From 33657243a20840c0d52eea219a25d8876d4bde50 Mon Sep 17 00:00:00 2001 From: Mykhailo Kuznietsov Date: Tue, 26 Jan 2021 16:35:04 +0200 Subject: [PATCH 1/6] Add release worklflow for che parent and server --- .github/workflows/release.yml | 115 +++++++ make-release.sh | 550 ++++++++++++++++++++++++---------- 2 files changed, 506 insertions(+), 159 deletions(-) create mode 100644 .github/workflows/release.yml diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000000..282ec9efc05 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,115 @@ +# +# Copyright (c) 2020 Red Hat, Inc. +# This program and the accompanying materials are made +# available under the terms of the Eclipse Public License 2.0 +# which is available at https://www.eclipse.org/legal/epl-2.0/ +# +# SPDX-License-Identifier: EPL-2.0 +# + +name: Release Che Server + +on: + workflow_dispatch: + inputs: + version: + description: 'The version that is going to be released. Should be in format 7.y.z' + required: true + default: '' + releaseParent: + description: 'If true, will also release parent of the same version' + required: true + default: 'false' + forceRecreateTags: + description: 'If true, tags will be overriden and regenerated. Use with caution' + required: false + default: 'false' + +jobs: + build: + runs-on: ubuntu-16.04 + steps: + - uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Check existing tag + run: | + if [[ "$FORCE_RECREATE_TAGS" == "false" ]] && [[ $(git ls-remote --exit-code origin refs/tags/${CHE_VERSION}) ]]; then + echo "cannot create release, when tag already exists" + exit 1 + fi + - name: Login to docker.io + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_PASSWORD }} + registry: docker.io + - name: Login to quay.io + uses: docker/login-action@v1 + with: + username: ${{ secrets.QUAY_USERNAME }} + password: ${{ secrets.QUAY_PASSWORD }} + registry: quay.io + - name: Set up Python 3.6 + uses: actions/setup-python@v2 + with: + python-version: 3.6 + - uses: actions/setup-java@v1 + with: + java-version: '11.0.7' + java-package: jdk + architecture: x64 + - name: Set up environment + run: | + python -m pip install --upgrade pip + pip install yq + python --version + pip --version + yq --version + + # install more repos + sudo apt-get update -y || true + # install more dependencies + sudo apt-get -y -q install wget curl bash git + java -version + + # want git >=2.24, hub >=2 + hub --version # hub reports git version too + + # want >=5 + bash --version + + java -version + which java + javac -version + which javac + + # do we need any of these? + # docker-ce x86_64 3:19.03.14-3.el7 docker-ce-stable 24 M + # gcc-c++ x86_64 4.8.5-44.el7 base 7.2 M + # nodejs x86_64 2:10.23.0-1nodesource nodesource 20 M + # yarn noarch 1.22.5-1 yarn 1.2 M + - name: Release + run: | + CHE_VERSION="${{ github.event.inputs.version }}" + echo "CHE_VERSION=${CHE_VERSION}" + PHASES="${{ github.event.inputs.phases }}" + echo "PHASES=${PHASES}" + sed -i VERSION -r -e "s#PHASES=.*#PHASES=${PHASES}#" + + export CHE_MAVEN_SETTINGS=${{ secrets.CHE_MAVEN_SETTINGS}} + export CHE_OSS_SONATYPE_GPG_KEY=${{ secrets.CHE_OSS_SONATYPE_GPG_KEY}} + export CHE_OSS_SONATYPE_PASSPHRASE=${{ secrets.CHE_OSS_SONATYPE_PASSPHRASE}} + export CHE_GITHUB_SSH_KEY=${{ secrets.CHE_GITHUB_SSH_KEY}} + export CHE_NPM_AUTH_TOKEN=${{ secrets.CHE_NPM_AUTH_TOKEN}} + + export QUAY_ECLIPSE_CHE_USERNAME=${{ secrets.QUAY_USERNAME }} + export QUAY_ECLIPSE_CHE_PASSWORD=${{ secrets.QUAY_PASSWORD }} + git config --global user.name "Mykhailo Kuznietsov" + git config --global user.email "mkuznets@redhat.com" + export GITHUB_TOKEN=${{ secrets.CHE_BOT_GITHUB_TOKEN }} + export CHE_BOT_GITHUB_TOKEN=${{ secrets.CHE_BOT_GITHUB_TOKEN }} + set -e + # determine which OS we're using: rhel or ubuntu + cat /etc/os-release || true + ./make-release.sh ubuntu diff --git a/make-release.sh b/make-release.sh index 29b3dc854c1..296c228868c 