From 03179927418da54d3f0832160032e16811a894bd Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Mon, 7 Feb 2022 15:18:43 +0000 Subject: [PATCH 01/18] ci: support AWS ARN automation on release tag basis --- .ci/Makefile | 90 +++++++++++++++++++++++++++++++++++++++++ .ci/create-arn-table.sh | 29 +++++++++++++ Jenkinsfile | 50 +++++++++++++++++++++++ 3 files changed, 169 insertions(+) create mode 100644 .ci/Makefile create mode 100644 .ci/create-arn-table.sh diff --git a/.ci/Makefile b/.ci/Makefile new file mode 100644 index 0000000000..aac511f037 --- /dev/null +++ b/.ci/Makefile @@ -0,0 +1,90 @@ +SHELL = /bin/bash -eo pipefail + +AWS_FOLDER = .aws +AWS_LAMBDA_ZIP_LOCATION = elastic-apm-agent/target + +export AWS_FOLDER + +dist: validate-branch-name + @cp $(AWS_LAMBDA_ZIP_LOCATION)/elastic-apm-java-aws-lambda-layer-*.zip $(AWS_LAMBDA_ZIP_LOCATION)/$(ELASTIC_LAYER_NAME).zip + +# List all the AWS regions +get-all-aws-regions: + @aws \ + ec2 \ + describe-regions \ + --region us-east-1 \ + --output json \ + --no-cli-pager \ + | jq -r '.Regions[].RegionName' > .regions + +# Publish the given LAYER in all the AWS regions +publish-in-all-aws-regions: validate-layer-name get-all-aws-regions dist + @mkdir -p $(AWS_FOLDER) + @while read AWS_DEFAULT_REGION; do \ + echo "publish '$(ELASTIC_LAYER_NAME)' in $${AWS_DEFAULT_REGION}"; \ + AWS_DEFAULT_REGION="$${AWS_DEFAULT_REGION}" ELASTIC_LAYER_NAME=$(ELASTIC_LAYER_NAME) $(MAKE) publish > $(AWS_FOLDER)/$${AWS_DEFAULT_REGION}; \ + AWS_DEFAULT_REGION="$${AWS_DEFAULT_REGION}" ELASTIC_LAYER_NAME=$(ELASTIC_LAYER_NAME) $(MAKE) grant-public-layer-access; \ + done <.regions + +# Publish the given LAYER in the given AWS region +publish: validate-layer-name validate-aws-default-region + @aws lambda \ + --output json \ + publish-layer-version \ + --layer-name "$(ELASTIC_LAYER_NAME)" \ + --description "AWS Lambda Extension Layer for Elastic APM Java" \ + --license "Apache-2.0" \ + --zip-file "fileb://./$(AWS_LAMBDA_ZIP_LOCATION)/$(ELASTIC_LAYER_NAME).zip" + +# Grant public access to the given LAYER in the given AWS region +grant-public-layer-access: validate-layer-name validate-aws-default-region + @echo "[debug] $(ELASTIC_LAYER_NAME) with version: $$($(MAKE) -s --no-print-directory get-version)" + @aws lambda \ + --output json \ + add-layer-version-permission \ + --layer-name "$(ELASTIC_LAYER_NAME)" \ + --action lambda:GetLayerVersion \ + --principal '*' \ + --statement-id "$(ELASTIC_LAYER_NAME)" \ + --version-number $$($(MAKE) -s --no-print-directory get-version) > $(AWS_FOLDER)/.$(AWS_DEFAULT_REGION)-public + +# Generate the file with the ARN entries +create-arn-file: validate-suffix-arn-file + @./create-arn-table.sh + +release-notes: validate-branch-name validate-suffix-arn-file + @gh release list + @gh \ + release \ + create $(BRANCH_NAME) \ + --draft \ + --title '$(BRANCH_NAME)' \ + --notes-file $(SUFFIX_ARN_FILE) \ + ./$(AWS_LAMBDA_ZIP_LOCATION)/$(ELASTIC_LAYER_NAME).zip + +# Get the ARN Version for the AWS_REGIONS +# NOTE: jq -r .Version "$(AWS_FOLDER)/$(AWS_DEFAULT_REGION)" fails in the CI +# with 'parse error: Invalid numeric literal at line 1, column 5' +get-version: validate-aws-default-region + @grep '"Version"' "$(AWS_FOLDER)/$(AWS_DEFAULT_REGION)" | cut -d":" -f2 | sed 's/ //g' | cut -d"," -f1 + +validate-branch-name: +ifndef BRANCH_NAME + $(error BRANCH_NAME is undefined) +endif + +validate-suffix-arn-file: +ifndef SUFFIX_ARN_FILE + $(error SUFFIX_ARN_FILE is undefined) +endif + +validate-layer-name: +ifndef ELASTIC_LAYER_NAME + $(error ELASTIC_LAYER_NAME is undefined) +endif + +validate-aws-default-region: +ifndef AWS_DEFAULT_REGION + $(error AWS_DEFAULT_REGION is undefined) +endif diff --git a/.ci/create-arn-table.sh b/.ci/create-arn-table.sh new file mode 100644 index 0000000000..6936cf6950 --- /dev/null +++ b/.ci/create-arn-table.sh @@ -0,0 +1,29 @@ +#!