From 2ae56bd4acc789f03f82eae76703e8d235b620d6 Mon Sep 17 00:00:00 2001 From: Sarah Thompson Date: Wed, 6 Sep 2023 18:24:39 +0100 Subject: [PATCH] cherrypick of https://github.com/hashicorp/vault/commit/a9a4b0b9ff4459deaeab4ba62927a2e2633be878 (#22813) --- .github/workflows/build-vault-oss.yml | 14 +- .github/workflows/build.yml | 43 +++-- .github/workflows/enos-lint.yml | 5 +- .../workflows/enos-release-testing-oss.yml | 13 +- .../test-run-enos-scenario-matrix.yml | 17 +- .release/ci.hcl | 11 +- Makefile | 46 +---- enos/enos-scenario-agent.hcl | 5 - enos/enos-scenario-ui.hcl | 4 - enos/modules/build_local/main.tf | 42 ++--- enos/modules/build_local/scripts/build.sh | 8 +- enos/modules/get_local_metadata/main.tf | 36 +++- .../get_local_metadata/scripts/version.sh | 96 +++++++++- .../templates/verify-cluster-version.sh | 7 +- scripts/ci-helper.sh | 166 ++++-------------- version/VERSION | 1 + version/version_base.go | 14 +- 17 files changed, 280 insertions(+), 248 deletions(-) create mode 100644 version/VERSION diff --git a/.github/workflows/build-vault-oss.yml b/.github/workflows/build-vault-oss.yml index b703807e9..fd22022c1 100644 --- a/.github/workflows/build-vault-oss.yml +++ b/.github/workflows/build-vault-oss.yml @@ -35,7 +35,12 @@ on: web-ui-cache-key: type: string required: true - + vault-base-version: + type: string + required: true + vault-prerelease-version: + type: string + required: true jobs: build: runs-on: custom-linux-xl-vault-latest @@ -55,15 +60,18 @@ jobs: key: ${{ inputs.web-ui-cache-key }} - name: Build Vault env: + GO_TAGS: ${{ inputs.go-tags }} CGO_ENABLED: ${{ inputs.cgo-enabled }} GOARCH: ${{ inputs.goarch }} GOOS: ${{ inputs.goos }} - GO_TAGS: ${{ inputs.go-tags }} - run: make ci-build + VERSION: ${{ inputs.vault-version }} + run: + make ci-build - name: Determine artifact basename env: GOARCH: ${{ inputs.goarch }} GOOS: ${{ inputs.goos }} + VERSION: ${{ inputs.vault-version }} run: echo "ARTIFACT_BASENAME=$(make ci-get-artifact-basename)" >> "$GITHUB_ENV" - name: Bundle Vault env: diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 3ab52cfdc..808e75a73 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,4 +1,3 @@ ---- name: build on: @@ -38,8 +37,10 @@ jobs: matrix-test-group: ${{ steps.get-metadata.outputs.matrix-test-group }} package-name: ${{ steps.get-metadata.outputs.package-name }} vault-revision: ${{ steps.get-metadata.outputs.vault-revision }} - vault-version: ${{ steps.get-metadata.outputs.vault-version }} - vault-base-version: ${{ steps.get-metadata.outputs.vault-base-version }} + vault-version: ${{ steps.set-product-version.outputs.product-version }} + vault-base-version: ${{ steps.set-product-version.outputs.base-product-version }} + vault-prerelease-version: ${{ steps.set-product-version.outputs.prerelease-product-version }} + vault-minor-version: ${{ steps.set-product-version.outputs.minor-product-version }} steps: - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Ensure Go modules are cached @@ -48,6 +49,9 @@ jobs: with: github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} no-restore: true # don't download them on a cache hit + - name: Set Product version + id: set-product-version + uses: hashicorp/actions-set-product-version@v1 - name: Get metadata id: get-metadata env: @@ -55,18 +59,17 @@ jobs: # test group. It should be set to the highest test_group used in the # enos-run-matrices. MATRIX_MAX_TEST_GROUPS: 5 + VAULT_VERSION: ${{ steps.set-product-version.outputs.product-version }} run: | # shellcheck disable=SC2129 echo "build-date=$(make ci-get-date)" >> "$GITHUB_OUTPUT" echo "matrix-test-group=$(make ci-get-matrix-group-id)" >> "$GITHUB_OUTPUT" echo "package-name=vault" >> "$GITHUB_OUTPUT" - echo "vault-base-version=$(make ci-get-version-base)" >> "$GITHUB_OUTPUT" echo "vault-revision=$(make ci-get-revision)" >> "$GITHUB_OUTPUT" - echo "vault-version=$(make ci-get-version)" >> "$GITHUB_OUTPUT" - uses: hashicorp/actions-generate-metadata@v1 id: generate-metadata-file with: - version: ${{ steps.get-metadata.outputs.vault-version }} + version: ${{ steps.set-product-version.outputs.product-version }} product: ${{ steps.get-metadata.outputs.package-name }} - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: @@ -131,6 +134,8 @@ jobs: package-name: ${{ needs.product-metadata.outputs.package-name }} web-ui-cache-key: ${{ needs.build-ui.outputs.cache-key }} vault-version: ${{ needs.product-metadata.outputs.vault-version }} + vault-base-version: ${{ needs.product-metadata.outputs.vault-base-version }} + vault-prerelease-version: ${{ needs.product-metadata.outputs.vault-prerelease-version }} secrets: inherit build-linux: @@ -151,6 +156,8 @@ jobs: package-name: ${{ needs.product-metadata.outputs.package-name }} web-ui-cache-key: ${{ needs.build-ui.outputs.cache-key }} vault-version: ${{ needs.product-metadata.outputs.vault-version }} + vault-base-version: ${{ needs.product-metadata.outputs.vault-base-version }} + vault-prerelease-version: ${{ needs.product-metadata.outputs.vault-prerelease-version }} secrets: inherit build-darwin: @@ -172,6 +179,8 @@ jobs: package-name: ${{ needs.product-metadata.outputs.package-name }} web-ui-cache-key: ${{ needs.build-ui.outputs.cache-key }} vault-version: ${{ needs.product-metadata.outputs.vault-version }} + vault-base-version: ${{ needs.product-metadata.outputs.vault-base-version }} + vault-prerelease-version: ${{ needs.product-metadata.outputs.vault-prerelease-version }} secrets: inherit build-docker: @@ -183,17 +192,20 @@ jobs: strategy: matrix: arch: [arm, arm64, 386, amd64] + env: + repo: ${{ github.event.repository.name }} + version: ${{ needs.product-metadata.outputs.vault-version }} steps: - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - uses: hashicorp/actions-docker-build@v1 with: - version: ${{ needs.product-metadata.outputs.vault-version }} + version: "${{ env.version }}" target: default arch: ${{ matrix.arch }} - zip_artifact_name: vault_${{ needs.product-metadata.outputs.vault-version }}_linux_${{ matrix.arch }}.zip + zip_artifact_name: vault_${{ env.version }}_linux_${{ matrix.arch }}.zip tags: | - docker.io/hashicorp/${{ github.event.repository.name }}:${{ needs.product-metadata.outputs.vault-version }} - public.ecr.aws/hashicorp/${{ github.event.repository.name }}:${{ needs.product-metadata.outputs.vault-version }} + docker.io/hashicorp/${{ env.repo }}:${{ env.version }} + public.ecr.aws/hashicorp/${{ env.repo }}:${{ env.version }} build-ubi: name: UBI image @@ -204,15 +216,18 @@ jobs: strategy: matrix: arch: [amd64] + env: + repo: ${{ github.event.repository.name }} + version: ${{ needs.product-metadata.outputs.vault-version }} steps: - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - uses: hashicorp/actions-docker-build@v1 with: - version: ${{ needs.product-metadata.outputs.vault-version }} + version: ${{ env.version }} target: ubi arch: ${{ matrix.arch }} - zip_artifact_name: vault_${{ needs.product-metadata.outputs.vault-version }}_linux_${{ matrix.arch }}.zip - redhat_tag: quay.io/redhat-isv-containers/5f89bb5e0b94cf64cfeb500a:${{ needs.product-metadata.outputs.vault-version }}-ubi + zip_artifact_name: vault_${{ env.version }}_linux_${{ matrix.arch }}.zip + redhat_tag: quay.io/redhat-isv-containers/5f89bb5e0b94cf64cfeb500a:${{ env.version }}-ubi test: name: Test ${{ matrix.build-artifact-name }} @@ -244,6 +259,8 @@ jobs: vault-edition: oss vault-revision: ${{ needs.product-metadata.outputs.vault-revision }} ssh-key-name: ${{ github.event.repository.name }}-ci-ssh-key + vault-version: ${{ needs.product-metadata.outputs.vault-version }} + vault-minor-version: ${{ needs.product-metadata.outputs.vault-minor-version }} secrets: inherit