100755 --- a/make-release.sh +++ b/make-release.sh @@ -3,162 +3,394 @@ # Used to create branch/tag, update versions in pom.xml # and and trigger release by force pushing changes to the release branch -# set to 1 to actually trigger changes in the release branch -TRIGGER_RELEASE=0 -PRERELEASE_TESTING=0 - -bump_version() { - CURRENT_BRANCH=$(git rev-parse --abbrev-ref HEAD) - - NEXTVERSION=$1 - BUMP_BRANCH=$2 - - git checkout ${BUMP_BRANCH} - - echo "Updating project version to ${NEXTVERSION}" - mvn versions:set -DnewVersion=${NEXTVERSION} - mvn versions:update-parent -DallowSnapshots=true -DparentVersion=${NEXTVERSION} - mvn versions:commit - - echo "removing files" - #TODO investigate why these files sometimes need to be cleaned up manually - rm wsmaster/integration-tests/mysql-tck/pom.xml.versionsBackup - rm wsmaster/integration-tests/postgresql-tck/pom.xml.versionsBackup - - echo "sed" - # set new dependencies versions - sed -i -e "s#${VERSION}-SNAPSHOT#${NEXTVERSION}#" pom.xml - - COMMIT_MSG="[release] Bump to ${NEXTVERSION} in ${BUMP_BRANCH}" - git commit -a -s -m "${COMMIT_MSG}" - - PR_BRANCH=pr-master-to-${NEXTVERSION} - # create pull request for master branch, as branch is restricted - git branch "${PR_BRANCH}" - git checkout "${PR_BRANCH}" - git pull origin "${PR_BRANCH}" - git push origin "${PR_BRANCH}" - lastCommitComment="$(git log -1 --pretty=%B)" - hub pull-request -o -f -m "${lastCommitComment} - ${lastCommitComment}" -b "${BRANCH}" -h "${PR_BRANCH}" - - git checkout ${CURRENT_BRANCH} -} - -ask() { - while true; do - echo -e -n " (Y)es or (N)o " - read -r yn - case $yn in - [Yy]* ) return 0;; - [Nn]* ) return 1;; - * ) echo "Please answer (Y)es or (N)o. ";; - esac - done -} - - -while [[ "$#" -gt 0 ]]; do - case $1 in - '-t'|'--trigger-release') TRIGGER_RELEASE=1; PRERELEASE_TESTING=0; shift 0;; - '-r'|'--repo') REPO="$2"; shift 1;; - '-v'|'--version') VERSION="$2"; shift 1;; - '-p'|'--prerelease-testing') PRERELEASE_TESTING=1; TRIGGER_RELEASE=0; shift 0;; - esac - shift 1 -done - -usage () -{ - echo "Provide the necessary parameters and make sure to choose either prerelease testing or trigger release option" - echo "Usage: $0 --repo [GIT REPO TO EDIT] --version [VERSION TO RELEASE] [--trigger-release] [--prerelease-testing]" - echo "Example: $0 --repo git@github.com:eclipse/che-subproject --version 7.7.0 --trigger-release"; echo -} - -if [[ ! ${VERSION} ]] || [[ ! ${REPO} ]]; then - usage - exit 1 -fi - - -set +e - ask "Remove the tag if it already exists?" - result=$? -set -e - -if [[ $result == 0 ]]; then - git add -A - git push origin :${VERSION} -fi - -# derive branch from version -BRANCH=${VERSION%.*}.x - -# if doing a .0 release, use master; if doing a .z release, use $BRANCH -if [[ ${VERSION} == *".0" ]]; then - BASEBRANCH="master" -else - BASEBRANCH="${BRANCH}" -fi - -# work in tmp dir -TMP=$(mktemp -d); pushd "$TMP" > /dev/null || exit 1 - -# get sources from ${BASEBRANCH} branch -echo "Check out ${REPO} to ${TMP}/${REPO##*/}" -git clone "${REPO}" -q -cd "${REPO##*/}" || exit 1 -git fetch origin "${BASEBRANCH}":"${BASEBRANCH}" -git checkout "${BASEBRANCH}" - -# create new branch off ${BASEBRANCH} (or check out latest commits if branch already exists), then push to origin -if [[ "${BASEBRANCH}" != "${BRANCH}" ]]; then - git branch "${BRANCH}" || git checkout "${BRANCH}" && git pull origin "${BRANCH}" - git push origin "${BRANCH}" - git fetch origin "${BRANCH}:${BRANCH}" - git checkout "${BRANCH}" - - cd .ci - ./set_tag_version_images.sh ${VERSION} - cd .. - git commit -a -s -m "Update image tags to ${VERSION} version" -fi - -if [[ $PRERELEASE_TESTING -eq 1 ]]; then - # create pre-release branch and update image tags - git checkout release-candidate - cd .ci - ./set_tag_version_images.sh ${VERSION} - cd .. - git commit -a -s -m "Update image tags to ${VERSION} version" - git push origin release-candidate -f -fi - -if [[ $TRIGGER_RELEASE -eq 1 ]]; then - # push new branch to release branch to trigger CI build - git fetch origin "release-candidate:release-candidate" - git checkout "release-candidate" - git branch release -f - git push origin release -f -fi - -# now update ${BASEBRANCH} to the new snapshot version -git fetch origin "${BASEBRANCH}":"${BASEBRANCH}" -git checkout "${BASEBRANCH}" - -# infer project version + commit change into ${BASEBRANCH} branch -if [[ "${BASEBRANCH}" != "${BRANCH}" ]]; then - # bump the y digit - [[ $BRANCH =~ ^([0-9]+)\.