Merge pull request #9170 from fidencio/topic/releases-follow-up-I

release: Add the needed fixes for the release process

.github/workflows/release-amd64.yaml

@@ -41,8 +41,12 @@ jobs:
           # We need to do such trick here as the format of the $GITHUB_REF 
           # is "refs/tags/<tag>"
           tag=$(echo $GITHUB_REF | cut -d/ -f3-)
-          tags=($tag)
-          tags+=($([[ "$tag" =~ "alpha"|"rc" ]] && echo "latest" || echo "stable"))
+          if [ "${tag}" = "main" ]; then
+              tag=$(./tools/packaging/release/release.sh next-release-version)
+              tags=(${tag} "latest")
+          else
+              tags=(${tag})
+          fi
           for tag in ${tags[@]}; do
               ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \
                   $(pwd)/kata-static.tar.xz "docker.io/katadocker/kata-deploy" \

.github/workflows/release-arm64.yaml

@@ -41,8 +41,12 @@ jobs:
           # We need to do such trick here as the format of the $GITHUB_REF 
           # is "refs/tags/<tag>"
           tag=$(echo $GITHUB_REF | cut -d/ -f3-)
-          tags=($tag)
-          tags+=($([[ "$tag" =~ "alpha"|"rc" ]] && echo "latest" || echo "stable"))
+          if [ "${tag}" = "main" ]; then
+              tag=$(./tools/packaging/release/release.sh next-release-version)
+              tags=(${tag} "latest")
+          else
+              tags=(${tag})
+          fi
           for tag in ${tags[@]}; do
               ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \
                   $(pwd)/kata-static.tar.xz "docker.io/katadocker/kata-deploy" \

.github/workflows/release-ppc64le.yaml

@@ -41,8 +41,12 @@ jobs:
           # We need to do such trick here as the format of the $GITHUB_REF 
           # is "refs/tags/<tag>"
           tag=$(echo $GITHUB_REF | cut -d/ -f3-)
-          tags=($tag)
-          tags+=($([[ "$tag" =~ "alpha"|"rc" ]] && echo "latest" || echo "stable"))
+          if [ "${tag}" = "main" ]; then
+              tag=$(./tools/packaging/release/release.sh next-release-version)
+              tags=(${tag} "latest")
+          else
+              tags=(${tag})
+          fi
           for tag in ${tags[@]}; do
               ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \
                   $(pwd)/kata-static.tar.xz "docker.io/katadocker/kata-deploy" \

.github/workflows/release-s390x.yaml

@@ -42,8 +42,12 @@ jobs:
           # We need to do such trick here as the format of the $GITHUB_REF 
           # is "refs/tags/<tag>"
           tag=$(echo $GITHUB_REF | cut -d/ -f3-)
-          tags=($tag)
-          tags+=($([[ "$tag" =~ "alpha"|"rc" ]] && echo "latest" || echo "stable"))
+          if [ "${tag}" = "main" ]; then
+              tag=$(./tools/packaging/release/release.sh next-release-version)
+              tags=(${tag} "latest")
+          else
+              tags=(${tag})
+          fi
           for tag in ${tags[@]}; do
               ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \
                   $(pwd)/kata-static.tar.xz "docker.io/katadocker/kata-deploy" \

.github/workflows/release.yaml

@@ -6,6 +6,9 @@ on:
         required: true
         type: string
 
+env:
+  RELEASE_TYPE: ${{ inputs.release-type }}
+
 jobs:
   release:
     runs-on: ubuntu-latest
@@ -19,8 +22,6 @@ jobs:
         run: |
           release_version=$(./tools/packaging/release/release.sh next-release-version)
           echo "RELEASE_VERSION=$release_version" >> "$GITHUB_ENV"
-        env:
-          RELEASE_TYPE: ${{ inputs.release-type }}
 
       - name: Update VERSION file
         run: |
@@ -33,24 +34,28 @@ jobs:
           GH_TOKEN: ${{ github.token }}
 
   build-and-push-assets-amd64:
+    needs: release
     uses: ./.github/workflows/release-amd64.yaml
     with:
       target-arch: amd64
     secrets: inherit
 
   build-and-push-assets-arm64:
+    needs: release
     uses: ./.github/workflows/release-arm64.yaml
     with:
       target-arch: arm64
     secrets: inherit
 
   build-and-push-assets-s390x:
+    needs: release
     uses: ./.github/workflows/release-s390x.yaml
     with:
       target-arch: s390x
     secrets: inherit
 
   build-and-push-assets-ppc64le:
+    needs: release
     uses: ./.github/workflows/release-ppc64le.yaml
     with:
       target-arch: ppc64le
@@ -76,17 +81,19 @@ jobs:
           username: ${{ secrets.QUAY_DEPLOYER_USERNAME }}
           password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}
 
