From 2268dd49ac875bdc5513ca17adb0ff5aec8d9934 Mon Sep 17 00:00:00 2001 From: Jeff Nelson Date: Thu, 2 Feb 2023 22:13:29 +0000 Subject: [PATCH] simplify release workflow --- .github/workflows/release.yaml | 11 +- Makefile | 5 - charts/aws-vpc-cni/templates/clusterrole.yaml | 2 +- scripts/generate-cni-yaml.sh | 41 +----- scripts/sync-to-config-folder.sh | 58 ++------ scripts/sync-to-eks-charts.sh | 5 +- scripts/upload-resources-to-github.sh | 129 ------------------ 7 files changed, 25 insertions(+), 226 deletions(-) delete mode 100755 scripts/upload-resources-to-github.sh diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 4d01c48719..7f3cd73b35 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -1,6 +1,8 @@ name: VPC CNI Release -on: [push, workflow_dispatch] +on: + release: + types: [published] permissions: contents: read @@ -11,17 +13,18 @@ env: jobs: release: - if: github.event_name == 'push' && contains(github.ref, 'refs/tags/') runs-on: ubuntu-latest steps: - name: Checkout latest commit in the PR uses: actions/checkout@v3 + with: + ref: "refs/tags/{{ github.event.release.tag_name }}" - name: Set up Go uses: actions/setup-go@v3 with: go-version: "1.19" - - name: Attach release artifacts - run: make release + - name: Generate CNI YAML + run: make generate-cni-yaml - name: Create eks-charts PR run: make ekscharts-sync-release - name: Create sample manifests PR diff --git a/Makefile b/Makefile index 17201dac98..ca955337ba 100644 --- a/Makefile +++ b/Makefile @@ -351,14 +351,9 @@ ekscharts-sync-release: ${MAKEFILE_PATH}/scripts/sync-to-eks-charts.sh -b $$HELM_CHART_NAME -r ${REPO_FULL_NAME} -n -y ; \ done -upload-resources-to-github: - ${MAKEFILE_PATH}/scripts/upload-resources-to-github.sh - generate-cni-yaml: ${MAKEFILE_PATH}/scripts/generate-cni-yaml.sh -release: generate-cni-yaml upload-resources-to-github - config-folder-sync: ${MAKEFILE_PATH}/scripts/sync-to-config-folder.sh diff --git a/charts/aws-vpc-cni/templates/clusterrole.yaml b/charts/aws-vpc-cni/templates/clusterrole.yaml index 7776f39ac5..24b91556fb 100644 --- a/charts/aws-vpc-cni/templates/clusterrole.yaml +++ b/charts/aws-vpc-cni/templates/clusterrole.yaml @@ -28,7 +28,7 @@ rules: - apiGroups: [""] resources: - nodes - verbs: ["list", "watch", "get"] + verbs: ["list", "watch", "get", "update"] - apiGroups: ["", "events.k8s.io"] resources: - events diff --git a/scripts/generate-cni-yaml.sh b/scripts/generate-cni-yaml.sh index 5ee261a01c..dac23b8803 100755 --- a/scripts/generate-cni-yaml.sh +++ b/scripts/generate-cni-yaml.sh @@ -4,7 +4,7 @@ set -euo pipefail SCRIPTPATH="$( cd "$(dirname "$0")" ; pwd -P )" PLATFORM=$(uname | tr '[:upper:]' '[:lower:]') -HELM_VERSION="3.6.3" +HELM_VERSION="3.11.0" NAMESPACE="kube-system" MAKEFILEPATH=$SCRIPTPATH/../Makefile @@ -12,14 +12,10 @@ VERSION=$(make -s -f $MAKEFILEPATH version) BUILD_DIR=$SCRIPTPATH/../build/cni-rel-yamls/$VERSION REGIONS_FILE=$SCRIPTPATH/../charts/regions.json -INDV_RESOURCES_DIR=$BUILD_DIR/individual-resources -CNI_TAR_RESOURCES_FILE=$BUILD_DIR/cni_individual-resources.tar -METRICS_TAR_RESOURCES_FILE=$BUILD_DIR/cni_metrics_individual-resources.tar CNI_RESOURCES_YAML=$BUILD_DIR/aws-k8s-cni METRICS_RESOURCES_YAML=$BUILD_DIR/cni-metrics-helper -mkdir -p $INDV_RESOURCES_DIR - +mkdir -p $BUILD_DIR USAGE=$(cat << 'EOM' Usage: generate-cni-yaml [-n ] @@ -80,8 +76,8 @@ jq -c '.