From 590ae5fa5c3e92d00bf4da8060724fb66363980c Mon Sep 17 00:00:00 2001 From: claire labry Date: Thu, 5 Jan 2023 14:16:47 -0600 Subject: [PATCH] Onboard consul to use new version/VERSION file and reproducible actions (#15631) * Onboard consul to use new .release/VERSION file and reproducible actions-go-build * Onboard consul to use new .release/VERSION file and reproducible actions * Onboard consul to use new .release/VERSION file and reproducible actions * fix to consul * Onboard consul to use new .release/VERSION file and reproducible actions * Onboard consul to use new .release/VERSION file and reproducible actions * Onboard consul to use new .release/VERSION file and reproducible actions * test out ent changes * just or testing * Added setup go for build ui * try removing VERSION file out of .release dir * add checkout action for build ui and update checkout version * try no -dev marker * try removing extra ldflags * test version * add back in setup-go step? * Update utils.js read from static VERSION file * remove actions-setup go * add 1.15.0-dev * Using prepare workflow for pre-stable channel workflow * Test prepare workflow * Remove set-product-version branch from release pipeline * Use METADATA in environment * Correct env vars * Remove current branch from build trigger list Co-authored-by: emilymianeil Co-authored-by: Sarah Co-authored-by: hc-github-team-nomad-core Co-authored-by: emily neil <63985869+emilymianeil@users.noreply.github.com> --- .github/workflows/build.yml | 184 +++++++++++------------ .release/ci.hcl | 203 +++----------------------- ui/packages/consul-ui/config/utils.js | 8 +- version/VERSION | 1 + version/version.go | 17 ++- 5 files changed, 120 insertions(+), 293 deletions(-) create mode 100644 version/VERSION diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 635f3ba3b6..20f316c12e 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -10,54 +10,62 @@ on: env: PKG_NAME: consul + METADATA: oss jobs: - get-product-version: + set-product-version: runs-on: ubuntu-latest outputs: - product-version: ${{ steps.get-product-version.outputs.product-version }} + product-version: ${{ steps.set-product-version.outputs.product-version }} + base-product-version: ${{ steps.set-product-version.outputs.base-product-version }} product-date: ${{ steps.get-product-version.outputs.product-date }} - pre-version: ${{ steps.get-product-version.outputs.pre-version }} - pkg-version: ${{ steps.get-product-version.outputs.pkg-version }} + pre-version: ${{ steps.set-product-version.outputs.prerelease-product-version }} shared-ldflags: ${{ steps.shared-ldflags.outputs.shared-ldflags }} steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 + - name: set product version + id: set-product-version + uses: hashicorp/actions-set-product-version@v1 - name: get product version id: get-product-version run: | - CONSUL_VERSION=$(build-support/scripts/version.sh -r) CONSUL_DATE=$(build-support/scripts/build-date.sh) ## TODO: This assumes `make version` outputs 1.1.1+ent-prerel - IFS="+" read VERSION _other <<< "$CONSUL_VERSION" - IFS="-" read _other PREREL_VERSION <<< "$CONSUL_VERSION" - ## TODO: this assumes `version.sh` outputs in the expected ordering of - ## [version]+ent{-prerelease} If we need to transition to - ## [version]{-prerelease}+ent before then, we'll need to add - ## logic to handle presense/absence of the prerelease - echo "::set-output name=product-version::${CONSUL_VERSION}" echo "::set-output name=product-date::${CONSUL_DATE}" - echo "::set-output name=pre-version::${PREREL_VERSION}" - echo "::set-output name=pkg-version::${VERSION}" - name: Set shared -ldflags id: shared-ldflags run: | T="github.com/hashicorp/consul/version" - echo "::set-output name=shared-ldflags::-X ${T}.GitCommit=${GITHUB_SHA::8} -X ${T}.GitDescribe=${{ steps.get-product-version.outputs.product-version }} -X ${T}.BuildDate=${{ steps.get-product-version.outputs.product-date }}" - + echo "::set-output name=shared-ldflags::-X ${T}.GitCommit=${GITHUB_SHA::8} \ + -X ${T}.GitDescribe=${{ steps.set-product-version.outputs.product-version }} \ + -X ${T}.BuildDate=${{ steps.get-product-version.outputs.product-date }} \ + " + validate-outputs: + needs: set-product-version + runs-on: ubuntu-latest + steps: + - name: Validate Outputs + run: | + echo "Product Version: ${{ needs.set-product-version.outputs.product-version }}" + echo "Base Product Version: ${{ needs.set-product-version.outputs.base-product-version }}" + echo "Product Metadata: ${{ env.METADATA }}" + echo "Product Date: ${{ needs.set-product-version.outputs.product-date }}" + echo "Prerelease Version: ${{ needs.set-product-version.outputs.pre-version }}" + echo "Ldflags: ${{ needs.set-product-version.outputs.shared-ldflags }}" generate-metadata-file: - needs: get-product-version + needs: set-product-version runs-on: ubuntu-latest outputs: filepath: ${{ steps.generate-metadata-file.outputs.filepath }} steps: - name: 'Checkout directory' - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Generate metadata file id: generate-metadata-file uses: hashicorp/actions-generate-metadata@v1 with: - version: ${{ needs.get-product-version.outputs.product-version }} + version: ${{ needs.set-product-version.outputs.product-version }} product: ${{ env.PKG_NAME }} - uses: actions/upload-artifact@v2 @@ -66,7 +74,7 @@ jobs: path: ${{ steps.generate-metadata-file.outputs.filepath }} build: - needs: get-product-version + needs: set-product-version runs-on: ubuntu-latest strategy: matrix: @@ -84,15 +92,10 @@ jobs: name: Go ${{ matrix.go }} ${{ matrix.goos }} ${{ matrix.goarch }} build steps: - - uses: actions/checkout@v2 - - - name: Setup go - uses: actions/setup-go@v2 - with: - go-version: ${{ matrix.go }} + - uses: actions/checkout@v3 - name: Setup with node and yarn - uses: actions/setup-node@v2 + uses: actions/setup-node@v3 with: node-version: '14' cache: 'yarn' @@ -100,8 +103,8 @@ jobs: - name: Build UI run: | - CONSUL_VERSION=${{ needs.get-product-version.outputs.product-version }} - CONSUL_DATE=${{ needs.get-product-version.outputs.product-date }} + CONSUL_VERSION=${{ needs.set-product-version.outputs.product-version }} + CONSUL_DATE=${{ needs.set-product-version.outputs.product-date }} CONSUL_BINARY_TYPE=${CONSUL_BINARY_TYPE} CONSUL_COPYRIGHT_YEAR=$(git show -s --format=%cd --date=format:%Y HEAD) echo "consul_version is ${CONSUL_VERSION}" @@ -111,21 +114,22 @@ jobs: cd ui && make && cd .. rm -rf agent/uiserver/dist mv ui/packages/consul-ui/dist agent/uiserver/ - - name: Build + - name: Go Build env: - GOOS: ${{ matrix.goos }} - GOARCH: ${{ matrix.goarch }} - CGO_ENABLED: 0 - GOLDFLAGS: "${{needs.get-product-version.outputs.shared-ldflags}}" - run: | - mkdir dist out - go build -ldflags="$GOLDFLAGS" -o dist/ . - zip -r -j out/${{ env.PKG_NAME }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip dist/ - - - uses: actions/upload-artifact@v2 + PRODUCT_VERSION: ${{ needs.set-product-version.outputs.product-version }} + PRERELEASE_VERSION: ${{ needs.set-product-version.outputs.pre-version }} + CGO_ENABLED: "0" + GOLDFLAGS: "${{needs.set-product-version.outputs.shared-ldflags}}" + uses: hashicorp/actions-go-build@v0.1.7 with: - name: ${{ env.PKG_NAME }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip - path: out/${{ env.PKG_NAME }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip + product_name: ${{ env.PKG_NAME }} + product_version: ${{ needs.set-product-version.outputs.product-version }} + go_version: ${{ matrix.go }} + os: ${{ matrix.goos }} + arch: ${{ matrix.goarch }} + reproducible: report + instructions: |- + go build -ldflags="$GOLDFLAGS" -o "$BIN_PATH" -trimpath -buildvcs=false - name: Package if: ${{ matrix.goos == 'linux' }} @@ -134,7 +138,7 @@ jobs: name: ${{ github.event.repository.name }} description: "Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure. " arch: ${{ matrix.goarch }} - version: ${{ needs.get-product-version.outputs.product-version }} + version: ${{ needs.set-product-version.outputs.product-version }} maintainer: "HashiCorp" homepage: "https://github.com/hashicorp/consul" license: "MPL-2.0" @@ -166,7 +170,7 @@ jobs: path: out/${{ env.DEB_PACKAGE }} build-darwin: - needs: get-product-version + needs: set-product-version runs-on: macos-latest strategy: matrix: @@ -177,15 +181,10 @@ jobs: name: Go ${{ matrix.go }} ${{ matrix.goos }} ${{ matrix.goarch }} build steps: - - uses: actions/checkout@v2 - - - name: Setup go - uses: actions/setup-go@v2 - with: - go-version: ${{ matrix.go }} - + - uses: actions/checkout@v3 + - name: Setup with node and yarn - uses: actions/setup-node@v2 + uses: actions/setup-node@v3 with: node-version: '14' cache: 'yarn' @@ -193,7 +192,7 @@ jobs: - name: Build UI run: | - CONSUL_VERSION=${{ needs.get-product-version.outputs.product-version }} + CONSUL_VERSION=${{ needs.set-product-version.outputs.product-version }} CONSUL_BINARY_TYPE=${CONSUL_BINARY_TYPE} CONSUL_COPYRIGHT_YEAR=$(git show -s --format=%cd --date=format:%Y HEAD) echo "consul_version is ${CONSUL_VERSION}" @@ -202,26 +201,27 @@ jobs: cd ui && make && cd .. rm -rf agent/uiserver/dist mv ui/packages/consul-ui/dist agent/uiserver/ - - - name: Build + - name: Go Build env: - GOOS: ${{ matrix.goos }} - GOARCH: ${{ matrix.goarch }} - GOLDFLAGS: "${{ needs.get-product-version.outputs.shared-ldflags }}" - run: | - mkdir dist out - go build -ldflags="$GOLDFLAGS" -tags netcgo -o dist/ . - zip -r -j out/${{ env.PKG_NAME }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip dist/ - - - uses: actions/upload-artifact@v2 + PRODUCT_VERSION: ${{ needs.set-product-version.outputs.product-version }} + PRERELEASE_VERSION: ${{ needs.set-product-version.outputs.pre-version }} + CGO_ENABLED: "0" + GOLDFLAGS: "${{needs.set-product-version.outputs.shared-ldflags}}" + uses: hashicorp/actions-go-build@v0.1.7 with: - name: ${{ env.PKG_NAME }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip - path: out/${{ env.PKG_NAME }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip + product_name: ${{ env.PKG_NAME }} + product_version: ${{ needs.set-product-version.outputs.product-version }} + go_version: ${{ matrix.go }} + os: ${{ matrix.goos }} + arch: ${{ matrix.goarch }} + reproducible: report + instructions: |- + go build -ldflags="$GOLDFLAGS" -tags netcgo -o "$BIN_PATH" -trimpath -buildvcs=false build-docker: name: Docker ${{ matrix.arch }} build needs: - - get-product-version + - set-product-version - build runs-on: ubuntu-latest strategy: @@ -229,10 +229,10 @@ jobs: arch: ["386", "amd64", "arm", "arm64"] env: repo: ${{github.event.repository.name}} - version: ${{needs.get-product-version.outputs.product-version}} + version: ${{needs.set-product-version.outputs.product-version}} steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 # Strip everything but MAJOR.MINOR from the version string and add a `-dev` suffix # This naming convention will be used ONLY for per-commit dev images @@ -258,15 +258,15 @@ jobs: build-docker-ubi-redhat: name: Docker Build UBI Image for RedHat Registry needs: - - get-product-version + - set-product-version - build runs-on: ubuntu-latest env: repo: ${{github.event.repository.name}} - version: ${{needs.get-product-version.outputs.product-version}} + version: ${{needs.set-product-version.outputs.product-version}} steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - uses: hashicorp/actions-docker-build@v1 with: version: ${{env.version}} @@ -278,15 +278,15 @@ jobs: build-docker-ubi-dockerhub: name: Docker Build UBI Image for DockerHub needs: - - get-product-version + - set-product-version - build runs-on: ubuntu-latest env: repo: ${{github.event.repository.name}} - version: ${{needs.get-product-version.outputs.product-version}} + version: ${{needs.set-product-version.outputs.product-version}} steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 # Strip everything but MAJOR.MINOR from the version string and add a `-dev` suffix # This naming convention will be used ONLY for per-commit dev images @@ -310,7 +310,7 @@ jobs: verify-linux: needs: - - get-product-version + - set-product-version - build runs-on: ubuntu-latest strategy: @@ -318,12 +318,12 @@ jobs: arch: ["386", "amd64", "arm", "arm64"] fail-fast: true env: - version: ${{ needs.get-product-version.outputs.product-version }} - zip_name: consul_${{ needs.get-product-version.outputs.product-version }}_linux_${{ matrix.arch }}.zip + version: ${{ needs.set-product-version.outputs.product-version }} + zip_name: consul_${{ needs.set-product-version.outputs.product-version }}_linux_${{ matrix.arch }}.zip name: Verify ${{ matrix.arch }} linux binary steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Download ${{ matrix.arch }} zip uses: actions/download-artifact@v3 @@ -342,18 +342,18 @@ jobs: verify-darwin: needs: - - get-product-version + - set-product-version - build-darwin runs-on: macos-latest strategy: fail-fast: true env: - version: ${{needs.get-product-version.outputs.product-version}} - zip_name: consul_${{ needs.get-product-version.outputs.product-version }}_darwin_amd64.zip + version: ${{needs.set-product-version.outputs.product-version}} + zip_name: consul_${{ needs.set-product-version.outputs.product-version }}_darwin_amd64.zip name: Verify amd64 darwin binary steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Download amd64 darwin zip uses: actions/download-artifact@v3 @@ -369,22 +369,22 @@ jobs: verify-linux-packages-deb: needs: - build - - get-product-version + - set-product-version runs-on: ubuntu-latest strategy: matrix: arch: ["i386", "amd64", "armhf", "arm64"] # fail-fast: true env: - version: ${{ needs.get-product-version.outputs.product-version }} + version: ${{ needs.set-product-version.outputs.product-version }} name: Verify ${{ matrix.arch }} debian package steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set package version run: | - echo "pkg_version=$(echo ${{ needs.get-product-version.outputs.product-version }} | sed 's/\-/~/g')" >> $GITHUB_ENV + echo "pkg_version=$(echo ${{ needs.set-product-version.outputs.product-version }} | sed 's/\-/~/g')" >> $GITHUB_ENV - name: Set package name run: | @@ -406,22 +406,22 @@ jobs: verify-linux-packages-rpm: needs: - build - - get-product-version + - set-product-version runs-on: ubuntu-latest strategy: matrix: # TODO(eculver): re-enable when there is a smaller verification container available arch: ["i386", "x86_64"] #, "armv7hl", "aarch64"] env: - version: ${{ needs.get-product-version.outputs.product-version }} + version: ${{ needs.set-product-version.outputs.product-version }} name: Verify ${{ matrix.arch }} rpm steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set package version run: | - echo "pkg_version=$(echo ${{ needs.get-product-version.outputs.product-version }} | sed 's/\-/~/g')" >> $GITHUB_ENV + echo "pkg_version=$(echo ${{ needs.set-product-version.outputs.product-version }} | sed 's/\-/~/g')" >> $GITHUB_ENV - name: Set package name run: | diff --git a/.release/ci.hcl b/.release/ci.hcl index ea205acd11..084450dd4c 100644 --- a/.release/ci.hcl +++ b/.release/ci.hcl @@ -17,7 +17,6 @@ project "consul" { } event "build" { - depends = ["merge"] action "build" { organization = "hashicorp" repository = "crt-workflows-common" @@ -25,68 +24,13 @@ event "build" { } } -event "upload-dev" { +event "prepare" { depends = ["build"] - action "upload-dev" { - organization = "hashicorp" - repository = "crt-workflows-common" - workflow = "upload-dev" - depends = ["build"] - } - - notification { - on = "fail" - } -} - -event "security-scan-binaries" { - depends = ["upload-dev"] - action "security-scan-binaries" { - organization = "hashicorp" - repository = "crt-workflows-common" - workflow = "security-scan-binaries" - config = "security-scan.hcl" - } - - notification { - on = "fail" - } -} - -event "security-scan-containers" { - depends = ["security-scan-binaries"] - action "security-scan-containers" { - organization = "hashicorp" - repository = "crt-workflows-common" - workflow = "security-scan-containers" - config = "security-scan.hcl" - } - - notification { - on = "fail" - } -} - -event "notarize-darwin-amd64" { - depends = ["security-scan-containers"] - action "notarize-darwin-amd64" { - organization = "hashicorp" - repository = "crt-workflows-common" - workflow = "notarize-darwin-amd64" - - } - - notification { - on = "fail" - } -} - -event "notarize-darwin-arm64" { - depends = ["notarize-darwin-amd64"] - action "notarize-darwin-arm64" { + action "prepare" { organization = "hashicorp" repository = "crt-workflows-common" - workflow = "notarize-darwin-arm64" + workflow = "prepare" + depends = ["build"] } notification { @@ -94,131 +38,6 @@ event "notarize-darwin-arm64" { } } -event "notarize-windows-386" { - depends = ["notarize-darwin-arm64"] - action "notarize-windows-386" { - organization = "hashicorp" - repository = "crt-workflows-common" - workflow = "notarize-windows-386" - - } - - notification { - on = "fail" - } -} - -event "notarize-windows-amd64" { - depends = ["notarize-windows-386"] - action "notarize-windows-amd64" { - organization = "hashicorp" - repository = "crt-workflows-common" - workflow = "notarize-windows-amd64" - } - - notification { - on = "fail" - } -} - -event "sign" { - depends = ["notarize-windows-amd64"] - action "sign" { - organization = "hashicorp" - repository = "crt-workflows-common" - workflow = "sign" - - } - - notification { - on = "fail" - } -} - -event "sign-linux-rpms" { - depends = ["sign"] - action "sign-linux-rpms" { - organization = "hashicorp" - repository = "crt-workflows-common" - workflow = "sign-linux-rpms" - } - - notification { - on = "fail" - } -} - -event "verify" { - depends = ["sign-linux-rpms"] - action "verify" { - organization = "hashicorp" - repository = "crt-workflows-common" - workflow = "verify" - } - - notification { - on = "fail" - } -} - -event "promote-dev-docker" { - depends = ["verify"] - action "promote-dev-docker" { - organization = "hashicorp" - repository = "crt-workflows-common" - workflow = "promote-dev-docker" - depends = ["verify"] - } - - notification { - on = "fail" - } -} - -event "fossa-scan" { - depends = ["promote-dev-docker"] - action "fossa-scan" { - organization = "hashicorp" - repository = "crt-workflows-common" - workflow = "fossa-scan" - } -} - -## These are promotion and post-publish events -## they should be added to the end of the file after the verify event stanza. - -event "trigger-staging" { -// This event is dispatched by the bob trigger-promotion command -// and is required - do not delete. -} - -event "promote-staging" { - depends = ["trigger-staging"] - action "promote-staging" { - organization = "hashicorp" - repository = "crt-workflows-common" - workflow = "promote-staging" - config = "release-metadata.hcl" - } - - notification { - on = "always" - } -} - -event "promote-staging-docker" { - depends = ["promote-staging"] - action "promote-staging-docker" { - organization = "hashicorp" - repository = "crt-workflows-common" - workflow = "promote-staging-docker" - } - - notification { - on = "always" - } -} - event "trigger-production" { // This event is dispatched by the bob trigger-promotion command // and is required - do not delete. @@ -275,9 +94,21 @@ event "post-publish-website" { on = "always" } } +event "bump-version" { + depends = ["post-publish-website"] + action "bump-version" { + organization = "hashicorp" + repository = "crt-workflows-common" + workflow = "bump-version" + } + + notification { + on = "fail" + } +} event "update-ironbank" { - depends = ["post-publish-website"] + depends = ["bump-version"] action "update-ironbank" { organization = "hashicorp" repository = "crt-workflows-common" diff --git a/ui/packages/consul-ui/config/utils.js b/ui/packages/consul-ui/config/utils.js index c24172a037..18ce415b91 100644 --- a/ui/packages/consul-ui/config/utils.js +++ b/ui/packages/consul-ui/config/utils.js @@ -9,16 +9,10 @@ const repositorySHA = function (sha = exec('git rev-parse --short HEAD')) { return sha.toString().trim(); }; const binaryVersion = function (repositoryRoot) { - return function (versionFileContents = read(`${repositoryRoot}/version/version.go`)) { + return function (versionFileContents = read(`${repositoryRoot}/version/VERSION`)) { // see /scripts/dist.sh:8 return versionFileContents .toString() - .split('\n') - .find(function (item, i, arr) { - return item.indexOf('Version =') !== -1; - }) - .trim() - .split('"')[1]; }; }; const env = function ($) { diff --git a/version/VERSION b/version/VERSION new file mode 100644 index 0000000000..0dec25d15b --- /dev/null +++ b/version/VERSION @@ -0,0 +1 @@ +1.15.0-dev \ No newline at end of file diff --git a/version/version.go b/version/version.go index c0e2582999..175f3ef55c 100644 --- a/version/version.go +++ b/version/version.go @@ -1,6 +1,7 @@ package version import ( + _ "embed" "fmt" "strings" ) @@ -10,20 +11,20 @@ var ( // compiler. GitCommit string - // The next version number that will be released. This will be updated after every release. - // + // The next version number that will be released. This will be updated after every release // Version must conform to the format expected by github.com/hashicorp/go-version // for tests to work. - Version = "1.15.0" + // A pre-release marker for the version can also be specified (e.g -dev). If this is omitted + // then it means that it is a final release. Otherwise, this is a pre-release + // such as "dev" (in development), "beta", "rc1", etc. + //go:embed VERSION + fullVersion string + + Version, VersionPrerelease, _ = strings.Cut(fullVersion, "-") // https://semver.org/#spec-item-10 VersionMetadata = "" - // A pre-release marker for the version. If this is "" (empty string) - // then it means that it is a final release. Otherwise, this is a pre-release - // such as "dev" (in development), "beta", "rc1", etc. - VersionPrerelease = "dev" - // The date/time of the build (actually the HEAD commit in git, to preserve stability) // This isn't just informational, but is also used by the licensing system. Default is chosen to be flagantly wrong. BuildDate string = "1970-01-01T00:00:01Z"