot@gmail.com" + git config user.name "Kata Containers Bot" + + echo "${RELEASE_VERSION}" > "${repo_root_dir}/VERSION" + git diff + git add "${repo_root_dir}/VERSION" + git commit -s -m "release: Kata Containers ${RELEASE_VERSION}" + git push +} + function _create_new_release() { _check_required_env_var "RELEASE_VERSION" @@ -128,6 +142,7 @@ function main() case "${action}" in publish-multiarch-manifest) _publish_multiarch_manifest ;; + update-version-file) _update_version_file ;; create-new-release) _create_new_release ;; upload-kata-static-tarball) _upload_kata_static_tarball ;; upload-versions-yaml-file) _upload_versions_yaml_file ;; From f0675a163a4f3fd358bd6d10198cb118ef632527 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Fri, 23 Feb 2024 20:13:53 +0100 Subject: [PATCH 09/16] release: Add _next_release_version() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This function returns the version of the next release (the one about to be cut), and it'll be used as part of our new workflow that will take care of the release. Signed-off-by: Fabiano Fidêncio --- tools/packaging/release/release.sh | 38 ++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/tools/packaging/release/release.sh b/tools/packaging/release/release.sh index 298ae7c4f9..829317a0be 100755 --- a/tools/packaging/release/release.sh +++ b/tools/packaging/release/release.sh @@ -21,6 +21,7 @@ GH_TOKEN="${GH_TOKEN:-}" ARCHITECTURE="${ARCHITECURE:-}" KATA_STATIC_TARBALL="${KATA_STATIC_TARBALL:-}" RELEASE_VERSION="${RELEASE_VERSION:-}" +RELEASE_TYPE="${RELEASE_TYPE:-minor}" function _die() { @@ -42,6 +43,42 @@ function _check_required_env_var() _die "\"${1}\" environment variable is required but was not set" } +function _next_release_version() +{ + local current_release=$(cat "${repo_root_dir}/VERSION") + local current_major + local current_everything_else + local next_major + local next_minor + + IFS="." read current_major current_minor current_everything_else <<< ${current_release} + + case ${RELEASE_TYPE} in + major) + next_major=$(expr $current_major + 1) + next_minor=0 + ;; + minor) + next_major=${current_major} + # TODO: As we're moving from an alpha release to the + # new scheme, this check is needed for the very first + # release, after that it can be dropped and only the + # else part can be kept. + if grep -qE "alpha|rc" <<< ${current_everything_else}; then + next_minor=${current_minor} + else + next_minor=$(expr $current_minor + 1) + fi + ;; + *) + _die "${RELEASE_TYPE} is not a valid release type, it must be: major or minor" + ;; + esac + + next_release_number="${next_major}.${next_minor}.0" + echo "${next_release_number}" +} + function _update_version_file() { _check_required_env_var "RELEASE_VERSION" @@ -143,6 +180,7 @@ function main() case "${action}" in publish-multiarch-manifest) _publish_multiarch_manifest ;; update-version-file) _update_version_file ;; + next-release-version) _next_release_version;; create-new-release) _create_new_release ;; upload-kata-static-tarball) _upload_kata_static_tarball ;; upload-versions-yaml-file) _upload_versions_yaml_file ;; From f9f04dca2b169e48abc9637ee33acc72443f4f38 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Fri, 23 Feb 2024 20:18:14 +0100 Subject: [PATCH 10/16] gha: release: Update the workflow MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The release workflow is now updated to be a `workflow_call`, and it includes the steps that had to be manually done in the past, such as updating the needed files and creating the release itself. While on this, the kata-deploy multiarch manifest tags have been updated to match the new release scheme. Signed-off-by: Fabiano Fidêncio --- .github/workflows/release.yaml | 42 ++++++++++++++++++++++++++-------- 1 file changed, 32 insertions(+), 10 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index bfe6202728..e54c356f2b 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -1,14 +1,37 @@ -name: Publish Kata release artifacts +name: Release Kata Containers on: - push: - tags: - - '[0-9]+.[0-9]+.[0-9]+*' - -concurrency: - group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} - cancel-in-progress: true + workflow_call: + inputs: + release-type: + required: true + type: string jobs: + release: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Get the new release version + run: | + release_version=$(./tools/packaging/release/release.sh next-release-version) + echo "RELEASE_VERSION=$release_version" >> "$GITHUB_ENV" + env: + RELEASE_TYPE: ${{ inputs.release-type }} + + - name: Update VERSION file + run: | + ./tools/packaging/release/release.sh update-version-file + + - name: Create a new release + run: | + ./tools/packaging/release/release.sh create-new-release + env: + GH_TOKEN: ${{ github.token }} + build-and-push-assets-amd64: uses: ./.github/workflows/release-amd64.yaml with: @@ -55,8 +78,7 @@ jobs: - name: Push multi-arch manifest run: | - tags="$(echo $GITHUB_REF | cut -d/ -f3-)" - tags+=" $([[ \"${tag}\" =~ \"alpha\"|\"rc\" ]] && echo \"latest\" || echo \"stable\"))" + tags="$(cat VERSION) latest" echo "KATA_DEPLOY_IMAGE_TAGS=\"${tags}\"" >> "$GITHUB_ENV" ./tools/packaging/release/release.sh publish-multiarch-manifest From 008293f0156d06cc2a3858b558e135c265b95d37 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Fri, 23 Feb 2024 20:52:13 +0100 Subject: [PATCH 11/16] gha: Add release-{major,minor} workflows MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Those will allow us to cut a release just by a single click, instead of the current process we have. Fixes: #9064 -- part I Signed-off-by: Fabiano Fidêncio --- .github/workflows/release-major.yaml | 10 ++++++++++ .github/workflows/release-minor.yaml | 10 ++++++++++ 2 files changed, 20 insertions(+) create