test-docker-k8s: diff --git a/.github/workflows/enos-lint.yml b/.github/workflows/enos-lint.yml index 3f44084a4..0244fac4f 100644 --- a/.github/workflows/enos-lint.yml +++ b/.github/workflows/enos-lint.yml @@ -17,8 +17,11 @@ jobs: ENOS_VAR_tfc_api_token: ${{ secrets.TF_API_TOKEN }} steps: - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + - name: Set Product version + id: set-product-version + uses: hashicorp/actions-set-product-version@v1 - id: get-version - run: echo "version=$(make ci-get-version)" >> "$GITHUB_OUTPUT" + run: echo "version=${{ steps.set-product-version.outputs.product-version }}" >> "$GITHUB_OUTPUT" - uses: hashicorp/setup-terraform@v2 with: terraform_wrapper: false diff --git a/.github/workflows/enos-release-testing-oss.yml b/.github/workflows/enos-release-testing-oss.yml index cb8a1c8df..7e9239a1d 100644 --- a/.github/workflows/enos-release-testing-oss.yml +++ b/.github/workflows/enos-release-testing-oss.yml @@ -7,13 +7,17 @@ on: - enos-release-testing-oss::* jobs: + product-metadata: if: ${{ startsWith(github.event.client_payload.payload.branch, 'release/') }} runs-on: ubuntu-latest outputs: matrix-test-group: ${{ steps.get-metadata.outputs.matrix-test-group }} vault-revision: ${{ steps.get-metadata.outputs.vault-revision }} - vault-version: ${{ steps.get-metadata.outputs.vault-version }} + vault-version: ${{ steps.set-product-version.outputs.product-version }} + vault-base-version: ${{ steps.set-product-version.outputs.base-product-version }} + vault-prerelease-version: ${{ steps.set-product-version.outputs.prerelease-product-version }} + vault-minor-version: ${{ steps.set-product-version.outputs.minor-product-version }} steps: - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 with: @@ -30,7 +34,6 @@ jobs: # shellcheck disable=SC2129 echo "matrix-test-group=$(make ci-get-matrix-group-id)" >> "$GITHUB_OUTPUT" echo "vault-revision=$(make ci-get-revision)" >> "$GITHUB_OUTPUT" - echo "vault-version=$(make ci-get-version)" >> "$GITHUB_OUTPUT" # Get the workflow summary similar to CRT workflows - name: Release Artifact Info run: | @@ -40,6 +43,10 @@ jobs: echo "__Commit:__ ${{ github.event.client_payload.payload.sha }}" >> "$GITHUB_STEP_SUMMARY" echo "" >> "$GITHUB_STEP_SUMMARY" echo "[Build Workflow](https://github.com/${{github.event.client_payload.payload.org}}/${{github.event.client_payload.payload.repo}}/actions/runs/${{github.event.client_payload.payload.buildworkflowid}})" >> "$GITHUB_STEP_SUMMARY" + - name: Set Product version + id: set-product-version + uses: hashicorp/actions-set-product-version@v1 + test: name: Test ${{ matrix.build-artifact-name }} @@ -60,6 +67,8 @@ jobs: matrix-test-group: ${{ needs.product-metadata.outputs.matrix-test-group }} vault-edition: oss vault-revision: ${{ needs.product-metadata.outputs.vault-revision }} + vault-version: ${{ needs.product-metadata.outputs.vault-version }} + vault-minor-version: ${{ needs.product-metadata.outputs.vault-minor-version }} secrets: inherit save-metadata: diff --git a/.github/workflows/test-run-enos-scenario-matrix.yml b/.github/workflows/test-run-enos-scenario-matrix.yml index 6a6b4df84..c216ae7db 100644 --- a/.github/workflows/test-run-enos-scenario-matrix.yml +++ b/.github/workflows/test-run-enos-scenario-matrix.yml @@ -51,6 +51,12 @@ on: vault-edition: required: true type: string + vault-version: + required: true + type: string + vault-minor-version: + required: true + type: string # The Git commit SHA used as the revision when building vault vault-revision: required: true @@ -62,12 +68,12 @@ jobs: outputs: build-date: ${{ steps.metadata.outputs.build-date }} matrix: ${{ steps.metadata.outputs.matrix }} - version: ${{ steps.metadata.outputs.version }} - version-minor: ${{ steps.metadata.outputs.matrix }} env: # Pass the vault edition as VAULT_METADATA so the CI make targets can