([0-9]+)\.x ]] && BASE=${BASH_REMATCH[1]}; NEXT=${BASH_REMATCH[2]}; (( NEXT=NEXT+1 )) # for BRANCH=7.10.x, get BASE=7, NEXT=11 - NEXTVERSION_Y="${BASE}.${NEXT}.0-SNAPSHOT" - bump_version ${NEXTVERSION_Y} ${BASEBRANCH} -fi -# bump the z digit -[[ $VERSION =~ ^([0-9]+)\.([0-9]+)\.([0-9]+) ]] && BASE="${BASH_REMATCH[1]}.${BASH_REMATCH[2]}"; NEXT="${BASH_REMATCH[3]}"; (( NEXT=NEXT+1 )) # for VERSION=7.7.1, get BASE=7.7, NEXT=2 -NEXTVERSION_Z="${BASE}.${NEXT}-SNAPSHOT" -bump_version ${NEXTVERSION_Z} ${BUGFIX} - -popd > /dev/null || exit - -# cleanup tmp dir -# cd /tmp && rm -fr "$TMP" + +# TODO ensure usage of respective bugfix branches + + +REGISTRY="quay.io" +ORGANIZATION="eclipse" + + # KEEP RIGHT ORDER!!! +DOCKER_FILES_LOCATIONS=( + che/dockerfiles/endpoint-watcher + che/dockerfiles/keycloak + che/dockerfiles/postgres + che/dockerfiles/dev + che/dockerfiles/che + che/dockerfiles/dashboard-dev + che/dockerfiles/e2e +) + +IMAGES_LIST=( + quay.io/eclipse/che-endpoint-watcher + quay.io/eclipse/che-keycloak + quay.io/eclipse/che-postgres + quay.io/eclipse/che-dev + quay.io/eclipse/che-server + quay.io/eclipse/che-dashboard-dev + quay.io/eclipse/che-e2e +) + +loadMvnSettingsGpgKey() { + set +x + mkdir $HOME/.m2 + #prepare settings.xml for maven and sonatype (central maven repository) + echo $CHE_MAVEN_SETTINGS | base64 -d > $HOME/.m2/settings.xml + #load GPG key for sign artifacts + echo $CHE_OSS_SONATYPE_GPG_KEY | base64 -d > $HOME/.m2/gpg.key + #load SSH key for release process + echo ${#CHE_OSS_SONATYPE_GPG_KEY} + echo $CHE_GITHUB_SSH_KEY | base64 -d > $HOME/.ssh/id_rsa + chmod 0400 $HOME/.ssh/id_rsa + ssh-keyscan github.com >> ~/.ssh/known_hosts + set -x + export GPG_TTY=$(tty) + gpg --import $HOME/.m2/gpg.key + # gpg --import --batch $HOME/.m2/gpg.key + gpg --version +} + +installDebDeps(){ + set +x + # TODO should this be node 12? + curl -sL https://deb.nodesource.com/setup_10.x | sudo -E bash - + sudo apt-get install -y nodejs +} + +installMaven(){ + set -x + mkdir -p /opt/apache-maven && curl -sSL https://downloads.apache.org/maven/maven-3/3.6.3/binaries/apache-maven-3.6.3-bin.tar.gz | tar -xz --strip=1 -C /opt/apache-maven + export M2_HOME="/opt/apache-maven" + export PATH="/opt/apache-maven/bin:${PATH}" + mvn -version || die_with "mvn not found in path: ${PATH} !" + set +x +} + +evaluateCheVariables() { + echo "Che version: ${CHE_VERSION}" + # derive branch from version + BRANCH=${CHE_VERSION%.*}.x + echo "Branch: ${BRANCH}" + + if [[ ${CHE_VERSION} == *".0" ]]; then + BASEBRANCH="master" + else + BASEBRANCH="${BRANCH}" + fi + echo "Basebranch: ${BASEBRANCH}" + echo "Release che-parent: ${RELEASE_CHE_PARENT}" + echo "Version che-parent: ${VERSION_CHE_PARENT}" + echo "Deploy to nexus: ${DEPLOY_TO_NEXUS}" + echo "Autorelease on nexus: ${AUTORELEASE_ON_NEXUS}" + echo "Release Process Phases: '${PHASES}'" +} + +checkoutProjects() { + checkoutProject git@github.com:eclipse/che-parent + checkoutProject git@github.com:eclipse/che +} + +checkoutProject() { + PROJECT="${1##*/}" + echo "checking out project $PROJECT with ${BRANCH} branch" + + git clone $1 + cd $PROJECT + git checkout ${BASEBRANCH} + + set -x + set +e + if [[ "${BASEBRANCH}" != "${BRANCH}" ]]; then + git branch "${BRANCH}" || git checkout "${BRANCH}" && git pull origin "${BRANCH}" + git push origin "${BRANCH}" + git fetch