mode 100644 .github/workflows/release-major.yaml create mode 100644 .github/workflows/release-minor.yaml diff --git a/.github/workflows/release-major.yaml b/.github/workflows/release-major.yaml new file mode 100644 index 0000000000..6cdc71cb2e --- /dev/null +++ b/.github/workflows/release-major.yaml @@ -0,0 +1,10 @@ +name: Major Release +on: + workflow_dispatch + +jobs: + major-release: + uses: ./.github/workflows/release.yaml + with: + release-type: major + secrets: inherit \ No newline at end of file diff --git a/.github/workflows/release-minor.yaml b/.github/workflows/release-minor.yaml new file mode 100644 index 0000000000..9b285d03c8 --- /dev/null +++ b/.github/workflows/release-minor.yaml @@ -0,0 +1,10 @@ +name: Minor Release +on: + workflow_dispatch + +jobs: + minor-release: + uses: ./.github/workflows/release.yaml + with: + release-type: minor + secrets: inherit \ No newline at end of file From 3229c777e7b6ebcf998956b722314cc69f82d31f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Thu, 22 Feb 2024 13:26:08 +0100 Subject: [PATCH 12/16] kata-deploy: Remove "stable" yamls MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As we're not maintaining a stable branch anymore, let's get rid of the kata-deploy stable pieces. Signed-off-by: Fabiano Fidêncio --- .../base/kata-cleanup-stable.yaml | 45 ------------ .../kata-deploy/base/kata-deploy-stable.yaml | 70 ------------------- .../overlays/stable/env_stable_conf.yaml | 13 ---- .../overlays/stable/kustomization.yaml | 11 --- 4 files changed, 139 deletions(-) delete mode 100644 tools/packaging/kata-deploy/kata-cleanup/base/kata-cleanup-stable.yaml delete mode 100644 tools/packaging/kata-deploy/kata-deploy/base/kata-deploy-stable.yaml delete mode 100644 tools/packaging/kata-deploy/kata-deploy/overlays/stable/env_stable_conf.yaml delete mode 100644 tools/packaging/kata-deploy/kata-deploy/overlays/stable/kustomization.yaml diff --git a/tools/packaging/kata-deploy/kata-cleanup/base/kata-cleanup-stable.yaml b/tools/packaging/kata-deploy/kata-cleanup/base/kata-cleanup-stable.yaml deleted file mode 100644 index a36ea3b9c7..0000000000 --- a/tools/packaging/kata-deploy/kata-cleanup/base/kata-cleanup-stable.yaml +++ /dev/null @@ -1,45 +0,0 @@ ---- -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: kubelet-kata-cleanup - namespace: kube-system -spec: - selector: - matchLabels: - name: kubelet-kata-cleanup - template: - metadata: - labels: - name: kubelet-kata-cleanup - spec: - serviceAccountName: kata-deploy-sa - hostPID: true - nodeSelector: - katacontainers.io/kata-runtime: cleanup - containers: - - name: kube-kata-cleanup - image: quay.io/kata-containers/kata-deploy:stable - imagePullPolicy: Always - command: ["bash", "-c", "/opt/kata-artifacts/scripts/kata-deploy.sh reset"] - env: - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - name: DEBUG - value: "false" - - name: SHIMS - value: "clh dragonball fc qemu-nvidia-gpu qemu-sev qemu-snp qemu-tdx qemu" - - name: DEFAULT_SHIM - value: "qemu" - - name: CREATE_RUNTIMECLASSES - value: "false" - - name: CREATE_DEFAULT_RUNTIMECLASS - value: "false" - securityContext: - privileged: true - updateStrategy: - rollingUpdate: - maxUnavailable: 1 - type: RollingUpdate diff --git a/tools/packaging/kata-deploy/kata-deploy/base/kata-deploy-stable.yaml b/tools/packaging/kata-deploy/kata-deploy/base/kata-deploy-stable.yaml deleted file mode 100644 index cf78b8e5c7..0000000000 --- a/tools/packaging/kata-deploy/kata-deploy/base/kata-deploy-stable.yaml +++ /dev/null @@ -1,70 +0,0 @@ ---- -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: kata-deploy - namespace: kube-system -spec: - selector: - matchLabels: - name: kata-deploy - template: - metadata: - labels: - name: kata-deploy - spec: - serviceAccountName: kata-deploy-sa - hostPID: true - containers: - - name: kube-kata - image: quay.io/kata-containers/kata-deploy:stable - imagePullPolicy: Always - lifecycle: - preStop: - exec: - command: ["bash", "-c", "/opt/kata-artifacts/scripts/kata-deploy.sh cleanup"] - command: ["bash", "-c", "/opt/kata-artifacts/scripts/kata-deploy.sh install"] - env: - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - name: DEBUG - value: "false" - - name: SHIMS - value: "clh cloud-hypervisor dragonball fc qemu qemu-nvidia-gpu qemu-sev qemu-snp qemu-tdx" - - name: DEFAULT_SHIM - value: "qemu" - - name: CREATE_RUNTIMECLASSES - value: "false" - - name: CREATE_DEFAULT_RUNTIMECLASS - value: "false" - securityContext: - privileged: true - volumeMounts: - - name: crio-conf - mountPath: /etc/crio/ - - name: containerd-conf - mountPath: /etc/containerd/ - - name: kata-artifacts - mountPath: /opt/kata/ - - name: local-bin - mountPath: /usr/local/bin/ - volumes: - - name: crio-conf - hostPath: - path: /etc/crio/ - - name: containerd-conf - hostPath: - path: /etc/containerd/ - - name: kata-artifacts - hostPath: - path: /opt/kata/ - type: DirectoryOrCreate - - name: local-bin - hostPath: - path: /usr/local/bin/ - updateStrategy: - rollingUpdate: - maxUnavailable: 1 - type: RollingUpdate diff --git a/tools/packaging/kata-deploy/kata-deploy/overlays/stable/env_stable_conf.yaml b/tools/packaging/kata-deploy/kata-deploy/overlays/stable/env_stable_conf.yaml deleted file mode 100644 index 6f14f28842..0000000000 --- a/tools/packaging/kata-deploy/kata-deploy/overlays/stable/env_stable_conf.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: kata-deploy - namespace: kube-system -spec: - template: - spec: - containers: - - name: kube-kata - env: - - name: SHIMS - value: "clh cloud-hypervisor dragonball fc qemu qemu-nvidia-gpu qemu-sev qemu-snp qemu-tdx" diff --git a/tools/packaging/kata-deploy/kata-deploy/overlays/stable/kustomization.yaml b/tools/packaging/kata-deploy/kata-deploy/overlays/stable/kustomization.yaml deleted file mode 100644 index 6225193ee5..0000000000 --- a/tools/packaging/kata-deploy/kata-deploy/overlays/stable/kustomization.