create # values that consider the edition. VAULT_METADATA: ${{ inputs.vault-edition }} + VAULT_VERSION: ${{ inputs.vault-version }} + VAULT_MINOR_VERSION: ${{ inputs.vault-minor-version }} # Pass in the matrix and matrix group for filtering MATRIX_FILE: ./.github/enos-run-matrices/${{ inputs.matrix-file-name }}.json MATRIX_TEST_GROUP: ${{ inputs.matrix-test-group }} @@ -77,10 +83,9 @@ jobs: ref: ${{ inputs.vault-revision }} - id: metadata run: | - # shellcheck disable=SC2129 echo "build-date=$(make ci-get-date)" >> "$GITHUB_OUTPUT" - echo "version=$(make ci-get-version)" >> "$GITHUB_OUTPUT" - echo "matrix=$(make ci-filter-matrix)" >> "$GITHUB_OUTPUT" + filtered="$(make ci-filter-matrix)" + echo "matrix=$filtered" >> "$GITHUB_OUTPUT" # Run the Enos test scenarios run: @@ -101,7 +106,7 @@ jobs: ENOS_VAR_terraform_plugin_cache_dir: ./support/terraform-plugin-cache ENOS_VAR_vault_artifact_path: ./support/downloads/${{ inputs.build-artifact-name }} ENOS_VAR_vault_build_date: ${{ needs.metadata.outputs.build-date }} - ENOS_VAR_vault_product_version: ${{ needs.metadata.outputs.version }} + ENOS_VAR_vault_product_version: ${{ inputs.vault-version }} ENOS_VAR_vault_revision: ${{ inputs.vault-revision }} ENOS_VAR_vault_license_path: ./support/vault.hclic ENOS_DEBUG_DATA_ROOT_DIR: /tmp/enos-debug-data diff --git a/.release/ci.hcl b/.release/ci.hcl index 8cea975cf..8cd7eb85f 100644 --- a/.release/ci.hcl +++ b/.release/ci.hcl @@ -153,8 +153,17 @@ event "post-publish-website" { } } -event "update-ironbank" { +event "bump-version" { depends = ["post-publish-website"] + action "bump-version" { + organization = "hashicorp" + repository = "crt-workflows-common" + workflow = "bump-version" + } +} + +event "update-ironbank" { + depends = ["bump-version"] action "update-ironbank" { organization = "hashicorp" repository = "crt-workflows-common" diff --git a/Makefile b/Makefile index 7696ad783..d1ea15dd7 100644 --- a/Makefile +++ b/Makefile @@ -300,22 +300,13 @@ ci-build: ci-build-ui: @$(CURDIR)/scripts/ci-helper.sh build-ui -.PHONY: ci-bundle -ci-bundle: - @$(CURDIR)/scripts/ci-helper.sh bundle - .PHONY: ci-filter-matrix ci-filter-matrix: @$(CURDIR)/scripts/ci-helper.sh matrix-filter-file -.PHONY: ci-get-artifact-basename -ci-get-artifact-basename: - @$(CURDIR)/scripts/ci-helper.sh artifact-basename - .PHONY: ci-get-date ci-get-date: @$(CURDIR)/scripts/ci-helper.sh date - .PHONY: ci-get-matrix-group-id ci-get-matrix-group-id: @$(CURDIR)/scripts/ci-helper.sh matrix-group-id @@ -324,38 +315,19 @@ ci-get-matrix-group-id: ci-get-revision: @$(CURDIR)/scripts/ci-helper.sh revision -.PHONY: ci-get-version -ci-get-version: - @$(CURDIR)/scripts/ci-helper.sh version - -.PHONY: ci-get-version-base -ci-get-version-base: - @$(CURDIR)/scripts/ci-helper.sh version-base - -.PHONY: ci-get-version-major -ci-get-version-major: - @$(CURDIR)/scripts/ci-helper.sh version-major - -.PHONY: ci-get-version-meta -ci-get-version-meta: - @$(CURDIR)/scripts/ci-helper.sh version-meta - -.PHONY: ci-get-version-minor -ci-get-version-minor: - @$(CURDIR)/scripts/ci-helper.sh version-minor +.PHONY: ci-prepare-legal +ci-prepare-legal: + @$(CURDIR)/scripts/ci-helper.sh prepare-legal .PHONY: ci-get-version-package ci-get-version-package: @$(CURDIR)/scripts/ci-helper.sh version-package -.PHONY: ci-get-version-patch -ci-get-version-patch: - @$(CURDIR)/scripts/ci-helper.sh version-patch +.PHONY: ci-get-artifact-basename +ci-get-artifact-basename: + @$(CURDIR)/scripts/ci-helper.sh artifact-basename -.PHONY: ci-get-version-pre -ci-get-version-pre: - @$(CURDIR)/scripts/ci-helper.sh version-pre +.PHONY: ci-bundle +ci-bundle: + @$(CURDIR)/scripts/ci-helper.sh bundle -.PHONY: ci-prepare-legal -ci-prepare-legal: - @$(CURDIR)/scripts/ci-helper.sh prepare-legal diff --git a/enos/enos-scenario-agent.hcl b/enos/enos-scenario-agent.hcl index c469344c6..0fdf497e8 