diff --git a/.github/workflows/ci-docker-build.yml b/.github/workflows/ci-docker-build.yml index fcbed368af6..8b78e8777d1 100644 --- a/.github/workflows/ci-docker-build.yml +++ b/.github/workflows/ci-docker-build.yml @@ -50,11 +50,11 @@ jobs: - name: Build only linux/amd64 container images for a Pull Request if: github.ref_name != 'main' + # -D disables images with debugger run: bash scripts/build-upload-docker-images.sh -D -p linux/amd64 - name: Build and upload all container images if: github.ref_name == 'main' - # -d: include images with debugger run: bash scripts/build-upload-docker-images.sh env: DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} diff --git a/.github/workflows/ci-docker-hotrod.yml b/.github/workflows/ci-docker-hotrod.yml index c2ba2e8d793..04f89930281 100644 --- a/.github/workflows/ci-docker-hotrod.yml +++ b/.github/workflows/ci-docker-hotrod.yml @@ -53,7 +53,7 @@ jobs: esac - name: Build, test, and publish hotrod image - run: bash scripts/hotrod-integration-test.sh ${{ env.BUILD_FLAGS }} + run: bash scripts/build-hotrod-image.sh ${{ env.BUILD_FLAGS }} env: DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} QUAY_TOKEN: ${{ secrets.QUAY_TOKEN }} diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml index a60f3099a22..6def5f0a1b5 100644 --- a/.github/workflows/ci-release.yml +++ b/.github/workflows/ci-release.yml @@ -6,6 +6,22 @@ on: - published # allow running release workflow manually workflow_dispatch: + # Determine the version numbers that will be assigned to the release. + inputs: + version_v1: + required: true + type: string + description: Version number for 1.x components. Don't include a leading `v`. + + version_v2: + required: true + type: string + description: Version number for 2.x components. Don't include a leading `v`. + + dry_run: + required: true + type: boolean + description: Pass `true` for a test run. It will only build one platform (for speed) and will not push artifacts. # See https://github.com/jaegertracing/jaeger/issues/4017 permissions: @@ -49,6 +65,18 @@ jobs: - name: Setup Node.js version uses: ./.github/actions/setup-node.js + - name: Determine parameters + id: params + run: | + if [[ "${{ inputs.dry_run }}" == "true" ]]; then + echo "platforms=linux/amd64" >> $GITHUB_OUTPUT + echo "linux_platforms=linux/amd64" >> $GITHUB_OUTPUT + echo "gpg_key_override=-k skip" >> $GITHUB_OUTPUT + else + echo "platforms=$(make echo-platforms)" >> $GITHUB_OUTPUT + echo "linux_platforms=$(make echo-linux-platforms)" >> $GITHUB_OUTPUT + fi + - name: Export BRANCH variable and validate it is a semver # Many scripts depend on BRANCH variable. We do not want to # use ./.github/actions/setup-branch here because it may set @@ -65,20 +93,21 @@ jobs: run: make install-ci - name: Configure GPG Key - id: import_gpg + if: ${{ inputs.dry_run != true }} uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0 with: gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} passphrase: ${{ secrets.GPG_PASSPHRASE }} - - name: Build binaries - run: make build-all-platforms + - name: Build all binaries + run: make build-all-platforms PLATFORMS=${{ steps.params.outputs.platforms }} - name: Package binaries id: package-binaries - run: bash scripts/package-deploy.sh + run: bash scripts/package-deploy.sh -p ${{ steps.params.outputs.platforms }} ${{ gpg_key_override }} - name: Upload binaries + if: ${{ inputs.dry_run != true }} uses: svenstaro/upload-release-action@04733e069f2d7f7f0b4aebc4fbdbce8613b03ccd # 2.9.0 with: file: '{deploy/*.tar.gz,deploy/*.zip,deploy/*.sha256sum.txt,deploy/*.asc}' @@ -87,8 +116,7 @@ jobs: tag: ${{ env.BRANCH }} repo_token: ${{ secrets.GITHUB_TOKEN }} - - name: Clean up some more disk space - # Delete the release artifacts after uploading them. + - name: Delete the release artifacts after uploading them. run: | rm -rf deploy || true df -h / @@ -96,19 +124,20 @@ jobs: - uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 - name: Build and upload all container images - run: bash scripts/build-upload-docker-images.sh + # -B skips building the binaries since we already did that above + run: bash scripts/build-upload-docker-images.sh -B -p ${{ steps.params.outputs.linux_platforms }} env: DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} QUAY_TOKEN: ${{ secrets.QUAY_TOKEN }} - name: Build, test, and publish all-in-one image - run: bash scripts/build-all-in-one-image.sh + run: bash scripts/build-all-in-one-image.sh -p ${{ steps.params.outputs.linux_platforms }} env: DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} QUAY_TOKEN: ${{ secrets.QUAY_TOKEN }} - name: Build, test, and publish hotrod image - run: bash scripts/hotrod-integration-test.sh + run: bash scripts/build-hotrod-image.sh -p ${{ steps.params.outputs.linux_platforms }} env: DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} QUAY_TOKEN: ${{ secrets.QUAY_TOKEN }} @@ -125,6 +154,7 @@ jobs: # when the workflow is triggered manually, only from a release. # See https://github.com/jaegertracing/jaeger/issues/4817 uses: svenstaro/upload-release-action@04733e069f2d7f7f0b4aebc4fbdbce8613b03ccd # 2.9.0 + if: ${{ inputs.dry_run != true }} with: file: jaeger-SBOM.spdx.json overwrite: true diff --git a/Makefile.BuildBinaries.mk b/Makefile.BuildBinaries.mk index 37ec1f0083e..28059904e58 100644 --- a/Makefile.BuildBinaries.mk +++ b/Makefile.BuildBinaries.mk @@ -2,7 +2,7 @@ # SPDX-License-Identifier: Apache-2.0 # This command expects $GOOS/$GOARCH env variables set to reflect the desired target platform. -GOBUILD=echo "building for $$(go env GOOS)-$$(go env GOARCH)"; \ +GOBUILD=echo "building binary for $$(go env GOOS)-$$(go env GOARCH)"; \ CGO_ENABLED=0 installsuffix=cgo $(GO) build -trimpath ifeq ($(DEBUG_BINARY),) @@ -164,11 +164,8 @@ _build-platform-binaries-debug: \ build-jaeger .PHONY: build-all-platforms -build-all-platforms: \ - build-binaries-linux-amd64 \ - build-binaries-windows-amd64 \ - build-binaries-darwin-amd64 \ - build-binaries-darwin-arm64 \ - build-binaries-linux-s390x \ - build-binaries-linux-arm64 \ - build-binaries-linux-ppc64le +build-all-platforms: + for platform in $$(echo "$(PLATFORMS)" | tr ',' ' ' | tr '/' '-'); do \ + echo "Building binaries for $$platform"; \ + $(MAKE) build-binaries-$$platform; \ + done diff --git a/RELEASE.md b/RELEASE.md index daf1a6688d1..620784fa7a6 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -3,7 +3,7 @@ 1. Create a PR "Prepare release X.Y.Z" against main or maintenance branch ([example](https://github.com/jaegertracing/jaeger/pull/543/files)) by updating CHANGELOG.md to include: * A new section with the header ` (YYYY-MM-DD)` (copy the template at the top) * A curated list of notable changes and links to PRs. Do not simply dump git log, select the changes that affect the users. - To obtain the list of all changes run `make changelog` or use `scripts/release-notes.py`. + To obtain the list of all changes run `make changelog`. * The section can be split into sub-section if necessary, e.g. UI Changes, Backend Changes, Bug Fixes, etc. * If the jaeger-ui submodule has changes cut a new release * Then upgrade the submodule versions and finally commit. For example: diff --git a/scripts/hotrod-integration-test.sh b/scripts/build-hotrod-image.sh similarity index 100% rename from scripts/hotrod-integration-test.sh rename to scripts/build-hotrod-image.sh diff --git a/scripts/build-upload-a-docker-image.sh b/scripts/build-upload-a-docker-image.sh index 2712200696c..63a0a3f5d4f 100755 --- a/scripts/build-upload-a-docker-image.sh +++ b/scripts/build-upload-a-docker-image.sh @@ -5,6 +5,18 @@ set -euf -o pipefail +print_help() { + echo "Usage: $0 [-c] [-D] [-h] [-l] [-p platforms]" + echo "-h: Print help" + echo "-b: add base_image and debug_image arguments to the build command" + echo "-c: name of the component to build" + echo "-d: directory for the Dockerfile" + echo "-f: override the name of the Dockerfile (-d still respected)" + echo "-p: Comma-separated list of platforms to build for (default: all supported)" + echo "-t: Release target (release|debug) if required by the Dockerfile" + exit 1 +} + base_debug_img_arg="" docker_file_arg="Dockerfile" target_arg="" @@ -12,29 +24,32 @@ local_test_only='N' platforms="linux/amd64" namespace="jaegertracing" -while getopts "lbc:d:f:p:t:" opt; do +while getopts "bc:d:f:hlp:t:" opt; do # shellcheck disable=SC2220 # we don't need a *) case case "${opt}" in - c) - component_name=${OPTARG} - ;; b) base_debug_img_arg="--build-arg base_image=localhost:5000/baseimg_alpine:latest --build-arg debug_image=localhost:5000/debugimg_alpine:latest " ;; + c) + component_name=${OPTARG} + ;; d) dir_arg=${OPTARG} ;; f) docker_file_arg=${OPTARG} ;; + l) + local_test_only='Y' + ;; p) platforms=${OPTARG} ;; t) target_arg=${OPTARG} ;; - l) - local_test_only='Y' + ?) + print_help ;; esac done diff --git a/scripts/build-upload-docker-images.sh b/scripts/build-upload-docker-images.sh index 1d1cecfe3ef..28727b6e7db 100755 --- a/scripts/build-upload-docker-images.sh +++ b/scripts/build-upload-docker-images.sh @@ -1,13 +1,14 @@ #!