From 15f3362b968dd2fec9e3ae4140d2636835b6821e Mon Sep 17 00:00:00 2001 From: Paul Abel <128620221+pdabelf5@users.noreply.github.com> Date: Tue, 23 Jan 2024 18:09:18 +0000 Subject: [PATCH 1/4] Split version update script (#4961) --- .github/scripts/release-notes-update.sh | 55 +++++++++++++++++++++++ .github/scripts/release-version-update.sh | 20 ++------- .github/workflows/release-pr.yml | 12 ++++- hack/changelog-template.txt | 2 +- 4 files changed, 71 insertions(+), 18 deletions(-) create mode 100755 .github/scripts/release-notes-update.sh diff --git a/.github/scripts/release-notes-update.sh b/.github/scripts/release-notes-update.sh new file mode 100755 index 0000000000..47adb43b90 --- /dev/null +++ b/.github/scripts/release-notes-update.sh @@ -0,0 +1,55 @@ +#!/usr/bin/env bash + +set -o pipefail + +ROOTDIR=$(git rev-parse --show-toplevel || echo ".") +TMPDIR=/tmp +DEBUG=${DEBUG:-"false"} + +DOCS_TO_UPDATE_FOLDER=${ROOTDIR}/docs/content + + usage() { + echo "Usage: $0 " + exit 1 + } + +ic_version=$1 +helm_chart_version=$2 +k8s_versions=$3 +release_date=$4 + +if [ -z "${ic_version}" ]; then + usage +fi + +if [ -z "${helm_chart_version}" ]; then + usage +fi + +if [ -z "${k8s_versions}" ]; then + usage +fi + +if [ -z "${release_date}" ]; then + usage +fi + +# update releases docs +file_path=${DOCS_TO_UPDATE_FOLDER}/releases.md +if [ "${DEBUG}" != "false" ]; then + echo "Processing ${file_path}" +fi +file_name=$(basename "${file_path}") +mv "${file_path}" "${TMPDIR}/${file_name}" +sed -e "8r ${ROOTDIR}/hack/changelog-template.txt" "${TMPDIR}/${file_name}" | sed \ + -e "s/%%TITLE%%/## $ic_version/g" \ + -e "s/%%IC_VERSION%%/$ic_version/g" \ + -e "s/%%HELM_CHART_VERSION%%/$helm_chart_version/g" \ + -e "s/%%K8S_VERSIONS%%/$k8s_versions.\n/g" \ + -e "s/%%RELEASE_DATE%%/$release_date/g" \ + > ${file_path} +if [ $? -ne 0 ]; then + echo "ERROR: failed processing ${file_path}" + mv "${TMPDIR}/${file_name}" "${file_path}" + exit 2 +fi diff --git a/.github/scripts/release-version-update.sh b/.github/scripts/release-version-update.sh index 177b11f0e4..ee2ab94e3c 100755 --- a/.github/scripts/release-version-update.sh +++ b/.github/scripts/release-version-update.sh @@ -49,14 +49,16 @@ if [ -z "${helm_chart_version}" ]; then fi current_ic_version=$(yq '.appVersion' <"${HELM_CHART_PATH}/Chart.yaml") +escaped_current_ic_version=$(printf '%s' "$current_ic_version" | sed -e 's/\./\\./g'); current_helm_chart_version=$(yq '.version' <"${HELM_CHART_PATH}/Chart.yaml") +escaped_current_helm_chart_version=$(printf '%s' "$current_helm_chart_version" | sed -e 's/\./\\./g'); echo "Updating versions: " echo "ic_version: ${current_ic_version} -> ${ic_version}" echo "helm_chart_version: ${current_helm_chart_version} -> ${helm_chart_version}" -regex_ic="s#$current_ic_version#$ic_version#g" -regex_helm="s#$current_helm_chart_version#$helm_chart_version#g" +regex_ic="s#$escaped_current_ic_version#$ic_version#g" +regex_helm="s#$escaped_current_helm_chart_version#$helm_chart_version#g" mv "${HELM_CHART_PATH}/values.schema.json" "${TMPDIR}/" jq --arg version "${ic_version}" \ @@ -115,17 +117,3 @@ for i in ${docs_files}; do exit 2 fi done - -# update releases docs -file_path=${DOCS_TO_UPDATE_FOLDER}/releases.md -if [ "${DEBUG}" != "false" ]; then - echo "Processing ${file_path}" -fi -file_name=$(basename "${file_path}") -mv "${file_path}" "${TMPDIR}/${file_name}" -cat "${TMPDIR}/${file_name}" | sed -e "8r ${ROOTDIR}/hack/changelog-template.txt" | sed -e "s/%%TITLE%%/## $ic_version/g" -e "s/%%IC_VERSION%%/$ic_version/g" -e "s/%%HELM_CHART_VERSION%%/$helm_chart_version/g" > ${file_path} -if [ $? -ne 0 ]; then - echo "ERROR: failed processing ${file_path}" - mv "${TMPDIR}/${file_name}" "${file_path}" - exit 2 -fi diff --git a/.github/workflows/release-pr.yml b/.github/workflows/release-pr.yml index 6f52340813..60ba79dd82 100644 --- a/.github/workflows/release-pr.yml +++ b/.github/workflows/release-pr.yml @@ -11,6 +11,14 @@ on: description: "Helm version to release" required: true default: "0.0.0" + k8s_versions: + description: "Kubernetes versions this release has been tested on" + required: true + default: "x.xx-x.xx" + release_date: + description: "Date for this release" + required: true + default: "%d %b %Y" defaults: run: @@ -39,7 +47,9 @@ jobs: token: ${{ secrets.NGINX_PAT }} - name: Replace - run: .github/scripts/release-version-update.sh ${{ github.event.inputs.version }} ${{ github.event.inputs.helm_version }} + run: | + .github/scripts/release-version-update.sh ${{ github.event.inputs.version }} ${{ github.event.inputs.helm_version }} + .github/scripts/release-notes-update.sh ${{ github.event.inputs.version }} ${{ github.event.inputs.helm_version }} "${{ github.event.inputs.k8s_versions }}" "${{ github.event.inputs.release_date }}" - name: Create Pull Request uses: peter-evans/create-pull-request@153407881ec5c347639a548ade7d8ad1d6740e38 # v5.0.2 diff --git a/hack/changelog-template.txt b/hack/changelog-template.txt index 604d1ae9b5..3d48f310cf 100644 --- a/hack/changelog-template.txt +++ b/hack/changelog-template.txt @@ -28,4 +28,4 @@ or build your own image using the %%IC_VERSION%% source code We will provide technical support for NGINX Ingress Controller on any Kubernetes platform that is currently supported by its provider and that passes the Kubernetes conformance tests. This release was fully tested on the following Kubernetes -versions: x.xx-x.xx. +versions: %%K8S_VERSIONS%% From c8182f193b2423e3397c27e9f48ffbf8528ea71b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 13 Feb 2024 12:16:27 +0000 Subject: [PATCH 2/4] Bump nginx from `156d75f` to `f2802c2` in /build (#5072) Bumps nginx from `156d75f` to `f2802c2`. --- updated-dependencies: - dependency-name: nginx dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- build/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/build/Dockerfile b/build/Dockerfile index ccc65ba112..7d4f2d64c6 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -12,7 +12,7 @@ FROM ghcr.io/nginxinc/alpine-fips:0.1.1-alpine3.18@sha256:6f124002650fae69715229 ############################################# Base image for Alpine ############################################# -FROM nginx:1.25.3-alpine@sha256:156d75f07c59b2fd59d3d1470631777943bb574135214f0a90c7bb82bde916da AS alpine +FROM nginx:1.25.3-alpine@sha256:f2802c2a9d09c7aa3ace27445dfc5656ff24355da28e7b958074a0111e3fc076 AS alpine RUN --mount=type=bind,from=alpine-opentracing-lib,target=/tmp/ot/ \ apk add --no-cache libcap libstdc++ \ @@ -24,7 +24,7 @@ RUN --mount=type=bind,from=alpine-opentracing-lib,target=/tmp/ot/ \ ############################################# Base image for Debian ############################################# -FROM nginx:1.25.3@sha256:8b4c32060a41e8c07e4b33c2e2695510c729314d84b2b71a1c5d7002aaf0b5ad AS debian +FROM nginx:1.25.3@sha256:84c52dfd55c467e12ef85cad6a252c0990564f03c4850799bf41dd738738691f AS debian RUN --mount=type=bind,from=opentracing-lib,target=/tmp/ot/ \ apt-get update \ From f508db07251a90513207d6cc3740e0ed0579fa6e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 13 Feb 2024 13:25:39 +0000 Subject: [PATCH 3/4] Bump redhat/ubi8 from `23d8dfd` to `627867e` in /build (#5073) Bumps redhat/ubi8 from `23d8dfd` to `627867e`. --- updated-dependencies: - dependency-name: redhat/ubi8 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- build/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/Dockerfile b/build/Dockerfile index 7d4f2d64c6..11fd66a6d2 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -208,7 +208,7 @@ RUN --mount=type=secret,id=nginx-repo.crt,dst=/etc/ssl/nginx/nginx-repo.crt,mode ############################################# Base image for UBI with NGINX Plus and App Protect WAF/DoS ############################################# -FROM redhat/ubi8@sha256:23d8dfd08024fdfa34b168c297d8c74a1dc58675b02b3418925932df123b755c as ubi-plus-nap +FROM redhat/ubi8@sha256:627867e53ad6846afba2dfbf5cef1d54c868a9025633ef0afd546278d4654eac as ubi-plus-nap ARG NAP_MODULES RUN --mount=type=secret,id=nginx-repo.crt,dst=/etc/ssl/nginx/nginx-repo.crt,mode=0644 \ From cff671839a202eb34ea3bc5b2338bad63bf2a505 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 13 Feb 2024 14:09:46 +0000 Subject: [PATCH 4/4] Bump opentracing/nginx-opentracing from `2e0268d` to `2217e9f` in /build (#5074) Bumps opentracing/nginx-opentracing from `2e0268d` to `2217e9f`. --- updated-dependencies: - dependency-name: opentracing/nginx-opentracing dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- build/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/build/Dockerfile b/build/Dockerfile index 11fd66a6d2..c5842d46f6 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -6,8 +6,8 @@ ARG DEBIAN_FRONTEND=noninteractive ############################################# Base images containing libs for Opentracing and FIPS ############################################# -FROM opentracing/nginx-opentracing:nginx-1.25.3@sha256:2e0268d3cd31fe047c2fe566f29731865b0c99cc99b579c6584b23cd3c7830ef as opentracing-lib -FROM opentracing/nginx-opentracing:nginx-1.25.3-alpine@sha256:08ccc2c8bb28f01cb17b7619f139830b3af7950826b819b267393aefa32f23ab as alpine-opentracing-lib +FROM opentracing/nginx-opentracing:nginx-1.25.3@sha256:2217e9fa36a2130d395a40bb051965cf64c9d10087281e301e9c0b60ce2a1a57 as opentracing-lib +FROM opentracing/nginx-opentracing:nginx-1.25.3-alpine@sha256:37c7de3a46ca05428450b1c64bfb2a4d2f9c1835860cef427928fcf11c178f0e as alpine-opentracing-lib FROM ghcr.io/nginxinc/alpine-fips:0.1.1-alpine3.18@sha256:6f124002650fae697152290a14a7caa7f21884e8d78d8236c63fec2d018d721d as alpine-fips