100644 --- a/enos/enos-scenario-agent.hcl +++ b/enos/enos-scenario-agent.hcl @@ -45,11 +45,6 @@ scenario "agent" { vault_tag_key = "Type" // enos_vault_start expects Type as the tag key } - step "get_local_metadata" { - skip_step = matrix.artifact_source != "local" - module = module.get_local_metadata - } - step "build_vault" { module = "build_${matrix.artifact_source}" diff --git a/enos/enos-scenario-ui.hcl b/enos/enos-scenario-ui.hcl index 7cbaba2a1..2a7847135 100644 --- a/enos/enos-scenario-ui.hcl +++ b/enos/enos-scenario-ui.hcl @@ -42,10 +42,6 @@ scenario "ui" { ui_test_filter = var.ui_test_filter != null && try(trimspace(var.ui_test_filter), "") != "" ? var.ui_test_filter : (matrix.edition == "oss") ? "!enterprise" : null } - step "get_local_metadata" { - module = module.get_local_metadata - } - step "build_vault" { module = module.build_local diff --git a/enos/modules/build_local/main.tf b/enos/modules/build_local/main.tf index a8d295a34..9b1686307 100644 --- a/enos/modules/build_local/main.tf +++ b/enos/modules/build_local/main.tf @@ -35,35 +35,29 @@ variable "artifactory_host" { default = null } variable "artifactory_repo" { default = null } variable "artifactory_username" { default = null } variable "artifactory_token" { default = null } -variable "arch" { - default = null -} -variable "artifact_path" { - default = null -} -variable "artifact_type" { - default = null -} -variable "distro" { - default = null -} -variable "edition" { - default = null -} -variable "revision" { - default = null -} -variable "product_version" { - default = null +variable "arch" { default = null } +variable "artifact_path" { default = null } +variable "artifact_type" { default = null } +variable "distro" { default = null } +variable "edition" { default = null } +variable "revision" { default = null } +variable "product_version" { default = null } + +module "local_metadata" { + source = "../get_local_metadata" } resource "enos_local_exec" "build" { scripts = [abspath("${path.module}/scripts/build.sh")] environment = { - BUNDLE_PATH = var.bundle_path, - GO_TAGS = join(" ", var.build_tags) - GOARCH = var.goarch - GOOS = var.goos + BASE_VERSION = module.local_metadata.version_base + BIN_PATH = "dist" + BUNDLE_PATH = var.bundle_path, + GO_TAGS = join(" ", var.build_tags) + GOARCH = var.goarch + GOOS = var.goos + PRERELEASE_VERSION = module.local_metadata.version_pre + VERSION_METADATA = module.local_metadata.version_meta } } diff --git a/enos/modules/build_local/scripts/build.sh b/enos/modules/build_local/scripts/build.sh index 64f1bbd8d..26bf9c1e3 100755 --- a/enos/modules/build_local/scripts/build.sh +++ b/enos/modules/build_local/scripts/build.sh @@ -11,5 +11,11 @@ export CGO_ENABLED=0 root_dir="$(git rev-parse --show-toplevel)" pushd "$root_dir" > /dev/null -make ci-build-ui ci-build ci-bundle +make ci-build-ui ci-build + +: "${BIN_PATH:="dist"}" +: "${BUNDLE_PATH:=$(git rev-parse --show-toplevel)/vault.zip}" +echo "--> Bundling $BIN_PATH/* to $BUNDLE_PATH" +zip -r -j "$BUNDLE_PATH" "$BIN_PATH/" + popd > /dev/null diff --git a/enos/modules/get_local_metadata/main.tf b/enos/modules/get_local_metadata/main.tf index 1c5dc84be..aec176ce6 100644 --- a/enos/modules/get_local_metadata/main.tf +++ b/enos/modules/get_local_metadata/main.tf @@ -13,22 +13,46 @@ resource "enos_local_exec" "get_build_date" { scripts = [abspath("${path.module}/scripts/build_date.sh")] } +resource "enos_local_exec" "get_revision" { + inline = ["git rev-parse HEAD"] +} + +resource "enos_local_exec" "get_version" { + inline = ["${abspath("${path.module}/scripts/version.sh")} version"] +} + +resource "enos_local_exec" "get_version_base" { + inline = ["${abspath("${path.module}/scripts/version.sh")} version-base"] +} + +resource "enos_local_exec" "get_version_pre" { + inline = ["${abspath("${path.module}/scripts/version.sh")} version-pre"] +} + +resource "enos_local_exec" "get_version_meta" { + inline = ["${abspath("${path.module}/scripts/version.sh")} version-meta"] +} + output "build_date" { value = trimspace(enos_local_exec.get_build_date.stdout) } -resource "enos_local_exec" "get_version" { - scripts = [abspath("${path.module}/scripts/version.sh")] +output "revision" { + value = trimspace(enos_local_exec.get_revision.stdout) } output "version" { value = trimspace(enos_local_exec.get_version.stdout) } -resource "enos_local_exec" "get_revision" { - inline = ["git rev-parse HEAD"] +output "version_base" { + value = trimspace(enos_local_exec.get_version_base.stdout) } -output "revision" { - value = trimspace(enos_local_exec.get_revision.stdout) +output "version_pre" { + value = trimspace(enos_local_exec.get_version_pre.stdout) +} + +output "version_meta" { + value = trimspace(enos_local_exec.get_version_meta.stdout) } diff --git a/enos/modules/get_local_metadata/scripts/version.sh b/enos/modules/get_local_metadata/scripts/version.sh index 74a561f11..80022c850 100755 --- a/enos/modules/get_local_metadata/scripts/version.sh +++ b/enos/modules/get_local_metadata/scripts/version.sh @@ -2,8 +2,96 @@ # Copyright (c) HashiCorp, Inc. # SPDX-License-Identifier: MPL-2.0 -set -eu -o pipefail +set -euo pipefail -pushd "$(git rev-parse --show-toplevel)" > /dev/null -make ci-get-version -popd > /dev/null +# Get the full version information +# this is only needed for local enos builds in order to get the default version from version_base.go +# this should match the default version that the binary has been built with +# CRT release builds use the new static version from ./release/VERSION +function version() { + local version + local prerelease + local metadata + + version=$(version_base) + prerelease=$(version_pre) + metadata=$(version_metadata) + + if [ -n "$metadata" ] && [ -n "$prerelease" ]; then + echo "$version-$prerelease+$metadata" + elif [ -n "$metadata" ]; then + echo "$version+$metadata" + elif [ -n "$prerelease" ]; then + echo "$version-$prerelease" + else + echo "$version" + fi +} + +# Get the base version +function version_base() { + : "${VAULT_VERSION:=""}" + + if [ -n "$VAULT_VERSION" ]; then + echo "$VAULT_VERSION" + return + fi + + : "${VERSION_FILE:=$(repo_root)/version/VERSION}" + awk -F- '{ print $1 }' < "$VERSION_FILE" +} + +# Get the version pre-release +function version_pre() { + : "${VAULT_PRERELEASE:=""}" + + if [ -n "$VAULT_PRERELEASE" ]; then + echo "$VAULT_PRERELEASE" + return + fi + + : "${VERSION_FILE:=$(repo_root)/version/VERSION}" + awk -F- '{ print $2 }' < "$VERSION_FILE" +} + +# Get the version metadata, which is commonly the edition +function version_metadata() { + : "${VAULT_METADATA:=""}" + + if [ -n "$VAULT_METADATA" ]; then + echo "$VAULT_METADATA" + return + fi + + : "${VERSION_FILE:=$(repo_root)/version/version_base.go}" + awk '$1 == "VersionMetadata" && $2 == "=" { gsub(/"/, "", $3); print $3 }' < "$VERSION_FILE" +} + +# Determine the root directory of the repository +function repo_root() { + git rev-parse --show-toplevel +} + +# Run Enos local +function main() { + case $1 in + version) + version + ;; + version-base) + version_base + ;; + version-pre) + version_pre + ;; + version-meta) + version_metadata + ;; + *) + echo "unknown sub-command" >&2 + exit 1 + ;; + esac +} + +main "$@" diff --git a/enos/modules/vault_verify_version/templates/verify-cluster-version.sh b/enos/modules/vault_verify_version/templates/verify-cluster-version.sh index ba5df7488..3d34f3c93 100644 --- a/enos/modules/vault_verify_version/templates/verify-cluster-version.sh +++ b/enos/modules/vault_verify_version/templates/verify-cluster-version.sh @@ -23,12 +23,7 @@ test -x "$binpath" || fail "unable to locate vault binary at $binpath" export VAULT_ADDR='http://127.0.0.1:8200' export