diff --git a/SIDECAR_RELEASE_PROCESS.md b/SIDECAR_RELEASE_PROCESS.md index 4f5d033c23..647d2342ba 100644 --- a/SIDECAR_RELEASE_PROCESS.md +++ b/SIDECAR_RELEASE_PROCESS.md @@ -46,9 +46,12 @@ naming convention `-on-`. ## Release Process 1. Identify all issues and ongoing PRs that should go into the release, and drive them to resolution. -1. Update dependencies for sidecars via - [go-modules-update.sh](https://github.com/kubernetes-csi/csi-driver-host-path/blob/HEAD/release-tools/go-modules-update.sh), - and get PRs approved and merged. +1. Update dependencies for sidecars + 1. For new minor versions, use + [go-modules-update.sh](https://github.com/kubernetes-csi/csi-release-tools/blob/HEAD/go-modules-update.sh), + 1. For CVE fixes on patch versions, use + [go-modules-targeted-update.sh](https://github.com/kubernetes-csi/csi-release-tools/blob/HEAD/go-modules-targeted-update.sh), + Read the instructions at the top of the script. 1. Check that all [canary CI jobs](https://testgrid.k8s.io/sig-storage-csi-ci) are passing, and that test coverage is adequate for the changes that are going into the release. diff --git a/build.make b/build.make index bceab34d26..fe120c52b9 100644 --- a/build.make +++ b/build.make @@ -322,3 +322,10 @@ test-spelling: test-boilerplate: @ echo; echo "### $@:" @ ./release-tools/verify-boilerplate.sh "$(pwd)" + +# Test klog usage. This test is optional and must be explicitly added to `test` target in the main Makefile: +# test: test-logcheck +.PHONY: test-logcheck +test-logcheck: + @ echo; echo "### $@:" + @ ./release-tools/verify-logcheck.sh diff --git a/generate_patch_release_notes.sh b/generate-patch-release-notes.sh similarity index 87% rename from generate_patch_release_notes.sh rename to generate-patch-release-notes.sh index 606c24d22d..2b9c13c387 100755 --- a/generate_patch_release_notes.sh +++ b/generate-patch-release-notes.sh @@ -48,7 +48,7 @@ function gen_patch_relnotes() { rm out.md || true rm -rf /tmp/k8s-repo || true GITHUB_TOKEN="$CSI_RELEASE_TOKEN" \ - release-notes --discover=patch-to-latest --branch="$2" \ + release-notes --start-rev="$3" --end-rev="$2" --branch="$2" \ --org=kubernetes-csi --repo="$1" \ --required-author="" --markdown-links --output out.md } @@ -57,11 +57,14 @@ for rel in "${releases[@]}"; do read -r repo version <<< "$rel" # Parse minor version - minorPattern="(^[[:digit:]]+\.[[:digit:]]+)\." - [[ "$version" =~ $minorPattern ]] + minorPatchPattern="(^[[:digit:]]+\.[[:digit:]]+)\.([[:digit:]]+)" + [[ "$version" =~ $minorPatchPattern ]] minor="${BASH_REMATCH[1]}" + patch="${BASH_REMATCH[2]}" - echo "$repo" "$version" "$minor" + echo "$repo $version $minor $patch" + prevPatch="$((patch-1))" + prevVer="v$minor.$prevPatch" pushd "$repo/CHANGELOG" @@ -74,7 +77,7 @@ for rel in "${releases[@]}"; do git checkout --track "upstream/release-$minor" -b "$branch" # Generate release notes - gen_patch_relnotes "$repo" "release-$minor" + gen_patch_relnotes "$repo" "release-$minor" "$prevVer" cat > tmp.md <> tmp.md echo >> tmp.md + rm out.md file="CHANGELOG-$minor.md" cat "$file" >> tmp.md diff --git a/go-modules-targeted-update.sh b/go-modules-targeted-update.sh new file mode 100755 index 0000000000..52146f31d6 --- /dev/null +++ b/go-modules-targeted-update.sh @@ -0,0 +1,96 @@ +#!/bin/bash + +# Copyright 2023 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# Usage: go-modules-targeted-update.sh +# +# Batch update specific dependencies for sidecars. +# +# Required environment variables +# CSI_RELEASE_TOKEN: Github token needed for generating release notes +# GITHUB_USER: Github username to create PRs with +# +# Instructions: +# 1. Login with "gh auth login" +# 2. Copy this script to the Github org directory (one directory above the +# repos) +# 3. Change $modules, $releases and $org if needed. +# 4. Set environment variables +# 5. Run script from the Github org directory +# +# Caveats: +# - This script doesn't handle interface incompatibility of updates. +# You need to resolve interface incompatibility case by case. The +# most frequent case is to update the interface(new parameters, +# name change of the method, etc.)in the sidecar repo and make sure +# the build and test pass. + + +set -e +set -x + +org="kubernetes-csi" + +modules=( +"github.com/kubernetes-csi/csi-lib-utils@v0.15.1" +) + +releases=( +#"external-attacher release-4.4" +#"external-provisioner release-3.6" +#"external-resizer release-1.9" +#"external-snapshotter release-6.3" +#"node-driver-registrar release-2.9" +) + +for rel in "${releases[@]}"; do + + read -r repo branch <<< "$rel" + if [ "$repo" != "#" ]; then + ( + cd "$repo" + git fetch upstream + + if [ "$(git rev-parse --verify "module-update-$branch" 2>/dev/null)" ]; then + git checkout master && git branch -D "module-update-$branch" + fi + git checkout -B "module-update-$branch" "upstream/$branch" + + for mod in "${modules[@]}"; do + go get "$mod" + done + go mod tidy + go mod vendor + + git add --all + git commit -m "Update go modules" + git push origin "module-update-$branch" --force + + # Create PR +prbody=$(cat </dev/null || mktemp -d -t csi-lib-utils.XXXXXX) +trap 'rm -rf "${CSI_LIB_UTIL_TEMP}"' EXIT + +echo "Installing logcheck to temp dir: sigs.k8s.io/logtools/logcheck@v${LOGCHECK_VERSION}" +GOBIN="${CSI_LIB_UTIL_TEMP}" go install "sigs.k8s.io/logtools/logcheck@v${LOGCHECK_VERSION}" +echo "Verifying logcheck: ${CSI_LIB_UTIL_TEMP}/logcheck -check-contextual ${CSI_LIB_UTIL_ROOT}/..." +"${CSI_LIB_UTIL_TEMP}/logcheck" -check-contextual -check-with-helpers "${CSI_LIB_UTIL_ROOT}/..."