+      - name: Get the image tags
+        run: |
+          release_version=$(./tools/packaging/release/release.sh next-release-version)
+          echo "KATA_DEPLOY_IMAGE_TAGS=$release_version latest" >> "$GITHUB_ENV"
+
       - name: Push multi-arch manifest
         run: |
-          tags="$(cat VERSION) latest"
-          echo "KATA_DEPLOY_IMAGE_TAGS=\"${tags}\"" >> "$GITHUB_ENV"
-
           ./tools/packaging/release/release.sh publish-multiarch-manifest
         env:
           KATA_DEPLOY_REGISTRIES: "quay.io/kata-containers/kata-deploy docker.io/katadocker/kata-deploy"
 
   upload-multi-arch-static-tarball:
-    needs: publish-multi-arch-images
+    needs: [build-and-push-assets-amd64, build-and-push-assets-arm64, build-and-push-assets-s390x, build-and-push-assets-ppc64le]
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
@@ -116,7 +123,7 @@ jobs:
           ./tools/packaging/release/release.sh upload-kata-static-tarball
         env:
           GH_TOKEN: ${{ github.token }}
-          ARCHITECTURE: arm4
+          ARCHITECTURE: arm64
 
       - name: download-artifacts-s390x
         uses: actions/download-artifact@v3
@@ -141,6 +148,7 @@ jobs:
           ARCHITECTURE: ppc64le
 
   upload-versions-yaml:
+    needs: release
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
@@ -151,7 +159,7 @@ jobs:
           GH_TOKEN: ${{ github.token }}
 
   upload-cargo-vendored-tarball:
-    needs: upload-multi-arch-static-tarball
+    needs: release
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
@@ -162,7 +170,7 @@ jobs:
           GH_TOKEN: ${{ github.token }}
 
   upload-libseccomp-tarball:
-    needs: upload-cargo-vendored-tarball
+    needs: release
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4

docs/Release-Process.md

@@ -10,8 +10,10 @@ This document lists the tasks required to create a Kata Release.
 ### Check GitHub Actions
 
 We make use of [GitHub actions](https://github.com/features/actions) in the
-[minor](../.github/workflows/release-minor.yaml) and
-[major](../.github/workflows/release-major.yaml) files from the
+[minor](https://github.com/kata-containers/kata-containers/actions/workflows/release-minor.yaml)
+and
+[major](https://github.com/kata-containers/kata-containers/actions/workflows/release-major.yaml)
+files from the
 `kata-containers/kata-containers` repository to build and upload release
 artifacts.
 