origin "${BRANCH}:${BRANCH}" + git checkout "${BRANCH}" + fi + set -e + set +x + cd .. +} + +# TODO change it to someone else? +setupGitconfig() { + git config --global user.name "Mykhailo Kuznietsov" + git config --global user.email mkuznets@redhat.com + + # hub CLI configuration + git config --global push.default matching + # replace default GITHUB_TOKEN, that is used by GitHub + export GITHUB_TOKEN="${CHE_BOT_GITHUB_TOKEN}" +} + +createTags() { + if [[ $RELEASE_CHE_PARENT = "true" ]]; then + tagAndCommit che-parent + fi + tagAndCommit che +} + +tagAndCommit() { + cd $1 + # this branch isn't meant to be pushed + git checkout -b release-${CHE_VERSION} + git commit -asm "Release version ${CHE_VERSION}" + if [ $(git tag -l "$CHE_VERSION") ]; then + echo "tag ${CHE_VERSION} already exists! recreating ..." + git tag -d ${CHE_VERSION} + git push origin :${CHE_VERSION} + git tag "${CHE_VERSION}" + else + echo "[INFO] creating new tag ${CHE_VERSION}" + git tag "${CHE_VERSION}" + fi + git push --tags + echo "[INFO] tag created and pushed for $1" + cd .. +} + +prepareRelease() { + if [[ $RELEASE_CHE_PARENT = "true" ]]; then + pushd che-parent >/dev/null + # Install previous version, in case it is not available in central repo + # which is needed for dependent projects + mvn clean install + mvn versions:set -DgenerateBackupPoms=false -DnewVersion=${VERSION_CHE_PARENT} + mvn clean install + popd >/dev/null + echo "[INFO] Che Parent version has been updated to ${VERSION_CHE_PARENT}" + fi + + pushd che >/dev/null + if [[ $RELEASE_CHE_PARENT = "true" ]]; then + mvn versions:update-parent -DgenerateBackupPoms=false -DallowSnapshots=false -DparentVersion=[${VERSION_CHE_PARENT}] + fi + mvn versions:set -DgenerateBackupPoms=false -DallowSnapshots=false -DnewVersion=${CHE_VERSION} + echo "[INFO] Che Server version has been updated to ${CHE_VERSION} (parentVersion = ${VERSION_CHE_PARENT})" + + # Replace dependencies in che-server parent + sed -i -e "s#.*<\/che.dashboard.version>#${CHE_VERSION}<\/che.dashboard.version>#" pom.xml + sed -i -e "s#.*<\/che.version>#${CHE_VERSION}<\/che.version>#" pom.xml + echo "[INFO] Dependencies updated in che-server parent" + + # TODO pull parent pom version from VERSION file, instead of being hardcoded + pushd typescript-dto >/dev/null + sed -i -e "s#.*<\/che.version>#${CHE_VERSION}<\/che.version>#" dto-pom.xml + # Do not change the version of the parent pom, which is fixed + # TODO is this correct? seems like we're setting parent to a version that doesn't exist, rather than hardcoding to VERSION_CHE_PARENT value + sed -i -e "/${VERSION_CHE_PARENT}<\/version>/ ! s#.*<\/version>#${CHE_VERSION}<\/version>#" dto-pom.xml + echo "[INFO] Dependencies updated in che typescript DTO (should have parent = ${VERSION_CHE_PARENT}, not ${CHE_VERSION})" + popd >/dev/null + + # TODO more elegant way to execute these scripts + pushd .ci >/dev/null + ./set_tag_version_images.sh ${CHE_VERSION} + echo "[INFO] Tag versions of images have been set in che-server" + popd >/dev/null + popd >/dev/null +} + +releaseCheServer() { + set -x + tmpmvnlog=/tmp/mvn.log.txt + if [[ $RELEASE_CHE_PARENT = "true" ]]; then + pushd che-parent >/dev/null + rm -f $tmpmvnlog || true + set +e + mvn clean install -ntp -U -Pcodenvy-release -Dgpg.passphrase=$CHE_OSS_SONATYPE_PASSPHRASE | tee $tmpmvnlog + EXIT_CODE=$? + set -e + # try maven build again if Nexus dies + if grep -q -E "502 - Bad Gateway|Nexus connection problem" $tmpmvnlog; then + rm -f $tmpmvnlog || true + mvn clean install -ntp -U -Pcodenvy-release -Dgpg.passphrase=$CHE_OSS_SONATYPE_PASSPHRASE | tee $tmpmvnlog + EXIT_CODE=$? + fi + # check log for errors if build successful; if failed, no need to check (already failed) + if [ $EXIT_CODE -eq 0 ]; then + checkLogForErrors $tmpmvnlog + echo 'Build of che-parent: Success!' + if [[ ${DEPLOY_TO_NEXUS} == "true" ]]; then + echo 'Deploy che-parent artifacts