From 3388ac5101bbdac964cdffac75ea03f7c9b2d1f2 Mon Sep 17 00:00:00 2001 From: Nick Boldt Date: Mon, 18 Sep 2023 11:07:46 -0300 Subject: [PATCH 1/2] chore: fix multiarch support to be consistent with the way che-dashbord does it Change-Id: I99b2b296a5242855ffe7d39df1c622c846e36330 Signed-off-by: Nick Boldt --- .github/workflows/next-build-multiarch.yml | 98 ++++++++++++++++ .github/workflows/next-build.yaml | 48 -------- .github/workflows/release.yml | 119 ++++++++++++++----- build/dockerfiles/Dockerfile | 23 +--- make-release.sh | 129 +++++++++++---------- 5 files changed, 260 insertions(+), 157 deletions(-) create mode 100644 .github/workflows/next-build-multiarch.yml delete mode 100644 .github/workflows/next-build.yaml diff --git a/.github/workflows/next-build-multiarch.yml b/.github/workflows/next-build-multiarch.yml new file mode 100644 index 0000000..8b0c9e6 --- /dev/null +++ b/.github/workflows/next-build-multiarch.yml @@ -0,0 +1,98 @@ +# +# Copyright (c) 2023 Red Hat, Inc. +# This program and the accompanying materials are made +# available under the terms of the Eclipse Public License 2.0 +# which is available at https://www.eclipse.org/legal/epl-2.0/ +# +# SPDX-License-Identifier: EPL-2.0 +# +# Contributors: +# Red Hat, Inc. - initial API and implementation +# + +name: Che Configbump Next Build + +on: + workflow_dispatch: + inputs: {} + push: + branches: + - main + +env: + IMAGE: quay.io/che-incubator/configbump + +jobs: + + build-images: + runs-on: ubuntu-22.04 + strategy: + fail-fast: false + matrix: + arch: [amd64,arm64] + outputs: + amd64: ${{ steps.result.outputs.amd64 }} + arm64: ${{ steps.result.outputs.arm64 }} + steps: + - + name: "Checkout Che Configbump source code" + uses: actions/checkout@v3 + - + name: "Set up QEMU" + uses: docker/setup-qemu-action@v2 + - + name: "Set up Docker Buildx ${{ matrix.arch }}" + uses: docker/setup-buildx-action@v2 + - + name: "Login to quay.io" + uses: docker/login-action@v2 + with: + registry: quay.io + username: ${{ secrets.QUAY_USERNAME }} + password: ${{ secrets.QUAY_PASSWORD }} + - + name: "Build and push ${{ matrix.arch }}" + uses: docker/build-push-action@v3 + with: + context: . + file: ./build/dockerfiles/Dockerfile + platforms: linux/${{ matrix.arch }} + push: true + provenance: false + tags: ${{ env.IMAGE }}:${{ matrix.arch }}-next + - + id: result + name: "Build result outputs version" + if: ${{ success() }} + run: echo "${{ matrix.arch }}=${{ matrix.arch }}-next" >> $GITHUB_OUTPUT + + create-manifest: + if: always() + needs: build-images + runs-on: ubuntu-22.04 + steps: + - + name: "Docker quay.io Login" + uses: docker/login-action@v2 + with: + registry: quay.io + username: ${{ secrets.QUAY_USERNAME }} + password: ${{ secrets.QUAY_PASSWORD }} + - + name: "Create and push manifest" + run: | + AMEND="" + AMD64_VERSION="${{ needs['build-images'].outputs.amd64 }}" + if [ -n "$AMD64_VERSION" ]; then + AMEND+=" --amend ${{ env.IMAGE }}:$AMD64_VERSION"; + fi + ARM64_VERSION="${{ needs['build-images'].outputs.arm64 }}" + if [ -n "$ARM64_VERSION" ]; then + AMEND+=" --amend ${{ env.IMAGE }}:$ARM64_VERSION"; + fi + if [ -z "$AMEND" ]; then + echo "[!] The job 'build-images' didn't provide any outputs. Can't create the manifest list." + exit 1; + fi + docker manifest create ${{ env.IMAGE }}:next $AMEND + docker manifest push ${{ env.IMAGE }}:next diff --git a/.github/workflows/next-build.yaml b/.github/workflows/next-build.yaml deleted file mode 100644 index cdc0b90..0000000 --- a/.github/workflows/next-build.yaml +++ /dev/null @@ -1,48 +0,0 @@ -# -# Copyright (c) 2023 Red Hat, Inc. -# This program and the accompanying materials are made -# available under the terms of the Eclipse Public License 2.0 -# which is available at https://www.eclipse.org/legal/epl-2.0/ -# -# SPDX-License-Identifier: EPL-2.0 -# -# Contributors: -# Red Hat, Inc. - initial API and implementation -# - -name: Configbump Next Build - -on: - workflow_dispatch: - inputs: - push: - branches: [ main ] -jobs: - build-push: - runs-on: ubuntu-22.04 - steps: - - name: Checkout configmump source code - uses: actions/checkout@v3 - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - name: Login to quay.io - uses: docker/login-action@v2 - with: - username: ${{ secrets.QUAY_USERNAME }} - password: ${{ secrets.QUAY_PASSWORD }} - registry: quay.io - - id: vars - shell: bash - run: | - echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT - - name: Build and push both short SHA tag and next tag - uses: docker/build-push-action@v3 - with: - file: build/dockerfiles/Dockerfile - platforms: linux/amd64,linux/arm64 - push: true - tags: | - quay.io/che-incubator/configbump:next - quay.io/che-incubator/configbump:${{ steps.vars.outputs.sha_short }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 772d8a6..f7c5bb9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -11,31 +11,109 @@ # name: Release Che Configbump - on: workflow_dispatch: - # Inputs the workflow accepts. inputs: version: description: 'The version that is going to be released. Should be in format 7.y.z' required: true - noCommit: - description: 'If true, will not commit the version bump changes' - default: '' + default: '7.y.z' forceRecreateTags: description: If true, tags will be recreated. Use with caution required: false default: 'false' + +env: + IMAGE: quay.io/che-incubator/configbump + jobs: - build: - name: Create Release + + build-images: runs-on: ubuntu-22.04 + strategy: + fail-fast: false + matrix: + arch: [amd64,arm64] + outputs: + amd64: ${{ steps.result.outputs.amd64 }} + arm64: ${{ steps.result.outputs.arm64 }} steps: - - name: Checkout code + - + name: "Checkout Che Dashboard source code" uses: actions/checkout@v3 + - + name: "Set up QEMU" + uses: docker/setup-qemu-action@v2 + - + name: "Set up Docker Buildx ${{ matrix.arch }}" + uses: docker/setup-buildx-action@v2 + - + name: "Docker quay.io Login" + uses: docker/login-action@v2 with: - fetch-depth: 0 - - name: Check existing tags + registry: quay.io + username: ${{ secrets.QUAY_USERNAME }} + password: ${{ secrets.QUAY_PASSWORD }} + - + name: "Build and push ${{ matrix.arch }}" + uses: docker/build-push-action@v3 + with: + context: . + file: ./build/dockerfiles/Dockerfile + platforms: linux/${{ matrix.arch }} + push: true + provenance: false + tags: ${{ env.IMAGE }}:${{ github.event.inputs.version }}-${{ matrix.arch }} + - + id: result + name: "Build result outputs version" + if: ${{ success() }} + run: echo "${{ matrix.arch }}=${{ github.event.inputs.version }}-${{ matrix.arch }}" >> $GITHUB_OUTPUT + + create-manifest: + needs: build-images + runs-on: ubuntu-22.04 + steps: + - + name: "Docker quay.io Login" + uses: docker/login-action@v2 + with: + registry: quay.io + username: ${{ secrets.QUAY_USERNAME }} + password: ${{ secrets.QUAY_PASSWORD }} + - + name: "Create and push manifest" + run: | + AMD64_VERSION="${{ needs['build-images'].outputs.amd64 }}" + ARM64_VERSION="${{ needs['build-images'].outputs.arm64 }}" + + if [[ -z "$AMD64_VERSION" || \ + -z "$ARM64_VERSION" ]]; then + echo "[!] The job 'build-images' fails on some of the architectures. Can't create complete manifest."; + exit 1; + fi + + AMEND="" + AMEND+=" --amend ${{ env.IMAGE }}:$AMD64_VERSION"; + AMEND+=" --amend ${{ env.IMAGE }}:$ARM64_VERSION"; + + docker manifest create ${{ env.IMAGE }}:${{ github.event.inputs.version }} $AMEND + docker manifest push ${{ env.IMAGE }}:${{ github.event.inputs.version }} + - + id: result + name: "Manifest result" + if: ${{ success() }} + run: echo "Manifest was created and pushed successfully" + + tag-release: + needs: create-manifest + runs-on: ubuntu-22.04 + steps: + - + name: "Checkout source code" + uses: actions/checkout@v3 + - + name: Check existing tags run: | set +e RECREATE_TAGS=${{ github.event.inputs.forceRecreateTags }} @@ -52,29 +130,14 @@ jobs: else echo "[INFO] No existing tags detected for $VERSION" fi - - name: Login to quay.io - uses: docker/login-action@v2 - with: - username: ${{ secrets.QUAY_USERNAME }} - password: ${{ secrets.QUAY_PASSWORD }} - registry: quay.io - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - name: Create Release + - + name: "Tag release" run: | git config --global user.name "Mykhailo Kuznietsov" git config --global user.email "mkuznets@redhat.com" git config --global pull.rebase true export GITHUB_TOKEN=${{ secrets.CHE_INCUBATOR_BOT_GITHUB_TOKEN }} - NO_COMMIT=${{ github.event.inputs.noCommit}} - if [[ $NO_COMMIT == "true" ]]; then - NO_COMMIT="--no-commit" - else - NO_COMMIT= - fi - /bin/bash make-release.sh --version ${{ github.event.inputs.version }} --trigger-release $NO_COMMIT + /bin/bash make-release.sh --version ${{ github.event.inputs.version }} --tag-release # - name: Create failure MM message # if: ${{ failure() }} # run: | diff --git a/build/dockerfiles/Dockerfile b/build/dockerfiles/Dockerfile index 627d003..6d40827 100644 --- a/build/dockerfiles/Dockerfile +++ b/build/dockerfiles/Dockerfile @@ -11,25 +11,12 @@ # # Note: if we used a UBI image we could keep this current with # https://github.com/eclipse-che/che-release/blob/main/.github/workflows/update-base-images.yml -FROM --platform=${BUILDPLATFORM:-linux/amd64} docker.io/golang:1.18-alpine as builder +FROM docker.io/golang:1.18-alpine as builder ARG BUILD_DATE ARG VCS_REF ARG VERSION -ARG TARGETPLATFORM -ARG BUILDPLATFORM -RUN printf "I am running on ${BUILDPLATFORM:-linux/amd64}, building for ${TARGETPLATFORM:-linux/amd64}\n$(uname -a)\n" \ - && $(case ${TARGETPLATFORM:-linux/amd64} in \ - "linux/amd64") echo "GOOS=linux GOARCH=amd64" > /tmp/.env ;; \ - "linux/arm64") echo "GOOS=linux GOARCH=arm64" > /tmp/.env ;; \ - "linux/ppc64le") echo "GOOS=linux GOARCH=ppc64le" > /tmp/.env ;; \ - "linux/s390x") echo "GOOS=linux GOARCH=s390x" > /tmp/.env ;; \ - *) echo "TARGETPLATFORM ${TARGETPLATFORM} not found..." && exit 1 ;; \ - esac) \ - && cat /tmp/.env -RUN env $(cat /tmp/.env | xargs) go env - RUN apk --update --no-cache add \ build-base \ gcc \ @@ -44,13 +31,13 @@ ENV GOPROXY https://goproxy.io ENV CGO_ENABLED=1 COPY go.mod . COPY go.sum . -RUN env $(cat /tmp/.env | xargs) go mod download +RUN go mod download COPY . ./ ARG VERSION=dev -RUN env $(cat /tmp/.env | xargs) go build -a -ldflags '-w -s' -a -installsuffix cgo -o configbump cmd/configbump/main.go +RUN GOOS=linux go build -a -ldflags '-w -s' -a -installsuffix cgo -o configbump cmd/configbump/main.go -FROM --platform=${TARGETPLATFORM:-linux/amd64} docker.io/alpine:3.12 +FROM docker.io/alpine:3.12 ARG BUILD_DATE ARG VCS_REF @@ -73,7 +60,7 @@ RUN apk --update --no-cache add \ ca-certificates \ libressl \ tzdata \ - && rm -rf /tmp/* /var/cache/apk/* + && rm -rf /tmp/* /var/cache/apk/* USER appuser COPY --from=builder /etc/passwd /etc/passwd diff --git a/make-release.sh b/make-release.sh index c528d77..dc19603 100755 --- a/make-release.sh +++ b/make-release.sh @@ -15,28 +15,67 @@ # Used to create branch/tag, update VERSION files # and and trigger release by force pushing changes to the release branch -# set to 1 to actually trigger changes in the release branch -TRIGGER_RELEASE=0 +# set to 1 to actually tag the changes to the release branch +TAG_RELEASE=0 NOCOMMIT=0 -REGISTRY="quay.io" -DOCKERFILE="build/dockerfiles/Dockerfile" -ORGANIZATION="che-incubator" -IMAGE="configbump" - while [[ "$#" -gt 0 ]]; do case $1 in - '-t'|'--trigger-release') TRIGGER_RELEASE=1; shift 0;; + '-t'|'--tag-release') TAG_RELEASE=1; NOCOMMIT=0; shift 0;; '-v'|'--version') VERSION="$2"; shift 1;; - '-n'|'--no-commit') NOCOMMIT=1; shift 0;; + '-n'|'--no-commit') NOCOMMIT=1; TAG_RELEASE=0; shift 0;; esac shift 1 done +sed_in_place() { + SHORT_UNAME=$(uname -s) + if [ "$(uname)" == "Darwin" ]; then + sed -i '' "$@" + elif [ "${SHORT_UNAME:0:5}" == "Linux" ]; then + sed -i "$@" + fi +} + + +bump_version () { + CURRENT_BRANCH=$(git rev-parse --abbrev-ref HEAD) + + NEXT_VERSION=$1 + BUMP_BRANCH=$2 + + git checkout "${BUMP_BRANCH}" + + echo "Updating project version to ${NEXT_VERSION}" + update_pkgs_versions $NEXT_VERSION + + if [[ ${NOCOMMIT} -eq 0 ]]; then + COMMIT_MSG="chore: Bump to ${NEXT_VERSION} in ${BUMP_BRANCH}" + git commit -asm "${COMMIT_MSG}" + git pull origin "${BUMP_BRANCH}" + + set +e + PUSH_TRY="$(git push origin "${BUMP_BRANCH}")" + # shellcheck disable=SC2181 + if [[ $? -gt 0 ]] || [[ $PUSH_TRY == *"protected branch hook declined"* ]]; then + # create pull request for main branch, as branch is restricted + PR_BRANCH=pr-${BUMP_BRANCH}-to-${NEXT_VERSION} + git branch "${PR_BRANCH}" + git checkout "${PR_BRANCH}" + git pull origin "${PR_BRANCH}" + git push origin "${PR_BRANCH}" + lastCommitComment="$(git log -1 --pretty=%B)" + hub pull-request -f -m "${lastCommitComment}" -b "${BUMP_BRANCH}" -h "${PR_BRANCH}" + fi + set -e + fi + git checkout "${CURRENT_BRANCH}" +} + usage () { - echo "Usage: $0 --version [VERSION TO RELEASE] [--trigger-release]" - echo "Example: $0 --version 7.75.0 --trigger-release"; echo + echo "Usage: $0 --version [VERSION TO RELEASE] [--tag-release]" + echo "Example: $0 --version 7.75.0 --tag-release"; echo } if [[ ! ${VERSION} ]]; then @@ -44,16 +83,6 @@ if [[ ! ${VERSION} ]]; then exit 1 fi -releaseMachineExec() { - # docker buildx includes automated push to registry, so build using tag we want published, not just local ${IMAGE} - docker buildx build \ - --tag "${REGISTRY}/${ORGANIZATION}/${IMAGE}:${VERSION}" \ - --push \ - --provenance=false \ - -f ./${DOCKERFILE} . --platform "linux/amd64,linux/arm64" | cat - echo "Pushed ${REGISTRY}/${ORGANIZATION}/${IMAGE}:${VERSION}" -} - # derive branch from version BRANCH=${VERSION%.