jaegertracing · yurishkuro · Sep 4, 2024 · Aug 31, 2024 · Sep 1, 2024 · Sep 2, 2024
@@ -50,11 +50,11 @@ jobs:
 
     - name: Build only linux/amd64 container images for a Pull Request
       if: github.ref_name != 'main'
+      # -D disables images with debugger
       run: bash scripts/build-upload-docker-images.sh -D -p linux/amd64
 
     - name: Build and upload all container images
       if: github.ref_name == 'main'
-      # -d: include images with debugger
       run: bash scripts/build-upload-docker-images.sh
       env:
         DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}

@@ -53,7 +53,7 @@ jobs:
         esac
 
     - name: Build, test, and publish hotrod image
-      run: bash scripts/hotrod-integration-test.sh ${{ env.BUILD_FLAGS }}
+      run: bash scripts/build-hotrod-image.sh ${{ env.BUILD_FLAGS }}
       env:
         DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
         QUAY_TOKEN: ${{ secrets.QUAY_TOKEN }}
@@ -6,6 +6,22 @@ on:
       - published
   # allow running release workflow manually
   workflow_dispatch:
+    # Determine the version numbers that will be assigned to the release.
+    inputs:
+      version_v1:
+        required: true
+        type: string
+        description: Version number for 1.x components. Don't include a leading `v`.
+
+      version_v2:
+        required: true
+        type: string
+        description: Version number for 2.x components. Don't include a leading `v`.
+
+      dry_run:
+        required: true
+        type: boolean
+        description: Pass `true` for a test run. It will only build one platform (for speed) and will not push artifacts.
 
 # See https://github.com/jaegertracing/jaeger/issues/4017
 permissions:
@@ -49,6 +65,18 @@ jobs:
     - name: Setup Node.js version
       uses: ./.github/actions/setup-node.js
 
+    - name: Determine parameters
+      id: params
+      run: |
+        if [[ "${{ inputs.dry_run }}" == "true" ]]; then
+          echo "platforms=linux/amd64" >> $GITHUB_OUTPUT
+          echo "linux_platforms=linux/amd64" >> $GITHUB_OUTPUT
+          echo "gpg_key_override=-k skip" >> $GITHUB_OUTPUT
+        else
+          echo "platforms=$(make echo-platforms)" >> $GITHUB_OUTPUT
+          echo "linux_platforms=$(make echo-linux-platforms)" >> $GITHUB_OUTPUT
+        fi
+
     - name: Export BRANCH variable and validate it is a semver
       # Many scripts depend on BRANCH variable. We do not want to
       # use ./.github/actions/setup-branch here because it may set
@@ -65,20 +93,21 @@ jobs:
       run: make install-ci
 
     - name: Configure GPG Key
-      id: import_gpg
+      if: ${{ inputs.dry_run != true }}
       uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0
       with:
         gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
         passphrase: ${{ secrets.GPG_PASSPHRASE }}
 
-    - name: Build binaries
-      run: make build-all-platforms
+    - name: Build all binaries
+      run: make build-all-platforms PLATFORMS=${{ steps.params.outputs.platforms }}
 
     - name: Package binaries
       id: package-binaries
-      run: bash scripts/package-deploy.sh
+      run: bash scripts/package-deploy.sh -p ${{ steps.params.outputs.platforms }} ${{ gpg_key_override }}
 
     - name: Upload binaries
+      if: ${{ inputs.dry_run != true }}
       uses: svenstaro/upload-release-action@04733e069f2d7f7f0b4aebc4fbdbce8613b03ccd # 2.9.0
       with:
         file: '{deploy/*.tar.gz,deploy/*.zip,deploy/*.sha256sum.txt,deploy/*.asc}'
@@ -87,28 +116,28 @@ jobs:
         tag: ${{ env.BRANCH }}
         repo_token: ${{ secrets.GITHUB_TOKEN }}
 
-    - name: Clean up some more disk space
-      # Delete the release artifacts after uploading them.
+    - name: Delete the release artifacts after uploading them.
       run: |
         rm -rf deploy || true
         df -h /
 
     - uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0
 
     - name: Build and upload all container images
-      run: bash scripts/build-upload-docker-images.sh
+      # -B skips building the binaries since we already did that above
+      run: bash scripts/build-upload-docker-images.sh -B -p ${{ steps.params.outputs.linux_platforms }}
       env:
         DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
         QUAY_TOKEN: ${{ secrets.QUAY_TOKEN }}
 
     - name: Build, test, and publish all-in-one image
-      run: bash scripts/build-all-in-one-image.sh
+      run: bash scripts/build-all-in-one-image.sh -p ${{ steps.params.outputs.linux_platforms }}
       env:
         DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
         QUAY_TOKEN: ${{ secrets.QUAY_TOKEN }}
 
