forked from sourcegraph/sourcegraph-public-snapshot
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathrelease.yaml
179 lines (160 loc) · 7.28 KB
/
release.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
meta:
productName: sourcegraph
repository: "github.com/sourcegraph/sourcegraph"
owners:
- "@sourcegraph/release"
requirements:
- name: "curl"
cmd: "curl --help"
- name: "Buidkite access token"
env: BUILDKITE_ACCESS_TOKEN # `write_builds` permission is needed here
# #announce-engineering slack webhook url:
# https://start.1password.com/open/i?a=HEDEDSLHPBFGRBTKAKJWE23XX4&v=dnrhbauihkhjs5ag6vszsme45a&i=pldpna5vivapxe4phewnqd42ji&h=team-sourcegraph.1password.com
# #bolaji-release-testing
# https://start.1password.com/open/i?a=HEDEDSLHPBFGRBTKAKJWE23XX4&v=isv4abynddpox72wwbhaamo76e&i=7zjax5rm5hlilbgrzeb257i62i&h=team-sourcegraph.1password.com
- name: "Slack Webhook URL"
env: SLACK_WEBHOOK_URL
internal:
create:
steps:
patch:
- name: "buildkite"
cmd: |
echo "Triggering build on sourcegraph/sourcegraph with VERSION={{version}} on branch {{git.branch}}"
body=$(curl -s --fail-with-body -X POST "https://api.buildkite.com/v2/organizations/sourcegraph/pipelines/sourcegraph/builds" -H "Content-Type: application/json" -H "Authorization: Bearer $BUILDKITE_ACCESS_TOKEN" -d '{
"commit": "HEAD",
"branch": "{{git.branch}}",
"message": "Internal release build for {{version}}",
"env": {
"RELEASE_INTERNAL": "true",
"VERSION": "{{tag}}"
}
}')
exit_code=$?
if [ $exit_code != 0 ]; then
echo "❌ Failed to create build on Buildkite, got:"
echo "--- raw body ---"
echo $body
echo "--- raw body ---"
exit $exit_code
else
echo "Build created, see:"
echo $body | jq .web_url
fi
finalize:
steps:
- name: "Register on release registry"
cmd: |
echo "pretending to call release registry api"
- name: "notifications"
cmd: |
set -eu
# Post an annotation.
cat << EOF | buildkite-agent annotate --style info
Internal release is ready for promotion under the branch [\`{{git.branch}}\`](https://github.com/sourcegraph/sourcegraph/tree/$branch).
EOF
test:
steps:
- name: "check:git tag does not exist"
cmd: |
tags=$(git ls-remote --tags origin | sort -t '/' -k 3 | cut -f 2 | awk -F '/' '{gsub(/\^\{\}$/, "", $3); print $3}' | uniq)
if echo "${tags}" | grep -q "^{{version}}$"; then
echo "❌ Tag '{{version}}' already exists"
exit 1
fi
- name: "check:migrator-schemas"
cmd: |
set -eu
REGISTRY="${PROD_REGISTRY:-''}"
# the reason this is not in the requirements check of the release yaml is because those checks also
# apply when running the release tooling locally, and the testing steps are supposed to run in CI
if [ -z ${REGISTRY} ]; then
echo "PROD_REGISTRY is not set - unable to check migrator image"
exit 1
fi
IMAGE="${REGISTRY}/migrator:{{tag}}"
# Pull the image so that we can inspect it
echo "pulling migrator image ${IMAGE}"
docker pull "${IMAGE}"
echo "checking migrator image for {{version}} schema description files"
# now we check that the schema description files exist
# we need to trim the result from docker since it has '\r' hence the use of tr
count=$(docker run -t --rm --entrypoint /bin/sh "${IMAGE}" -c "ls -al /schema-descriptions/{{version}}-*.json | wc -l" | tr -d '[:space:]')
if [[ "$count" -ne 3 ]]; then
echo "migrator:{{tag}} does not contain the correct amount of schema description files for this release - expected 3 got ${count}"
exit 1
fi
echo "checking migrator image for older schema description files"
count=$(docker run -t --rm --entrypoint /bin/sh "${IMAGE}" -c "ls -al /schema-descriptions/*-internal_database_schema*json | wc -l" | tr -d '[:space:]')
# in our newer releases we have upwards of 300 schema descriptions, so we check that we have at least 300
if [[ "$count" -lt 300 ]]; then
echo "migrator:{{tag}} does not contain the correct amount of schema description files for this release - expected more than 300 got ${count}"
exit 1
fi
promoteToPublic:
create:
steps:
- name: "buildkite"
cmd: |
# We set DISABLE_ASPECT_WORKFLOWS to true, because the promotion is purely about retagging images
# and we don't rely on AW at all.
echo "Triggering build on sourcegraph/sourcegraph with VERSION={{version}} on branch {{git.branch}}"
body=$(curl -s --fail-with-body -X POST "https://api.buildkite.com/v2/organizations/sourcegraph/pipelines/sourcegraph/builds" -H "Content-Type: application/json" -H "Authorization: Bearer $BUILDKITE_ACCESS_TOKEN" -d '{
"commit": "HEAD",
"branch": "{{git.branch}}",
"message": "Promoting internal release {{version}} to public",
"env": {
"DISABLE_ASPECT_WORKFLOWS": "true",
"RELEASE_PUBLIC": "true",
"VERSION": "{{tag}}"
}
}')
exit_code=$?
if [ $exit_code != 0 ]; then
echo "❌ Failed to create build on Buildkite, got:"
echo "--- raw body ---"
echo $body
echo "--- raw body ---"
exit $exit_code
else
echo "Build created, see:"
echo $body | jq .web_url
fi
finalize:
steps:
- name: "Promote on release registry"
cmd: |
echo "pretending to call release registry api"
- name: "git:tag"
cmd: |
set -eu
# we need to first fetch the branch because the repo in CI is in a detached state
git fetch origin '+refs/heads/{{git.branch}}:refs/heads/{{git.branch}}'
git checkout {{git.branch}}
git tag {{version}}
git push origin {{git.branch}} --tags
# Annotate build
cat << EOF | buildkite-agent annotate --style info
Promoted release is **publicly available** through a git tag at [\`{{version}}\`](https://github.com/sourcegraph/sourcegraph/tree/{{version}}).
EOF
# tag is usually in the format `5.3.2`
# while version is usually the tag prepended with a v, `v5.3.2`
- name: "Slack notification (#announce-engineering)"
cmd: |
echo "Posting slack notification for release"
tag="{{tag}}"
changelog_version="${tag//./}"
body=$(curl -s --fail-with-body -X POST "$SLACK_WEBHOOK_URL" -H "Content-Type: application/json" -d '{
"type": "mrkdwn"
"text": "*Sourcegraph {{tag}} has been published*\n\n• <https://sourcegraph.com/docs/CHANGELOG#${changelog_version} | Changelog>\n• <https://github.com/sourcegraph/sourcegraph/releases/tag/{{version}} | GitHub release>"
}')
exit_code=$?
if [ $exit_code != 0 ]; then
echo "❌ Unable to post message to slack, got:"
echo "--- raw body ---"
echo $body
echo "--- raw body ---"
exit $exit_code
else
echo "Posted to slack."
fi