diff --git a/.github/ISSUE_TEMPLATE/create_release_branch.md b/.github/ISSUE_TEMPLATE/create_release_branch.md index 0525d1575..9c5a8268a 100644 --- a/.github/ISSUE_TEMPLATE/create_release_branch.md +++ b/.github/ISSUE_TEMPLATE/create_release_branch.md @@ -18,11 +18,9 @@ Make sure to follow the steps below and ensure all actions are completed and sig - **Reviewer**: - -- **PR (release-1.xx)**: -- **PR (moonray/release-1.xx)**: -- **PR (strict/release-1.xx)**: - + +- **PR**: +- - **PR**: @@ -32,7 +30,6 @@ The steps are to be followed in-order, each task must be completed by the person - [ ] **Owner**: Add the assignee and reviewer as assignees to the GitHub issue - [ ] **Owner**: Ensure that you are part of the ["containers" team](https://launchpad.net/~containers) -- [ ] **Owner**: Ensure that are no [fast-forward PRs](https://github.com/canonical/k8s-snap/pulls) open against the `moonray/main` and `strict/main` branches. - [ ] **Owner**: Request a new `1.xx` Snapstore track for the snaps similar to the [snapstore track-request][]. - #### Post template on https://discourse.charmhub.io/ @@ -44,14 +41,15 @@ The steps are to be followed in-order, each task must be completed by the person Hi, - Could we please have the following tracks for k8s-snap? - - - "1.xx" - - "1.xx-classic" - - "1.xx-moonray" + Could we please have a track "1.xx-classic" and "1.xx" for the respective K8s snap release? Thank you, $name +- [ ] **Owner**: Create `release-1.xx` branch from latest `main` + - `git switch main` + - `git pull` + - `git checkout -b release-1.xx` + - `git push origin release-1.xx` - [ ] **Owner**: Create `release-1.xx` branch from latest `master` in k8s-dqlite - `git clone git@github.com:canonical/k8s-dqlite.git ~/tmp/release-1.xx` - `pushd ~/tmp/release-1.xx` @@ -97,44 +95,19 @@ The steps are to be followed in-order, each task must be completed by the person - `git push origin release-1.xx` - `popd` - `rm -rf ~/tmp/release-1.xx` -- [ ] **Owner**: Create `release-1.xx` branch from latest `main` - - `git switch main` - - `git pull` - - `git checkout -b release-1.xx` - - `git push origin release-1.xx` - [ ] **Reviewer**: Ensure `release-1.xx` branch is based on latest changes on `main` at the time of the release cut. -- [ ] **Owner**: Create `moonray/release-1.xx` branch from latest `moonray/main` - - `git switch moonray/main` - - `git pull` - - `git checkout -b moonray/release-1.xx` - - `git push origin moonray/release-1.xx` -- [ ] **Reviewer**: Ensure `moonray/release-1.xx` branch is based on latest changes on `moonray/main` at the time of the release cut. -- [ ] **Owner**: Create `strict/release-1.xx` branch from latest `strict/main` - - `git switch strict/main` - - `git pull` - - `git checkout -b strict/release-1.xx` - - `git push origin strict/release-1.xx` -- [ ] **Reviewer**: Ensure `strict/release-1.xx` branch is based on latest changes on `strict/main` at the time of the release cut. - [ ] **Owner**: Create PR to initialize `release-1.xx` branch: - [ ] Update `KUBERNETES_RELEASE_MARKER` to `stable-1.xx` in [/build-scripts/hack/update-component-versions.py][] - [ ] Update `master` to `release-1.xx` in [/build-scripts/components/k8s-dqlite/version][] - [ ] Update `"main"` to `"release-1.xx"` in [/build-scripts/hack/generate-sbom.py][] - [ ] `git commit -m 'Release 1.xx'` - - [ ] Create PRs against `release-1.xx` with the changes and request review from **Reviewer**. Make sure to update the issue `Information` section with link to the PR. -- [ ] **Reviewer**: Ensure `release-1.xx` PR is merged and builds Kubernetes 