tools/packaging/release/release-notes.sh

@@ -1,224 +0,0 @@
-#!/usr/bin/env bash
-# Copyright (c) 2018 Intel Corporation
-#
-# SPDX-License-Identifier: Apache-2.0
-#
-
-[ -z "${DEBUG}" ] || set -x
-set -o errexit
-set -o nounset
-set -o pipefail
-
-script_dir=$(dirname "$0")
-
-readonly script_name="$(basename "${BASH_SOURCE[0]}")"
-readonly script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-readonly project="kata-containers"
-readonly tmp_dir=$(mktemp -d -t release-notes-tmp.XXXXXXXXXX)
-
-# shellcheck source=../scripts/lib.sh
-source "${script_dir}/../scripts/lib.sh"
-
-exit_handler() {
-	[ -d "${tmp_dir}" ] || rm -rf "${tmp_dir}"
-}
-trap exit_handler EXIT
-
-usage() {
-	return_code=${1:-}
-	cat <<EOF
-Usage ${script_name} <previous-release> <new_release>
-
-Args:
-
-previous-release: will be used as start point to get release notes
-new-release:      new release version that will have the
-
-Example:
-./${script_name} 1.2.0 1.2.1 > notes.md
-
-EOF
-	exit "${return_code}"
-}
-
-repos=(
-	"kata-containers"
-)
-
-get_release_info() {
-
-	docker_version=$(get_from_kata_deps "externals.docker.version")
-	crio_version=$(get_from_kata_deps "externals.crio.version")
-	containerd_version=$(get_from_kata_deps "externals.containerd.version")
-	kubernetes_version=$(get_from_kata_deps "externals.kubernetes.version")
-	oci_spec_version=$(get_from_kata_deps "specs.oci.version")
-
-	libseccomp_version=$(get_from_kata_deps "externals.libseccomp.version")
-	libseccomp_url=$(get_from_kata_deps "externals.libseccomp.url")
-
-	#Image information
-	image_info=$(get_from_kata_deps "assets.image")
-
-	# Initrd information
-	initrd_info=$(get_from_kata_deps "assets.initrd")
-
-	kernel_version=$(get_from_kata_deps "assets.kernel.version")
-	kernel_url=$(get_from_kata_deps "assets.kernel.url")
-
-	kata_kernel_config_version="${new_release}-kernel-config"
-	kata_kernel_config_version="${new_release}-kernel-config"
-
-	runtime_version=${new_release}
-}
-
-changes() {
-	echo "**FIXME - message this section by hand to produce a summary please**"
-
-	echo "### Shortlog"
-
-	echo "<details>"
-	echo "<summary>Click the icon to show the list of commits included in this release</summary>"
-
-	# XXX: Essential to have at least one blank line here. It forces
-	# GitHub to show each commit on a separate line.
-	echo
-
-	for cr in $(git log --merges "${previous_release}".."${new_release}" | grep 'Merge:' | awk '{print $2".."$3}'); do
-		git log --oneline "$cr"
-	done
-
-	echo "</details>"
-}
-
-print_release_notes() {
-	cat <<EOF
-# Release ${runtime_version}
-
-EOF
-
-	for repo in "${repos[@]}"; do
-		git clone -q "https://github.com/${project}/${repo}.git" "${tmp_dir}/${repo}"
-		pushd "${tmp_dir}/${repo}" >>/dev/null
-
-		cat <<EOF
-## ${repo} Changes
-$(changes)
-
-## Survey
-
-Please take the Kata Containers survey:
-
-- https://openinfrafoundation.formstack.com/forms/kata_containers_user_survey
-
-This will help the Kata Containers community understand:
-
-- how you use Kata Containers
-- what features and improvements you would like to see in Kata Containers
-
-EOF
-		popd >>/dev/null
-		rm -rf "${tmp_dir}/${repo}"
-	done
-
-	cat <<EOF
-
-## Compatibility with CRI-O
-Kata Containers ${runtime_version} is compatible with CRI-O ${crio_version}
-
-## Compatibility with containerd
-Kata Containers ${runtime_version} is compatible with contaienrd ${containerd_version}
-
-## OCI Runtime Specification
-Kata Containers ${runtime_version} support the OCI Runtime Specification [${oci_spec_version}][ocispec]
-
-## Compatibility with Kubernetes
-Kata Containers ${runtime_version} is compatible with Kubernetes ${kubernetes_version}
-
-## Libseccomp Notices
-The \`kata-agent\` binaries inside the Kata Containers images provided with this release are
-statically linked with the following [GNU LGPL-2.1][lgpl-2.1] licensed libseccomp library.
-
-* [\`libseccomp\`][libseccomp]
-
-The \`kata-agent\` uses the libseccomp v${libseccomp_version} which is not modified from the upstream version.
-However, in order to comply with the LGPL-2.1 (§6(a)), we attach the complete source code for the library.
-
-If you want to use the \`kata-agent\` which is not statically linked with the library, you can build
-a custom \`kata-agent\` that does not use the library from sources.
-For the details, please check the [developer guide][custom-agent-doc].
-
-## Kata Linux Containers image
-Agent version: ${new_release}
-
-### Default Image Guest OS:
-${image_info}
-
-### Default Initrd Guest OS:
-${initrd_info}
-
-## Kata Containers builder images
-The majority of the components of the project were built using containers.  In order to do a step towards
-build reproducibility we publish those container images, and when those are used combined with the version
-of the projects listed as part of the "versions.yaml" file, users can get as close to the environment we
-used to build the release artefacts.
-* agent (on all its different flavours): $(get_agent_image_name)
-* Kernel (on all its different flavours): $(get_kernel_image_name)
-* OVMF (on all its different flavours): $(get_ovmf_image_name)
-* QEMU (on all its different flavurs): $(get_qemu_image_name)
-* shim-v2: $(get_shim_v2_image_name)
-* tools: $(get_tools_image_name)
-* virtiofsd: $(get_virtiofsd_image_name)
-
-The users who want to rebuild the tarballs using exactly the same images can simply use the following environment
-variables:
-* \`AGENT_CONTAINER_BUILDER\`
-* \`COCO_GUEST_COMPONENTS_CONTAINER_BUILDER\`
-* \`KERNEL_CONTAINER_BUILDER\`
-* \`OVMF_CONTAINER_BUILDER\`
-* \`PAUSE_IMAGE_CONTAINER_BUILDER\`
-* \`QEMU_CONTAINER_BUILDER\`
-* \`SHIM_V2_CONTAINER_BUILDER\`
-* \`TOOLS_CONTAINER_BUILDER\`
-* \`VIRTIOFSD_CONTAINER_BUILDER\`
-
-## Kata Linux Containers Kernel
-Kata Containers ${runtime_version} suggest to use the Linux kernel [${kernel_version}][kernel]
-See the kernel suggested [Guest Kernel patches][kernel-patches]
-See the kernel suggested [Guest Kernel config][kernel-config]
-
-## Installation
-
-Follow the Kata [installation instructions][installation].
-
-## Issues & limitations
-
-More information [Limitations][limitations]
-
-[kernel]: ${kernel_url}/linux-${kernel_version#v}.tar.xz
-[kernel-patches]: https://github.com/kata-containers/kata-containers/tree/${new_release}/tools/packaging/kernel/patches
-[kernel-config]: https://github.com/kata-containers/kata-containers/tree/${new_release}/tools/packaging/kernel/configs
-[ocispec]: https://github.com/opencontainers/runtime-spec/releases/tag/${oci_spec_version}
-[libseccomp]: ${libseccomp_url}
-[lgpl-2.1]: https://www.gnu.org/licenses/old-licenses/lgpl-2.1.html
-[custom-agent-doc]: https://github.com/kata-containers/kata-containers/blob/main/docs/Developer-Guide.md#build-a-custom-kata-agent---optional
-[limitations]: https://github.com/kata-containers/kata-containers/blob/${new_release}/docs/Limitations.md
-[installation]: https://github.com/kata-containers/kata-containers/blob/${new_release}/docs/install
-EOF
-}
-
-main() {
-	previous_release=${1:-}
-	new_release=${2:-}
-	if [ -z "${previous_release}" ]; then
-		echo "previous-release not provided"
-		usage 1
-	fi
-	if [ -z "${new_release}" ]; then
-		echo "new-release not provided"
-		usage 1
-	fi
-	get_release_info
-	print_release_notes
-}
-
-main "$@"

