release 8.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242
  1. #!/usr/bin/env bash
  2. set -o errexit
  3. set -o nounset
  4. set -o pipefail
  5. help() {
  6. echo "$(basename "$0") [version]"
  7. echo "Release etcd using the same approach as the etcd-release-runbook (https://goo.gl/Gxwysq)"
  8. echo ""
  9. echo "WARNING: This does not perform the 'Add API capabilities', 'Performance testing' "
  10. echo " or 'Documentation' steps. These steps must be performed manually BEFORE running this tool."
  11. echo ""
  12. echo "WARNING: This script does not sign releases, publish releases to github or sent announcement"
  13. echo " emails. These steps must be performed manually AFTER running this tool."
  14. echo ""
  15. echo " args:"
  16. echo " version: version of etcd to release, e.g. '3.2.18'"
  17. echo " flags:"
  18. echo " --no-upload: skip gs://etcd binary artifact uploads."
  19. echo " --no-docker-push: skip docker image pushes."
  20. echo ""
  21. }
  22. main() {
  23. VERSION=$1
  24. if [[ ! "${VERSION}" =~ [0-9]+.[0-9]+.[0-9]+ ]]; then
  25. echo "Expected 'version' param of the form '<major-version>.<minor-version>.<patch-version>' but got '${VERSION}'"
  26. exit 1
  27. fi
  28. RELEASE_VERSION="v${VERSION}"
  29. MINOR_VERSION=$(echo "${VERSION}" | cut -d. -f 1-2)
  30. BRANCH="release-${MINOR_VERSION}"
  31. if ! command -v docker >/dev/null; then
  32. echo "cannot find docker"
  33. exit 1
  34. fi
  35. KEYID=$(gpg --list-keys --with-colons| awk -F: '/^pub:/ { print $5 }')
  36. if [[ -z "${KEYID}" ]]; then
  37. echo "Failed to load gpg key. Is gpg set up correctly for etcd releases?"
  38. exit 1
  39. fi
  40. # Expected umask for etcd release artifacts
  41. umask 022
  42. # Set up release directory.
  43. local reldir="/tmp/etcd-release-${VERSION}"
  44. if [ ! -d "${reldir}/etcd" ]; then
  45. mkdir -p "${reldir}"
  46. cd "${reldir}"
  47. git clone https://github.com/etcd-io/etcd.git --branch "${BRANCH}"
  48. fi
  49. cd "${reldir}/etcd"
  50. # If a release version tag already exists, use it.
  51. local remote_tag_exists
  52. remote_tag_exists=$(git ls-remote origin "refs/tags/${RELEASE_VERSION}" | grep -c "${RELEASE_VERSION}")
  53. if [ "${remote_tag_exists}" -gt 0 ]; then
  54. echo "Release version tag exists on remote. Checking out refs/tags/${RELEASE_VERSION}"
  55. git checkout -q "tags/${RELEASE_VERSION}"
  56. fi
  57. # Check go version.
  58. # download "yq" from https://github.com/mikefarah/yq
  59. local go_version current_go_version
  60. go_version="go$(yq read .travis.yml "go[0]")"
  61. current_go_version=$(go version | awk '{ print $3 }')
  62. if [[ "${current_go_version}" != "${go_version}" ]]; then
  63. echo "Current go version is ${current_go_version}, but etcd ${RELEASE_VERSION} requires ${go_version} (see .travis.yml)."
  64. exit 1
  65. fi
  66. # If the release tag does not already exist remotely, create it.
  67. if [ "${remote_tag_exists}" -eq 0 ]; then
  68. # Bump version/version.go to release version.
  69. local source_version
  70. source_version=$(grep -E "\s+Version\s*=" version/version.go | sed -e "s/.*\"\(.*\)\".*/\1/g")
  71. if [[ "${source_version}" != "${VERSION}" ]]; then
  72. source_minor_version=$(echo "${source_version}" | cut -d. -f 1-2)
  73. if [[ "${source_minor_version}" != "${MINOR_VERSION}" ]]; then
  74. echo "Wrong etcd minor version in version/version.go. Expected ${MINOR_VERSION} but got ${source_minor_version}. Aborting."
  75. exit 1
  76. fi
  77. echo "Updating version from ${source_version} to ${VERSION} in version/version.go"
  78. sed -i "s/${source_version}/${VERSION}/g" version/version.go
  79. fi
  80. echo "Building etcd and checking --version output"
  81. ./build
  82. local etcd_version
  83. etcd_version=$(bin/etcd --version | grep "etcd Version" | awk '{ print $3 }')
  84. if [[ "${etcd_version}" != "${VERSION}" ]]; then
  85. echo "Wrong etcd version in version/version.go. Expected ${etcd_version} but got ${VERSION}. Aborting."
  86. exit 1
  87. fi
  88. if [[ -n $(git status -s) ]]; then
  89. echo "Committing version/version.go update."
  90. git add version/version.go
  91. git commit -m "version: bump up to ${VERSION}"
  92. git diff --staged
  93. fi
  94. # Push the version change if it's not already been pushed.
  95. if [ "$(git rev-list --count "origin/${BRANCH}..${BRANCH}")" -gt 0 ]; then
  96. read -p "Push version bump up to ${VERSION} to github.com/etcd-io/etcd [y/N]? " -r confirm
  97. [[ "${confirm,,}" == "y" ]] || exit 1
  98. git push
  99. fi
  100. # Tag release.
  101. if [ "$(git tag --list | grep -c "${RELEASE_VERSION}")" -gt 0 ]; then
  102. echo "Skipping tag step. git tag ${RELEASE_VERSION} already exists."