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: -- ../../base - -images: -- name: quay.io/kata-containers/kata-deploy - newTag: stable - -patches: -- path: env_stable_conf.yaml From e714c3752100e28400d9f4aedbdbae21b937119e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Thu, 22 Feb 2024 13:31:12 +0100 Subject: [PATCH 13/16] gha: Remove workflows related to backporting stuff MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We're not doing backports anymore, as we're getting rid of the stable branches in favour of having a better release cadence from the main branch. Signed-off-by: Fabiano Fidêncio --- .github/workflows/add-backport-label.yaml | 91 ------------------- .github/workflows/auto-backport.yaml | 33 ------- .../workflows/require-pr-porting-labels.yaml | 68 -------------- 3 files changed, 192 deletions(-) delete mode 100644 .github/workflows/add-backport-label.yaml delete mode 100644 .github/workflows/auto-backport.yaml delete mode 100644 .github/workflows/require-pr-porting-labels.yaml diff --git a/.github/workflows/add-backport-label.yaml b/.github/workflows/add-backport-label.yaml deleted file mode 100644 index 5f033f3cd2..0000000000 --- a/.github/workflows/add-backport-label.yaml +++ /dev/null @@ -1,91 +0,0 @@ -name: Add backport label - -on: - pull_request: - types: - - opened - - synchronize - - reopened - - edited - - labeled - - unlabeled - -concurrency: - group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} - cancel-in-progress: true - -jobs: - check-issues: - if: ${{ github.event.label.name != 'auto-backport' }} - runs-on: ubuntu-latest - steps: - - name: Checkout code to get gh-utils script - if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }} - uses: actions/checkout@v4 - - - name: Determine whether to add label - if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }} - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - CONTAINS_AUTO_BACKPORT: ${{ contains(github.event.pull_request.labels.*.name, 'auto-backport') }} - id: add_label - run: | - pr=${{ github.event.pull_request.number }} - linked_issues=$(./ci/gh-util.sh \ - list-issues-for-pr "$pr" |\ - grep -v "^\#" || true) - [ -z "${linked_issues}" ] && { - echo "::error::No linked issues for PR $pr" - exit 1 - } - has_bug=false - for issue in $(echo "$linked_issues") - do - labels=$(./ci/gh-util.sh list-labels-for-issue "$issue") - - label_names=$(echo $labels | jq -r '.labels[].name' || true) - if [[ "$label_names" =~ "bug" ]]; then - has_bug=true - break - fi - done - - has_backport_needed_label=${{ contains(github.event.pull_request.labels.*.name, 'needs-backport') }} - has_no_backport_needed_label=${{ contains(github.event.pull_request.labels.*.name, 'no-backport-needed') }} - - echo "add_backport_label=false" >> $GITHUB_OUTPUT - if [ $has_backport_needed_label = true ] || [ $has_bug = true ]; then - if [[ $has_no_backport_needed_label = false ]]; then - echo "add_backport_label=true" >> $GITHUB_OUTPUT - fi - fi - - # Do not spam comment, only if auto-backport label is going to be newly added. - echo "auto_backport_added=$CONTAINS_AUTO_BACKPORT" >> $GITHUB_OUTPUT - - - name: Add comment - if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') && steps.add_label.outputs.add_backport_label == 'true' && steps.add_label.outputs.auto_backport_added == 'false' }} - uses: actions/github-script@v6 - with: - script: | - github.rest.issues.createComment({ - issue_number: context.issue.number, - owner: context.repo.owner, - repo: context.repo.repo, - body: 'This issue has been marked for auto-backporting. Add label(s) backport-to-BRANCHNAME to backport to them' - }) - - # Allow label to be removed by adding no-backport-needed label - - name: Remove auto-backport label - if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') && steps.add_label.outputs.add_backport_label == 'false' }} - uses: andymckay/labeler@e6c4322d0397f3240f0e7e30a33b5c5df2d39e90 - with: - remove-labels: "auto-backport" - repo-token: ${{ secrets.GITHUB_TOKEN }} - - - name: Add auto-backport label - if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') && steps.add_label.outputs.add_backport_label == 'true' }} - uses: andymckay/labeler@e6c4322d0397f3240f0e7e30a33b5c5df2d39e90 - with: - add-labels: "auto-backport" - repo-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/auto-backport.yaml b/.github/workflows/auto-backport.yaml deleted file mode 100644 index e2be390227..0000000000 --- a/.github/workflows/auto-backport.yaml +++ /dev/null @@ -1,33 +0,0 @@ -on: - pull_request_target: - types: ["labeled", "closed"] - -concurrency: - group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} - cancel-in-progress: true - -jobs: - backport: - name: Backport PR - runs-on: ubuntu-latest - if: | - github.event.pull_request.merged == true - && contains(github.event.pull_request.labels.