1.xx. -- [ ] **Owner**: Create PRs to initialize `moonray/release-1.xx` branch. - - [ ] `git checkout moonray/release-1.xx` - - [ ] `git merge release-1.xx` - - [ ] Create PR against `moonray/release-1.xx` with the changes and request review from **Reviewer**. Make sure to update the issue `Information` section with link to the PR. -- [ ] **Owner**: Create PRs to initialize `strict/release-1.xx` branch. - - [ ] `git checkout strict/release-1.xx` - - [ ] `git merge release-1.xx` - - [ ] Create PR against `strict/release-1.xx` with the changes and request review from **Reviewer**. Make sure to update the issue `Information` section with link to the PR. -- [ ] **Reviewer**: Review and merge PRs to initialize the release branches for `moonray/release-1.xx` and `strict/release-1.xx`. + - [ ] Create PR against `release-1.xx` with the changes and request review from **Reviewer**. Make sure to update the issue `Information` section with a link to the PR. +- [ ] **Reviewer**: Review and merge PR to initialize branch. - [ ] **Owner**: Create PR to initialize `update-components.yaml` job for `release-1.xx` branch: - [ ] Add `release-1.xx` in [.github/workflows/update-components.yaml][] - [ ] Remove unsupported releases from the list (if applicable, consult with **Reviewer**) - [ ] Create PR against `main` with the changes and request review from **Reviewer**. Make sure to update the issue information with a link to the PR. +- [ ] **Reviewer**: On merge, confirm [Auto-update strict branch] action runs to completion and that the `autoupdate/release-1.xx-strict` branch is created. - [ ] **Owner**: Create launchpad builders for `release-1.xx` - [ ] Go to [lp:k8s][] and do **Import now** to pick up all latest changes. - [ ] Under **Branches**, select `release-1.xx`, then **Create snap package** @@ -148,9 +121,9 @@ The steps are to be followed in-order, each task must be completed by the person - [ ] Set **Registered store name** to `k8s` - [ ] In **Store Channels**, set **Track** to `1.xx-classic` and **Risk** to `edge`. Leave **Branch** empty - [ ] Click **Create snap package** at the bottom of the page. -- [ ] **Owner**: Create launchpad builders for `strict/release-1.xx` +- [ ] **Owner**: Create launchpad builders for `release-1.xx-strict` - [ ] Return to [lp:k8s][]. - - [ ] Under **Branches**, select `strict/release-1.xx`, then **Create snap package** + - [ ] Under **Branches**, select `autoupdate/release-1.xx-strict`, then **Create snap package** - [ ] Set **Snap recipe name** to `k8s-snap-1.xx-strict` - [ ] Set **Owner** to `Canonical Kubernetes (containers)` - [ ] Set **The project that this Snap is associated with** to `k8s` @@ -161,22 +134,8 @@ The steps are to be followed in-order, each task must be completed by the person - [ ] Set **Registered store name** to `k8s` - [ ] In **Store Channels**, set **Track** to `1.xx` and **Risk** to `edge`. Leave **Branch** empty - [ ] Click **Create snap package** at the bottom of the page. -- [ ] **Owner**: Create launchpad builders for `moonray/release-1.xx` - - [ ] Return to [lp:k8s][]. - - [ ] Under **Branches**, select `moonray/release-1.xx`, then **Create snap package** - - [ ] Set **Snap recipe name** to `k8s-snap-1.xx-moonray` - - [ ] Set **Owner** to `Canonical Kubernetes (containers)` - - [ ] Set **The project that this Snap is associated with** to `k8s` - - [ ] Set **Series** to Infer from snapcraft.yaml - - [ ] Set **Processors** to `AMD x86-64 (amd64)` and `ARM ARMv8 (arm64)` - - [ ] Enable **Automatically build when branch changes** - - [ ] Enable **Automatically upload to