tools/packaging/release/release.sh

@@ -15,12 +15,13 @@ set -o errtrace
 this_script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 repo_root_dir="$(cd "$this_script_dir/../../../" && pwd)"
 
-IFS=' ' read -a IMAGE_TAGS <<< "${KATA_DEPLOY_IMAGE_TAGS:-}"
-IFS=' ' read -a REGISTRIES <<< "${KATA_DEPLOY_REGISTRIES:-}"
+KATA_DEPLOY_IMAGE_TAGS="${KATA_DEPLOY_IMAGE_TAGS:-}"
+IFS=' ' read -a IMAGE_TAGS <<< "${KATA_DEPLOY_IMAGE_TAGS}"
+KATA_DEPLOY_REGISTRIES="${KATA_DEPLOY_REGISTRIES:-}"
+IFS=' ' read -a REGISTRIES <<< "${KATA_DEPLOY_REGISTRIES}"
 GH_TOKEN="${GH_TOKEN:-}"
-ARCHITECTURE="${ARCHITECURE:-}"
+ARCHITECTURE="${ARCHITECTURE:-}"
 KATA_STATIC_TARBALL="${KATA_STATIC_TARBALL:-}"
-RELEASE_VERSION="${RELEASE_VERSION:-}"
 RELEASE_TYPE="${RELEASE_TYPE:-minor}"
 