*.name, 'auto-backport') - && ( - (github.event.action == 'labeled' && github.event.label.name == 'auto-backport') - || (github.event.action == 'closed') - ) - steps: - - name: Backport Action - uses: sqren/backport-github-action@v8.9.2 - with: - github_token: ${{ secrets.GITHUB_TOKEN }} - auto_backport_label_prefix: backport-to- - - - name: Info log - if: ${{ success() }} - run: cat /home/runner/.backport/backport.info.log - - - name: Debug log - if: ${{ failure() }} - run: cat /home/runner/.backport/backport.debug.log diff --git a/.github/workflows/require-pr-porting-labels.yaml b/.github/workflows/require-pr-porting-labels.yaml deleted file mode 100644 index e1b0c9c7d8..0000000000 --- a/.github/workflows/require-pr-porting-labels.yaml +++ /dev/null @@ -1,68 +0,0 @@ -# Copyright (c) 2020 Intel Corporation -# -# SPDX-License-Identifier: Apache-2.0 -# - -name: Ensure PR has required porting labels - -on: - pull_request_target: - types: - - opened - - reopened - - labeled - - unlabeled - branches: - - main - -concurrency: - group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} - cancel-in-progress: true - -jobs: - check-pr-porting-labels: - runs-on: ubuntu-latest - steps: - - name: Install hub - if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }} - run: | - HUB_ARCH="amd64" - HUB_VER=$(curl -sL "https://api.github.com/repos/github/hub/releases/latest" |\ - jq -r .tag_name | sed 's/^v//') - curl -sL \ - "https://github.com/github/hub/releases/download/v${HUB_VER}/hub-linux-${HUB_ARCH}-${HUB_VER}.tgz" |\ - tar xz --strip-components=2 --wildcards '*/bin/hub' && \ - sudo install hub /usr/local/bin - - - name: Checkout code to allow hub to communicate with the project - if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }} - uses: actions/checkout@v4 - with: - ref: ${{ github.event.pull_request.head.sha }} - fetch-depth: 0 - - - name: Rebase atop of the latest target branch - if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }} - run: | - ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch" - env: - TARGET_BRANCH: ${{ github.event.pull_request.base.ref }} - - - name: Install porting checker script - run: | - # Clone into a temporary directory to avoid overwriting - # any existing github directory. - pushd $(mktemp -d) &>/dev/null - git clone --single-branch --depth 1 "https://github.com/kata-containers/.github" && cd .github/scripts - sudo install pr-porting-checks.sh /usr/local/bin - popd &>/dev/null - - - name: Stop PR being merged unless it has a correct set of porting labels - if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }} - env: - GITHUB_TOKEN: ${{ secrets.KATA_GITHUB_ACTIONS_TOKEN }} - run: | - pr=${{ github.event.number }} - repo=${{ github.repository }} - - pr-porting-checks.sh "$pr" "$repo" From a85481110ac13f4d638c24daa43a725befaadcb1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Thu, 22 Feb 2024 13:44:10 +0100 Subject: [PATCH 14/16] releases: Remove scripts that won't be used anymore MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Those are not needed anymore as we're automating our release process around GitHub actions. Signed-off-by: Fabiano Fidêncio --- tools/packaging/release/tag_repos.sh | 239 ------------ tools/packaging/release/tag_repos_test.sh | 26 -- .../release/update-repository-version.sh | 339 ------------------ .../release/update-repository-version_test.sh | 54 --- 4 files changed, 658 deletions(-) delete mode 100755 tools/packaging/release/tag_repos.sh delete mode 100755 tools/packaging/release/tag_repos_test.sh delete mode 100755 tools/packaging/release/update-repository-version.sh delete mode 100755 tools/packaging/release/update-repository-version_test.sh diff --git a/tools/packaging/release/tag_repos.sh b/tools/packaging/release/tag_repos.sh deleted file mode 100755 index ece0cd561d..0000000000 --- a/tools/packaging/release/tag_repos.sh +++ /dev/null @@ -1,239 +0,0 @@ -#!/usr/bin/env bash -# -# Copyright (c) 2018 Intel Corporation -# -# SPDX-License-Identifier: Apache-2.0 -# - -set -o errexit -set -o nounset -set -o pipefail - -tmp_dir=$(mktemp -d -t tag-repos-tmp.XXXXXXXXXX) -script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" -script_name="$(basename "${BASH_SOURCE[0]}")" -OWNER=${OWNER:-"kata-containers"} -PROJECT="Kata Containers" -PUSH="${PUSH:-"false"}" -branch="main" -readonly URL_RAW_FILE="https://raw.githubusercontent.com/${OWNER}" -#The runtime version is used as reference of latest release -# This is set to the right value later. -kata_version="" -# Set if a new stable branch is created -stable_branch="" - -source "${script_dir}/../scripts/lib.sh" - -function usage() { - - cat < -This script creates a new release for ${PROJECT}. -It tags and create release for: -EOF - for r in "${repos[@]}"; do - echo " - ${r}" - done - - cat <: Takes a version to check all the components match with it (but not the runtime) -tag : Create tags for ${PROJECT} - -Options: --b : branch were will check the version. --h : Show this help --p : push tags - -EOF - -} - -finish() { - rm -rf "$tmp_dir" -} - -trap finish EXIT - -die() { - echo >&2 "ERROR: $*" - exit 1 -} - -info() { - echo "INFO: $*" -} - -repos=( - "kata-containers" -) - - -# The pre-release option at the check_versions function receives -# the runtime VERSION in order to check all the components match with it, -# this has the purpose that all the components have the same version before -# merging the runtime version -check_versions() { - version_to_check=${1:-} - if [ -z "${version_to_check}" ];then - info "Query the version from latest runtime in branch ${branch}" - else - kata_version="${version_to_check}" - fi - - info "Tagging ${PROJECT} with version ${kata_version}" - info "Check all repos has version ${kata_version} in VERSION file" - - for repo in "${repos[@]}"; do - if [ ! -z "${version_to_check}" ] && [ "${repo}" == "runtime" ]; then - info "Not checking runtime because we want the rest of repos are in ${version_to_check}" - continue - fi - repo_version=$(curl -Ls "${URL_RAW_FILE}/${repo}/${branch}/VERSION" | grep -v -P "^#") - info "${repo} is in $repo_version" - [ "${repo_version}" == "${kata_version}" ] || die "${repo} is not in version ${kata_version}" - done -} - -do_tag(){ - local tag=${1:-} - [ -n "${tag}" ] || die "No tag not provided" - if git rev-parse -q --verify "refs/tags/${tag}"; then - info "$repo already has tag" - else - info "Creating tag ${tag} for ${repo}" - git tag -a "${tag}" -s -m "${PROJECT} release ${tag}" - fi -} - -tag_repos() { - - info "Creating tag ${kata_version} in all repos" - for repo in "${repos[@]}"; do - git clone --quiet "https://github.com/${OWNER}/${repo}.git" - pushd "${repo}" >>/dev/null - git fetch origin - git checkout "${branch}" - version_from_file=$(cat ./VERSION) - info "Check VERSION file has ${kata_version}" - if [ "${version_from_file}" != "${kata_version}" ];then - die "mismatch: VERSION file (${version_from_file}) and runtime version ${kata_version}" - else - echo "OK" - fi - git fetch origin --tags - tag="$kata_version" - if [[ "packaging" == "${repo}" ]];then - do_tag "${tag}-kernel-config" - fi - - do_tag "${tag}" - - if [ "${branch}" == "main" ]; then - if echo "${tag}" | grep -oP '.