to nexus' + rm -f $tmpmvnlog || true + set +e + mvn clean deploy -ntp -Pcodenvy-release -DcreateChecksum=true -DautoReleaseAfterClose=$AUTORELEASE_ON_NEXUS -Dgpg.passphrase=$CHE_OSS_SONATYPE_PASSPHRASE | tee $tmpmvnlog + EXIT_CODE=$? + set -e + # try maven build again if Nexus dies + if grep -q -E "502 - Bad Gateway|Nexus connection problem" $tmpmvnlog; then + rm -f $tmpmvnlog || true + mvn clean deploy -ntp -Pcodenvy-release -DcreateChecksum=true -DautoReleaseAfterClose=$AUTORELEASE_ON_NEXUS -Dgpg.passphrase=$CHE_OSS_SONATYPE_PASSPHRASE | tee $tmpmvnlog + EXIT_CODE=$? + fi + # check log for errors if build successful; if failed, no need to check (already failed) + if [[ $EXIT_CODE -eq 0 ]]; then + checkLogForErrors $tmpmvnlog + else + echo '[ERROR] 1. Build of che-parent: Failed!' + exit $EXIT_CODE + fi + else + echo "[WARN] No deployment to Nexus as DEPLOY_TO_NEXUS = ${DEPLOY_TO_NEXUS}" + fi + else + echo '[ERROR] 2. Build of che-parent: Failed!' + exit $EXIT_CODE + fi + popd >/dev/null + fi + + pushd che >/dev/null + rm -f $tmpmvnlog || true + set +e + mvn clean install -U -Pcodenvy-release -Dgpg.passphrase=$CHE_OSS_SONATYPE_PASSPHRASE | tee $tmpmvnlog + EXIT_CODE=$? + set -e + # try maven build again if Nexus dies + if grep -q -E "502 - Bad Gateway|Nexus connection problem" $tmpmvnlog; then + rm -f $tmpmvnlog || true + mvn clean install -U -Pcodenvy-release -Dgpg.passphrase=$CHE_OSS_SONATYPE_PASSPHRASE | tee $tmpmvnlog + EXIT_CODE=$? + fi + + # check log for errors if build successful; if failed, no need to check (already failed) + if [ $EXIT_CODE -eq 0 ]; then + checkLogForErrors $tmpmvnlog + echo 'Build of che-server: Success!' + if [[ ${DEPLOY_TO_NEXUS} == "true" ]]; then + echo 'Deploy che-server artifacts to nexus' + rm -f $tmpmvnlog || true + set +e + mvn clean deploy -Pcodenvy-release -DcreateChecksum=true -DautoReleaseAfterClose=$AUTORELEASE_ON_NEXUS -Dgpg.passphrase=$CHE_OSS_SONATYPE_PASSPHRASE | tee $tmpmvnlog + EXIT_CODE=$? + set -e + # try maven build again if Nexus dies + if grep -q -E "502 - Bad Gateway|Nexus connection problem" $tmpmvnlog; then + rm -f $tmpmvnlog || true + mvn clean deploy -Pcodenvy-release -DcreateChecksum=true -DautoReleaseAfterClose=$AUTORELEASE_ON_NEXUS -Dgpg.passphrase=$CHE_OSS_SONATYPE_PASSPHRASE | tee $tmpmvnlog + EXIT_CODE=$? + fi + if [[ $EXIT_CODE -eq 0 ]]; then + checkLogForErrors $tmpmvnlog + else + echo '[ERROR] 1. Build of che-server: Failed!' + exit $EXIT_CODE + fi + else + echo "[WARN] No deployment to Nexus as DEPLOY_TO_NEXUS = ${DEPLOY_TO_NEXUS}" + fi + else + echo '[ERROR] 2. Build of che-server: Failed!' + exit $EXIT_CODE + fi + set +x + popd >/dev/null +} + + +buildImages() { + echo "Going to build docker images" + set -e + set -o pipefail + TAG=$1 + + # stop / rm all containers + if [[ $(docker ps -aq) != "" ]];then + docker rm -f "$(docker ps -aq)" + fi + + # BUILD IMAGES + for image_dir in ${DOCKER_FILES_LOCATIONS[@]} + do + if [[ ${image_dir} == "che/dockerfiles/che" ]]; then + bash "$(pwd)/${image_dir}/build.sh" --tag:${TAG} --build-arg:"CHE_DASHBOARD_VERSION=${CHE_VERSION},CHE_WORKSPACE_LOADER_VERSION=${CHE_VERSION}" + else + bash "$(pwd)/${image_dir}/build.sh" --tag:${TAG} + fi + if [[ $? -ne 0 ]]; then + echo "ERROR:" + echo "build of '${image_dir}' image is failed!" + exit 1 + fi + done +} + +tagLatestImages() { + for image in ${IMAGES_LIST[@]} + do + echo y | docker tag "${image}:$1" "${image}:latest" + if [[ $? -ne 0 ]]; then + die_with "docker tag of '${image}' image is failed!" + fi + done +} + +bumpVersions() { + # infer project version + commit change into ${BASEBRANCH} branch + echo "${BASEBRANCH} ${BRANCH}" + if [[ "${BASEBRANCH}" != "${BRANCH}" ]]; then + # bump the y digit + [[ ${BRANCH} =~ ^([0-9]+)\.([0-9]+)\.x ]] && BASE=${BASH_REMATCH[1]}; NEXT=${BASH_REMATCH[2]}; (( NEXT=NEXT+1 )) # for BRANCH=7.10.x, get BASE=7, NEXT=11 + NEXTVERSION_Y="${BASE}.