     - name: Build, test, and publish hotrod image
-      run: bash scripts/hotrod-integration-test.sh
+      run: bash scripts/build-hotrod-image.sh -p ${{ steps.params.outputs.linux_platforms }}
       env:
         DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
         QUAY_TOKEN: ${{ secrets.QUAY_TOKEN }}
@@ -125,6 +154,7 @@ jobs:
       # when the workflow is triggered manually, only from a release.
       # See https://github.com/jaegertracing/jaeger/issues/4817
       uses: svenstaro/upload-release-action@04733e069f2d7f7f0b4aebc4fbdbce8613b03ccd # 2.9.0
+      if: ${{ inputs.dry_run != true }}
       with:
         file: jaeger-SBOM.spdx.json
         overwrite: true

@@ -2,7 +2,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 # This command expects $GOOS/$GOARCH env variables set to reflect the desired target platform.
-GOBUILD=echo "building for $$(go env GOOS)-$$(go env GOARCH)"; \
+GOBUILD=echo "building binary for $$(go env GOOS)-$$(go env GOARCH)"; \
   CGO_ENABLED=0 installsuffix=cgo $(GO) build -trimpath
 
 ifeq ($(DEBUG_BINARY),)
@@ -164,11 +164,8 @@ _build-platform-binaries-debug: \
 	build-jaeger
 
 .PHONY: build-all-platforms
-build-all-platforms: \
-	build-binaries-linux-amd64 \
-	build-binaries-windows-amd64 \
-	build-binaries-darwin-amd64 \
-	build-binaries-darwin-arm64 \
-	build-binaries-linux-s390x \
-	build-binaries-linux-arm64 \
-	build-binaries-linux-ppc64le
+build-all-platforms:
+	for platform in $$(echo "$(PLATFORMS)" | tr ',' ' ' | tr '/' '-'); do \
+	  echo "Building binaries for $$platform"; \
+	  $(MAKE) build-binaries-$$platform; \
+	done
@@ -3,7 +3,7 @@
 1. Create a PR "Prepare release X.Y.Z" against main or maintenance branch ([example](https://github.com/jaegertracing/jaeger/pull/543/files)) by updating CHANGELOG.md to include:
     * A new section with the header `<X.Y.Z> (YYYY-MM-DD)` (copy the template at the top)
     * A curated list of notable changes and links to PRs. Do not simply dump git log, select the changes that affect the users.
-      To obtain the list of all changes run `make changelog` or use `scripts/release-notes.py`.
+      To obtain the list of all changes run `make changelog`.
     * The section can be split into sub-section if necessary, e.g. UI Changes, Backend Changes, Bug Fixes, etc.
     * If the jaeger-ui submodule has changes cut a new release
     * Then upgrade the submodule versions and finally commit. For example:

@@ -5,36 +5,51 @@
 
 set -euf -o pipefail
 
+print_help() {
+  echo "Usage: $0 [-c] [-D] [-h] [-l] [-p platforms]"
+  echo "-h: Print help"
+  echo "-b: add base_image and debug_image arguments to the build command"
+  echo "-c: name of the component to build"
+  echo "-d: directory for the Dockerfile"
+  echo "-f: override the name of the Dockerfile (-d still respected)"
+  echo "-p: Comma-separated list of platforms to build for (default: all supported)"
+  echo "-t: Release target (release|debug) if required by the Dockerfile"
+  exit 1
+}
+
 base_debug_img_arg=""
 docker_file_arg="Dockerfile"
 target_arg=""
 local_test_only='N'
 platforms="linux/amd64"
 namespace="jaegertracing"
 
-while getopts "lbc:d:f:p:t:" opt; do
+while getopts "bc:d:f:hlp:t:" opt; do
 	# shellcheck disable=SC2220 # we don't need a *) case
 	case "${opt}" in
-	c)
-		component_name=${OPTARG}
-		;;
 	b)
 		base_debug_img_arg="--build-arg base_image=localhost:5000/baseimg_alpine:latest --build-arg debug_image=localhost:5000/debugimg_alpine:latest "
 		;;
+	c)
+		component_name=${OPTARG}
+		;;
 	d)
 		dir_arg=${OPTARG}
 		;;
 	f)
 		docker_file_arg=${OPTARG}
 		;;
+	l)
+		local_test_only='Y'
+		;;
 	p)
 		platforms=${OPTARG}
 		;;
 	t)
 		target_arg=${OPTARG}
 		;;
-	l)
-		local_test_only='Y'
+	?)
+		print_help
 		;;
 	esac
 done

