Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add release trigger #1501

Merged
merged 6 commits into from
Feb 8, 2023
Merged

Add release trigger #1501

merged 6 commits into from
Feb 8, 2023

Conversation

wagoodman
Copy link
Contributor

@wagoodman wagoodman commented Jan 20, 2023
edited
Loading

This PR proposes to make the following changes to the release process. Specifically, replace manually pushing a tag with make trigger-release, which will:

  • check if you're authenticated into github in order to trigger a release
  • speculate the next release version
  • generate a changelog to preview before release
  • kick off the release workflow (the release workflow would tag the release instead)

This removes the need for the developer kicking off the release to pick the release and offers an opportunity to see the effective changelog to double check the issue and PR labels.

The "break glass" approach (incase chronicle is wrong and manual intervention is needed) is to run the release workflow via workflow_dispatch and supply the intended version.

Screen Shot 2023-02-08 at 10 20 15 AM

TODO:

  • update chronicle to additionally include all remaining closed issues and merged PRs in the preview list to show what might not be labeled or associated correctly [update: chronicle v0.5.1 has this feature on by default]
  • add gh tooling to the bootstrap? (or similar) update: there isn't a way to install this nicely in .tmp without a lot of work (go install will not work either due to their usage of go mod replace lines). The trigger script now checks to see if gh is installed before continuing.
  • add gh auth check up front before release (can you kick off the workflow before attempting to do so)
  • incorporate Add ability to output version to a separate file chronicle#65 to not calculate the changelog/version twice

@wagoodman wagoodman requested a review from a team January 20, 2023 15:59
@github-actions
Copy link

github-actions bot commented Jan 20, 2023
edited
Loading

Benchmark Test Results

Benchmark results from the latest changes vs base branch 
goos: linux
goarch: amd64
pkg: github.com/anchore/syft/test/integration
cpu: Intel(R) Xeon(R) CPU E5-2673 v3 @ 2.40GHz
                                                          │ ./.tmp/benchmark-4dfd771.txt │
                                                          │            sec/op            │
ImagePackageCatalogers/alpmdb-cataloger-2                                   15.08m ± 26%
ImagePackageCatalogers/ruby-gemspec-cataloger-2                             1.730m ± 10%
ImagePackageCatalogers/python-package-cataloger-2                           4.240m ±  3%
ImagePackageCatalogers/php-composer-installed-cataloger-2                   1.417m ±  3%
ImagePackageCatalogers/javascript-package-cataloger-2                       1.032m ±  3%
ImagePackageCatalogers/dpkgdb-cataloger-2                                   1.182m ±  3%
ImagePackageCatalogers/rpm-db-cataloger-2                                   1.679m ±  5%
ImagePackageCatalogers/java-cataloger-2                                     18.78m ±  3%
ImagePackageCatalogers/graalvm-native-image-cataloger-2                     9.477µ ±  3%
ImagePackageCatalogers/apkdb-cataloger-2                                    1.191m ±  6%
ImagePackageCatalogers/go-module-binary-cataloger-2                         21.82µ ±  4%
ImagePackageCatalogers/dotnet-deps-cataloger-2                              1.865m ±  5%
ImagePackageCatalogers/portage-cataloger-2                                  997.6µ ±  2%
ImagePackageCatalogers/sbom-cataloger-2                                     5.770m ±  4%
ImagePackageCatalogers/binary-cataloger-2                                   8.535m ±  2%
geomean                                                                     1.387m