 function _die()
@@ -34,6 +35,10 @@ function _check_required_env_var()
 	local env_var
 
 	case ${1} in
+		RELEASE_VERSION) env_var="${RELEASE_VERSION}" ;;
+		GH_TOKEN) env_var="${GH_TOKEN}" ;;
+		ARCHITECTURE) env_var="${ARCHITECTURE}" ;;
+		KATA_STATIC_TARBALL) env_var="${KATA_STATIC_TARBALL}" ;;
 		KATA_DEPLOY_IMAGE_TAGS) env_var="${KATA_DEPLOY_IMAGE_TAGS}" ;;
 		KATA_DEPLOY_REGISTRIES) env_var="${KATA_DEPLOY_REGISTRIES}" ;;
 		*) >&2 _die "Invalid environment variable \"${1}\"" ;;
@@ -41,6 +46,8 @@ function _check_required_env_var()
 
 	[ -z "${env_var}" ] && \
 		_die "\"${1}\" environment variable is required but was not set"
+
+	return 0
 }
 
 function _next_release_version()
@@ -76,7 +83,7 @@ function _next_release_version()
 	esac
 
 	next_release_number="${next_major}.${next_minor}.0"
-	echo "test-${next_release_number}"
+	echo "${next_release_number}"
 }
 
 function _update_version_file()
@@ -93,12 +100,91 @@ function _update_version_file()
 	git push
 }
 
+function _create_our_own_notes()
+{
+	GOPATH=${HOME}/go ./ci/install_yq.sh
+	export PATH=${HOME}/go/bin:${PATH}
+
+	source "${repo_root_dir}/tools/packaging/scripts/lib.sh"
+	libseccomp_version=$(get_from_kata_deps "externals.libseccomp.version")
+	libseccomp_url=$(get_from_kata_deps "externals.libseccomp.url")
+
+	cat >> /tmp/our_notes_${RELEASE_VERSION} <<EOF 
+## Survey
+
+Please take the Kata Containers survey:
+
+- https://openinfrafoundation.formstack.com/forms/kata_containers_user_survey
+
+This will help the Kata Containers community understand:
+
+- how you use Kata Containers
+- what features and improvements you would like to see in Kata Containers
+
+## Libseccomp Notices
+The \`kata-agent\` binaries inside the Kata Containers images provided with this release are
+statically linked with the following [GNU LGPL-2.1][lgpl-2.1] licensed libseccomp library.
+
+* [\`libseccomp\`][libseccomp]
+
+The \`kata-agent\` uses the libseccomp v${libseccomp_version} which is not modified from the upstream version.
+However, in order to comply with the LGPL-2.1 (§6(a)), we attach the complete source code for the library.
+
+If you want to use the \`kata-agent\` which is not statically linked with the library, you can build
+a custom \`kata-agent\` that does not use the library from sources.
+
+## Kata Containers builder images
+The majority of the components of the project were built using containers.  In order to do a step towards
+build reproducibility we publish those container images, and when those are used combined with the version
+of the projects listed as part of the "versions.yaml" file, users can get as close to the environment we
+used to build the release artefacts.
+* agent (on all its different flavours): $(get_agent_image_name)
+* Kernel (on all its different flavours): $(get_kernel_image_name)
+* OVMF (on all its different flavours): $(get_ovmf_image_name)
+* QEMU (on all its different flavurs): $(get_qemu_image_name)
+* shim-v2: $(get_shim_v2_image_name)
+* tools: $(get_tools_image_name)
+* virtiofsd: $(get_virtiofsd_image_name)
+
+The users who want to rebuild the tarballs using exactly the same images can simply use the following environment
+variables:
+* \`AGENT_CONTAINER_BUILDER\`
+* \`COCO_GUEST_COMPONENTS_CONTAINER_BUILDER\`
+* \`KERNEL_CONTAINER_BUILDER\`
+* \`OVMF_CONTAINER_BUILDER\`
+* \`PAUSE_IMAGE_CONTAINER_BUILDER\`
+* \`QEMU_CONTAINER_BUILDER\`
+* \`SHIM_V2_CONTAINER_BUILDER\`
+* \`TOOLS_CONTAINER_BUILDER\`
+* \`VIRTIOFSD_CONTAINER_BUILDER\`
+
+## Installation
+
+Follow the Kata [installation instructions][installation].
+
+## Issues & limitations
+
+More information [Limitations][limitations]
+
+[libseccomp]: ${libseccomp_url}
+[lgpl-2.1]: https://www.gnu.org/licenses/old-licenses/lgpl-2.1.html
+[limitations]: https://github.com/kata-containers/kata-containers/blob/${RELEASE_VERSION}/docs/Limitations.md
+[installation]: https://github.com/kata-containers/kata-containers/blob/${RELEASE_VERSION}/docs/install
+EOF
+
+	return 0
+}
+
 function _create_new_release()
 {
 	_check_required_env_var "RELEASE_VERSION"
 	_check_required_env_var "GH_TOKEN"
 