${NEXT}.0-SNAPSHOT" + bumpVersion ${NEXTVERSION_Y} ${BASEBRANCH} + fi + # bump the z digit + [[ ${CHE_VERSION} =~ ^([0-9]+)\.([0-9]+)\.([0-9]+) ]] && BASE="${BASH_REMATCH[1]}.${BASH_REMATCH[2]}"; NEXT="${BASH_REMATCH[3]}"; (( NEXT=NEXT+1 )) # for VERSION=7.7.1, get BASE=7.7, NEXT=2 + NEXTVERSION_Z="${BASE}.${NEXT}-SNAPSHOT" + bumpVersion ${NEXTVERSION_Z} ${BRANCH} +} + +bumpVersion() { + set -x + echo "[info]bumping to version $1 in branch $2" + + if [[ $RELEASE_CHE_PARENT = "true" ]]; then + pushd che-parent >/dev/null + git checkout $2 + #install previous version, in case it is not available in central repo + #which is needed for dependent projects + + mvn clean install + mvn versions:set -DgenerateBackupPoms=false -DnewVersion=${CHE_VERSION} + mvn clean install + commitChangeOrCreatePR ${CHE_VERSION} $2 "pr-${2}-to-${1}" + popd >/dev/null + fi + + pushd che >/dev/null + git checkout $2 + if [[ $RELEASE_CHE_PARENT = "true" ]]; then + mvn versions:update-parent -DgenerateBackupPoms=false -DallowSnapshots=true -DparentVersion=[${VERSION_CHE_PARENT}] + fi + mvn versions:set -DgenerateBackupPoms=false -DallowSnapshots=true -DnewVersion=$1 + sed -i -e "s#.*<\/che.dashboard.version>#$1<\/che.dashboard.version>#" pom.xml + sed -i -e "s#.*<\/che.version>#$1<\/che.version>#" pom.xml + pushd typescript-dto >/dev/null + sed -i -e "s#.*<\/che.version>#${1}<\/che.version>#" dto-pom.xml + sed -i -e "s#.*<\/version>#${1}<\/version>#" dto-pom.xml + popd >/dev/null + + commitChangeOrCreatePR $1 $2 "pr-${2}-to-${1}" + popd >/dev/null + set +x +} + +updateImageTagsInCheServer() { + cd che + git checkout ${BRANCH} + cd .ci + ./set_tag_version_images.sh ${CHE_VERSION} + cd .. + git commit -asm "Set ${CHE_VERSION} release image tags" + git push origin ${BRANCH} +} + +mkdir $HOME/.ssh/ +loadMvnSettingsGpgKey +installDebDeps +set -x +setupGitconfig + +checkoutProjects +createTags +prepareRelease +releaseCheServer \ No newline at end of file From 00fb6dd0175c1814a5ffc9444708542e9df6a5e2 Mon Sep 17 00:00:00 2001 From: Mykhailo Kuznietsov Date: Tue, 2 Feb 2021 22:09:45 +0200 Subject: [PATCH 2/6] fixup! Add release worklflow for che parent and server --- .github/workflows/release.yml | 15 ++++++++------- make-release.sh | 17 ++++++++++++++--- 2 files changed, 22 insertions(+), 10 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 282ec9efc05..b2cfd542713 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -32,9 +32,16 @@ jobs: - uses: actions/checkout@v2 with: fetch-depth: 0 + path: che + - uses: actions/checkout@v2 + if: ${{ release_parent }} + with: + name: eclipse/che-parent + ref: refs/heads/release + path: che-parent - name: Check existing tag run: | - if [[ "$FORCE_RECREATE_TAGS" == "false" ]] && [[ $(git ls-remote --exit-code origin refs/tags/${CHE_VERSION}) ]]; then + if [[ "$FORCE_RECREATE_TAGS" == "false" ]] && [[ $(cd che && git ls-remote --exit-code origin refs/tags/${CHE_VERSION}) ]]; then echo "cannot create release, when tag already exists" exit 1 fi @@ -61,12 +68,6 @@ jobs: architecture: x64 - name: Set up environment run: | - python -m pip install --upgrade pip - pip install yq - python --version - pip --version - yq --version - # install more repos sudo apt-get update -y || true # install more dependencies diff --git a/make-release.sh b/make-release.sh index 296c228868c..e09c5145ae7 100755 --- a/make-release.sh +++ b/make-release.sh @@ -40,6 +40,7 @@ loadMvnSettingsGpgKey() { echo $CHE_OSS_SONATYPE_GPG_KEY | base64 -d > $HOME/.m2/gpg.key #load SSH key for release process echo ${#CHE_OSS_SONATYPE_GPG_KEY} + mkdir $HOME/.ssh/ echo $CHE_GITHUB_SSH_KEY | base64 -d > $HOME/.ssh/id_rsa chmod 0400 $HOME/.ssh/id_rsa ssh-keyscan github.com >> ~/.ssh/known_hosts @@ -94,7 +95,11 @@ checkoutProject() { PROJECT="${1##*/}" echo "checking out project $PROJECT with ${BRANCH} branch" - git clone $1 + if [[ ! -d PROJECT ]]; then + echo "project not