/usr/bin/env bash +set -o pipefail + +# +# Create the AWS ARN table given the below environment variables: +# +# - AWS_FOLDER - that's the location of the publish-layer-version output for each region +# - SUFFIX_ARN_FILE - that's the output file. +# - RELEASE_VERSION - that's the release version to be published in GitHub. +# + +ARN_FILE=${SUFFIX_ARN_FILE} + +{ + echo "[Release Notes for ${RELEASE_VERSION}](https://www.elastic.co/guide/en/apm/agent/java/current/release-notes-1.x.html#release-notes-${RELEASE_VERSION})" + echo '' + echo "### ARN" + echo '' + echo '|Region|ARN|' + echo '|------|---|' +} > "${ARN_FILE}" + +for f in $(ls "${AWS_FOLDER}"); do + LAYER_VERSION_ARN=$(grep '"LayerVersionArn"' "$AWS_FOLDER/${f}" | cut -d":" -f2- | sed 's/ //g' | sed 's/"//g' | cut -d"," -f1) + echo "INFO: create-arn-table ARN(${LAYER_VERSION_ARN}):region(${f}))" + echo "|${f}|${LAYER_VERSION_ARN}|" >> "${ARN_FILE}" +done + +echo '' >> "${ARN_FILE}" diff --git a/Jenkinsfile b/Jenkinsfile index 22a866670e..1ca5085017 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -456,7 +456,34 @@ pipeline { when { tag pattern: 'v\\d+\\.\\d+\\.\\d+', comparator: 'REGEXP' } + environment { + SUFFIX_ARN_FILE = 'arn-file.md' + } stages { + stage('Publish AWS Lambda') { + steps { + // Layer Name that includes the release version in the standarsed format + setEnvVar('ELASTIC_LAYER_NAME', "elastic-apm-java${getLambdaVersion()}") + setEnvVar('RELEASE_VERSION', "${getReleaseVersion()}") + deleteDir() + unstashV2(name: 'build', bucket: "${JOB_GCS_BUCKET_STASH}", credentialsId: "${JOB_GCS_CREDENTIALS}") + withAWSEnv(secret: 'secret/observability-team/ci/service-account/apm-aws-lambda', forceInstallation: true, version: '2.4.10') { + dir("${BASE_DIR}"){ + cmd(label: 'make publish-in-all-aws-regions', script: 'make -C .ci publish-in-all-aws-regions') + cmd(label: 'make create-arn-file', script: 'make -C .ci create-arn-file') + } + } + } + } + stage('Release Notes') { + steps { + withGhEnv(forceInstallation: true, version: '2.4.0') { + dir("${BASE_DIR}"){ + cmd(label: 'make release-notes', script: 'make -C .ci release-notes') + } + } + } + } stage('Opbeans') { environment { REPO_NAME = "${OPBEANS_REPO}" @@ -496,3 +523,26 @@ def reportTestResults(){ // disable codecov for now as it's not supported for windows // codecov(repo: env.REPO, basedir: "${BASE_DIR}", secret: "${CODECOV_SECRET}") } + +/** +* Transform TAG releases from v{major}.{minor}.{patch} to +* ver-{major}-{minor}-{patch}. f.i: given v1.2.3 then +* -ver-1-2-3. +*/ +def getLambdaVersion() { + if (env.BRANCH_NAME?.trim() && env.BRANCH_NAME.startsWith('v')) { + return env.BRANCH_NAME.replaceAll('v', '-ver-').replaceAll('\\.', '-') + } + return '' +} + +/** +* Transform TAG releases from v{major}.{minor}.{patch} to +* {major}.{minor}.{patch}. f.i: given v1.2.3 then 1.2.3 +*/ +def getReleaseVersion() { + if (env.BRANCH_NAME?.trim() && env.BRANCH_NAME.startsWith('v')) { + return env.BRANCH_NAME.replaceAll('v', '') + } + return '' +} From cac2dcaeb84ed7d95f6d5680504461262d3967ec Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Mon, 7 Feb 2022 15:50:00 +0000 Subject: [PATCH 02/18] ci: use the release pipeline instead --- .ci/Makefile | 12 +++------- .ci/create-arn-table.sh | 0 .ci/release/Jenkinsfile | 19 +++++++++++++++- Jenkinsfile | 50 ----------------------------------------- 4 files changed, 21 insertions(+), 60 deletions(-) mode change 100644 => 100755 .ci/create-arn-table.sh diff --git a/.ci/Makefile b/.ci/Makefile index aac511f037..1a0d872380 100644 --- a/.ci/Makefile +++ b/.ci/Makefile @@ -5,9 +5,6 @@ AWS_LAMBDA_ZIP_LOCATION = elastic-apm-agent/target export AWS_FOLDER -dist: validate-branch-name - @cp $(AWS_LAMBDA_ZIP_LOCATION)/elastic-apm-java-aws-lambda-layer-*.zip $(AWS_LAMBDA_ZIP_LOCATION)/$(ELASTIC_LAYER_NAME).zip - # List all the AWS regions get-all-aws-regions: @aws \ @@ -19,7 +16,7 @@ get-all-aws-regions: | jq -r '.Regions[].RegionName' > .regions # Publish the given LAYER in all the AWS regions -publish-in-all-aws-regions: validate-layer-name get-all-aws-regions dist +publish-in-all-aws-regions: validate-layer-name get-all-aws-regions @mkdir -p $(AWS_FOLDER) @while read AWS_DEFAULT_REGION; do \ echo "publish '$(ELASTIC_LAYER_NAME)' in $${AWS_DEFAULT_REGION}"; \ @@ -53,14 +50,11 @@ grant-public-layer-access: validate-layer-name validate-aws-default-region create-arn-file: validate-suffix-arn-file @./create-arn-table.sh -release-notes: validate-branch-name validate-suffix-arn-file +upload-lambda-asset: validate-branch-name validate-layer-name @gh release list @gh \ release \ - create $(BRANCH_NAME) \ - --draft \ - --title '$(BRANCH_NAME)' \ - --notes-file $(SUFFIX_ARN_FILE) \ + upload $(BRANCH_NAME) \ ./$(AWS_LAMBDA_ZIP_LOCATION)/$(ELASTIC_LAYER_NAME).zip # Get the ARN Version for the AWS_REGIONS diff --git a/.ci/create-arn-table.sh b/.ci/create-arn-table.sh old mode 100644 new mode 100755 diff --git a/.ci/release/Jenkinsfile b/.ci/release/Jenkinsfile index 9d59f8a041..680e1bcb5a 100644 --- a/.ci/release/Jenkinsfile +++ b/.ci/release/Jenkinsfile @@ -131,6 +131,7 @@ pipeline { env.RELEASE_TAG = "v" + user_release_version env.RELEASE_VERSION = user_release_version env.BRANCH_DOT_X = user_release_version.substring(0, user_release_version.indexOf('.'))+'.x' + env.RELEASE_AWS_LAMBDA_VERSION = '-ver-' + user_release_version.replaceAll('\\.', '-') } } } @@ -164,6 +165,21 @@ pipeline { } } } + stage('Publish AWS Lambda') { + environment { + SUFFIX_ARN_FILE = 'arn-file.md' + } + steps { + setEnvVar('ELASTIC_LAYER_NAME', "elastic-apm-java${env.RELEASE_AWS_LAMBDA_VERSION}") + withAWSEnv(secret: 'secret/observability-team/ci/service-account/apm-aws-lambda', forceInstallation: true, version: '2.4.10') { + dir("${BASE_DIR}"){ + sh(label: 'make publish-in-all-aws-regions', script: 'make -C .ci publish-in-all-aws-regions') + sh(label: 'make create-arn-file', script: 'make -C .ci create-arn-file') + setEnvVar('ARN_CONTENT', readFile(".ci/${SUFFIX_ARN_FILE}")) + } + } + } + } stage('Create GitHub release draft') { steps { dir("${BASE_DIR}"){ @@ -176,10 +192,11 @@ pipeline { draft: true, tagName: "${RELEASE_TAG}", releaseName: "Release ${RELEASE_VERSION}", - body: "[Release Notes for ${RELEASE_VERSION}](${finalUrl})") + body: "[Release Notes for ${RELEASE_VERSION}](${finalUrl}) \n ${ARN_CONTENT}") env.RELEASE_ID = ret['id'] env.RELEASE_NOTES_URL = finalUrl } + sh(label: 'make upload-lambda-asset', script: 'make -C .ci upload-lambda-asset') } } } diff --git a/Jenkinsfile b/Jenkinsfile index 1ca5085017..22a866670e 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -456,34 +456,7 @@ pipeline { when { tag pattern: 'v\\d+\\.\\d+\\.\\d+', comparator: 'REGEXP' } - environment { - SUFFIX_ARN_FILE = 'arn-file.md' - } stages { - stage('Publish AWS Lambda') { - steps { - // Layer Name that includes the release version in the standarsed format - setEnvVar('ELASTIC_LAYER_NAME', "elastic-apm-java${getLambdaVersion()}") - setEnvVar('RELEASE_VERSION', "${getReleaseVersion()}") - deleteDir() - unstashV2(name: 'build', bucket: "${JOB_GCS_BUCKET_STASH}", credentialsId: "${JOB_GCS_CREDENTIALS}") - withAWSEnv(secret: 'secret/observability-team/ci/service-account/apm-aws-lambda', forceInstallation: true, version: '2.4.10') { - dir("${BASE_DIR}"){ - cmd(label: 'make publish-in-all-aws-regions', script: 'make -C .ci publish-in-all-aws-regions') - cmd(label: 'make create-arn-file', script: 'make -C .ci create-arn-file') - } - } - } - } - stage('Release Notes') { - steps { - withGhEnv(forceInstallation: true, version: '2.4.0') { - dir("${BASE_DIR}"){ - cmd(label: 'make release-notes', script: 'make -C .ci release-notes') - } - } - } - } stage('Opbeans') { environment { REPO_NAME = "${OPBEANS_REPO}" @@ -523,26 +496,3 @@ def reportTestResults(){ // disable codecov for now as it's not supported for windows // codecov(repo: env.REPO, basedir: "${BASE_DIR}", secret: "${CODECOV_SECRET}") } - -/** -* Transform TAG releases from v{major}.{minor}.{patch} to -* ver-{major}-{minor}-{patch}. f.i: given v1.2.3 then -* -ver-1-2-3. -*/ -def getLambdaVersion() { - if (env.BRANCH_NAME?.trim() && env.BRANCH_NAME.startsWith('v')) { - return env.BRANCH_NAME.replaceAll('v', '-ver-').replaceAll('\\.', '-') - } - return '' -} - -/** -* Transform TAG releases from v{major}.{minor}.{patch} to -* {major}.{minor}.