store** - - [ ] Set **Registered store name** to `k8s` - - [ ] In **Store Channels**, set **Track** to `1.xx-moonray` and **Risk** to `edge`. Leave **Branch** empty - - [ ] Click **Create snap package** at the bottom of the page. - [ ] **Reviewer**: Ensure snap recipes are created in [lp:k8s/+snaps][] - look for `k8s-snap-1.xx` - - look for `k8s-snap-1.xx-moonray` - look for `k8s-snap-1.xx-strict` #### After release @@ -184,6 +143,8 @@ The steps are to be followed in-order, each task must be completed by the person - [ ] **Owner** follows up with the **Reviewer** and team about things to improve around the process. - [ ] **Owner**: After a few weeks of stable CI, update default track to `1.xx/stable` via - On the snap [releases page][], select `Track` > `1.xx` +- [ ] **Reviewer**: Ensure snap recipes are created in [lp:k8s/+snaps][] + [Auto-update strict branch]: https://github.com/canonical/k8s-snap/actions/workflows/strict.yaml diff --git a/.github/workflows/fast-forward.yaml b/.github/workflows/fast-forward.yaml deleted file mode 100644 index b15ec84ec..000000000 --- a/.github/workflows/fast-forward.yaml +++ /dev/null @@ -1,59 +0,0 @@ -name: Create fast-forward PRs - -on: - push: - branches: - - main - - 'release-[0-9]+.[0-9]+' - -permissions: - contents: read - -jobs: - update: - name: "${{ matrix.patch }}" - permissions: - contents: write # for peter-evans/create-pull-request to create branch - pull-requests: write # for peter-evans/create-pull-request to create a PR - runs-on: ubuntu-latest - strategy: - fail-fast: false - matrix: - patch: ["strict", "moonray"] - steps: - - name: Harden Runner - uses: step-security/harden-runner@v2 - with: - egress-policy: audit - - name: Figure out target branch - # ${{ steps.branch.outputs.upstream }} == "main", "release-1.30" - # ${{ steps.branch.outputs.target }} == "moonray/main", "moonray/release-1.30" - id: branch - run: | - REF="${{ github.ref }}" - NAME="${REF#refs/heads/}" # strip off refs/heads/ if it exists - echo "upstream=$NAME" >> "$GITHUB_OUTPUT" - echo "target=${{ matrix.patch }}/$NAME" >> "$GITHUB_OUTPUT" - - name: Checkout - uses: actions/checkout@v4 - with: - ssh-key: ${{ secrets.DEPLOY_KEY_TO_UPDATE_STRICT_BRANCH }} - - name: Checkout branches - run: | - git fetch origin - git checkout ${{ steps.branch.outputs.upstream }} - git checkout ${{ steps.branch.outputs.target }} - - name: Merge ${{ steps.branch.outputs.upstream }} into ${{ steps.branch.outputs.target }} - run: | - git checkout ${{ steps.branch.outputs.target }} - git merge ${{ steps.branch.outputs.upstream }} -m "Auto-merge ${{ steps.branch.outputs.upstream }}" - - name: Create pull request - uses: peter-evans/create-pull-request@v6 - with: - git-token: ${{ secrets.DEPLOY_KEY_TO_UPDATE_STRICT_BRANCH }} - commit-message: "[${{ steps.branch.outputs.target }}] Fast forward from ${{ steps.branch.outputs.upstream }}" - title: "[${{ steps.branch.outputs.target }}] Fast forward from ${{ steps.branch.outputs.upstream }}" - body: "[${{ steps.branch.outputs.target }}] Fast forward from ${{ steps.branch.outputs.upstream }}" - branch: "autoupdate/sync/${{ steps.branch.outputs.target }}" - delete-branch: true - base: ${{ steps.branch.outputs.target }} diff --git a/.github/workflows/go.yaml b/.github/workflows/go.yaml index b42830484..4d88a233e 100644 --- a/.github/workflows/go.yaml +++ b/.github/workflows/go.yaml @@ -3,12 +3,11 @@ name: Go on: push: branches: - - 'main' + - main + - autoupdate/strict + - autoupdate/moonray - 'release-[0-9]+.[0-9]+' - - 'strict/main' - - 'strict/release-[0-9]+.