  103. else
  104. echo "Tagging release..."
  105. git tag --local-user "${KEYID}" --sign "${RELEASE_VERSION}" --message "${RELEASE_VERSION}"
  106. fi
  107. # Push the tag change if it's not already been pushed.
  108. read -p "Push etcd ${RELEASE_VERSION} tag [y/N]? " -r confirm
  109. [[ "${confirm,,}" == "y" ]] || exit 1
  110. git push origin "tags/${RELEASE_VERSION}"
  111. fi
  112. # Build release.
  113. # TODO: check the release directory for all required build artifacts.
  114. if [ -d release ]; then
  115. echo "Skpping release build step. /release directory already exists."
  116. else
  117. echo "Building release..."
  118. # Check for old and new names of the release build script.
  119. # TODO: Move the release script into this on as a function?
  120. if [ -f ./scripts/release.sh ]; then
  121. ./scripts/release.sh "${RELEASE_VERSION}"
  122. else
  123. ./scripts/build-release.sh "${RELEASE_VERSION}"
  124. fi
  125. fi
  126. # Sanity checks.
  127. "./release/etcd-${RELEASE_VERSION}-$(go env GOOS)-amd64/etcd" --version | grep -q "etcd Version: ${VERSION}" || true
  128. "./release/etcd-${RELEASE_VERSION}-$(go env GOOS)-amd64/etcdctl" version | grep -q "etcdctl version: ${VERSION}" || true
  129. # Generate SHA256SUMS
  130. echo -e "Generating sha256sums of release artifacts.\n"
  131. pushd ./release
  132. ls . | grep -E '\.tar.gz$|\.zip$' | xargs shasum -a 256 > ./SHA256SUMS
  133. popd
  134. if [ -s ./release/SHA256SUMS ]; then
  135. cat ./release/SHA256SUMS
  136. else
  137. echo "sha256sums is not valid. Aborting."
  138. exit 1
  139. fi
  140. # Upload artifacts.
  141. if [ "${NO_UPLOAD}" == 1 ]; then
  142. echo "Skipping artifact upload to gs://etcd. --no-upload flat is set."
  143. else
  144. read -p "Upload etcd ${RELEASE_VERSION} release artifacts to gs://etcd [y/N]? " -r confirm
  145. [[ "${confirm,,}" == "y" ]] || exit 1
  146. gsutil -m cp ./release/SHA256SUMS "gs://etcd/${RELEASE_VERSION}/"
  147. gsutil -m cp ./release/*.zip "gs://etcd/${RELEASE_VERSION}/"
  148. gsutil -m cp ./release/*.tar.gz "gs://etcd/${RELEASE_VERSION}/"
  149. gsutil -m acl ch -u allUsers:R -r "gs://etcd/${RELEASE_VERSION}/"
  150. fi
  151. # Push images.
  152. if [ "${NO_DOCKER_PUSH}" == 1 ]; then
  153. echo "Skipping docker push. --no-docker-push flat is set."
  154. else
  155. read -p "Publish etcd ${RELEASE_VERSION} docker images to quay.io [y/N]? " -r confirm
  156. [[ "${confirm,,}" == "y" ]] || exit 1
  157. # shellcheck disable=SC2034
  158. for i in {1..5}; do
  159. docker login quay.io && break
  160. echo "login failed, retrying"
  161. done
  162. gcloud docker -- login -u _json_key -p "$(cat /etc/gcp-key-etcd-development.json)" https://gcr.io
  163. echo "Pushing container images to quay.io ${RELEASE_VERSION}"
  164. docker push "quay.io/coreos/etcd:${RELEASE_VERSION}"
  165. echo "Pushing container images to gcr.io ${RELEASE_VERSION}"
  166. gcloud docker -- push "gcr.io/etcd-development/etcd:${RELEASE_VERSION}"
  167. for TARGET_ARCH in "-arm64" "-ppc64le"; do
  168. echo "Pushing container images to quay.io ${RELEASE_VERSION}${TARGET_ARCH}"
  169. docker push "quay.io/coreos/etcd:${RELEASE_VERSION}${TARGET_ARCH}"
  170. echo "Pushing container images to gcr.io ${RELEASE_VERSION}${TARGET_ARCH}"
  171. gcloud docker -- push "gcr.io/etcd-development/etcd:${RELEASE_VERSION}${TARGET_ARCH}"
  172. done
  173. echo "Setting permissions using gsutil..."
  174. gsutil -m acl ch -u allUsers:R -r gs://artifacts.etcd-development.appspot.com
  175. fi
  176. # TODO: signing process
  177. echo ""
  178. echo "WARNING: The release has not been signed and published to github. This must be done manually."
  179. echo ""
  180. echo "Success."
  181. exit 0
  182. }
  183. POSITIONAL=()
  184. NO_UPLOAD=0
  185. NO_DOCKER_PUSH=0
  186. while test $# -gt 0; do
  187. case "$1" in
  188. -h|--help)
  189. shift
  190. help
  191. exit 0
  192. ;;
  193. --no-upload)
  194. NO_UPLOAD=1
  195. shift
  196. ;;
  197. --no-docker-push)
  198. NO_DOCKER_PUSH=1
  199. shift
  200. ;;
  201. *)
  202. POSITIONAL+=("$1") # save it in an array for later
  203. shift # past argument
  204. ;;
  205. esac
  206. done
  207. set -- "${POSITIONAL[@]}" # restore positional parameters
  208. if [[ ! $# -eq 1 ]]; then
  209. help
  210. exit 1
  211. fi
  212. main "$1"