[]' $REGIONS_FILE | while read i; do --set image.domain=$ecrDomain \ --namespace $NAMESPACE \ $SCRIPTPATH/../charts/aws-vpc-cni > $NEW_CNI_RESOURCES_YAML - cat $NEW_CNI_RESOURCES_YAML | grep -v 'helm.sh\|app.kubernetes.io/managed-by: Helm' > $BUILD_DIR/helm_annotations_removed.yaml - mv $BUILD_DIR/helm_annotations_removed.yaml $NEW_CNI_RESOURCES_YAML + # Remove 'managed-by: Helm' annotation + sed -i '/helm.sh\|app.kubernetes.io\/managed-by: Helm/d' $NEW_CNI_RESOURCES_YAML $BUILD_DIR/helm template cni-metrics-helper \ --set image.region=$ecrRegion,\ @@ -90,37 +86,12 @@ jq -c '.[]' $REGIONS_FILE | while read i; do --set image.tag=$VERSION,\ --namespace $NAMESPACE \ $SCRIPTPATH/../charts/cni-metrics-helper > $NEW_METRICS_RESOURCES_YAML - cat $NEW_METRICS_RESOURCES_YAML | grep -v 'helm.sh\|app.kubernetes.io/managed-by: Helm' > $BUILD_DIR/helm_annotations_removed.yaml - mv $BUILD_DIR/helm_annotations_removed.yaml $NEW_METRICS_RESOURCES_YAML -done - -$BUILD_DIR/helm template --include-crds \ - --namespace $NAMESPACE \ - --output-dir $INDV_RESOURCES_DIR/ \ - $SCRIPTPATH/../charts/aws-vpc-cni/ - -for i in $INDV_RESOURCES_DIR/aws-vpc-cni/templates/*; do - cat $i | grep -v 'helm.sh\|app.kubernetes.io/managed-by: Helm' > $BUILD_DIR/helm_annotations_removed.yaml - mv $BUILD_DIR/helm_annotations_removed.yaml $i + # Remove 'managed-by: Helm' annotation + sed -i '/helm.sh\|app.kubernetes.io\/managed-by: Helm/d' $NEW_METRICS_RESOURCES_YAML done -$BUILD_DIR/helm template \ - --namespace $NAMESPACE \ - --output-dir $INDV_RESOURCES_DIR/ \ - $SCRIPTPATH/../charts/cni-metrics-helper/ - -for i in $INDV_RESOURCES_DIR/cni-metrics-helper/templates/*; do - cat $i | grep -v 'helm.sh\|app.kubernetes.io/managed-by: Helm' > $BUILD_DIR/helm_annotations_removed.yaml - mv $BUILD_DIR/helm_annotations_removed.yaml $i -done - - -cd $INDV_RESOURCES_DIR/aws-vpc-cni/ && tar cvf $CNI_TAR_RESOURCES_FILE templates/* -cd $INDV_RESOURCES_DIR/cni-metrics-helper/ && tar cvf $METRICS_TAR_RESOURCES_FILE templates/* cd $SCRIPTPATH echo "Generated aws-vpc-cni and cni-metrics-helper manifest resources files in:" echo " - $CNI_RESOURCES_YAML" echo " - $METRICS_RESOURCES_YAML" -echo " - $CNI_TAR_RESOURCES_FILE" -echo " - $METRICS_TAR_RESOURCES_FILE" diff --git a/scripts/sync-to-config-folder.sh b/scripts/sync-to-config-folder.sh index 06368c0568..970dc7203d 100755 --- a/scripts/sync-to-config-folder.sh +++ b/scripts/sync-to-config-folder.sh @@ -2,7 +2,6 @@ set -euo pipefail set +x - SCRIPTPATH="$( cd "$(dirname "$0")" ; pwd -P )" BUILD_DIR="${SCRIPTPATH}/../build" @@ -13,11 +12,11 @@ PR_ID=$(uuidgen | cut -d '-' -f1) SYNC_DIR="${BUILD_DIR}/config-sync" -BINARY_BASE="" +BINARY_BASE="aws-vpc-cni" INCLUDE_NOTES=0 MANUAL_VERIFY=1 -GH_CLI_VERSION="0.10.1" +GH_CLI_VERSION="2.22.1" GH_CLI_CONFIG_PATH="${HOME}/.config/gh/config.yml" KERNEL=$(uname -s | tr '[:upper:]' '[:lower:]') OS="${KERNEL}" @@ -25,11 +24,9 @@ if [[ "${KERNEL}" == "darwin" ]]; then OS="macOS" fi -VERSION=$(make -s -f "${SCRIPTPATH}/../Makefile" version) - USAGE=$(cat << EOM Usage: sync-to-config-folder -r - Updates config folder in master and release branch + Updates config folder in master branch Example: sync-to-config-folder -r "${REPO}" Optional: -r Github repo to sync to in the form of "org/name" (i.e. -r "${REPO}") @@ -63,6 +60,7 @@ fi echo $REPO +# Install GitHub CLI if [[ -z $(command -v gh) ]] || [[ ! $(gh --version) =~ $GH_CLI_VERSION ]]; then mkdir -p "${BUILD_DIR}"/gh curl -Lo "${BUILD_DIR}"/gh/gh.tar.gz "https://github.com/cli/cli/releases/download/v${GH_CLI_VERSION}/gh_${GH_CLI_VERSION}_${OS}_amd64.tar.gz" @@ -78,6 +76,7 @@ function restore_gh_config() { mv -f "${GH_CLI_CONFIG_PATH}.bkup" "${GH_CLI_CONFIG_PATH}" || : } +# Set auth tokens for GitHub CLI if [[ -n $(env | grep GITHUB_TOKEN) ]] && [[ -n "${GITHUB_TOKEN}" ]]; then trap restore_gh_config EXIT INT TERM ERR mkdir -p "${HOME}/.config/gh" @@ -105,6 +104,7 @@ rm -rf "${SYNC_DIR}" mkdir -p "${SYNC_DIR}" cd "${SYNC_DIR}" +# Clone upstream repo and setup git parameters gh repo clone aws/amazon-vpc-cni-k8s DEFAULT_BRANCH=$(git rev-parse --abbrev-ref HEAD | tr -d '\n') @@ -116,6 +116,7 @@ git remote set-url origin https://"${GITHUB_USERNAME}":"${GITHUB_TOKEN}"@github. git config user.name "eks-networking-bot" git config user.email "eks-networking-bot@users.noreply.github.com" +# Fork master branch and create sync PR FORK_RELEASE_BRANCH="${BINARY_BASE}-${VERSION}-${PR_ID}" git checkout -b "${FORK_RELEASE_BRANCH}" origin/master @@ -136,48 +137,7 @@ EOM ) git push -u origin "${FORK_RELEASE_BRANCH}" -gh pr create --title "🥳 ${BINARY_BASE} ${VERSION} Automated manifest sync! 🥑" \ +gh pr create --title "${BINARY_BASE} ${VERSION} Automated manifest sync! 🥑" \ --body "${PR_BODY}" --repo ${REPO} -echo "✅ Manifest folder PR created for master" - -CLONE_DIR="${BUILD_DIR}/config-sync-release" -SYNC_DIR="$CLONE_DIR" -echo $SYNC_DIR -rm -rf "${SYNC_DIR}" -mkdir -p "${SYNC_DIR}" -cd "${SYNC_DIR}" -gh repo clone aws/amazon-vpc-cni-k8s -echo "Release branch $RELEASE_BRANCH" -CONFIG_DIR=amazon-vpc-cni-k8s/config/master -cd $CONFIG_DIR -REPO_NAME=$(echo ${REPO} | cut -d'/' -f2) -git remote set-url origin https://"${GITHUB_USERNAME}":"${GITHUB_TOKEN}"@github.com/"${GITHUB_USERNAME}"/"${REPO_NAME}".git - -git config user.name "eks-networking-bot" -git config user.email "eks-networking-bot@users.noreply.github.com" - -FORK_RELEASE_BRANCH="${BINARY_BASE}-${VERSION}-${PR_ID}" -git checkout -b "${FORK_RELEASE_BRANCH}" origin/$RELEASE_BRANCH - -cp $SCRIPTPATH/../build/cni-rel-yamls/${VERSION}/aws-k8s-cni*.yaml . -cp $SCRIPTPATH/../build/cni-rel-yamls/${VERSION}/cni-metrics-helper*.yaml . - -git add --all -git commit -m "${BINARY_BASE}: ${VERSION}" - -PR_BODY=$(cat << EOM -## ${BINARY_BASE} ${VERSION} Automated manifest folder Sync! 