*-rc0$'; then - info "This is a rc0 for main - creating stable branch" - stable_branch=$(echo ${tag} | awk 'BEGIN{FS=OFS="."}{print $1 "." $2}') - stable_branch="stable-${stable_branch}" - info "creating branch ${stable_branch} for ${repo}" - git checkout -b "${stable_branch}" "${branch}" - - fi - fi - - popd >>/dev/null - done -} - -push_tags() { - info "Pushing tags to repos" - get_gh - for repo in "${repos[@]}"; do - pushd "${repo}" >>/dev/null - ${gh_cli} repo set-default "${OWNER}/${repo}" - if [ $(${gh_cli} config get git_protocol) = ssh ]; then - git remote set-url --push origin "git@github.com:${OWNER}/${repo}.git" - fi - tag="$kata_version" - if [[ "packaging" == "${repo}" ]];then - ktag="${tag}-kernel-config" - info "Push tag ${ktag} for ${repo}" - git push origin "${ktag}" - fi - info "Push tag ${tag} for ${repo}" - git push origin "${tag}" - create_github_release "${PWD}" "${tag}" - if [ "${stable_branch}" != "" ]; then - info "Pushing stable ${stable_branch} branch for ${repo}" - git push origin ${stable_branch} - fi - popd >>/dev/null - done -} - -create_github_release() { - repo_dir=${1:-} - tag=${2:-} - [ -d "${repo_dir}" ] || die "No repository directory" - [ -n "${tag}" ] || die "No tag specified" - if ! "${gh_cli}" release view "${tag}"; then - info "Creating Github release" - if [[ "$tag" =~ "-rc" ]]; then - rc_args="-p" - fi - rc_args=${rc_args:-} - pushd "${repo_dir}" - "${gh_cli}" release create ${rc_args} --title "${PROJECT} ${tag}" "${tag}" --notes "" - popd - else - info "Github release already created" - fi -} - -main () { - while getopts "b:hp" opt; do - case $opt in - b) branch="${OPTARG}" ;; - h) usage && exit 0 ;; - p) PUSH="true" ;; - esac - done - shift $((OPTIND - 1)) - - subcmd=${1:-""} - shift || true - kata_version=$(curl -Ls "${URL_RAW_FILE}/kata-containers/${branch}/VERSION" | grep -v -P "^#") - - [ -z "${subcmd}" ] && usage && exit 0 - - pushd "${tmp_dir}" >>/dev/null - - case "${subcmd}" in - status) - check_versions - ;; - pre-release) - local target_version=${1:-} - [ -n "${target_version}" ] || die "No version provided" - check_versions "${target_version}" - ;; - tag) - check_versions - tag_repos - if [ "${PUSH}" == "true" ]; then - push_tags - else - info "tags not pushed, use -p option to push the tags" - fi - ;; - *) - usage && die "Invalid argument ${subcmd}" - ;; - - esac - - popd >>/dev/null -} -main "$@" diff --git a/tools/packaging/release/tag_repos_test.sh b/tools/packaging/release/tag_repos_test.sh deleted file mode 100755 index b88161e9ac..0000000000 --- a/tools/packaging/release/tag_repos_test.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/usr/bin/env bash -# -# Copyright (c) 2018 Intel Corporation -# -# SPDX-License-Identifier: Apache-2.0 -# - -set -o errexit -set -o nounset -set -o pipefail - -echo "Check tag_repos.sh show help" -./release/tag_repos.sh | grep Usage - -echo "Check tag_repos.sh -h option" -./release/tag_repos.sh -h | grep Usage - -echo "Check tag_repos.sh status" -./release/tag_repos.sh status | grep kata-containers - -echo "Check tag_repos.sh pre-release" -./release/tag_repos.sh pre-release $(curl -sL https://raw.githubusercontent.com/kata-containers/kata-containers/main/VERSION) | grep "Not checking runtime" - -echo "Check tag_repos.sh pre-release with invalid information" -./release/tag_repos.sh pre-release 1000000 | grep "ERROR" || true - diff --git a/tools/packaging/release/update-repository-version.sh b/tools/packaging/release/update-repository-version.sh deleted file mode 100755 index d9509dca1a..0000000000 --- a/tools/packaging/release/update-repository-version.sh +++ /dev/null @@ -1,339 +0,0 @@ -#!/usr/bin/env bash -# -# Copyright (c) 2018 Intel Corporation -# -# SPDX-License-Identifier: Apache-2.0 -# - -set -o errexit -set -o nounset -set -o pipefail - -readonly script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" -readonly script_name="$(basename "${BASH_SOURCE[0]}")" - -readonly tmp_dir=$(mktemp -t -d pr-bump.XXXX) -OWNER="${OWNER:-kata-containers}" -readonly organization="$OWNER" -PUSH="false" -GOPATH=${GOPATH:-${HOME}/go} - -source "${script_dir}/../scripts/lib.sh" - -cleanup() { - [ -d "${tmp_dir}" ] && rm -rf "${tmp_dir}" -} - -trap cleanup EXIT - -handle_error() { - local exit_code="${?