-	gh release create ${RELEASE_VERSION} --generate-notes --title "Kata Containers ${RELEASE_VERSION}"
+	_create_our_own_notes
+
+	gh release create ${RELEASE_VERSION} \
+		--generate-notes --title "Kata Containers ${RELEASE_VERSION}" \
+		--notes-file "/tmp/our_notes_${RELEASE_VERSION}"
 }
 
 function _publish_multiarch_manifest()
@@ -125,7 +211,7 @@ function _upload_kata_static_tarball()
 	_check_required_env_var "ARCHITECTURE"
 	_check_required_env_var "KATA_STATIC_TARBALL"
 
-	[ -z "${RELEASE_VERSION}" ] && RELEASE_VERSION=$(cat "${repo_root_dir}/VERSION")
+	RELEASE_VERSION="$(_next_release_version)"
 
 	new_tarball_name="kata-static-${RELEASE_VERSION}-${ARCHITECTURE}.tar.xz"
 	mv ${KATA_STATIC_TARBALL} "${new_tarball_name}"
@@ -135,7 +221,7 @@ function _upload_kata_static_tarball()
 
 function _upload_versions_yaml_file()
 {
-	[ -z "${RELEASE_VERSION}" ] && RELEASE_VERSION=$(cat "${repo_root_dir}/VERSION")
+	RELEASE_VERSION="$(_next_release_version)"
 
 	versions_file="kata-containers-${RELEASE_VERSION}-versions.yaml"
 	cp "${repo_root_dir}/versions.yaml" ${versions_file}
@@ -146,7 +232,7 @@ function _upload_vendored_code_tarball()
 {
 	_check_required_env_var "GH_TOKEN"
 
-	[ -z "${RELEASE_VERSION}" ] && RELEASE_VERSION=$(cat "${repo_root_dir}/VERSION")
+	RELEASE_VERSION="$(_next_release_version)"
 
 	vendored_code_tarball="kata-containers-${RELEASE_VERSION}-vendor.tar.gz"
 	bash -c "${repo_root_dir}/tools/packaging/release/generate_vendor.sh ${vendored_code_tarball}"
@@ -157,20 +243,20 @@ function _upload_libseccomp_tarball()
 {
 	_check_required_env_var "GH_TOKEN"
 
-	[ -z "${RELEASE_VERSION}" ] && RELEASE_VERSION=$(cat "${repo_root_dir}/VERSION")
+	RELEASE_VERSION="$(_next_release_version)"
 
-	INSTALL_IN_GO_PATH=false ${repo_root_dir}/ci/install_yq.sh
+	GOPATH=${HOME}/go ./ci/install_yq.sh
 
 	versions_yaml="versions.yaml"
-	version=$(/usr/local/bin/yq read ${versions_yaml} "externals.libseccomp.version")
-	repo_url=$(/usr/local/bin/yq read ${versions_yaml} "externals.libseccomp.url")
+	version=$(${HOME}/go/bin/yq read ${versions_yaml} "externals.libseccomp.version")
+	repo_url=$(${HOME}/go/bin/yq read ${versions_yaml} "externals.libseccomp.url")
 	download_url="${repo_url}releases/download/v${version}"
 	tarball="libseccomp-${version}.tar.gz"
 	asc="${tarball}.asc"
 	curl -sSLO "${download_url}/${tarball}"
 	curl -sSLO "${download_url}/${asc}"
 	gh release upload "${RELEASE_VERSION}" "${tarball}"
-	gh release upload "${RELEASE_VERSIOB}" "${asc}"
+	gh release upload "${RELEASE_VERSION}" "${asc}"
 }
 
 function main()