*}.x @@ -64,16 +93,18 @@ else BASEBRANCH="${BRANCH}" fi +# get sources from ${BASEBRANCH} branch +git fetch origin "${BASEBRANCH}":"${BASEBRANCH}" +git checkout "${BASEBRANCH}" + # create new branch off ${BASEBRANCH} (or check out latest commits if branch already exists), then push to origin if [[ "${BASEBRANCH}" != "${BRANCH}" ]]; then git branch "${BRANCH}" || git checkout "${BRANCH}" && git pull origin "${BRANCH}" git push origin "${BRANCH}" - git fetch origin "${BRANCH}:${BRANCH}" || true + git fetch origin "${BRANCH}:${BRANCH}" git checkout "${BRANCH}" -else - git fetch origin "${BRANCH}:${BRANCH}" || true - git checkout ${BRANCH} fi + set -e # change VERSION file @@ -82,57 +113,29 @@ echo "${VERSION}" > VERSION # commit change into branch if [[ ${NOCOMMIT} -eq 0 ]]; then COMMIT_MSG="chore: release: bump to ${VERSION} in ${BRANCH}" - git commit -s -m "${COMMIT_MSG}" VERSION + git commit -asm "${COMMIT_MSG}" VERSION git pull origin "${BRANCH}" git push origin "${BRANCH}" fi -if [[ $TRIGGER_RELEASE -eq 1 ]]; then - # push new branch to release branch to trigger CI build - releaseConfigbump - +if [[ $TAG_RELEASE -eq 1 ]]; then # tag the release git checkout "${BRANCH}" git tag "${VERSION}" git push origin "${VERSION}" fi -# now update ${BASEBRANCH} to the new snapshot version -git fetch origin "${BASEBRANCH}":"${BASEBRANCH}" || true +# now update ${BASEBRANCH} to the new version git checkout "${BASEBRANCH}" # change VERSION file + commit change into ${BASEBRANCH} branch if [[ "${BASEBRANCH}" != "${BRANCH}" ]]; then - # bump the y digit + # bump the y digit, if it is a major release [[ $BRANCH =~ ^([0-9]+)\.([0-9]+)\.x ]] && BASE=${BASH_REMATCH[1]}; NEXT=${BASH_REMATCH[2]}; (( NEXT=NEXT+1 )) # for BRANCH=7.10.x, get BASE=7, NEXT=11 - NEXTVERSION="${BASE}.${NEXT}.0-SNAPSHOT" -else - # bump the z digit - [[ $VERSION =~ ^([0-9]+)\.([0-9]+)\.([0-9]+) ]] && BASE="${BASH_REMATCH[1]}.${BASH_REMATCH[2]}"; NEXT="${BASH_REMATCH[3]}"; (( NEXT=NEXT+1 )) # for VERSION=7.7.1, get BASE=7.7, NEXT=2 - NEXTVERSION="${BASE}.${NEXT}-SNAPSHOT" -fi - -# change VERSION file -echo "${NEXTVERSION}" > VERSION -if [[ ${NOCOMMIT} -eq 0 ]]; then - BRANCH=${BASEBRANCH} - # commit change into branch - COMMIT_MSG="chore: release: bump to ${NEXTVERSION} in ${BRANCH}" - git commit -s -m "${COMMIT_MSG}" VERSION - git pull origin "${BRANCH}" - - PUSH_TRY="$(git push origin "${BRANCH}")" - # shellcheck disable=SC2181 - if [[ $? -gt 0 ]] || [[ $PUSH_TRY == *"protected branch hook declined"* ]]; then - PR_BRANCH=pr-main-to-${NEXTVERSION} - # create pull request for main branch, as branch is restricted - git branch "${PR_BRANCH}" - git checkout "${PR_BRANCH}" - git pull origin "${PR_BRANCH}" - git push origin "${PR_BRANCH}" - lastCommitComment="$(git log -1 --pretty=%B)" - hub pull-request -f -m "${lastCommitComment} - -${lastCommitComment}" -b "${BRANCH}" -h "${PR_BRANCH}" - fi + NEXT_VERSION_Y="${BASE}.${NEXT}.0-next" + bump_version "${NEXT_VERSION_Y}" "${BASEBRANCH}" fi +# bump the z digit +[[ $VERSION =~ ^([0-9]+)\.([0-9]+)\.([0-9]+) ]] && BASE="${BASH_REMATCH[1]}.${BASH_REMATCH[2]}"; NEXT="${BASH_REMATCH[3]}"; (( NEXT=NEXT+1 )) # for VERSION=7.7.1, get BASE=7.7, NEXT=2 +NEXT_VERSION_Z="${BASE}.${NEXT}-next" +bump_version "${NEXT_VERSION_Z}" "${BRANCH}" From cec8b2853fe91c5e5e9e137d0b986dc9da75a206 Mon Sep 17 00:00:00 2001 From: Nick Boldt Date: Mon, 18 Sep 2023 11:10:40 -0300 Subject: [PATCH 2/2] remove unused method Change-Id: I563eef297041c6727da2c3ba59c3fbd11070cb02 Signed-off-by: Nick Boldt --- make-release.sh | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/make-release.sh b/make-release.sh index dc19603..b544fa2 100755 --- a/make-release.sh +++ b/make-release.sh @@ -28,16 +28,6 @@ while [[ "$#" -gt 0 ]]; do shift 1 done -sed_in_place() { - SHORT_UNAME=$(uname -s) - if [ "$(uname)" == "Darwin" ]; then - sed -i '' "$@" - elif [ "${SHORT_UNAME:0:5}" == "Linux" ]; then - sed -i "$@" - fi -} - - bump_version () { CURRENT_BRANCH=$(git rev-parse --abbrev-ref HEAD)