VAULT_TOKEN='${vault_token}' -# Build date was added in 1.11 -if [[ "$(echo "$version" |awk -F'.' '{print $2}')" -ge 11 ]]; then - version_expected="Vault v$version ($sha), built $build_date" -else - version_expected="Vault v$version ($sha)" -fi +version_expected="Vault v$version ($sha), built $build_date" case "$edition" in *oss) ;; diff --git a/scripts/ci-helper.sh b/scripts/ci-helper.sh index 4e33a8e8a..96bc71e5b 100755 --- a/scripts/ci-helper.sh +++ b/scripts/ci-helper.sh @@ -11,86 +11,6 @@ set -euo pipefail # We don't want to get stuck in some kind of interactive pager export GIT_PAGER=cat -# Get the full version information -function version() { - local version - local prerelease - local metadata - - version=$(version_base) - prerelease=$(version_pre) - metadata=$(version_metadata) - - if [ -n "$metadata" ] && [ -n "$prerelease" ]; then - echo "$version-$prerelease+$metadata" - elif [ -n "$metadata" ]; then - echo "$version+$metadata" - elif [ -n "$prerelease" ]; then - echo "$version-$prerelease" - else - echo "$version" - fi -} - -# Get the base version -function version_base() { - : "${VAULT_VERSION:=""}" - - if [ -n "$VAULT_VERSION" ]; then - echo "$VAULT_VERSION" - return - fi - - : "${VERSION_FILE:=$(repo_root)/version/version_base.go}" - awk '$1 == "Version" && $2 == "=" { gsub(/"/, "", $3); print $3 }' < "$VERSION_FILE" -} - -# Get the version major -function version_major() { - version_base | cut -d '.' -f 1 -} - -# Get the version minor -function version_minor() { - version_base | cut -d '.' -f 2 -} - -# Get the version patch -function version_patch() { - version_base | cut -d '.' -f 3 -} - -# Get the version pre-release -function version_pre() { - : "${VAULT_PRERELEASE:=""}" - - if [ -n "$VAULT_PRERELEASE" ]; then - echo "$VAULT_PRERELEASE" - return - fi - - : "${VERSION_FILE:=$(repo_root)/version/version_base.go}" - awk '$1 == "VersionPrerelease" && $2 == "=" { gsub(/"/, "", $3); print $3 }' < "$VERSION_FILE" -} - -# Get the version metadata, which is commonly the edition -function version_metadata() { - : "${VAULT_METADATA:=""}" - - if [[ (-n "$VAULT_METADATA") && ("$VAULT_METADATA" != "oss") ]]; then - echo "$VAULT_METADATA" - return - fi - - : "${VERSION_FILE:=$(repo_root)/version/version_base.go}" - awk '$1 == "VersionMetadata" && $2 == "=" { gsub(/"/, "", $3); print $3 }' < "$VERSION_FILE" -} - -# Get the version formatted for Debian and RHEL packages -function version_package() { - version | awk '{ gsub("-","~",$1); print $1 }' -} - # Get the build date from the latest commit since it can be used across all # builds function build_date() { @@ -109,18 +29,31 @@ function repo() { basename -s .git "$(git config --get remote.origin.url)" } -# Determine the root directory of the repository -function repo_root() { - git rev-parse --show-toplevel -} - # Determine the artifact basename based on metadata function artifact_basename() { : "${PKG_NAME:="vault"}" : "${GOOS:=$(go env GOOS)}" : "${GOARCH:=$(go env GOARCH)}" - echo "${PKG_NAME}_$(version)_${GOOS}_${GOARCH}" + : "${VERSION:=""}" + if [ -z "$VERSION" ]; then + echo "You must specify the VERSION variable for this command" >&2 + exit 1 + fi + + echo "${PKG_NAME}_${VERSION}_${GOOS}_${GOARCH}" +} + +# Bundle the dist directory into a zip +function bundle() { + : "${BUNDLE_PATH:=$(repo_root)/vault.zip}" + echo "--> Bundling dist/* to $BUNDLE_PATH" + zip -r -j "$BUNDLE_PATH" dist/ +} + +# Determine the root directory of the repository +function repo_root() { + git rev-parse --show-toplevel } # Build the UI @@ -140,24 +73,20 @@ function build_ui() { # Build Vault function build() { - local version local revision - local prerelease local build_date local ldflags local msg # Get or set our basic build metadata - version=$(version_base) revision=$(build_revision) - metadata=$(version_metadata) - prerelease=$(version_pre) - build_date=$(build_date) + build_date=$(build_date) # + : "${BIN_PATH:="dist/"}" #if