From baf10327b9d952a34017c90ab8243d848848d21d Mon Sep 17 00:00:00 2001 From: Or Ouziel Date: Mon, 19 Feb 2024 10:33:47 +0200 Subject: [PATCH 1/4] minor improvements --- scripts/bump_cloudbeat.sh | 83 ++++++++++++++++++++++----------------- 1 file changed, 46 insertions(+), 37 deletions(-) diff --git a/scripts/bump_cloudbeat.sh b/scripts/bump_cloudbeat.sh index a1a8dc925b..e5ecb65e7e 100755 --- a/scripts/bump_cloudbeat.sh +++ b/scripts/bump_cloudbeat.sh @@ -1,11 +1,22 @@ #!/bin/bash set -euo pipefail -export NEXT_CLOUDBEAT_BRANCH="bump-to-$NEXT_CLOUDBEAT_VERSION" +# versions CURRENT_MINOR_VERSION=$(echo "$CURRENT_CLOUDBEAT_VERSION" | cut -d '.' -f1,2) export CURRENT_MINOR_VERSION + +# branches +export NEXT_CLOUDBEAT_BRANCH="bump-to-$NEXT_CLOUDBEAT_VERSION" +export NEXT_CLOUDBEAT_HERMIT_BRANCH="bump-hermit-to-$CURRENT_CLOUDBEAT_VERSION" export RELEASE_CLOUDBEAT_BRANCH="release-$CURRENT_MINOR_VERSION" +# paths +export ARM_SINGLE_ACCOUNT_FILE="deploy/azure/ARM-for-single-account.json" +export ARM_SINGLE_ACCOUNT_FILE_DEV="deploy/azure/ARM-for-single-account.dev.json" +export ARM_ORGANIZATION_ACCOUNT_FILE="deploy/azure/ARM-for-organization-account.json" +export ARM_ORGANIZATION_ACCOUNT_FILE_DEV="deploy/azure/ARM-for-organization-account.dev.json" +export HERMIT_FILE="bin/hermit.hcl" + echo "NEXT_CLOUDBEAT_VERSION: $NEXT_CLOUDBEAT_VERSION" echo "CURRENT_CLOUDBEAT_VERSION: $CURRENT_CLOUDBEAT_VERSION" echo "CURRENT_MINOR_VERSION: $CURRENT_MINOR_VERSION" @@ -27,94 +38,79 @@ update_version_mergify() { - "backport" title: "[{{ destination_branch }}](backport #{{ number }}) {{ title }}" EOF + git add .mergify.yml + git commit -m "Update .mergify.yml" + + gh label create "backport-v$CURRENT_CLOUDBEAT_VERSION" } update_version_arm_template_default_value() { - echo "• Update ARM templates with new version" - local single_account_file="deploy/azure/ARM-for-single-account.json" - local organization_account_file="deploy/azure/ARM-for-organization-account.json" - echo "• Replace defaultValue for ElasticAgentVersion in ARM templates" - jq --indent 4 ".parameters.ElasticAgentVersion.defaultValue = \"$NEXT_CLOUDBEAT_VERSION\"" $single_account_file >tmp.json && mv tmp.json $single_account_file - jq --indent 4 ".parameters.ElasticAgentVersion.defaultValue = \"$NEXT_CLOUDBEAT_VERSION\"" $organization_account_file >tmp.json && mv tmp.json $organization_account_file + jq --indent 4 ".parameters.ElasticAgentVersion.defaultValue = \"$NEXT_CLOUDBEAT_VERSION\"" $ARM_SINGLE_ACCOUNT_FILE >tmp.json && mv tmp.json $ARM_SINGLE_ACCOUNT_FILE + jq --indent 4 ".parameters.ElasticAgentVersion.defaultValue = \"$NEXT_CLOUDBEAT_VERSION\"" $ARM_ORGANIZATION_ACCOUNT_FILE >tmp.json && mv tmp.json $ARM_ORGANIZATION_ACCOUNT_FILE echo "• Generate dev ARM templates" ./deploy/azure/generate_dev_template.py --template-type single-account ./deploy/azure/generate_dev_template.py --template-type organization-account + + git add $ARM_SINGLE_ACCOUNT_FILE $ARM_ORGANIZATION_ACCOUNT_FILE $ARM_SINGLE_ACCOUNT_FILE_DEV $ARM_ORGANIZATION_ACCOUNT_FILE_DEV + git commit -m "Update ARM templates" } update_version_arm_template_file_uris() { - echo "• Update ARM templates with new version" - local single_account_file="deploy/azure/ARM-for-single-account.json" - local organization_account_file="deploy/azure/ARM-for-organization-account.json" - echo "• Replace fileUris git branch in ARM templates" - sed -i'' -E "s/cloudbeat\/main/cloudbeat\/$CURRENT_MINOR_VERSION/g" $single_account_file - sed -i'' -E "s/cloudbeat\/main/cloudbeat\/$CURRENT_MINOR_VERSION/g" $organization_account_file - - echo "• Generate dev ARM templates" - ./deploy/azure/generate_dev_template.py --template-type single-account - ./deploy/azure/generate_dev_template.py --template-type organization-account + sed -i'' -E "s/cloudbeat\/main/cloudbeat\/$CURRENT_MINOR_VERSION/g" $ARM_SINGLE_ACCOUNT_FILE + sed -i'' -E "s/cloudbeat\/main/cloudbeat\/$CURRENT_MINOR_VERSION/g" $ARM_ORGANIZATION_ACCOUNT_FILE + git add $ARM_SINGLE_ACCOUNT_FILE $ARM_ORGANIZATION_ACCOUNT_FILE + git commit -m "Update ARM templates" } update_version_beat() { echo "• Update version/version.go with new version" sed -i'' -E "s/const defaultBeatVersion = .*/const defaultBeatVersion = \"$NEXT_CLOUDBEAT_VERSION\"/g" version/version.go + git add version/version.go + git commit -m "Update version.go" } create_cloudbeat_versions_pr_for_main() { echo "• Create PR for cloudbeat next version" - git add . - git commit -m "Bump cloudbeat to $NEXT_CLOUDBEAT_VERSION" git push origin "$NEXT_CLOUDBEAT_BRANCH" - cat <cloudbeat_pr_body Bump cloudbeat version - \`$NEXT_CLOUDBEAT_VERSION\` > [!NOTE] > This is an automated PR EOF - gh pr create --title "Bump cloudbeat version" \ --body-file cloudbeat_pr_body \ --base "main" \ --head "$NEXT_CLOUDBEAT_BRANCH" \ --label "backport-skip" - rm -rf cloudbeat_pr_body } create_cloudbeat_versions_pr_for_release() { echo "• Create PR for cloudbeat release version" - git add . - git commit -m "Release cloudbeat $CURRENT_CLOUDBEAT_VERSION" git push origin "$RELEASE_CLOUDBEAT_BRANCH" - cat <cloudbeat_pr_body_release Release cloudbeat version - \`$CURRENT_CLOUDBEAT_VERSION\` > [!NOTE] > This is an automated PR EOF - gh pr create --title "Release cloudbeat version" \ --body-file cloudbeat_pr_body_release \ --base "$CURRENT_MINOR_VERSION" \ --head "$RELEASE_CLOUDBEAT_BRANCH" \ --label "backport-skip" - - rm -rf cloudbeat_pr_body_release } # We need to bump hermit seperately because we need to wait for the snapshot build to be available bump_hermit() { echo "• Bump hermit cloudbeat version" - local BRANCH="bump-hermit-to-$CURRENT_CLOUDBEAT_VERSION" - git checkout -b "$BRANCH" origin/main - - sed -i'' -E "s/\"CLOUDBEAT_VERSION\": .*/\"CLOUDBEAT_VERSION\": \"$CURRENT_CLOUDBEAT_VERSION\",/g" bin/hermit.hcl - git add bin/hermit.hcl + sed -i'' -E "s/\"CLOUDBEAT_VERSION\": .*/\"CLOUDBEAT_VERSION\": \"$CURRENT_CLOUDBEAT_VERSION\",/g" $HERMIT_FILE + git add $HERMIT_FILE git commit -m "Bump cloudbeat to $CURRENT_CLOUDBEAT_VERSION" - git push origin "$BRANCH" + git push origin "$NEXT_CLOUDBEAT_HERMIT_BRANCH" cat <hermit_pr_body Bump cloudbeat version - \`$CURRENT_CLOUDBEAT_VERSION\` @@ -130,10 +126,8 @@ EOF gh pr create --title "Bump hermit cloudbeat version" \ --body-file hermit_pr_body \ --base "main" \ - --head "$BRANCH" \ + --head "$NEXT_CLOUDBEAT_HERMIT_BRANCH" \ --label "backport-skip" - - rm -rf hermit_pr_body } upload_cloud_formation_templates() { @@ -146,21 +140,36 @@ upload_cloud_formation_templates() { # make changes to 'main' for next version run_version_changes_for_main() { + # create a new branch from the main branch git fetch origin main git checkout -b "$NEXT_CLOUDBEAT_BRANCH" origin/main + + # commit update_version_beat update_version_mergify update_version_arm_template_default_value + + # push create_cloudbeat_versions_pr_for_main + + # create, commit and push a separate PR for hermit + git checkout -b "$NEXT_CLOUDBEAT_HERMIT_BRANCH" origin/main bump_hermit } # make changes for 'release' version run_version_changes_for_release_branch() { + # create a new branch from the current minor version git fetch origin "$CURRENT_MINOR_VERSION" git checkout -b "$RELEASE_CLOUDBEAT_BRANCH" origin/"$CURRENT_MINOR_VERSION" + + # commit update_version_arm_template_file_uris + + # push create_cloudbeat_versions_pr_for_release + + # upload cloud formation templates for the release version upload_cloud_formation_templates } From 6c6e62ca425d265f07f29cab01b8422cef2a4c67 Mon Sep 17 00:00:00 2001 From: Or Ouziel Date: Thu, 7 Mar 2024 15:33:06 +0200 Subject: [PATCH 2/4] add workflow summary links --- scripts/bump_cloudbeat.sh | 11 +++++++---- scripts/bump_integration.sh | 1 + 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/scripts/bump_cloudbeat.sh b/scripts/bump_cloudbeat.sh index e5ecb65e7e..982adc01bf 100755 --- a/scripts/bump_cloudbeat.sh +++ b/scripts/bump_cloudbeat.sh @@ -86,6 +86,7 @@ EOF --base "main" \ --head "$NEXT_CLOUDBEAT_BRANCH" \ --label "backport-skip" + echo "[Cloudbeat Version PR to main]($pr_url)" >>$GITHUB_STEP_SUMMARY } create_cloudbeat_versions_pr_for_release() { @@ -97,11 +98,12 @@ Release cloudbeat version - \`$CURRENT_CLOUDBEAT_VERSION\` > [!NOTE] > This is an automated PR EOF - gh pr create --title "Release cloudbeat version" \ + pr_url=$(gh pr create --title "Release cloudbeat version" \ --body-file cloudbeat_pr_body_release \ --base "$CURRENT_MINOR_VERSION" \ --head "$RELEASE_CLOUDBEAT_BRANCH" \ - --label "backport-skip" + --label "backport-skip") + echo "[Cloudbeat Version PR to release branch]($pr_url)" >>$GITHUB_STEP_SUMMARY } # We need to bump hermit seperately because we need to wait for the snapshot build to be available @@ -123,11 +125,12 @@ Bump cloudbeat version - \`$CURRENT_CLOUDBEAT_VERSION\` EOF echo "• Create a PR for cloudbeat hermit version" - gh pr create --title "Bump hermit cloudbeat version" \ + pr_url=$(gh pr create --title "Bump hermit cloudbeat version" \ --body-file hermit_pr_body \ --base "main" \ --head "$NEXT_CLOUDBEAT_HERMIT_BRANCH" \ - --label "backport-skip" + --label "backport-skip") + echo "[Cloudbeat Hermit PR]($pr_url)" >>$GITHUB_STEP_SUMMARY } upload_cloud_formation_templates() { diff --git a/scripts/bump_integration.sh b/scripts/bump_integration.sh index fa405eb784..86071bfd7d 100755 --- a/scripts/bump_integration.sh +++ b/scripts/bump_integration.sh @@ -62,6 +62,7 @@ EOF --label "enhancement" \ --label "Team:Cloud Security" \ --repo "$INTEGRATION_REPO")" + echo "[Integrations PR]($PR_URL)" >>$GITHUB_STEP_SUMMARY export PR_URL } From 7dbd9a1e2ad8535969cc0995d96b1288b076aa84 Mon Sep 17 00:00:00 2001 From: Or Ouziel Date: Thu, 7 Mar 2024 15:47:22 +0200 Subject: [PATCH 3/4] ignore shellcheck SC2086 --- scripts/bump_cloudbeat.sh | 3 +++ scripts/bump_integration.sh | 1 + 2 files changed, 4 insertions(+) diff --git a/scripts/bump_cloudbeat.sh b/scripts/bump_cloudbeat.sh index 982adc01bf..8e6b0b46b2 100755 --- a/scripts/bump_cloudbeat.sh +++ b/scripts/bump_cloudbeat.sh @@ -86,6 +86,7 @@ EOF --base "main" \ --head "$NEXT_CLOUDBEAT_BRANCH" \ --label "backport-skip" + # shellcheck disable=SC2086 echo "[Cloudbeat Version PR to main]($pr_url)" >>$GITHUB_STEP_SUMMARY } @@ -103,6 +104,7 @@ EOF --base "$CURRENT_MINOR_VERSION" \ --head "$RELEASE_CLOUDBEAT_BRANCH" \ --label "backport-skip") + # shellcheck disable=SC2086 echo "[Cloudbeat Version PR to release branch]($pr_url)" >>$GITHUB_STEP_SUMMARY } @@ -130,6 +132,7 @@ EOF --base "main" \ --head "$NEXT_CLOUDBEAT_HERMIT_BRANCH" \ --label "backport-skip") + # shellcheck disable=SC2086 echo "[Cloudbeat Hermit PR]($pr_url)" >>$GITHUB_STEP_SUMMARY } diff --git a/scripts/bump_integration.sh b/scripts/bump_integration.sh index 86071bfd7d..7eea194172 100755 --- a/scripts/bump_integration.sh +++ b/scripts/bump_integration.sh @@ -62,6 +62,7 @@ EOF --label "enhancement" \ --label "Team:Cloud Security" \ --repo "$INTEGRATION_REPO")" + # shellcheck disable=SC2086 echo "[Integrations PR]($PR_URL)" >>$GITHUB_STEP_SUMMARY export PR_URL } From 9125223d7878c262a029815634873c7bfb8dbbbb Mon Sep 17 00:00:00 2001 From: Or Ouziel Date: Thu, 7 Mar 2024 15:49:15 +0200 Subject: [PATCH 4/4] fix pr url var --- scripts/bump_cloudbeat.sh | 12 ++++++------ scripts/bump_integration.sh | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/scripts/bump_cloudbeat.sh b/scripts/bump_cloudbeat.sh index 8e6b0b46b2..2cfd8fdff6 100755 --- a/scripts/bump_cloudbeat.sh +++ b/scripts/bump_cloudbeat.sh @@ -81,11 +81,11 @@ Bump cloudbeat version - \`$NEXT_CLOUDBEAT_VERSION\` > [!NOTE] > This is an automated PR EOF - gh pr create --title "Bump cloudbeat version" \ + pr_url="$(gh pr create --title "Bump cloudbeat version" \ --body-file cloudbeat_pr_body \ --base "main" \ --head "$NEXT_CLOUDBEAT_BRANCH" \ - --label "backport-skip" + --label "backport-skip")" # shellcheck disable=SC2086 echo "[Cloudbeat Version PR to main]($pr_url)" >>$GITHUB_STEP_SUMMARY } @@ -99,11 +99,11 @@ Release cloudbeat version - \`$CURRENT_CLOUDBEAT_VERSION\` > [!NOTE] > This is an automated PR EOF - pr_url=$(gh pr create --title "Release cloudbeat version" \ + pr_url="$(gh pr create --title "Release cloudbeat version" \ --body-file cloudbeat_pr_body_release \ --base "$CURRENT_MINOR_VERSION" \ --head "$RELEASE_CLOUDBEAT_BRANCH" \ - --label "backport-skip") + --label "backport-skip")" # shellcheck disable=SC2086 echo "[Cloudbeat Version PR to release branch]($pr_url)" >>$GITHUB_STEP_SUMMARY } @@ -127,11 +127,11 @@ Bump cloudbeat version - \`$CURRENT_CLOUDBEAT_VERSION\` EOF echo "• Create a PR for cloudbeat hermit version" - pr_url=$(gh pr create --title "Bump hermit cloudbeat version" \ + pr_url="$(gh pr create --title "Bump hermit cloudbeat version" \ --body-file hermit_pr_body \ --base "main" \ --head "$NEXT_CLOUDBEAT_HERMIT_BRANCH" \ - --label "backport-skip") + --label "backport-skip")" # shellcheck disable=SC2086 echo "[Cloudbeat Hermit PR]($pr_url)" >>$GITHUB_STEP_SUMMARY } diff --git a/scripts/bump_integration.sh b/scripts/bump_integration.sh index 7eea194172..ae4bc7ead9 100755 --- a/scripts/bump_integration.sh +++ b/scripts/bump_integration.sh @@ -78,7 +78,7 @@ update_manifest_version() { update_changelog_version() { echo "• Update changelog version" yq -i ".[0].version = \"$NEXT_INTEGRATION_VERSION\"" $CHANGELOG_PATH - # this line below requires single quotes and env(PR) to interpolate this env var + # PR_URL needs to be exported yq -i '.[0].changes += [{"description": "Bump version", "type": "enhancement", "link": env(PR_URL) }]' $CHANGELOG_PATH git add $CHANGELOG_PATH git commit -m "Update changelog version"