Skip to content

Commit

Permalink
Merge commit '5b3473f5ed3a0a6322a8ffcbe8108aeaaa199246' into automate…
Browse files Browse the repository at this point in the history
…d-cherry-pick-of-#1250-upstream-release-5.0
  • Loading branch information
jsafrane committed Aug 6, 2024
2 parents cbc9a28 + 5b3473f commit 6194c6d
Show file tree
Hide file tree
Showing 6 changed files with 74 additions and 11 deletions.
12 changes: 12 additions & 0 deletions release-tools/.github/dependabot.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
version: 2
enable-beta-ecosystems: true
updates:
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "daily"
labels:
- "area/dependency"
- "release-note-none"
- "ok-to-test"
open-pull-requests-limit: 10
15 changes: 15 additions & 0 deletions release-tools/.github/workflows/codespell.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
# GitHub Action to automate the identification of common misspellings in text files.
# https://github.com/codespell-project/actions-codespell
# https://github.com/codespell-project/codespell
name: codespell
on: [push, pull_request]
jobs:
codespell:
name: Check for spelling errors
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: codespell-project/actions-codespell@master
with:
check_filenames: true
skip: "*.png,*.jpg,*.svg,*.sum,./.git,./.github/workflows/codespell.yml,./prow.sh"
29 changes: 29 additions & 0 deletions release-tools/.github/workflows/trivy.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
name: Run Trivy scanner for Go version vulnerabilities
on:
push:
branches:
- master
pull_request:
jobs:
trivy:
name: Build
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4

- name: Get Go version
id: go-version
run: |
GO_VERSION=$(cat prow.sh | grep "configvar CSI_PROW_GO_VERSION_BUILD" | awk '{print $3}' | sed 's/"//g')
echo "version=$GO_VERSION" >> $GITHUB_OUTPUT
- name: Run Trivy scanner for Go version vulnerabilities
uses: aquasecurity/trivy-action@master
with:
image-ref: 'golang:${{ steps.go-version.outputs.version }}'
format: 'table'
exit-code: '1'
ignore-unfixed: true
vuln-type: 'library'
severity: 'CRITICAL,HIGH,MEDIUM,LOW,UNKNOWN'
2 changes: 1 addition & 1 deletion release-tools/SIDECAR_RELEASE_PROCESS.md
Original file line number Diff line number Diff line change
Expand Up @@ -84,7 +84,7 @@ naming convention `<hostpath-deployment-version>-on-<kubernetes-version>`.
1. Compare the generated output to the new commits for the release to check if
any notable change missed a release note.
1. Reword release notes as needed, ideally in the original PRs so that the
release notes can be regnerated. Make sure to check notes for breaking
release notes can be regenerated. Make sure to check notes for breaking
changes and deprecations.
1. If release is a new major/minor version, create a new `CHANGELOG-<major>.<minor>.md`
file.
Expand Down
16 changes: 10 additions & 6 deletions release-tools/generate-patch-release-notes.sh
Original file line number Diff line number Diff line change
Expand Up @@ -23,13 +23,17 @@
# CSI_RELEASE_TOKEN: Github token needed for generating release notes
# GITHUB_USER: Github username to create PRs with
#
# Required tools:
# - gh
# - release-notes (https://github.com/kubernetes/release/blob/master/cmd/release-notes/README.md)
#
# Instructions:
# 1. Login with "gh auth login"
# 2. Copy this script to the kubernetes-csi directory (one directory above the
# repos)
# 3. Update the repos and versions in the $releases array
# 4. Set environment variables
# 5. Run script from the kubernetes-csi directory
# 1. Install the required tools
# 2. Login with "gh auth login"
# 3. Copy this script to the kubernetes-csi directory (one directory above the repos)
# 4. Update the repos and versions in the $releases array
# 5. Set environment variables
# 6. Run script from the kubernetes-csi directory
#
# Caveats:
# - This script doesn't handle regenerating and updating existing PRs yet.
Expand Down
11 changes: 7 additions & 4 deletions release-tools/prow.sh
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ configvar CSI_PROW_BUILD_PLATFORMS "linux amd64 amd64; linux ppc64le ppc64le -pp
# which is disabled with GOFLAGS=-mod=vendor).
configvar GOFLAGS_VENDOR "$( [ -d vendor ] && echo '-mod=vendor' )" "Go flags for using the vendor directory"

configvar CSI_PROW_GO_VERSION_BUILD "1.22.3" "Go version for building the component" # depends on component's source code
configvar CSI_PROW_GO_VERSION_BUILD "1.22.5" "Go version for building the component" # depends on component's source code
configvar CSI_PROW_GO_VERSION_E2E "" "override Go version for building the Kubernetes E2E test suite" # normally doesn't need to be set, see install_e2e
configvar CSI_PROW_GO_VERSION_SANITY "${CSI_PROW_GO_VERSION_BUILD}" "Go version for building the csi-sanity test suite" # depends on CSI_PROW_SANITY settings below
configvar CSI_PROW_GO_VERSION_KIND "${CSI_PROW_GO_VERSION_BUILD}" "Go version for building 'kind'" # depends on CSI_PROW_KIND_VERSION below
Expand Down Expand Up @@ -231,8 +231,11 @@ configvar CSI_PROW_E2E_VERSION "$(version_to_git "${CSI_PROW_KUBERNETES_VERSION}
configvar CSI_PROW_E2E_REPO "https://github.com/kubernetes/kubernetes" "E2E repo"
configvar CSI_PROW_E2E_IMPORT_PATH "k8s.io/kubernetes" "E2E package"

# Local path for e2e tests. Set to "none" to disable.
configvar CSI_PROW_SIDECAR_E2E_IMPORT_PATH "none" "CSI Sidecar E2E package"
# Local path & package path for e2e tests. Set to "none" to disable.
# When using versioned go modules, the import path is the module path whereas the path
# should not contain the version and be the directory where the module is checked out.
configvar CSI_PROW_SIDECAR_E2E_IMPORT_PATH "none" "CSI Sidecar E2E package (go import path)"
configvar CSI_PROW_SIDECAR_E2E_PATH "${CSI_PROW_SIDECAR_E2E_IMPORT_PATH}" "CSI Sidecar E2E path (directory)"

# csi-sanity testing from the csi-test repo can be run against the installed
# CSI driver. For this to work, deploying the driver must expose the Unix domain
Expand Down Expand Up @@ -1035,7 +1038,7 @@ run_e2e () (
trap move_junit EXIT
if [ "${name}" == "local" ]; then
cd "${GOPATH}/src/${CSI_PROW_SIDECAR_E2E_IMPORT_PATH}" &&
cd "${GOPATH}/src/${CSI_PROW_SIDECAR_E2E_PATH}" &&
run_with_loggers env KUBECONFIG="$KUBECONFIG" KUBE_TEST_REPO_LIST="$(if [ -e "${CSI_PROW_WORK}/e2e-repo-list" ]; then echo "${CSI_PROW_WORK}/e2e-repo-list"; fi)" ginkgo --timeout="${CSI_PROW_GINKGO_TIMEOUT}" -v "$@" "${CSI_PROW_WORK}/e2e-local.test" -- -report-dir "${ARTIFACTS}" -report-prefix local
else
cd "${GOPATH}/src/${CSI_PROW_E2E_IMPORT_PATH}" &&
Expand Down

0 comments on commit 6194c6d

Please sign in to comment.