Release oldstable from v3, edge from v4#3931
Conversation
DrJosh9000
force-pushed
the
lets-dogfood-v4
branch
from
c508b77 to
f95a9f2
Compare
DrJosh9000
force-pushed
the
lets-dogfood-v4
branch
7 times, most recently
from
35922e5 to
653ea40
Compare
|
@buildsworth-bk review |
![buildsworth-bk-app[bot]](https://avatars.githubusercontent.com/in/3010600?s=60&v=4){kind=small}
There was a problem hiding this comment.
Adds the new oldstable release pipeline and updates upload-release-steps.sh to route v3 final releases through oldstable (in addition to stable, until v4 takes over) and edge builds through v4. Most of the diff is shell-quoting cleanup plus an if-block-to-case refactor in publish-docker-image.sh and upload-release-steps.sh, and that's where the issues are concentrated.
Three blocking findings below: a missing ;; in the new case in publish-docker-image.sh that makes the script fail to parse, a stray quote in publish-rpm-package.sh that turns the dependency install into a no-op assignment, and what looks like a concurrent-write race once v3 releases trigger both stable and oldstable pipelines in parallel.
Want to dig deeper? The full session log is attached to this Buildkite build. Download the session file and open a new pi session with it:
Download the buildsworth logs from build 312, then answer my questions about the findings.
DrJosh9000
force-pushed
the
lets-dogfood-v4
branch
from
653ea40 to
c529e9c
Compare
|
@buildsworth-bk review |
buildsworth-bk-app
Bot
dismissed
their stale review
Previous concerns have been addressed.
There was a problem hiding this comment.
Previous three concerns are resolved: the missing ;; in publish-docker-image.sh is in place (bash -n clean), the stray quote in publish-rpm-package.sh is fixed, and the github-release/homebrew race is no longer reachable — pipeline.release-oldstable.yml skips both of those steps, and the additions in github-release.sh ((stable || oldstable) && IS_PRERELEASE==1 skip, --latest=false for oldstable) set things up cleanly for when the skips come off.
One new blocking finding from a closer look at upload-release-steps.sh: the v3 skip arm in edge_steps_yaml echoes a plain log line into the YAML stream that's piped into buildkite-agent pipeline upload, which I think breaks v3 releases. Details inline.
Want to dig deeper? The full session log is attached to this Buildkite build. Download the session file and open a new pi session with it:
Download the buildsworth logs from build 315, then answer my questions about the findings.
DrJosh9000
force-pushed
the
lets-dogfood-v4
branch
from
c529e9c to
b2fdb58
Compare
|
@buildsworth-bk review |
buildsworth-bk-app
Bot
dismissed
their stale review
Previous concerns have been addressed.
There was a problem hiding this comment.
Previous round's blocking concern on edge_steps_yaml (the echo corrupting the YAML stream piped into buildkite-agent pipeline upload) and the v4 fallthrough question are both resolved — edge_steps_yaml now emits a properly-formed skipped trigger step for non-v4 versions (parses cleanly), and output_steps_yaml has an explicit 4.*) arm. No new findings.
Not approving on risk:l1, though: the change rewires release pipeline orchestration — new pipeline.release-oldstable.yml, new IAM role and package registries, new v3/v4/edge routing logic in upload-release-steps.sh — which is the "Deployment configuration" L3 example in the risk taxonomy. Previous rounds also caught real production-impact bugs in this same code (YAML corruption, missing ;;, github-release race), and upload-release-steps.sh isn't exercised by CI on this branch, so an additional pair of eyes on the v3/v4 routing is worth the cost.
Want to dig deeper? The full session log is attached to this Buildkite build. Download the session file and open a new pi session with it:
Download the buildsworth logs from build 318, then answer my questions about the findings.
3 participants
Description
Create a new "codename"
oldstable(like Debian'soldstable), and release v3 to it.Also push to edge from v4 instead of v3, so that we can dogfood v4 more.
Context
v4 is coming - #3807
Changes
Depends on creating the pipeline and setting up the OIDC permissions✅ Done)oldstableas a codename.3,3.123) as container image tags fromoldstable, and not e.g.latest$FOO->${FOO}and changing consecutiveif...fiblocks intocase...esacTesting
go test ./...). Buildkite employees may check this if the pipeline has run automatically.go tool gofumpt -extra -w .)Disclosures / Credits
I did not use AI tools at all... until getting buildsworth to review.