[0-9]+' - - 'moonray/main' - - 'moonray/release-[0-9]+.[0-9]+' + - 'autoupdate/release-[0-9]+.[0-9]+-strict' - 'autoupdate/sync/**' pull_request: @@ -19,6 +18,7 @@ jobs: test: permissions: contents: read # for actions/checkout to fetch code + pull-requests: write # for marocchino/sticky-pull-request-comment to create or update PR comment name: Unit Tests & Code Quality runs-on: ubuntu-latest diff --git a/.github/workflows/integration-informing.yaml b/.github/workflows/integration-informing.yaml index 6fd85d4ee..7fb273ef6 100644 --- a/.github/workflows/integration-informing.yaml +++ b/.github/workflows/integration-informing.yaml @@ -1,12 +1,11 @@ name: Informing Integration Tests on: - # TODO(neoaggelos): needs updating the "Figure out target branch" below - # push: - # branches: - # - main - # - 'release-[0-9]+.[0-9]+' - # - 'autoupdate/sync/**' + push: + branches: + - main + - 'release-[0-9]+.[0-9]+' + - 'autoupdate/sync/**' pull_request: permissions: @@ -25,26 +24,8 @@ jobs: uses: step-security/harden-runner@v2 with: egress-policy: audit - - name: Figure out target branch - # ${{ steps.branch.outputs.upstream }} == "main", "release-1.30" - # ${{ steps.branch.outputs.target }} == "moonray/main", "moonray/release-1.30" - id: branch - run: | - echo "upstream=${{ github.base_ref }}" >> "$GITHUB_OUTPUT" - echo "target=${{ matrix.patch }}/${{ github.base_ref }}" >> "$GITHUB_OUTPUT" - name: Checking out repo uses: actions/checkout@v4 - - name: Merge ${{ github.head_ref }} into ${{ steps.branch.outputs.target }} - run: | - git config user.name k8s-bot - git config user.email k8s-bot@canonical.com - - git fetch origin - - git checkout ${{ github.head_ref }} - git checkout ${{ steps.branch.outputs.target }} - - git merge ${{ github.head_ref }} -m "Auto-merge ${{ github.head_ref }}" - name: Install lxd run: | sudo snap refresh lxd --channel 5.21/stable @@ -54,6 +35,9 @@ jobs: - name: Install snapcraft run: | sudo snap install snapcraft --classic + - name: Apply ${{ matrix.patch }} patch + run: | + ./build-scripts/patches/${{ matrix.patch }}/apply - name: Build snap run: | sg lxd -c 'snapcraft --use-lxd' @@ -74,30 +58,8 @@ jobs: fail-fast: false runs-on: ubuntu-20.04 steps: - - name: Figure out target branch - # ${{ steps.branch.outputs.upstream }} == "main", "release-1.30" - # ${{ steps.branch.outputs.target }} == "moonray/main", "moonray/release-1.30" - id: branch - run: | - echo "upstream=${{ github.base_ref }}" >> "$GITHUB_OUTPUT" - echo "target=${{ matrix.patch }}/${{ github.base_ref }}" >> "$GITHUB_OUTPUT" - - name: Checking out repo - uses: actions/checkout@v4 - - name: Merge ${{ github.head_ref }} into ${{ steps.branch.outputs.target }} - run: | - git config user.name k8s-bot - git config user.email k8s-bot@canonical.com - - git fetch origin - - git checkout ${{ github.head_ref }} - git checkout ${{ steps.branch.outputs.target }} - - git merge ${{ github.head_ref }} -m "Auto-merge ${{ github.head_ref }}" - name: Check out code uses: actions/checkout@v4 - with: - ref: ${{ steps.branch.outputs.target }} - name: Setup Python uses: actions/setup-python@v5 with: @@ -115,6 +77,9 @@ jobs: with: name: k8s-${{ matrix.patch }}.snap path: build + - name: Apply ${{ matrix.patch }} patch + run: | + ./build-scripts/patches/${{ matrix.patch }}/apply - name: Run end to end tests run: | export TEST_SNAP="$PWD/build/k8s-${{ matrix.patch }}.snap" diff --git a/.github/workflows/integration.yaml b/.github/workflows/integration.yaml index 4fc3a54b5..bb91c8f67 100644 --- a/.github/workflows/integration.yaml +++ b/.github/workflows/integration.yaml @@ -3,12 +3,11 @@ name: Integration Tests on: push: branches: - - 'main' + - main + - autoupdate/strict + - autoupdate/moonray - 'release-[0-9]+.