found in ${PROJECT} directory, performing 'git clone'" + git clone $1 + fi + cd $PROJECT git checkout ${BASEBRANCH} @@ -384,7 +389,7 @@ updateImageTagsInCheServer() { git push origin ${BRANCH} } -mkdir $HOME/.ssh/ + loadMvnSettingsGpgKey installDebDeps set -x @@ -393,4 +398,10 @@ setupGitconfig checkoutProjects createTags prepareRelease -releaseCheServer \ No newline at end of file +releaseCheServer + +buildImages ${CHE_VERSION} +tagLatestImages ${CHE_VERSION} +pushImagesOnQuay ${CHE_VERSION} pushLatest +bumpVersions +updateImageTagsInCheServer \ No newline at end of file From 3e15c9d1f1db642d570dad3149165b6e9576b5a1 Mon Sep 17 00:00:00 2001 From: Mykhailo Kuznietsov Date: Tue, 2 Feb 2021 22:46:54 +0200 Subject: [PATCH 3/6] fixup! fixup! Add release worklflow for che parent and server --- .github/workflows/release.yml | 8 ++++---- make-release.sh | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b2cfd542713..34bd4bba768 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -34,14 +34,14 @@ jobs: fetch-depth: 0 path: che - uses: actions/checkout@v2 - if: ${{ release_parent }} + if: ${{ github.event.inputs.releaseParent == 'true' }} with: - name: eclipse/che-parent - ref: refs/heads/release + repository: eclipse/che-parent + token: {{ secrets.CHE_BOT_GITHUB_TOKEN }} path: che-parent - name: Check existing tag run: | - if [[ "$FORCE_RECREATE_TAGS" == "false" ]] && [[ $(cd che && git ls-remote --exit-code origin refs/tags/${CHE_VERSION}) ]]; then + if [[ "$FORCE_RECREATE_TAGS" == "false" ]] && [[ $(cd che && git ls-remote --exit-code origin refs/tags/${{ github.event.inputs.version}} ]]; then echo "cannot create release, when tag already exists" exit 1 fi diff --git a/make-release.sh b/make-release.sh index e09c5145ae7..3f162a6027f 100755 --- a/make-release.sh +++ b/make-release.sh @@ -389,7 +389,7 @@ updateImageTagsInCheServer() { git push origin ${BRANCH} } - +installMaven loadMvnSettingsGpgKey installDebDeps set -x From e2ddeb6c747a591efba9a6cc06925c76b95dc0b7 Mon Sep 17 00:00:00 2001 From: Mykhailo Kuznietsov Date: Wed, 3 Feb 2021 12:45:22 +0200 Subject: [PATCH 4/6] fixup! fixup! fixup! Add release worklflow for che parent and server --- .github/workflows/release.yml | 10 +--------- make-release.sh | 6 +----- 2 files changed, 2 insertions(+), 14 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 34bd4bba768..895714ec5c6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -31,7 +31,6 @@ jobs: steps: - uses: actions/checkout@v2 with: - fetch-depth: 0 path: che - uses: actions/checkout@v2 if: ${{ github.event.inputs.releaseParent == 'true' }} @@ -68,7 +67,6 @@ jobs: architecture: x64 - name: Set up environment run: | - # install more repos sudo apt-get update -y || true # install more dependencies sudo apt-get -y -q install wget curl bash git @@ -84,12 +82,6 @@ jobs: which java javac -version which javac - - # do we need any of these? - # docker-ce x86_64 3:19.03.14-3.el7 docker-ce-stable 24 M - # gcc-c++ x86_64 4.8.5-44.el7 base 7.2 M - # nodejs x86_64 2:10.23.0-1nodesource nodesource 20 M - # yarn noarch 1.22.5-1 yarn 1.2 M - name: Release run: | CHE_VERSION="${{ github.event.inputs.version }}" @@ -113,4 +105,4 @@ jobs: set -e # determine which OS we're using: rhel or ubuntu cat /etc/os-release || true - ./make-release.sh ubuntu + ./make-release.sh diff --git a/make-release.sh b/make-release.sh index 3f162a6027f..1056f5784b7 100755 --- a/make-release.sh +++ b/make-release.sh @@ -1,11 +1,7 @@ #!