{patch}. f.i: given v1.2.3 then 1.2.3 -*/ -def getReleaseVersion() { - if (env.BRANCH_NAME?.trim() && env.BRANCH_NAME.startsWith('v')) { - return env.BRANCH_NAME.replaceAll('v', '') - } - return '' -} From 69020a940021ce6b0fc7c8b843cb437a78a1b2b9 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Mon, 7 Feb 2022 15:53:13 +0000 Subject: [PATCH 03/18] ident fix --- .ci/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.ci/Makefile b/.ci/Makefile index 1a0d872380..a7cdd468f5 100644 --- a/.ci/Makefile +++ b/.ci/Makefile @@ -54,7 +54,7 @@ upload-lambda-asset: validate-branch-name validate-layer-name @gh release list @gh \ release \ - upload $(BRANCH_NAME) \ + upload $(BRANCH_NAME) \ ./$(AWS_LAMBDA_ZIP_LOCATION)/$(ELASTIC_LAYER_NAME).zip # Get the ARN Version for the AWS_REGIONS From 1417ea046e13b0a370a28b3fc146f10a1502f49b Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Mon, 7 Feb 2022 16:50:02 +0000 Subject: [PATCH 04/18] ci: copy artifacts from the release job --- .ci/Makefile | 6 +++++- .ci/release/Jenkinsfile | 19 +++++++++++++++++-- 2 files changed, 22 insertions(+), 3 deletions(-) diff --git a/.ci/Makefile b/.ci/Makefile index a7cdd468f5..3af0940fa9 100644 --- a/.ci/Makefile +++ b/.ci/Makefile @@ -5,6 +5,10 @@ AWS_LAMBDA_ZIP_LOCATION = elastic-apm-agent/target export AWS_FOLDER +dist: validate-branch-name + @cp $(AWS_LAMBDA_ZIP_LOCATION)/elastic-apm-java-aws-lambda-layer-*.zip $(AWS_LAMBDA_ZIP_LOCATION)/$(ELASTIC_LAYER_NAME).zip + + # List all the AWS regions get-all-aws-regions: @aws \ @@ -16,7 +20,7 @@ get-all-aws-regions: | jq -r '.Regions[].RegionName' > .regions # Publish the given LAYER in all the AWS regions -publish-in-all-aws-regions: validate-layer-name get-all-aws-regions +publish-in-all-aws-regions: validate-layer-name get-all-aws-regions dist @mkdir -p $(AWS_FOLDER) @while read AWS_DEFAULT_REGION; do \ echo "publish '$(ELASTIC_LAYER_NAME)' in $${AWS_DEFAULT_REGION}"; \ diff --git a/.ci/release/Jenkinsfile b/.ci/release/Jenkinsfile index 680e1bcb5a..1708ed838f 100644 --- a/.ci/release/Jenkinsfile +++ b/.ci/release/Jenkinsfile @@ -16,6 +16,7 @@ pipeline { SLACK_CHANNEL = '#apm-agent-java' NOTIFY_TO = 'build-apm+apm-agent-java@elastic.co' BRANCH_SPECIFIER = "${params.branch_specifier}" + SUFFIX_ARN_FILE = 'arn-file.md' } options { timeout(time: 3, unit: 'HOURS') @@ -27,6 +28,7 @@ pipeline { parameters { string(name: 'branch_specifier', defaultValue: 'stable', description: "What branch to release from?") booleanParam(name: 'check_branch_ci_status', defaultValue: true, description: "Check for failing tests in the given branch (if no stable branch)?") + booleanParam(name: 'publish_aws_lambda', defaultValue: true, description: "Whether to upload the AWS lambda") } stages { stage('Initializing'){ @@ -166,16 +168,27 @@ pipeline { } } stage('Publish AWS Lambda') { + when { + expression { params.publish_aws_lambda } + } environment { - SUFFIX_ARN_FILE = 'arn-file.md' + SOURCE_AWS_FILE = "elastic-apm-java-aws-lambda-layer-${RELEASE_VERSION}.zip" } steps { setEnvVar('ELASTIC_LAYER_NAME', "elastic-apm-java${env.RELEASE_AWS_LAMBDA_VERSION}") withAWSEnv(secret: 'secret/observability-team/ci/service-account/apm-aws-lambda', forceInstallation: true, version: '2.4.10') { dir("${BASE_DIR}"){ + // NOTE: copy the file from the last successful build. Therefore, this is a hard requirement + copyArtifacts( + filter: "src/github.com/elastic/apm-agent-java/elastic-apm-agent/target/${SOURCE_AWS_FILE}", + target: 'elastic-apm-agent/target', + fingerprintArtifacts: true, + flatten: true, + projectName: 'elastic+apm-agent-java+release', + selector: lastSuccessful() + ) sh(label: 'make publish-in-all-aws-regions', script: 'make -C .ci publish-in-all-aws-regions') sh(label: 'make create-arn-file', script: 'make -C .ci create-arn-file') - setEnvVar('ARN_CONTENT', readFile(".ci/${SUFFIX_ARN_FILE}")) } } } @@ -184,6 +197,8 @@ pipeline { steps { dir("${BASE_DIR}"){ script { + def arnFile = ".ci/${SUFFIX_ARN_FILE}" + setEnvVar('ARN_CONTENT', fileExists(arnFile) ? readFile(arnFile) : '') // Construct the URL with anchor for the release notes // Ex: https://www.elastic.co/guide/en/apm/agent/java/current/release-notes-1.x.html#release-notes-1.13.0 def finalUrl = "https://www.elastic.co/guide/en/apm/agent/java/current/release-notes-${BRANCH_DOT_X}.html#release-notes-${RELEASE_VERSION}" From 31e2608d4cb78cf257975ec3a3b39ca857d7f7b8 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Mon, 7 Feb 2022 16:54:16 +0000 Subject: [PATCH 05/18] remove unrequired entry in the changelog : --- .ci/create-arn-table.sh | 3 --- 1 file changed, 3 deletions(-) diff --git a/.ci/create-arn-table.sh b/.ci/create-arn-table.sh index 6936cf6950..c1c7534053 100755 --- a/.ci/create-arn-table.sh +++ b/.ci/create-arn-table.sh @@ -6,14 +6,11 @@ set -o pipefail # # - AWS_FOLDER - that's the location of the publish-layer-version output for each region # - SUFFIX_ARN_FILE - that's the output file. -# - RELEASE_VERSION - that's the release version to be published in GitHub. # ARN_FILE=${SUFFIX_ARN_FILE} { - echo "[Release Notes for ${RELEASE_VERSION}](https://www.elastic.co/guide/en/apm/agent/java/current/release-notes-1.x.html#release-notes-${RELEASE_VERSION})" - echo '' echo "### ARN" echo '' echo '|Region|ARN|' From 66cf47c5bf41d891e1bf9d74956a4d5983cdcd57 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Mon, 7 Feb 2022 16:55:04 +0000 Subject: [PATCH 06/18] ci: ignore generated folder --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 51ef5a2a8f..f211042b10 100644 --- a/.gitignore +++ b/.gitignore @@ -13,3 +13,4 @@ docs/html/ **/__pycache__/ .m2/ fetch.log +.ci/.aws From b38220d11db85996457229cec3fae0483aee6e95 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Mon, 7 Feb 2022 16:57:03 +0000 Subject: [PATCH 07/18] use the right vault configuration --- .ci/release/Jenkinsfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.ci/release/Jenkinsfile b/.ci/release/Jenkinsfile index 1708ed838f..660052b6e5 100644 --- a/.ci/release/Jenkinsfile +++ b/.ci/release/Jenkinsfile @@ -176,7 +176,8 @@ pipeline { } steps { setEnvVar('ELASTIC_LAYER_NAME', "elastic-apm-java${env.RELEASE_AWS_LAMBDA_VERSION}") - withAWSEnv(secret: 'secret/observability-team/ci/service-account/apm-aws-lambda', forceInstallation: true, version: '2.4.10') { + withAWSEnv(secret: 'secret/observability-team/ci/service-account/apm-aws-lambda', role_id: 'apm-vault-role-id', secret_id: 'apm-vault-secret-id', + forceInstallation: true, version: '2.4.10') { dir("${BASE_DIR}"){ // NOTE: copy the file from the last successful build. Therefore, this is a hard requirement copyArtifacts( From 5ba1d7c7a0fe680852daf33d4631aa8f804c8231 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Thu, 10 Feb 2022 18:15:39 +0000 Subject: [PATCH 08/18] ci: customise what build to be used --- .ci/release/Jenkinsfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.ci/release/Jenkinsfile b/.ci/release/Jenkinsfile index 660052b6e5..65aafd2606 100644 --- a/.ci/release/Jenkinsfile +++ b/.ci/release/Jenkinsfile @@ -29,6 +29,7 @@ pipeline { string(name: 'branch_specifier', defaultValue: 'stable', description: "What branch to release from?") booleanParam(name: 'check_branch_ci_status', defaultValue: true, description: "Check for failing tests in the given branch (if no stable branch)?") booleanParam(name: 'publish_aws_lambda', defaultValue: true, description: "Whether to upload the AWS lambda") + string(name: 'release_build', defaultValue: '', description: "Build number for the release job (required for publishing the AWS lambda)") } stages { stage('Initializing'){ @@ -186,7 +187,7 @@ pipeline { fingerprintArtifacts: true, flatten: true, projectName: 'elastic+apm-agent-java+release', - selector: lastSuccessful() + selector: specific(params.release_build) ) sh(label: 'make publish-in-all-aws-regions', script: 'make -C .ci publish-in-all-aws-regions') sh(label: 'make create-arn-file', script: 'make -C .ci create-arn-file') From b4c68913d036442652db295bfb4d51b7a4f9f5e9 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Thu, 10 Feb 2022 18:16:05 +0000 Subject: [PATCH 09/18] ci: upload assets won't be happening in the first iteration --- .ci/release/Jenkinsfile | 1 - 1 file changed, 1 deletion(-) diff --git a/.ci/release/Jenkinsfile b/.ci/release/Jenkinsfile index 65aafd2606..d67e8cb732 100644 --- a/.ci/release/Jenkinsfile +++ b/.ci/release/Jenkinsfile @@ -213,7 +213,6 @@ pipeline { env.RELEASE_ID = ret['id'] env.RELEASE_NOTES_URL = finalUrl } - sh(label: 'make upload-lambda-asset', script: 'make -C .ci upload-lambda-asset') } } } From bb9e4f840fc3e81aa88517d4ece1063fc2e6278d Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Thu, 10 Feb 2022 18:18:50 +0000 Subject: [PATCH 10/18] ci: archive ARN table for debugging purposes --- .ci/release/Jenkinsfile | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.ci/release/Jenkinsfile b/.ci/release/Jenkinsfile index d67e8cb732..cd6ce2ee80 100644 --- a/.ci/release/Jenkinsfile +++ b/.ci/release/Jenkinsfile @@ -194,6 +194,11 @@ pipeline { } } } + post { + always { + archiveArtifacts(allowEmptyArchive: true, artifacts: "${BASE_DIR}/.ci/${SUFFIX_ARN_FILE}") + } + } } stage('Create GitHub release draft') { steps { From a978a8440b2c0a83af6768d750dee4992260c5ba Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Thu, 10 Feb 2022 18:25:06 +0000 Subject: [PATCH 11/18] chore: disable other stages for testing the release for aws lambdas --- .ci/release/Jenkinsfile | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/.ci/release/Jenkinsfile b/.ci/release/Jenkinsfile index cd6ce2ee80..98b0cd0e9c 100644 --- a/.ci/release/Jenkinsfile +++ b/.ci/release/Jenkinsfile @@ -17,6 +17,8 @@ pipeline { NOTIFY_TO = 'build-apm+apm-agent-java@elastic.co' BRANCH_SPECIFIER = "${params.branch_specifier}" SUFFIX_ARN_FILE = 'arn-file.md' + RELEASE_AWS_LAMBDA_VERSION = '-ver-1-29-0' + RELEASE_VERSION = '1.29.0' } options { timeout(time: 3, unit: 'HOURS') @@ -66,6 +68,9 @@ pipeline { options { skipDefaultCheckout () } stages{ stage('Check oss.sonatype.org') { + when { + expression { return false } + } steps { // If this fails, an exception should be thrown and execution will halt dir("${BASE_DIR}"){ @@ -83,6 +88,7 @@ pipeline { allOf { expression { params.check_branch_ci_status } expression { env.BRANCH_SPECIFIER != 'stable' } + expression { return false } } } steps { @@ -95,6 +101,9 @@ pipeline { } } stage('Require confirmation that CHANGELOG.asciidoc has been updated') { + when { + expression { return false } + } steps { input(message: """ Update CHANGELOG.asciidoc to reflect the new version release: @@ -110,6 +119,9 @@ pipeline { } } stage('Set release version') { + when { + expression { return false } + } steps { dir("${BASE_DIR}"){ script { @@ -140,6 +152,9 @@ pipeline { } } stage('Wait on internal CI') { + when { + expression { return false } + } steps { notifyStatus(slackStatus: 'warning', subject: "[${env.REPO}] Release ready to be pushed", body: "Please go to (<${env.BUILD_URL}input|here>) to approve or reject within 12 hours.") @@ -147,6 +162,9 @@ pipeline { } } stage('Nexus release') { + when { + expression { return false } + } steps { notifyStatus(slackStatus: 'warning', subject: "[${env.REPO}] Release ready to be published in Nexus", body: "Please go to () to proceed with the manual nexus release. Login details in LastPass") @@ -154,6 +172,9 @@ pipeline { } } stage('Major Branch create/update') { + when { + expression { return false } + } steps { dir("${BASE_DIR}") { script { @@ -201,6 +222,9 @@ pipeline { } } stage('Create GitHub release draft') { + when { + expression { return false } + } steps { dir("${BASE_DIR}"){ script { @@ -222,6 +246,9 @@ pipeline { } } stage('Wait for artifact to be available in Maven Central') { + when { + expression { return false } + } steps { dir("${BASE_DIR}"){ script { @@ -237,6 +264,9 @@ pipeline { } } stage('Update Cloudfoundry') { + when { + expression { return false } + } steps { dir("${BASE_DIR}"){ sh(script: ".ci/release/update_cloudfoundry.sh ${RELEASE_VERSION}") @@ -245,6 +275,9 @@ pipeline { } } stage('Publish release on GitHub') { + when { + expression { return false } + } steps { dir("${BASE_DIR}"){ waitUntil(initialRecurrencePeriod: 60000) { @@ -260,6 +293,9 @@ pipeline { } } stage('Build and push Docker images') { + when { + expression { return false } + } steps { dir("${BASE_DIR}"){ // fetch agent artifact from remote repository From 39c392bcc3254ab7ff3f5d859d36398c2d034d8c Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Thu, 10 Feb 2022 18:26:47 +0000 Subject: [PATCH 12/18] aws-publish: use release-version --- .ci/Makefile | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/.ci/Makefile b/.ci/Makefile index 3af0940fa9..240f6241fb 100644 --- a/.ci/Makefile +++ b/.ci/Makefile @@ -5,10 +5,9 @@ AWS_LAMBDA_ZIP_LOCATION = elastic-apm-agent/target export AWS_FOLDER -dist: validate-branch-name +dist: @cp $(AWS_LAMBDA_ZIP_LOCATION)/elastic-apm-java-aws-lambda-layer-*.zip $(AWS_LAMBDA_ZIP_LOCATION)/$(ELASTIC_LAYER_NAME).zip - # List all the AWS regions get-all-aws-regions: @aws \ @@ -54,11 +53,11 @@ grant-public-layer-access: validate-layer-name validate-aws-default-region create-arn-file: validate-suffix-arn-file @./create-arn-table.sh -upload-lambda-asset: validate-branch-name validate-layer-name +upload-lambda-asset: validate-release-version validate-layer-name @gh release list @gh \ release \ - upload $(BRANCH_NAME) \ + upload $(RELEASE_VERSION) \ ./$(AWS_LAMBDA_ZIP_LOCATION)/$(ELASTIC_LAYER_NAME).zip # Get the ARN Version for the AWS_REGIONS @@ -67,9 +66,9 @@ upload-lambda-asset: validate-branch-name validate-layer-name get-version: validate-aws-default-region @grep '"Version"' "$(AWS_FOLDER)/$(AWS_DEFAULT_REGION)" | cut -d":" -f2 | sed 's/ //g' | cut -d"," -f1 -validate-branch-name: -ifndef BRANCH_NAME - $(error BRANCH_NAME is undefined) +validate-release-version: +ifndef RELEASE_VERSION + $(error RELEASE_VERSION is undefined) endif validate-suffix-arn-file: From c364651440497c0cea2d963e328c02db88ff8445 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Fri, 11 Feb 2022 12:50:43 +0000 Subject: [PATCH 13/18] Update .ci/Makefile Co-authored-by: Alexander Wert --- .ci/Makefile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.ci/Makefile b/.ci/Makefile index 240f6241fb..22afb1dd5f 100644 --- a/.ci/Makefile +++ b/.ci/Makefile @@ -33,7 +33,8 @@ publish: validate-layer-name validate-aws-default-region --output json \ publish-layer-version \ --layer-name "$(ELASTIC_LAYER_NAME)" \ - --description "AWS Lambda Extension Layer for Elastic APM Java" \ + --description "AWS Lambda Extension Layer for the Elastic APM Java Agent" \ + --compatible-runtimes java8.al2 java11 \ --license "Apache-2.0" \ --zip-file "fileb://./$(AWS_LAMBDA_ZIP_LOCATION)/$(ELASTIC_LAYER_NAME).zip" From 4c75ab05369bb71ae6e99b5d6b02a0ec141d06a0 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Fri, 11 Feb 2022 13:11:48 +0000 Subject: [PATCH 14/18] ci: copy files between builds don't work --- .ci/release/Jenkinsfile | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/.ci/release/Jenkinsfile b/.ci/release/Jenkinsfile index 98b0cd0e9c..95d6b3569f 100644 --- a/.ci/release/Jenkinsfile +++ b/.ci/release/Jenkinsfile @@ -31,7 +31,6 @@ pipeline { string(name: 'branch_specifier', defaultValue: 'stable', description: "What branch to release from?") booleanParam(name: 'check_branch_ci_status', defaultValue: true, description: "Check for failing tests in the given branch (if no stable branch)?") booleanParam(name: 'publish_aws_lambda', defaultValue: true, description: "Whether to upload the AWS lambda") - string(name: 'release_build', defaultValue: '', description: "Build number for the release job (required for publishing the AWS lambda)") } stages { stage('Initializing'){ @@ -201,15 +200,10 @@ pipeline { withAWSEnv(secret: 'secret/observability-team/ci/service-account/apm-aws-lambda', role_id: 'apm-vault-role-id', secret_id: 'apm-vault-secret-id', forceInstallation: true, version: '2.4.10') { dir("${BASE_DIR}"){ - // NOTE: copy the file from the last successful build. Therefore, this is a hard requirement - copyArtifacts( - filter: "src/github.com/elastic/apm-agent-java/elastic-apm-agent/target/${SOURCE_AWS_FILE}", - target: 'elastic-apm-agent/target', - fingerprintArtifacts: true, - flatten: true, - projectName: 'elastic+apm-agent-java+release', - selector: specific(params.release_build) - ) + dir ('elastic-apm-agent/target') { + // TODO: copy file from a google bucket + sh(label: 'fetch AWS lambda file', script: "wget https://github.com/elastic/apm-agent-java/releases/download/v${RELEASE_VERSION}/${SOURCE_AWS_FILE} -O ${SOURCE_AWS_FILE}") + } sh(label: 'make publish-in-all-aws-regions', script: 'make -C .ci publish-in-all-aws-regions') sh(label: 'make create-arn-file', script: 'make -C .ci create-arn-file') } From 5b63a64e6a2d5f85a6ae158e4a4a28e39f64498c Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Fri, 11 Feb 2022 13:27:11 +0000 Subject: [PATCH 15/18] make: fix dist target --- .ci/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.ci/Makefile b/.ci/Makefile index 22afb1dd5f..beca757326 100644 --- a/.ci/Makefile +++ b/.ci/Makefile @@ -6,7 +6,7 @@ AWS_LAMBDA_ZIP_LOCATION = elastic-apm-agent/target export AWS_FOLDER dist: - @cp $(AWS_LAMBDA_ZIP_LOCATION)/elastic-apm-java-aws-lambda-layer-*.zip $(AWS_LAMBDA_ZIP_LOCATION)/$(ELASTIC_LAYER_NAME).zip + @cp ../$(AWS_LAMBDA_ZIP_LOCATION)/elastic-apm-java-aws-lambda-layer-*.zip ../$(AWS_LAMBDA_ZIP_LOCATION)/$(ELASTIC_LAYER_NAME).zip # List all the AWS regions get-all-aws-regions: From 179fa1f6cc0b087413da96fcb2ce2e9d7f29467a Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Fri, 11 Feb 2022 13:34:23 +0000 Subject: [PATCH 16/18] make: use the right folder --- .ci/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.ci/Makefile b/.ci/Makefile index beca757326..036d12e71f 100644 --- a/.ci/Makefile +++ b/.ci/Makefile @@ -36,7 +36,7 @@ publish: validate-layer-name validate-aws-default-region --description "AWS Lambda Extension Layer for the Elastic APM Java Agent" \ --compatible-runtimes java8.al2 java11 \ --license "Apache-2.0" \ - --zip-file "fileb://./$(AWS_LAMBDA_ZIP_LOCATION)/$(ELASTIC_LAYER_NAME).zip" + --zip-file "fileb://../$(AWS_LAMBDA_ZIP_LOCATION)/$(ELASTIC_LAYER_NAME).zip" # Grant public access to the given LAYER in the given AWS region grant-public-layer-access: validate-layer-name validate-aws-default-region From 8e238cf30541b88f00d4b6c476aab5e51ee4e2ab Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Mon, 14 Feb 2022 13:07:16 +0000 Subject: [PATCH 17/18] Update .ci/create-arn-table.sh Co-authored-by: Alexander Wert --- .ci/create-arn-table.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.ci/create-arn-table.sh b/.ci/create-arn-table.sh index c1c7534053..fb89f1cc90 100755 --- a/.ci/create-arn-table.sh +++ b/.ci/create-arn-table.sh @@ -11,7 +11,7 @@ set -o pipefail ARN_FILE=${SUFFIX_ARN_FILE} { - echo "### ARN" + echo "### ARNs of the APM Java Agent's AWS Lambda Layer" echo '' echo '|Region|ARN|' echo '|------|---|' From 5f2c98050370271aa0166fe3374df0ccf1de6548 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Tue, 22 Mar 2022 10:08:04 +0000 Subject: [PATCH 18/18] Apply suggestions from code review --- .ci/release/Jenkinsfile | 26 ++++---------------------- 1 file changed, 4 insertions(+), 22 deletions(-) diff --git a/.ci/release/Jenkinsfile b/.ci/release/Jenkinsfile index 95d6b3569f..2b6a53abfd 100644 --- a/.ci/release/Jenkinsfile +++ b/.ci/release/Jenkinsfile @@ -17,8 +17,8 @@ pipeline { NOTIFY_TO = 'build-apm+apm-agent-java@elastic.co' BRANCH_SPECIFIER = "${params.branch_specifier}" SUFFIX_ARN_FILE = 'arn-file.md' - RELEASE_AWS_LAMBDA_VERSION = '-ver-1-29-0' - RELEASE_VERSION = '1.29.0' + //RELEASE_AWS_LAMBDA_VERSION = '-ver-1-29-0' + //RELEASE_VERSION = '1.29.0' } options { timeout(time: 3, unit: 'HOURS') @@ -67,9 +67,6 @@ pipeline { options { skipDefaultCheckout () } stages{ stage('Check oss.sonatype.org') { - when { - expression { return false } - } steps { // If this fails, an exception should be thrown and execution will halt dir("${BASE_DIR}"){ @@ -87,7 +84,6 @@ pipeline { allOf { expression { params.check_branch_ci_status } expression { env.BRANCH_SPECIFIER != 'stable' } - expression { return false } } } steps { @@ -100,9 +96,6 @@ pipeline { } } stage('Require confirmation that CHANGELOG.asciidoc has been updated') { - when { - expression { return false } - } steps { input(message: """ Update CHANGELOG.asciidoc to reflect the new version release: @@ -118,9 +111,6 @@ pipeline { } } stage('Set release version') { - when { - expression { return false } - } steps { dir("${BASE_DIR}"){ script { @@ -151,9 +141,6 @@ pipeline { } } stage('Wait on internal CI') { - when { - expression { return false } - } steps { notifyStatus(slackStatus: 'warning', subject: "[${env.REPO}] Release ready to be pushed", body: "Please go to (<${env.BUILD_URL}input|here>) to approve or reject within 12 hours.") @@ -161,9 +148,6 @@ pipeline { } } stage('Nexus release') { - when { - expression { return false } - } steps { notifyStatus(slackStatus: 'warning', subject: "[${env.REPO}] Release ready to be published in Nexus", body: "Please go to () to proceed with the manual nexus release. Login details in LastPass") @@ -171,9 +155,6 @@ pipeline { } } stage('Major Branch create/update') { - when { - expression { return false } - } steps { dir("${BASE_DIR}") { script { @@ -190,7 +171,8 @@ pipeline { } stage('Publish AWS Lambda') { when { - expression { params.publish_aws_lambda } + //expression { params.publish_aws_lambda } + expression { return false } } environment { SOURCE_AWS_FILE = "elastic-apm-java-aws-lambda-layer-${RELEASE_VERSION}.zip"