[0-9]+' - - 'strict/main' - - 'strict/release-[0-9]+.[0-9]+' - - 'moonray/main' - - 'moonray/release-[0-9]+.[0-9]+' + - 'autoupdate/release-[0-9]+.[0-9]+-strict' - 'autoupdate/sync/**' pull_request: @@ -51,7 +50,6 @@ jobs: strategy: matrix: os: ["ubuntu:20.04", "ubuntu:22.04", "ubuntu:24.04"] - fail-fast: false runs-on: ubuntu-20.04 needs: build diff --git a/.github/workflows/python.yaml b/.github/workflows/python.yaml index bbc63e723..2ccb0979f 100644 --- a/.github/workflows/python.yaml +++ b/.github/workflows/python.yaml @@ -3,12 +3,11 @@ name: Python on: push: branches: - - 'main' + - main + - autoupdate/strict + - autoupdate/moonray - 'release-[0-9]+.[0-9]+' - - 'strict/main' - - 'strict/release-[0-9]+.[0-9]+' - - 'moonray/main' - - 'moonray/release-[0-9]+.[0-9]+' + - 'autoupdate/release-[0-9]+.[0-9]+-strict' - 'autoupdate/sync/**' pull_request: diff --git a/.github/workflows/sbom.yaml b/.github/workflows/sbom.yaml index 941788ef2..846a19e76 100644 --- a/.github/workflows/sbom.yaml +++ b/.github/workflows/sbom.yaml @@ -3,12 +3,11 @@ name: SBOM on: push: branches: - - 'main' + - main + - autoupdate/strict + - autoupdate/moonray - 'release-[0-9]+.[0-9]+' - - 'strict/main' - - 'strict/release-[0-9]+.[0-9]+' - - 'moonray/main' - - 'moonray/release-[0-9]+.[0-9]+' + - 'autoupdate/release-[0-9]+.[0-9]+-strict' - 'autoupdate/sync/**' pull_request: diff --git a/.github/workflows/update-branches.yaml b/.github/workflows/update-branches.yaml new file mode 100644 index 000000000..356bbce5b --- /dev/null +++ b/.github/workflows/update-branches.yaml @@ -0,0 +1,51 @@ +name: Auto-update branches + +on: + push: + branches: + - main + - 'release-[0-9]+.[0-9]+' + +permissions: + contents: read + +jobs: + update: + name: "${{ matrix.patch }}" + permissions: + contents: write # for Git to git push + runs-on: ubuntu-20.04 + strategy: + matrix: + patch: ["strict", "moonray"] + outputs: + branch: ${{ steps.determine.outputs.branch }} + steps: + - name: Harden Runner + uses: step-security/harden-runner@v2 + with: + egress-policy: audit + - name: Determine branch + id: determine + env: + BRANCH: ${{ github.ref }} + run: | + BRANCH=${BRANCH#refs/heads/} # strip off refs/heads/ if it exists + if [[ "${BRANCH}" == "main" ]]; then + echo "branch=autoupdate/${{ matrix.patch }}" >> "$GITHUB_OUTPUT" + elif [[ "${BRANCH}" =~ ^release-[0-9]+\.[0-9]+$ ]]; then + echo "branch=autoupdate/${BRANCH}-${{ matrix.patch }}" >> "$GITHUB_OUTPUT" + else + exit 1 + fi + - name: Sync ${{ github.ref }} to ${{ steps.determine.outputs.branch }} + uses: actions/checkout@v4 + with: + ssh-key: ${{ secrets.DEPLOY_KEY_TO_UPDATE_STRICT_BRANCH }} + - name: Apply ${{ matrix.patch }} patch + run: | + git checkout -b ${{ steps.determine.outputs.branch }} + ./build-scripts/patches/${{ matrix.patch }}/apply + - name: Push to ${{ steps.determine.outputs.branch }} + run: | + git push origin --force ${{ steps.determine.outputs.branch }} diff --git a/.github/workflows/update-components.yaml b/.github/workflows/update-components.yaml index 090f8e1ac..e46bd55df 100644 --- a/.github/workflows/update-components.yaml +++ b/.github/workflows/update-components.yaml @@ -15,13 +15,13 @@ jobs: pull-requests: write # for peter-evans/create-pull-request to create a PR runs-on: ubuntu-latest strategy: + fail-fast: false matrix: branch: # Keep main branch up to date - main # Supported stable release branches - release-1.30 - fail-fast: false steps: - name: Harden Runner