}" - local line_number="${1:-}" - echo "Failed at $line_number: ${BASH_COMMAND}" - exit "${exit_code}" -} -trap 'handle_error $LINENO' ERR - -get_changes() { - local current_version="$1" - [ -n "${current_version}" ] || die "current version not provided" - - # If for some reason there is not a tag this could fail - # better fail and write the error in the PR - if ! changes=$(git log --oneline "${current_version}..HEAD"); then - echo "failed to get logs" - fi - if [ "${changes}" == "" ]; then - echo "Version bump no changes" - return - fi - - # list all PRs merged from $current_version to HEAD - git log --merges "${current_version}..HEAD" | awk '/Merge pull/{getline; getline;print }' | while read pr; do - echo "- ${pr}" - done - - echo "" - - # list all commits added in this new version. - git log --oneline "${current_version}..HEAD" --no-merges -} - -generate_kata_deploy_commit() { - local new_version="$1" - [ -n "$new_version" ] || die "no new version" - - printf "release: Adapt kata-deploy for %s" "${new_version}" - - printf "\n -kata-deploy files must be adapted to a new release. The cases where it -happens are when the release goes from -> to: -* main -> stable: - * kata-deploy-stable / kata-cleanup-stable: are removed - -* stable -> stable: - * kata-deploy / kata-cleanup: bump the release to the new one. - -There are no changes when doing an alpha release, as the files on the -\"main\" branch always point to the \"latest\" and \"stable\" tags." -} - -generate_revert_kata_deploy_commit() { - local new_version="$1" - [ -n "$new_version" ] || die "no new version" - - printf "release: Revert kata-deploy changes after %s release" "${new_version}" - - printf "\n -As %s has been released, let's switch the kata-deploy / kata-cleanup -tags back to \"latest\", and re-add the kata-deploy-stable and the -kata-cleanup-stable files." "${new_version}" -} - -generate_commit() { - local new_version="$1" - local current_version="$2" - - [ -n "$new_version" ] || die "no new version" - [ -n "$current_version" ] || die "no current version" - - printf "release: Kata Containers %s\n\n" "${new_version}" - - get_changes "$current_version" -} - -bump_repo() { - local repo="${1:-}" - local new_version="${2:-}" - local target_branch="${3:-}" - [ -n "${repo}" ] || die "repository not provided" - [ -n "${new_version}" ] || die "no new version" - [ -n "${target_branch}" ] || die "no target branch" - local remote_repo="${organization}/${repo}" - local remote_github="https://github.com/${remote_repo}.git" - info "Update $repo to version $new_version" - - info "remote: ${remote_github}" - - git clone --quiet "${remote_github}" - - pushd "${repo}" >>/dev/null - - local kata_deploy_dir="tools/packaging/kata-deploy" - local kata_deploy_base="${kata_deploy_dir}/kata-deploy/base" - local kata_cleanup_base="${kata_deploy_dir}/kata-cleanup/base" - local kata_deploy_yaml="${kata_deploy_base}/kata-deploy.yaml" - local kata_cleanup_yaml="${kata_cleanup_base}/kata-cleanup.yaml" - local kata_deploy_stable_yaml="${kata_deploy_base}/kata-deploy-stable.yaml" - local kata_cleanup_stable_yaml="${kata_cleanup_base}/kata-cleanup-stable.yaml" - - local tests_dir="tests" - local kubernetes_tests_dir="${tests_dir}/integration/kubernetes" - local kubernetes_tests_runner="${kubernetes_tests_dir}/gha-run.sh" - local kata_deploy_tests_dir="${tests_dir}/functional/kata-deploy" - local kata_deploy_tests_runner="${kata_deploy_tests_dir}/kata-deploy.bats" - - branch="${new_version}-branch-bump" - git fetch origin "${target_branch}" - git checkout "origin/${target_branch}" -b "${branch}" - - local current_version="$(egrep -v '^(#|$)' ./VERSION)" - - info "Updating VERSION file" - echo "${new_version}" >VERSION - if git diff --exit-code; then - info "${repo} already in version ${new_version}" - return 0 - fi - - if [ "${repo}" == "kata-containers" ]; then - # Here there are 3 scenarios of what we can do, based on - # which branch we're targetting: - # - # 1) [main] ------> [main] NO-OP - # "alpha0" "alpha1" - # - # +----------------+----------------+ - # | from | to | - # -------------------+----------------+----------------+ - # kata-deploy | "latest" | "latest" | - # -------------------+----------------+----------------+ - # kata-deploy-stable | "stable | "stable" | - # -------------------+----------------+----------------+ - # - # - # 2) [main] ------> [stable] Update kata-deploy and - # "alpha2" "rc0" get rid of kata-deploy-stable - # - # +----------------+----------------+ - # | from | to | - # -------------------+----------------+----------------+ - # kata-deploy | "latest" | "latest" | - # -------------------+----------------+----------------+ - # kata-deploy-stable | "stable" | REMOVED | - # -------------------+----------------+----------------+ - # - # - # 3) [stable] ------> [stable] Update kata-deploy - # "x.y.z" "x.y.(z+1)" - # - # +----------------+----------------+ - # | from | to | - # -------------------+----------------+----------------+ - # kata-deploy | "x.y.z" | "x.y.(z+1)" | - # -------------------+----------------+----------------+ - # kata-deploy-stable | NON-EXISTENT | NON-EXISTENT | - # -------------------+----------------+----------------+ - - local registry="quay.io/kata-containers/kata-deploy" - - info "Updating kata-deploy / kata-cleanup image tags" - local version_to_replace="${current_version}" - local replacement="${new_version}" - local need_commit=false - if [ "${target_branch}" == "main" ];then - if [[ "${new_version}" =~ "rc" ]]; then - ## We are bumping from alpha to RC, should drop kata-deploy-stable yamls. - git rm "${kata_deploy_stable_yaml}" - git rm "${kata_cleanup_stable_yaml}" - - need_commit=true - fi - elif [[ ! "${new_version}" =~ "rc" ]]; then - ## We are on a stable branch and creating new stable releases. - ## Need to change kata-deploy / kata-cleanup to use the stable tags. - if [[ "${version_to_replace}" =~ "rc" ]]; then - ## Coming from "rcX" so from the latest tag. - version_to_replace="latest" - fi - sed -i "s#${registry}:${version_to_replace}#${registry}:${replacement}#g" "${kata_deploy_yaml}" - sed -i "s#${registry}:${version_to_replace}#${registry}:${replacement}#g" "${kata_cleanup_yaml}" - - sed -i "s#${registry}:${version_to_replace}#${registry}:${replacement}#g" "${kubernetes_tests_runner}" - sed -i "s#${registry}:${version_to_replace}#${registry}:${replacement}#g" "${kata_deploy_tests_runner}" - - git diff - - git add "${kata_deploy_yaml}" - git add "${kata_cleanup_yaml}" - git add "${kubernetes_tests_runner}" - git add "${kata_deploy_tests_runner}" - - need_commit=true - fi - - if [ "${need_commit}" == "true" ]; then - info "Creating the commit with the kata-deploy changes" - local commit_msg="$(generate_kata_deploy_commit $new_version)" - git commit -s -m "${commit_msg}" - local kata_deploy_commit="$(git rev-parse HEAD)" - fi - fi - - info "Creating PR message" - local pr_title="# Kata Containers ${new_version}" - local notes_file="${tmp_dir}/notes.md" - cat <"${notes_file}" -$(get_changes "$current_version") - -EOF - printf "%s\n\n" "${pr_title}" - cat "${notes_file}" - - if (echo "${current_version}" | grep "alpha") && (echo "${new_version}" | grep -v "alpha");then - info "update move from alpha, check if new version is rc0" - if echo "$new_version" | grep -v "rc0"; then - die "bump should be from alpha to rc0" - fi - info "OK" - fi - - git add VERSION - info "Creating commit with new changes" - commit_msg="$(generate_commit $new_version $current_version)" - git commit -s -m "${commit_msg}" - - if [[ ${PUSH} == "true" ]]; then - get_gh - gh_id=$(${gh_cli} auth status --hostname github.com | awk 'match($0, /Logged in to github.com as ([^ ]+)/, line) { print substr($0, line[1, "start"], line[1, "length"]) }') - info "Forking remote" - ${gh_cli} repo set-default "${remote_repo}" - ${gh_cli} repo fork --remote --remote-name=fork - info "Push to fork" - git push fork -f "${branch}" - info "Create PR" - out="" - out=$(LC_ALL=C LANG=C "${gh_cli}" pr create --base "${target_branch}" --title "${pr_title}" --body-file "${notes_file}" --head "${gh_id}:${branch}" 2>&1) || echo "$out" | grep "already exists" - fi - - if [ "${repo}" == "kata-containers" ] && [ "${target_branch}" == "main" ] && [[ "${new_version}" =~ "rc" ]]; then - reverting_kata_deploy_changes_branch="revert-kata-deploy-changes-after-${new_version}-release" - git checkout -b "${reverting_kata_deploy_changes_branch}" - - git revert --no-edit ${kata_deploy_commit} >>/dev/null - commit_msg="$(generate_revert_kata_deploy_commit $new_version)" - info "Creating the commit message reverting the kata-deploy changes" - git commit --amend -s -m "${commit_msg}" - - pr_title=$(echo "${commit_msg}" | head -1) - echo "${commit_msg}" | tail -n +3 >"${notes_file}" - echo "" >>"${notes_file}" - echo "Only merge this commit after ${new_version} release is successfully tagged!" >>"${notes_file}" - - if [[ ${PUSH} == "true" ]]; then - info "Push \"${reverting_kata_deploy_changes_branch}\" to fork" - git push fork -f "${reverting_kata_deploy_changes_branch}" - info "Create \"${reverting_kata_deploy_changes_branch}\" PR" - out="" - out=$(LC_ALL=C LANG=C "${gh_cli}" pr create --base "${target_branch}" --title "${pr_title}" --body-file "${notes_file}" --head "${gh_id}:${reverting_kata_deploy_changes_branch}" 2>&1) || echo "$out" | grep "already exists" - fi - fi - - popd >>/dev/null -} - -usage() { - exit_code="$1" - cat < -Args: - : New version to bump the repository - : The base branch to create to PR -Example: - ${script_name} 1.10 -Options - -h : Show this help - -p : create a PR -EOF - exit "$exit_code" -} - -repos=( - "kata-containers" -) - -main(){ - while getopts "hp" opt; do - case $opt in - h) usage 0 ;; - p) PUSH="true" ;; - esac - done - - shift $((OPTIND - 1)) - - - new_version="${1:-}" - target_branch="${2:-}" - [ -n "${new_version}" ] || { echo "ERROR: no new version" && usage 1; } - [ -n "${target_branch}" ] || die "no target branch" - for repo in "${repos[@]}" - do - pushd "$tmp_dir" >>/dev/null - bump_repo "${repo}" "${new_version}" "${target_branch}" - popd >>/dev/null - done - -} -main $@ diff --git a/tools/packaging/release/update-repository-version_test.sh b/tools/packaging/release/update-repository-version_test.sh deleted file mode 100755 index 2274541bb5..0000000000 --- a/tools/packaging/release/update-repository-version_test.sh +++ /dev/null @@ -1,54 +0,0 @@ -#!/usr/bin/env bash -# -#Copyright (c) 2018 Intel Corporation -# -#SPDX-License-Identifier: Apache-2.0 -# - -set -o errexit -set -o nounset -set -o pipefail - -readonly script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" -out="" - -handle_error() { - echo "not ok" - echo "output: ${out}" -} - -OK() { - echo "ok" -} -output_should_contain() { - local output="$1" - local text_to_find="$2" - [ -n "$output" ] - [ -n "$text_to_find" ] - echo "${output}" | grep "${text_to_find}" -} - -trap handle_error ERR - -echo "Missing args show help" -out=$("${script_dir}/update-repository-version.sh" 2>&1) || (($? != 0)) -echo "${out}" | grep Usage >>/dev/null -output_should_contain "${out}" "Usage" -OK - -echo "Missing version show help" -out=$("${script_dir}/update-repository-version.sh" 2>&1) || (($? != 0)) -echo "${out}" | grep Usage >>/dev/null -echo "${out}" | grep "no new version" >>/dev/null -OK - -echo "help option" -out=$("${script_dir}/update-repository-version.sh" -h) -output_should_contain "${out}" "Usage" -OK - -echo "Local update version update should work" -new_version="50.0.0-rc0" -out=$("${script_dir}/update-repository-version.sh" "${new_version}" "main" 2>&1) -output_should_contain "${out}" "release: Kata Containers ${new_version}" -OK From d69766c0b21b9d153f8cf2e6d2bc9d29f8c2d70c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Thu, 22 Feb 2024 14:02:29 +0100 Subject: [PATCH 15/16] docs: Update the release process MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Now that we've simplified it by quite a lot, let's update the documentation accordingly. Signed-off-by: Fabiano Fidêncio --- docs/Release-Process.md | 81 +++++++++++++---------------------------- 1 file changed, 26 insertions(+), 55 deletions(-) diff --git a/docs/Release-Process.md b/docs/Release-Process.md index a0d08e58b8..3d9c34c3ac 100644 --- a/docs/Release-Process.md +++ b/docs/Release-Process.md @@ -1,71 +1,42 @@ # How to do a Kata Containers Release - This document lists the tasks required to create a Kata Release. +This document lists the tasks required to create a Kata Release. ## Requirements -- [gh](https://cli.github.com) - * Install and configure the GitHub CLI (gh) as detailed at https://docs.github.com/en/github-cli/github-cli/quickstart#prerequisites . - -- GitHub permissions to push tags and create releases in the Kata repository. - -- GPG configured to sign git tags. https://docs.github.com/en/authentication/managing-commit-signature-verification/generating-a-new-gpg-key - -- `gh auth login` should have configured `git push` and `git pull` to use HTTPS along with your GitHub credentials, - * As an alternative, you can still rely on SSH keys to push branches. See https://help.github.com/articles/adding-a-new-ssh-key-to-your-github-account . +- GitHub permissions to run workflows. ## Release Process +### Check GitHub Actions -### Bump the Kata repository +We make use of [GitHub actions](https://github.com/features/actions) in the +[minor](../.github/workflows/release-minor.yaml) and +[major](../.github/workflows/release-major.yaml) files from the +`kata-containers/kata-containers` repository to build and upload release +artifacts. - Bump the repository using the `./update-repository-version.sh` script in the Kata [release](../tools/packaging/release) directory, where: - - `BRANCH=` - - `NEW_VERSION=` - ``` - $ cd ${GOPATH}/src/github.com/kata-containers/kata-containers/tools/packaging/release - $ export NEW_VERSION= - $ export BRANCH= - $ ./update-repository-version.sh -p "$NEW_VERSION" "$BRANCH" - ``` +Those actions are manually triggered and are responsible for generating a new +release (including a new tag), pushing those to the +`kata-containers/kata-containers` repository. -### Merge the bump version Pull request +Check the [actions status +page](https://github.com/kata-containers/kata-containers/actions) to verify all +steps in the actions workflow have completed successfully. On success, a static +tarball containing Kata release artifacts will be uploaded to the [Release +page](https://github.com/kata-containers/kata-containers/releases). - - The above step will create a GitHub pull request in the Kata repository. Trigger the CI using `/test` command on the bump Pull request. - - Check any failures and fix if needed. - - Work with the Kata approvers to verify that the CI works and the pull request is merged. +### Improve the release notes -### Tag the Kata repository +Release notes are auto-generated by the GitHub CLI tool used as part of our +release workflow. However, some manual tweaking may still be necessary in +order to highlight the most important features and bug fixes in a specific +release. - Once the pull request to bump version in the Kata repository is merged, - tag the repository as shown below. - ``` - $ cd ${GOPATH}/src/github.com/kata-containers/kata-containers/tools/packaging/release - $ git checkout - $ git pull - $ ./tag_repos.sh -p -b "$BRANCH" tag - ``` - -### Check Git-hub Actions - - We make use of [GitHub actions](https://github.com/features/actions) in this [file](../.github/workflows/release.yaml) in the `kata-containers/kata-containers` repository to build and upload release artifacts. This action is auto triggered with the above step when a new tag is pushed to the `kata-containers/kata-containers` repository. - - Check the [actions status page](https://github.com/kata-containers/kata-containers/actions) to verify all steps in the actions workflow have completed successfully. On success, a static tarball containing Kata release artifacts will be uploaded to the [Release page](https://github.com/kata-containers/kata-containers/releases). - -### Create release notes - - We have the `./release-notes.sh` script in the [release](../tools/packaging/release) directory to create release notes that include a short-log of the commits. - - Run the script as shown below: - - ``` - $ cd ${GOPATH}/src/github.com/kata-containers/kata-containers/tools/packaging/release - # Note: OLD_VERSION is where the script should start to get changes. - $ ./release-notes.sh ${OLD_VERSION} ${NEW_VERSION} > notes.md - # Edit the `notes.md` file to review and make any changes to the release notes. - # Add the release notes in the project's GitHub. - $ gh release edit "${NEW_VERSION}" -F notes.md - ``` +With this in mind, please, poke @channel on #kata-dev and people who worked on +the release will be able to contribute to that. ### Announce the release - Publish in [Slack and Kata mailing list](https://github.com/kata-containers/community#join-us) that new release is ready. +Publish in [Slack and Kata mailing +list](https://github.com/kata-containers/community#join-us) that new release is +ready. From 111bb3ec66c395319699113f810f0ab89676ec91 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Mon, 26 Feb 2024 14:26:00 +0100 Subject: [PATCH 16/16] release: Add "test-" into the release name MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This commit should be merged as it's now, then we trigger a test release, fix whatever has to be fixed, and drop it as soon as we know our workflows are working as expected. Signed-off-by: Fabiano Fidêncio --- tools/packaging/release/release.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/packaging/release/release.sh b/tools/packaging/release/release.sh index 829317a0be..46675c1bd9 100755 --- a/tools/packaging/release/release.sh +++ b/tools/packaging/release/release.sh @@ -76,7 +76,7 @@ function _next_release_version() esac next_release_number="${next_major}.${next_minor}.0" - echo "${next_release_number}" + echo "test-${next_release_number}" } function _update_version_file()