From 34dfbc5d3c4f7f049fdc8c9159774a949293f666 Mon Sep 17 00:00:00 2001 From: Tom Denham Date: Wed, 7 Jun 2017 15:58:34 -0700 Subject: [PATCH] Update and document release process Replace the rkt release process with a docker one. Document the process that we follow for each release. --- .gitignore | 1 + RELEASING.md | 34 +++++++++++++++++++++++++ scripts/release-with-rkt.sh | 50 ------------------------------------- scripts/release.sh | 36 ++++++++++++++++++++++++++ 4 files changed, 71 insertions(+), 50 deletions(-) create mode 100644 RELEASING.md delete mode 100755 scripts/release-with-rkt.sh create mode 100755 scripts/release.sh diff --git a/.gitignore b/.gitignore index f130579..0d94fb8 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,4 @@ bin/ gopath/ *.sw[ponm] .vagrant +release-* diff --git a/RELEASING.md b/RELEASING.md new file mode 100644 index 0000000..dd1b7a9 --- /dev/null +++ b/RELEASING.md @@ -0,0 +1,34 @@ +# Release process + +## Resulting artifacts +Creating a new release produces the following artifacts: + +- Binaries (stored in the `release-` directory) : + - `cni--.tgz` binaries + - `cni-.tgz` binary (copy of amd64 platform binary) + - `sha1`, `sha256` and `sha512` files for the above files. + +## Preparing for a release +1. Releases are performed by maintainers and should usually be discussed and planned at a maintainer meeting. + - Choose the version number. It should be prefixed with `v`, e.g. `v1.2.3` + - Take a quick scan through the PRs and issues to make sure there isn't anything crucial that _must_ be in the next release. + - Create a draft of the release note + - Discuss the level of testing that's needed and create a test plan if sensible + - Check what version of `go` is used in the build container, updating it if there's a new stable release. + +## Creating the release artifacts +1. Make sure you are on the master branch and don't have any local uncommitted changes. +1. Create a signed tag for the release `git tag -s $VERSION` (Ensure that GPG keys are created and added to GitHub) +1. Run the release script from the root of the repository + - `scripts/release.sh` + - The script requires Docker and ensures that a consistent environment is used. + - The artifacts will now be present in the `release-` directory. +1. Test these binaries according to the test plan. + +## Publishing the release +1. Push the tag to git `git push origin ` +1. Create a release on Github, using the tag which was just pushed. +1. Attach all the artifacts from the release directory. +1. Add the release note to the release. +1. Announce the release on at least the CNI mailing, IRC and Slack. + diff --git a/scripts/release-with-rkt.sh b/scripts/release-with-rkt.sh deleted file mode 100755 index e7cf96f..0000000 --- a/scripts/release-with-rkt.sh +++ /dev/null @@ -1,50 +0,0 @@ -#!/usr/bin/env bash -set -xe - -SRC_DIR="${SRC_DIR:-$PWD}" - -FEDORA_INSTALL="dnf install -y golang tar xz bzip2 gzip sudo iproute wget" -FEDORA_IMAGE="docker://fedora:25" -ACBUILD_URL="https://github.com/appc/acbuild/releases/download/v0.2.2/acbuild.tar.gz" -ACBUILD="acbuild --debug" -BUILDFLAGS="-a --ldflags '-extldflags \"-static\"'" - -TAG=$(git describe --exact-match --abbrev=0) || TAG=$(git describe) -RELEASE_DIR=release-${TAG} -OUTPUT_DIR=bin - -rm -Rf ${SRC_DIR}/${RELEASE_DIR} -mkdir -p ${SRC_DIR}/${RELEASE_DIR} - -sudo -E rkt run \ - --volume src-dir,kind=host,source=$SRC_DIR \ - --mount volume=src-dir,target=/opt/src \ - --interactive \ - --insecure-options=image \ - --net=host \ - --dns=host \ - ${FEDORA_IMAGE} \ - --exec /bin/bash \ - -- -xe -c "\ - ${FEDORA_INSTALL}; cd /opt/src; umask 0022; - for arch in amd64 arm arm64 ppc64le s390x; do \ - CGO_ENABLED=0 GOARCH=\$arch ./build.sh ${BUILDFLAGS}; \ - for format in tgz; do \ - FILENAME=cni-\$arch-${TAG}.\$format; \ - FILEPATH=${RELEASE_DIR}/\$FILENAME; \ - tar -C ${OUTPUT_DIR} --owner=0 --group=0 -caf \$FILEPATH .; \ - if [ \"\$arch\" == \"amd64\" ]; then \ - cp \$FILEPATH ${RELEASE_DIR}/cni-${TAG}.\$format; \ - fi; \ - done; \ - done; \ - wget -O - ${ACBUILD_URL} | tar -C /usr/bin -xzvf -; \ - ${ACBUILD} begin; \ - ${ACBUILD} set-name coreos.com/cni; \ - ${ACBUILD} label add version ${TAG}; \ - ${ACBUILD} copy --to-dir ${OUTPUT_DIR} /opt/cni/; \ - ${ACBUILD} write ${RELEASE_DIR}/cni-${TAG}.aci; \ - ${ACBUILD} end; \ - pushd ${RELEASE_DIR}; for f in \$(ls); do sha1sum \$f > \$f.sha1; done; popd; \ - chown -R ${UID} ${OUTPUT_DIR} ${RELEASE_DIR}; \ - :" diff --git a/scripts/release.sh b/scripts/release.sh new file mode 100755 index 0000000..37e2001 --- /dev/null +++ b/scripts/release.sh @@ -0,0 +1,36 @@ +#!/usr/bin/env bash +set -xe + +SRC_DIR="${SRC_DIR:-$PWD}" +BUILDFLAGS="-a --ldflags '-extldflags \"-static\"'" + +TAG=$(git describe --tags --dirty) +RELEASE_DIR=release-${TAG} + +OUTPUT_DIR=bin + +# Always clean first +rm -Rf ${SRC_DIR}/${RELEASE_DIR} +mkdir -p ${SRC_DIR}/${RELEASE_DIR} + +docker run -i -v ${SRC_DIR}:/opt/src --rm golang:1.8-alpine \ +/bin/sh -xe -c "\ + apk --no-cache add bash tar; + cd /opt/src; umask 0022; + for arch in amd64 arm arm64 ppc64le; do \ + CGO_ENABLED=0 GOARCH=\$arch ./build.sh ${BUILDFLAGS}; \ + for format in tgz; do \ + FILENAME=cni-\$arch-${TAG}.\$format; \ + FILEPATH=${RELEASE_DIR}/\$FILENAME; \ + tar -C ${OUTPUT_DIR} --owner=0 --group=0 -caf \$FILEPATH .; \ + if [ \"\$arch\" == \"amd64\" ]; then \ + cp \$FILEPATH ${RELEASE_DIR}/cni-${TAG}.\$format; \ + fi; \ + done; \ + done; + cd ${RELEASE_DIR}; + for f in *.tgz; do sha1sum \$f > \$f.sha1; done; + for f in *.tgz; do sha256sum \$f > \$f.sha256; done; + for f in *.tgz; do sha512sum \$f > \$f.sha512; done; + cd .. + chown -R ${UID} ${OUTPUT_DIR} ${RELEASE_DIR}" -- 2.44.0