🤖🤖 - -### Description 📝 - -Updating all the generated release artifacts in master/config for $RELEASE_BRANCH branch. - -EOM -) - -git push -u origin "${FORK_RELEASE_BRANCH}":$RELEASE_BRANCH -gh pr create --title "🥳 ${BINARY_BASE} ${VERSION} Automated manifest sync! 🥑" \ - --body "${PR_BODY}" --repo ${REPO} --base ${RELEASE_BRANCH} - -echo "✅ Manifest folder PR created for $RELEASE_BRANCH" +echo "Manifest folder PR created for master" diff --git a/scripts/sync-to-eks-charts.sh b/scripts/sync-to-eks-charts.sh index 9540912667..8580c363e0 100755 --- a/scripts/sync-to-eks-charts.sh +++ b/scripts/sync-to-eks-charts.sh @@ -21,7 +21,7 @@ BINARY_BASE="" INCLUDE_NOTES=0 MANUAL_VERIFY=1 -GH_CLI_VERSION="0.10.1" +GH_CLI_VERSION="2.22.1" GH_CLI_CONFIG_PATH="${HOME}/.config/gh/config.yml" KERNEL=$(uname -s | tr '[:upper:]' '[:lower:]') OS="${KERNEL}" @@ -130,7 +130,6 @@ cd "${FORK_DIR}" git remote set-url origin https://"${GITHUB_USERNAME}":"${GITHUB_TOKEN}"@github.com/"${GITHUB_USERNAME}"/"${CHARTS_REPO_NAME}".git DEFAULT_BRANCH=$(git rev-parse --abbrev-ref HEAD | tr -d '\n') - if diff -x ".*" -r "$HELM_CHART_DIR/" "${FORK_DIR}/stable/${HELM_CHART_NAME}/" &> /dev/null ; then echo " ✅ Charts already in sync; no updates needed" exit @@ -194,4 +193,4 @@ fi gh pr create --title "🥳 ${BINARY_BASE} ${VERSION} Automated Release! 🥑" \ --body "${PR_BODY}" --repo ${CHARTS_REPO} -echo "✅ EKS charts sync complete" +echo "EKS charts sync complete!" diff --git a/scripts/upload-resources-to-github.sh b/scripts/upload-resources-to-github.sh deleted file mode 100755 index 4ed62bc0a9..0000000000 --- a/scripts/upload-resources-to-github.sh +++ /dev/null @@ -1,129 +0,0 @@ -#!/bin/bash -set -euo pipefail - -# Script to upload release assets to Github. -# This script cleans up after itself in cases of parital failures. i.e. either all assets are uploaded or none -SCRIPTPATH="$( cd "$(dirname "$0")" ; pwd -P )" -VERSION=$(make -s -f $SCRIPTPATH/../Makefile version) -BUILD_DIR=$SCRIPTPATH/../build/cni-rel-yamls/$VERSION -BINARY_DIR=$SCRIPTPATH/../build/bin - -CNI_TAR_RESOURCES_FILE=$BUILD_DIR/cni_individual-resources.tar -METRICS_TAR_RESOURCES_FILE=$BUILD_DIR/cni_metrics_individual-resources.tar -CNI_RESOURCES_YAML=$BUILD_DIR/aws-k8s-cni -METRICS_RESOURCES_YAML=$BUILD_DIR/cni-metrics-helper -REGIONS_FILE=$SCRIPTPATH/../charts/regions.json - -BINARIES_ONLY="false" - -USAGE=$(cat << 'EOM' - Usage: upload-resources-to-github [-b] - Upload release assets to GitHub - - Example: upload-resources-to-github -b - Optional: - -b Upload binaries only [DEFAULT: upload all the assets] -EOM -) - -# Process our input arguments -while getopts "b" opt; do - case ${opt} in - b ) # Binaries only - BINARIES_ONLY="true" - ;; - \? ) - echo "$USAGE" 1>&2 - exit - ;; - esac -done - -RELEASE_ID=$(curl -s -H "Authorization: token $GITHUB_TOKEN" \ - https://api.github.com/repos/aws/amazon-vpc-cni-k8s/releases | \ - jq --arg VERSION "$VERSION" '.