not run by actions-go-build (enos local) then set this explicitly : "${GO_TAGS:=""}" : "${REMOVE_SYMBOLS:=""}" # Build our ldflags - msg="--> Building Vault v$version, revision $revision, built $build_date" + msg="--> Building Vault revision $revision, built $build_date" # Keep the symbol and dwarf information by default if [ -n "$REMOVE_SYMBOLS" ]; then @@ -166,16 +95,11 @@ function build() { ldflags="" fi - ldflags="${ldflags}-X github.com/hashicorp/vault/version.Version=$version -X github.com/hashicorp/vault/version.GitCommit=$revision -X github.com/hashicorp/vault/version.BuildDate=$build_date" + ldflags="${ldflags} -X github.com/hashicorp/vault/version.GitCommit=$revision -X github.com/hashicorp/vault/version.BuildDate=$build_date" - if [ -n "$prerelease" ]; then - msg="${msg}, prerelease ${prerelease}" - ldflags="${ldflags} -X github.com/hashicorp/vault/version.VersionPrerelease=$prerelease" - fi - - if [ -n "$metadata" ]; then - msg="${msg}, metadata ${metadata}" - ldflags="${ldflags} -X github.com/hashicorp/vault/version.VersionMetadata=$metadata" + if [[ ${VERSION_METADATA+x} ]]; then + msg="${msg}, metadata ${VERSION_METADATA}" + ldflags="${ldflags} -X github.com/hashicorp/vault/version.VersionMetadata=$VERSION_METADATA" fi # Build vault @@ -189,13 +113,6 @@ function build() { popd } -# Bundle the dist directory into a zip -function bundle() { - : "${BUNDLE_PATH:=$(repo_root)/vault.zip}" - echo "--> Bundling dist/* to $BUNDLE_PATH" - zip -r -j "$BUNDLE_PATH" dist/ -} - # Prepare legal requirements for packaging function prepare_legal() { : "${PKG_NAME:="vault"}" @@ -235,6 +152,12 @@ function matrix_filter_file() { exit 1 fi + : "${VAULT_MINOR_VERSION:=""}" + if [ -z "$VAULT_MINOR_VERSION" ]; then + echo "You must specify the VAULT_MINOR_VERSION variable for this command" >&2 + exit 1 + fi + : "${MATRIX_TEST_GROUP:=$(matrix_group_id)}" local path @@ -243,8 +166,8 @@ function matrix_filter_file() { matrix=$(cat "$path" | jq ".include | map(. | select( - ((.min_minor_version == null) or (.min_minor_version <= $(version_minor))) and - ((.max_minor_version == null) or (.max_minor_version >= $(version_minor))) and + ((.min_minor_version == null) or (.min_minor_version <= $VAULT_MINOR_VERSION)) and + ((.max_minor_version == null) or (.max_minor_version >= $VAULT_MINOR_VERSION)) and ((.test_group == null) or (.test_group == $MATRIX_TEST_GROUP)) ) )" @@ -283,30 +206,9 @@ function main() { revision) build_revision ;; - version) - version - ;; - version-base) - version_base - ;; - version-pre) - version_pre - ;; - version-major) - version_major - ;; - version-meta) - version_metadata - ;; - version-minor) - version_minor - ;; version-package) version_package ;; - version-patch) - version_patch - ;; *) echo "unknown sub-command" >&2 exit 1 diff --git a/version/VERSION b/version/VERSION new file mode 100644 index 000000000..4ea8ad87e --- /dev/null +++ b/version/VERSION @@ -0,0 +1 @@ +1.14.3 diff --git a/version/version_base.go b/version/version_base.go index e67af786a..b8130ecc4 100644 --- a/version/version_base.go +++ b/version/version_base.go @@ -3,6 +3,11 @@ package version +import ( + _ "embed" + "strings" +) + var ( // The git commit that was compiled. This will be filled in by the compiler. GitCommit string @@ -14,7 +19,10 @@ var ( // Whether cgo is enabled or not; set at build time CgoEnabled bool - Version = "1.14.3" - VersionPrerelease = "" - VersionMetadata = "" + // Version and VersionPrerelease info are now being embedded directly from the VERSION file. + // VersionMetadata is being passed in via ldflags in CI, otherwise the default set here is used. + //go:embed VERSION + fullVersion string + Version, VersionPrerelease, _ = strings.Cut(strings.TrimSpace(fullVersion), "-") + VersionMetadata = "" )