                                                          │ ./.tmp/benchmark-4dfd771.txt │
                                                          │             B/op             │
ImagePackageCatalogers/alpmdb-cataloger-2                                   5.035Mi ± 0%
ImagePackageCatalogers/ruby-gemspec-cataloger-2                             204.9Ki ± 0%
ImagePackageCatalogers/python-package-cataloger-2                           953.9Ki ± 0%
ImagePackageCatalogers/php-composer-installed-cataloger-2                   217.8Ki ± 0%
ImagePackageCatalogers/javascript-package-cataloger-2                       157.9Ki ± 0%
ImagePackageCatalogers/dpkgdb-cataloger-2                                   200.0Ki ± 0%
ImagePackageCatalogers/rpm-db-cataloger-2                                   300.2Ki ± 0%
ImagePackageCatalogers/java-cataloger-2                                     3.306Mi ± 0%
ImagePackageCatalogers/graalvm-native-image-cataloger-2                     1.375Ki ± 0%
ImagePackageCatalogers/apkdb-cataloger-2                                    181.8Ki ± 0%
ImagePackageCatalogers/go-module-binary-cataloger-2                         2.121Ki ± 0%
ImagePackageCatalogers/dotnet-deps-cataloger-2                              377.9Ki ± 0%
ImagePackageCatalogers/portage-cataloger-2                                  137.8Ki ± 0%
ImagePackageCatalogers/sbom-cataloger-2                                     725.0Ki ± 0%
ImagePackageCatalogers/binary-cataloger-2                                   1.092Mi ± 0%
geomean                                                                     222.1Ki

                                                          │ ./.tmp/benchmark-4dfd771.txt │
                                                          │          allocs/op           │
ImagePackageCatalogers/alpmdb-cataloger-2                                    85.84k ± 0%
ImagePackageCatalogers/ruby-gemspec-cataloger-2                              4.350k ± 0%
ImagePackageCatalogers/python-package-cataloger-2                            16.79k ± 0%
ImagePackageCatalogers/php-composer-installed-cataloger-2                    5.603k ± 0%
ImagePackageCatalogers/javascript-package-cataloger-2                        3.432k ± 0%
ImagePackageCatalogers/dpkgdb-cataloger-2                                    4.575k ± 0%
ImagePackageCatalogers/rpm-db-cataloger-2                                    8.318k ± 0%
ImagePackageCatalogers/java-cataloger-2                                      58.65k ± 0%
ImagePackageCatalogers/graalvm-native-image-cataloger-2                       32.00 ± 0%
ImagePackageCatalogers/apkdb-cataloger-2                                     5.330k ± 0%
ImagePackageCatalogers/go-module-binary-cataloger-2                           70.00 ± 0%
ImagePackageCatalogers/dotnet-deps-cataloger-2                               7.206k ± 0%
ImagePackageCatalogers/portage-cataloger-2                                   3.683k ± 0%
ImagePackageCatalogers/sbom-cataloger-2                                      25.34k ± 0%
ImagePackageCatalogers/binary-cataloger-2                                    39.10k ± 0%
geomean                                                                      5.351k

@wagoodman
add release trigger
fd7d4da 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
@wagoodman
deduplicate version and changelog calls + add gh checks
a8ad4d1 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
@wagoodman wagoodman force-pushed the add-release-trigger branch from 3d6b111 to a8ad4d1 Compare February 8, 2023 15:13
@wagoodman wagoodman marked this pull request as ready for review February 8, 2023 15:14
@wagoodman
add more chronicle verbosity, but not when triggering releases
90ccce8 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
kzantow
kzantow approved these changes Feb 8, 2023
View reviewed changes
Copy link
Contributor

@kzantow kzantow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A couple nit comments, but LGTM otherwise 👍

.github/workflows/release.yaml Show resolved Hide resolved
Makefile Show resolved Hide resolved
@wagoodman
bump chronicle version to get --version-file feature
8d16f26 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
@wagoodman
update bootstrap tool workflow to include glow
477d162 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
@wagoodman
add version prefix check on tags in release quality gate
b7619dd 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
@wagoodman wagoodman merged commit 8847ba5 into main Feb 8, 2023
@wagoodman wagoodman deleted the add-release-trigger branch February 8, 2023 16:38
@wagoodman wagoodman mentioned this pull request Feb 9, 2023
Merged
This was referenced Feb 9, 2023
Closed
Closed
Closed
Closed
Closed
GijsCalis pushed a commit to GijsCalis/syft that referenced this pull request Feb 19, 2024
@wagoodman
Add release trigger (anchore#1501)
96792dc 
* add release trigger

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* deduplicate version and changelog calls + add gh checks

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* add more chronicle verbosity, but not when triggering releases

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* bump chronicle version to get --version-file feature

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* update bootstrap tool workflow to include glow

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* add version prefix check on tags in release quality gate

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

---------

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kzantow kzantow kzantow approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@wagoodman @kzantow