[] | select(.tag_name==$VERSION) | .id') - -ASSET_IDS_UPLOADED=() - -trap 'handle_errors_and_cleanup $?' EXIT - -handle_errors_and_cleanup() { - if [ $1 -eq 0 ]; then - exit 0 - fi - - if [[ ${#ASSET_IDS_UPLOADED[@]} -ne 0 ]]; then - echo -e "\nCleaning up assets uploaded in the current execution of the script" - for asset_id in "${ASSET_IDS_UPLOADED[@]}"; do - echo "Deleting asset $asset_id" - curl -X DELETE \ - -H "Authorization: token $GITHUB_TOKEN" \ - "https://api.github.com/repos/aws/amazon-vpc-cni-k8s/releases/assets/$asset_id" - done - exit $1 - fi -} - -# $1: absolute path to asset -upload_asset() { - resp=$(curl --write-out '%{http_code}' --silent \ - -H "Authorization: token $GITHUB_TOKEN" \ - -H "Content-Type: $(file -b --mime-type $1)" \ - --data-binary @$1 \ - "https://uploads.github.com/repos/aws/amazon-vpc-cni-k8s/releases/$RELEASE_ID/assets?name=$(basename $1)") - - response_code=$(echo $resp | sed 's/\(.*\)}//') - response_content=$(echo $resp | sed "s/$response_code//") - - # HTTP success code expected - 201 Created - if [[ $response_code -eq 201 ]]; then - asset_id=$(echo $response_content | jq '.id') - ASSET_IDS_UPLOADED+=("$asset_id") - echo "✅ Created asset ID $asset_id successfully" - else - echo -e "❌ Upload failed with response code $response_code and message \n$response_content ❌" - exit 1 - fi -} - -RESOURCES_TO_UPLOAD=("$CNI_TAR_RESOURCES_FILE" "$METRICS_TAR_RESOURCES_FILE") -RESOURCES_TO_COPY=() - -COUNT=1 -echo -e "\nUploading release assets for release id '$RELEASE_ID' to Github" -for asset in ${RESOURCES_TO_UPLOAD[@]}; do - name=$(echo $asset | tr '/' '\n' | tail -1) - echo -e "\n $((COUNT++)). $name" - upload_asset $asset -done - -while read i; do - ecrRegion=`echo $i | jq '.ecrRegion' -r` - ecrAccount=`echo $i | jq '.ecrAccount' -r` - ecrDomain=`echo $i | jq '.ecrDomain' -r` - - if [ "$ecrRegion" = "us-west-2" ]; then - NEW_CNI_RESOURCES_YAML="${CNI_RESOURCES_YAML}.yaml" - NEW_METRICS_RESOURCES_YAML="${METRICS_RESOURCES_YAML}.yaml" - elif [ "$ecrRegion" = "cn-northwest-1" ]; then - NEW_CNI_RESOURCES_YAML="${CNI_RESOURCES_YAML}-cn.yaml" - NEW_METRICS_RESOURCES_YAML="${METRICS_RESOURCES_YAML}-cn.yaml" - else - NEW_CNI_RESOURCES_YAML="${CNI_RESOURCES_YAML}-${ecrRegion}.yaml" - NEW_METRICS_RESOURCES_YAML="${METRICS_RESOURCES_YAML}-${ecrRegion}.yaml" - fi - - RESOURCES_TO_UPLOAD=("$NEW_CNI_RESOURCES_YAML" "$NEW_METRICS_RESOURCES_YAML") - RESOURCES_TO_COPY+=("$NEW_CNI_RESOURCES_YAML") - RESOURCES_TO_COPY+=("$NEW_METRICS_RESOURCES_YAML") - - COUNT=1 - echo -e "\nUploading release assets for release id '$RELEASE_ID' to Github" - for asset in ${RESOURCES_TO_UPLOAD[@]}; do - name=$(echo $asset | tr '/' '\n' | tail -1) - echo -e "\n $((COUNT++)). $name" - upload_asset $asset - done -done < <(jq -c '.[]' $REGIONS_FILE) - -echo "✅ Attach artifacts to release page done"