@@ -1,48 +1,56 @@
 #!/bin/bash
-
+#
 # Copyright (c) 2024 The Jaeger Authors.
 # SPDX-License-Identifier: Apache-2.0
 
 set -euf -o pipefail
 
 print_help() {
-  echo "Usage: $0 [-D] [-l] [-p platforms]"
+  echo "Usage: $0 [-B] [-D] [-h] [-l] [-p platforms]"
   echo "-h: Print help"
+  echo "-B: Skip building of the binaries (e.g. when they were already built)"
   echo "-D: Disable building of images with debugger"
   echo "-l: Enable local-only mode that only pushes images to local registry"
   echo "-p: Comma-separated list of platforms to build for (default: all supported)"
   exit 1
 }
 
 add_debugger='Y'
+build_binaries='Y'
 platforms="$(make echo-linux-platforms)"
 LOCAL_FLAG=''
 
-while getopts "Dhlp:" opt; do
-	case "${opt}" in
-	D)
-		add_debugger='N'
-		;;
-	l)
-		# in the local-only mode the images will only be pushed to local registry
-		LOCAL_FLAG='-l'
-		;;
-	p)
-		platforms=${OPTARG}
-		;;
-	?)
-		print_help
-		;;
-	esac
+while getopts "BDhlp:" opt; do
+  case "${opt}" in
+  B)
+    build_binaries='N'
+    echo "Will not build binaries as requested"
+    ;;
+  D)
+    add_debugger='N'
+    echo "Will not build debug images as requested"
+    ;;
+  l)
+    # in the local-only mode the images will only be pushed to local registry
+    LOCAL_FLAG='-l'
+    ;;
+  p)
+    platforms=${OPTARG}
+    ;;
+  ?)
+    print_help
+    ;;
+  esac
 done
 
 set -x
 
-# Loop through each platform (separated by commas)
-for platform in $(echo "$platforms" | tr ',' ' '); do
-  arch=${platform##*/}  # Remove everything before the last slash
-  make "build-binaries-linux-${arch}"
-done
+if [[ "$build_binaries" == "Y" ]]; then
+  for platform in $(echo "$platforms" | tr ',' ' '); do
+    arch=${platform##*/}  # Remove everything before the last slash
+    make "build-binaries-linux-$arch"
+  done
+fi
 
 if [[ "${add_debugger}" == "N" ]]; then
   make create-baseimg

@@ -12,5 +12,8 @@ for main in ./cmd/*/main.go; do
       b="${dir:?}/$bin-$platform"
       echo "$b"
       rm -f "$b"
+      b="${dir:?}/$bin-debug-$platform"
+      echo "$b"
+      rm -f "$b"
     done
 done
@@ -1,19 +1,36 @@
 #!/bin/bash
-
+#
 # Copyright (c) 2024 The Jaeger Authors.
 # SPDX-License-Identifier: Apache-2.0
 set -euxf -o pipefail
 
+# This script uses --sort=name option that is not supported by MacOS tar.
+# On MacOS, install `brew install gnu-tar` and run this script with TARCMD=gtar.
 TARCMD=${TARCMD:-tar}
 
+print_help() {
+  echo "Usage: $0 [-h] [-k gpg_key_id] [-p platforms]"
+  echo "-h: Print help"
+  echo "-k: Override default GPG signing key ID. Use 'skip' to skip signing."
+  echo "-p: Comma-separated list of platforms to build for (default: all supported)"
+  exit 1
+}
+
+# Default signing key (accessible to maintainers-only), documented in https://www.jaegertracing.io/download/.
+gpg_key_id="B42D1DB0F079690F"
 platforms="$(make echo-platforms)"
-while getopts "p:" opt; do
-	# shellcheck disable=SC2220 # we don't need a *) case
-	case "${opt}" in
-	p)
-		platforms=${OPTARG}
-		;;
-	esac
+while getopts "hk:p:" opt; do
+  case "${opt}" in
+  k)
+    gpg_key_id=${OPTARG}
+    ;;
+  p)
+    platforms=${OPTARG}
+    ;;
+  ?)
+    print_help
+    ;;
+  esac
 done
 
 # stage-platform-files stages the different the platform ($1) into the package
@@ -133,7 +150,13 @@ find deploy \( ! -name '*sha256sum.txt' \) -type f -exec shasum -b -a 256 {} \;
   | tee "./deploy/jaeger-${VERSION_V2}.sha256sum.txt"
 
 # Use gpg to sign the (g)zip files (excluding checksum files) into .asc files.
-find deploy \( ! -name '*sha256sum.txt' \) -type f -exec gpg --armor --detach-sign {} \;
+if [[ "${gpg_key_id}" == "skip" ]]; then
+  echo "Skipping GPG signing as requested"
+else
+  echo "Signing archives with GPG key ${gpg_key_id}"
+  gpg --list-keys "${gpg_key_id}"
+  find deploy \( ! -name '*sha256sum.txt' \) -type f -exec gpg -v --local-user "${gpg_key_id}" --armor --detach-sign {} \;
+fi
 
 # show your work
 ls -lF deploy/