/bin/bash - +# # Copyright (c) 2024 The Jaeger Authors. # SPDX-License-Identifier: Apache-2.0 set -euf -o pipefail print_help() { - echo "Usage: $0 [-D] [-l] [-p platforms]" + echo "Usage: $0 [-B] [-D] [-h] [-l] [-p platforms]" echo "-h: Print help" + echo "-B: Skip building of the binaries (e.g. when they were already built)" echo "-D: Disable building of images with debugger" echo "-l: Enable local-only mode that only pushes images to local registry" echo "-p: Comma-separated list of platforms to build for (default: all supported)" @@ -15,34 +16,41 @@ print_help() { } add_debugger='Y' +build_binaries='Y' platforms="$(make echo-linux-platforms)" LOCAL_FLAG='' -while getopts "Dhlp:" opt; do - case "${opt}" in - D) - add_debugger='N' - ;; - l) - # in the local-only mode the images will only be pushed to local registry - LOCAL_FLAG='-l' - ;; - p) - platforms=${OPTARG} - ;; - ?) - print_help - ;; - esac +while getopts "BDhlp:" opt; do + case "${opt}" in + B) + build_binaries='N' + echo "Will not build binaries as requested" + ;; + D) + add_debugger='N' + echo "Will not build debug images as requested" + ;; + l) + # in the local-only mode the images will only be pushed to local registry + LOCAL_FLAG='-l' + ;; + p) + platforms=${OPTARG} + ;; + ?) + print_help + ;; + esac done set -x -# Loop through each platform (separated by commas) -for platform in $(echo "$platforms" | tr ',' ' '); do - arch=${platform##*/} # Remove everything before the last slash - make "build-binaries-linux-${arch}" -done +if [[ "$build_binaries" == "Y" ]]; then + for platform in $(echo "$platforms" | tr ',' ' '); do + arch=${platform##*/} # Remove everything before the last slash + make "build-binaries-linux-$arch" + done +fi if [[ "${add_debugger}" == "N" ]]; then make create-baseimg diff --git a/scripts/clean-binaries.sh b/scripts/clean-binaries.sh index 7026bb34d58..69f9584ed96 100755 --- a/scripts/clean-binaries.sh +++ b/scripts/clean-binaries.sh @@ -12,5 +12,8 @@ for main in ./cmd/*/main.go; do b="${dir:?}/$bin-$platform" echo "$b" rm -f "$b" + b="${dir:?}/$bin-debug-$platform" + echo "$b" + rm -f "$b" done done diff --git a/scripts/package-deploy.sh b/scripts/package-deploy.sh index 8f87ac2756e..6c6fc23c2e6 100755 --- a/scripts/package-deploy.sh +++ b/scripts/package-deploy.sh @@ -1,19 +1,36 @@ #!/bin/bash - +# # Copyright (c) 2024 The Jaeger Authors. # SPDX-License-Identifier: Apache-2.0 set -euxf -o pipefail +# This script uses --sort=name option that is not supported by MacOS tar. +# On MacOS, install `brew install gnu-tar` and run this script with TARCMD=gtar. TARCMD=${TARCMD:-tar} +print_help() { + echo "Usage: $0 [-h] [-k gpg_key_id] [-p platforms]" + echo "-h: Print help" + echo "-k: Override default GPG signing key ID. Use 'skip' to skip signing." + echo "-p: Comma-separated list of platforms to build for (default: all supported)" + exit 1 +} + +# Default signing key (accessible to maintainers-only), documented in https://www.jaegertracing.io/download/. +gpg_key_id="B42D1DB0F079690F" platforms="$(make echo-platforms)" -while getopts "p:" opt; do - # shellcheck disable=SC2220 # we don't need a *) case - case "${opt}" in - p) - platforms=${OPTARG} - ;; - esac +while getopts "hk:p:" opt; do + case "${opt}" in + k) + gpg_key_id=${OPTARG} + ;; + p) + platforms=${OPTARG} + ;; + ?) + print_help + ;; + esac done # stage-platform-files stages the different the platform ($1) into the package @@ -133,7 +150,13 @@ find deploy \( ! -name '*sha256sum.txt' \) -type f -exec shasum -b -a 256 {} \; | tee "./deploy/jaeger-${VERSION_V2}.sha256sum.txt" # Use gpg to sign the (g)zip files (excluding checksum files) into .asc files. -find deploy \( ! -name '*sha256sum.txt' \) -type f -exec gpg --armor --detach-sign {} \; +if [[ "${gpg_key_id}" == "skip" ]]; then + echo "Skipping GPG signing as requested" +else + echo "Signing archives with GPG key ${gpg_key_id}" + gpg --list-keys "${gpg_key_id}" + find deploy \( ! -name '*sha256sum.txt' \) -type f -exec gpg -v --local-user "${gpg_key_id}" --armor --detach-sign {} \; +fi # show your work ls -lF deploy/