Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Automate-Release-1] Add image-source-of-truth.yaml and update-truth-sidecars scripts #1791

Closed
wants to merge 1 commit into from
Closed

[Automate-Release-1] Add image-source-of-truth.yaml and update-truth-sidecars scripts #1791

wants to merge 1 commit into from

Conversation

AndrewSirenko
Copy link
Contributor

Is this a bug fix or adding new feature?
Release automation

What is this PR about? / Why do we need it?
NOTE: This PR is the first in the series [Automate-Release].

The [Automate-Release] PRs add the directory hack/release-scripts to help automate release related activity.

This PR adds:

  • image_source_of_truth.yaml: Is the source of truth of images, tags, and manifest digests used in the rest of the repository. Scripts in hack/release-scripts will update this file and propagating those updates to the rest of the repository.
  • update-truth-sidecars: Updates the image-source-of-truth.yaml with the latest tags and associated manifest digests for each sidecar image by using crane.
  • A update-truth-sidecars target for our Makefile.

What testing is done?
Running make update-truth-sidecars will produce the following diff:

diff --git a/hack/release-scripts/image-source-of-truth.yaml b/hack/release-scripts/image-source-of-truth.yaml
index 50ada827..f337afd4 100644
--- a/hack/release-scripts/image-source-of-truth.yaml
+++ b/hack/release-scripts/image-source-of-truth.yaml
@@ -10,33 +10,33 @@ driver:
 sidecars: # sidecar names match upstream helm chart values.yaml
   snapshotter:
     image: "public.ecr.aws/eks-distro/kubernetes-csi/external-snapshotter/csi-snapshotter"
-    tag: ""
-    manifestDigest: ""
+    tag: "v6.3.0-eks-1-28-7"
+    manifestDigest: "sha256:61ebea9d396ad9ef0767bd697b50ed2615c9fd49c2625e64c102d916030f7369"
   attacher:
     image: "public.ecr.aws/eks-distro/kubernetes-csi/external-attacher"
-    tag: ""
-    manifestDigest: ""
+    tag: "v4.4.0-eks-1-28-7"
+    manifestDigest: "sha256:955fd72b5b77cffdf785c7c110de0a927906a8765c19160fdb5d7cd74cdc20a6"
   provisioner:
     image: "public.ecr.aws/eks-distro/kubernetes-csi/external-provisioner"
-    tag: ""
-    manifestDigest: ""
+    tag: "v3.6.0-eks-1-28-7"
+    manifestDigest: "sha256:91158c7bf17832d03d7472f4ceb111564d61674ac1aea10c3699f0c55545782d"
   resizer:
     image: "public.ecr.aws/eks-distro/kubernetes-csi/external-resizer"
-    tag: ""
-    manifestDigest: ""
+    tag: "v1.9.0-eks-1-28-7"
+    manifestDigest: "sha256:991ffd5221c340168fbcd77148fd4098df469c2bc78aa84bed4eb323673f87ca"
   livenessProbe:
     image: "public.ecr.aws/eks-distro/kubernetes-csi/livenessprobe"
-    tag: ""
-    manifestDigest: ""
+    tag: "v2.11.0-eks-1-28-7"
+    manifestDigest: "sha256:1ee7f20beaf76a57c5446dc41b0718172e8beb69da8ca2343804309e3a58a367"
   nodeDriverRegistrar:
     image: "public.ecr.aws/eks-distro/kubernetes-csi/node-driver-registrar"
-    tag: ""
-    manifestDigest: ""
+    tag: "v2.9.0-eks-1-28-7"
+    manifestDigest: "sha256:a51e121d046e459a4315894be43b13ba7348038a67d3e9fb4e3d44cda3dbed1a"
   volumemodifier:
     image: "public.ecr.aws/ebs-csi-driver/volume-modifier-for-k8s"
-    tag: ""
-    manifestDigest: ""
+    tag: "v0.1.3"
+    manifestDigest: "sha256:5452144bfc75cb986ccf266cc967773801c91d47ff3b51326904fa516765c914"
   snapshotController:
     image: "public.ecr.aws/eks-distro/kubernetes-csi/external-snapshotter/snapshot-controller"
-    tag: ""
-    manifestDigest: ""
+    tag: "v6.3.0-eks-1-28-7"
+    manifestDigest: "sha256:a6f0bf7d1f16991bbd85764b2e2791f7812d13b04ed8596904cd3a6a9fbb87b1"

@k8s-ci-robot k8s-ci-robot added do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. labels Oct 19, 2023
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please ask for approval from andrewsirenko. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Oct 19, 2023
@AndrewSirenko AndrewSirenko changed the title [WIP] [Automate-Release-1] Add image-source-of-truth.yaml and update-truth-sidecars scripts [Automate-Release-1] Add image-source-of-truth.yaml and update-truth-sidecars scripts Oct 19, 2023
@k8s-ci-robot k8s-ci-robot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Oct 19, 2023
@AndrewSirenko AndrewSirenko mentioned this pull request Oct 19, 2023
Merged
ConnorJC3
ConnorJC3 requested changes Oct 19, 2023
View reviewed changes
Copy link
Contributor

@ConnorJC3 ConnorJC3 left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't understand the purpose of this PR - Why are we creating a "source of truth" file to live in our git repository when the Helm chart is the actual source of truth?

If it's just going to be a convenient file for other scripts to read, it should probably be in the .gitignore so that maintainers doing a release don't update the file.

hack/release-scripts/update-truth-sidecars Show resolved Hide resolved
hack/release-scripts/update-truth-sidecars
ROOT_DIRECTORY=${ROOT_DIRECTORY:=$(git rev-parse --show-toplevel)}
TRUTH_FILEPATH=${TRUTH_FILEPATH:="$ROOT_DIRECTORY/hack/release-scripts/image-source-of-truth.yaml"}

tmp_filename="tmp_$RANDOM.txt"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Use mktemp

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like mktemp suffers from some Linux/MacOS incompatibilities. I think the current way of creating a temporary file is more readable for this non-mission-critical use-case compared to mktemp fix.

Makefile
@@ -268,3 +268,7 @@ generate-kustomize: bin/helm
cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/serviceaccount-csi-node.yaml | sed -e "/namespace: /d" > ../../deploy/kubernetes/base/serviceaccount-csi-node.yaml
cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/role-leases.yaml | sed -e "/namespace: /d" > ../../deploy/kubernetes/base/role-leases.yaml
cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/rolebinding-leases.yaml | sed -e "/namespace: /d" > ../../deploy/kubernetes/base/rolebinding-leases.yaml

.PHONY: update-truth-sidecars
update-truth-sidecars: hack/release-scripts/image-source-of-truth.yaml hack/release-scripts/update-truth-sidecars
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Targets should not depend on the files they update, remove hack/release-scripts/image-source-of-truth.yaml

@AndrewSirenko AndrewSirenko mentioned this pull request Oct 20, 2023
Closed
@AndrewSirenko AndrewSirenko deleted the autoRelease1 branch November 1, 2023 13:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ConnorJC3 ConnorJC3 ConnorJC3 requested changes

@torredil torredil Awaiting requested review from torredil

Assignees

@ConnorJC3 ConnorJC3

Labels
cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@AndrewSirenko @k8s-ci-robot @ConnorJC3