/bin/bash # Release process automation script. # Used to create branch/tag, update versions in pom.xml -# and and trigger release by force pushing changes to the release branch - - -# TODO ensure usage of respective bugfix branches - +# build and push maven artifacts and docker images to Quay.io REGISTRY="quay.io" ORGANIZATION="eclipse" From 534eae678c745959fa15316bdc93afa27a25e2da Mon Sep 17 00:00:00 2001 From: Mykhailo Kuznietsov Date: Wed, 3 Feb 2021 15:06:52 +0200 Subject: [PATCH 5/6] fixup! fixup! fixup! fixup! Add release worklflow for che parent and server --- .github/workflows/release.yml | 19 ++++++++++++++++++- make-release.sh | 1 - 2 files changed, 18 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 895714ec5c6..f34c1295dce 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -17,13 +17,25 @@ on: required: true default: '' releaseParent: - description: 'If true, will also release parent of the same version' + description: 'If true, will also release parent' required: true default: 'false' + versionParent: + description: 'Specify che parent version here, if its release is enabled' + required: false + default: '' forceRecreateTags: description: 'If true, tags will be overriden and regenerated. Use with caution' required: false default: 'false' + autoReleaseOnNexus: + description: 'If true, artifacts will be automatically released when deployed to Nexus' + required: false + default: 'true' + deployOnNexus: + description: 'If true, artifacts will be deployed to Nexus.' + required: false + default: 'true' jobs: build: @@ -96,6 +108,11 @@ jobs: export CHE_GITHUB_SSH_KEY=${{ secrets.CHE_GITHUB_SSH_KEY}} export CHE_NPM_AUTH_TOKEN=${{ secrets.CHE_NPM_AUTH_TOKEN}} + export RELEASE_CHE_PARENT="${{ github.event.inputs.releaseParent }}" + export VERSION_CHE_PARENT="${{ github.event.inputs.versionParent }}" + export DEPLOY_TO_NEXUS="${{ github.event.inputs.deployOnNexus }}" + export AUTORELEASE_ON_NEXUS="${{ github.event.inputs.autoReleaseOnNexus }}" + export QUAY_ECLIPSE_CHE_USERNAME=${{ secrets.QUAY_USERNAME }} export QUAY_ECLIPSE_CHE_PASSWORD=${{ secrets.QUAY_PASSWORD }} git config --global user.name "Mykhailo Kuznietsov" diff --git a/make-release.sh b/make-release.sh index 1056f5784b7..99f144fe179 100755 --- a/make-release.sh +++ b/make-release.sh @@ -79,7 +79,6 @@ evaluateCheVariables() { echo "Version che-parent: ${VERSION_CHE_PARENT}" echo "Deploy to nexus: ${DEPLOY_TO_NEXUS}" echo "Autorelease on nexus: ${AUTORELEASE_ON_NEXUS}" - echo "Release Process Phases: '${PHASES}'" } checkoutProjects() { From 78ca3874133681e824954b349bbb8980ce12ddb9 Mon Sep 17 00:00:00 2001 From: Mykhailo Kuznietsov Date: Wed, 3 Feb 2021 16:19:27 +0200 Subject: [PATCH 6/6] fixup! fixup! fixup! fixup! fixup! Add release worklflow for che parent and server --- .github/workflows/release.yml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f34c1295dce..9b39d37e21e 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -17,19 +17,19 @@ on: required: true default: '' releaseParent: - description: 'If true, will also release parent' - required: true + description: 'If true, will also release Che Parent.' + required: false default: 'false' versionParent: - description: 'Specify che parent version here, if its release is enabled' + description: 'Specify Che Parent version here, if *releaseParent is true' required: false default: '' forceRecreateTags: - description: 'If true, tags will be overriden and regenerated. Use with caution' + description: 'If true, tags will be overriden and regenerated. Use with caution.' required: false default: 'false' autoReleaseOnNexus: - description: 'If true, artifacts will be automatically released when deployed to Nexus' + description: 'If true, artifacts will be automatically released when deployed to Nexus, but only if *deployOnNexus* is also true.' required: false default: 'true' deployOnNexus: @@ -44,12 +44,14 @@ jobs: - uses: actions/checkout@v2 with: path: che + fetch-depth: 0 - uses: actions/checkout@v2 if: ${{ github.event.inputs.releaseParent == 'true' }} with: repository: eclipse/che-parent token: {{ secrets.CHE_BOT_GITHUB_TOKEN }} path: che-parent + fetch-depth: 0 - name: Check existing tag run: | if [[ "$FORCE_RECREATE_TAGS" == "false" ]] && [[ $(cd che && git ls-remote --exit-code origin refs/tags/${{ github.event.inputs.version}} ]]; then