From da370b54c101d23a2823ff744ede9b2a9894ace8 Mon Sep 17 00:00:00 2001 From: Kai Lueke Date: Mon, 11 Jul 2022 16:35:49 +0200 Subject: [PATCH] ci-automation: Show changes by finding the previous channel The image comparison was done against the old release in the channel we release to instead of the previous release with the same major version. This means when a channel transition happens we see a large diff instead of the diff against the previous release. While not bad for finding problems, this is normally not needed. However, we want to have two changelogs generated, one against the old release in the channel we relese to and one against the previous release with the same major version when a transition happens. There was no changelog printing yet, and this is added now. --- ci-automation/image.sh | 52 ++++++++++++++++++++++++++------ ci-automation/python-bin/python3 | 6 ++++ 2 files changed, 48 insertions(+), 10 deletions(-) create mode 100755 ci-automation/python-bin/python3 diff --git a/ci-automation/image.sh b/ci-automation/image.sh index e1d796b093..662d57c399 100644 --- a/ci-automation/image.sh +++ b/ci-automation/image.sh @@ -115,33 +115,65 @@ function _image_build_impl() { echo "===================================================================" export BOARD_A="${arch}-usr" export FROM_A="release" - export VERSION_A="current" if [ "${channel}" = "developer" ]; then - export CHANNEL_A="alpha" + NEW_CHANNEL="alpha" else - export CHANNEL_A="${channel}" + NEW_CHANNEL="${channel}" fi + NEW_CHANNEL_VERSION_A=$(curl -fsSL --retry-delay 1 --retry 60 --retry-connrefused --retry-max-time 60 --connect-timeout 20 "https://${NEW_CHANNEL}.release.flatcar-linux.net/${BOARD_A}/current/version.txt" | grep -m 1 FLATCAR_VERSION= | cut -d = -f 2) + MAJOR_A=$(echo "${NEW_CHANNEL_VERSION_A}" | cut -d . -f 1) + MAJOR_B=$(echo "${FLATCAR_VERSION}" | cut -d . -f 1) + # When the major version for the new channel is different, a transition has happened and we can find the previous release in the old channel + if [ "${MAJOR_A}" != "${MAJOR_B}" ]; then + case "${NEW_CHANNEL}" in + lts) + CHANNEL_A=stable + ;; + stable) + CHANNEL_A=beta + ;; + *) + CHANNEL_A=alpha + ;; + esac + VERSION_A=$(curl -fsSL --retry-delay 1 --retry 60 --retry-connrefused --retry-max-time 60 --connect-timeout 20 "https://${CHANNEL_A}.release.flatcar-linux.net/${BOARD_A}/current/version.txt" | grep -m 1 FLATCAR_VERSION= | cut -d = -f 2) + else + CHANNEL_A="${NEW_CHANNEL}" + VERSION_A="${NEW_CHANNEL_VERSION_A}" + fi + export VERSION_A + export CHANNEL_A export FROM_B="file://${PWD}/images/latest" # Use the directory directly (and BOARD_B and CHANNEL_B are unused) export VERSION_B="." echo "== Image differences compared to ${CHANNEL_A} ${VERSION_A} ==" - rm -f package-diff - curl -fsSLO --retry-delay 1 --retry 60 --retry-connrefused --retry-max-time 60 --connect-timeout 20 "https://raw.githubusercontent.com/flatcar-linux/flatcar-build-scripts/master/package-diff" - chmod +x package-diff + NEW_VERSION=$(git tag --points-at HEAD) + cd .. + rm -rf flatcar-build-scripts + git clone "https://github.com/flatcar-linux/flatcar-build-scripts" echo "Package updates, compared to ${CHANNEL_A} ${VERSION_A}:" - FILE=flatcar_production_image_packages.txt ./package-diff "${VERSION_A}" "${VERSION_B}" + FILE=flatcar_production_image_packages.txt flatcar-build-scripts/package-diff "${VERSION_A}" "${VERSION_B}" echo echo "Image file changes, compared to ${CHANNEL_A} ${VERSION_A}:" - FILE=flatcar_production_image_contents.txt FILESONLY=1 CUTKERNEL=1 ./package-diff "${VERSION_A}" "${VERSION_B}" + FILE=flatcar_production_image_contents.txt FILESONLY=1 CUTKERNEL=1 flatcar-build-scripts/package-diff "${VERSION_A}" "${VERSION_B}" echo echo "Image kernel config changes, compared to ${CHANNEL_A} ${VERSION_A}:" - FILE=flatcar_production_image_kernel_config.txt ./package-diff "${VERSION_A}" "${VERSION_B}" + FILE=flatcar_production_image_kernel_config.txt flatcar-build-scripts/package-diff "${VERSION_A}" "${VERSION_B}" echo echo "Image file size change (includes /boot, /usr and the default rootfs partitions), compared to ${CHANNEL_A} ${VERSION_A}:" - FILE=flatcar_production_image_contents.txt CALCSIZE=1 ./package-diff "${VERSION_A}" "${VERSION_B}" + FILE=flatcar_production_image_contents.txt CALCSIZE=1 flatcar-build-scripts/package-diff "${VERSION_A}" "${VERSION_B}" echo BASE_URL="http://${BUILDCACHE_SERVER}/images/${arch}/${vernum}" echo "Image URL: ${BASE_URL}/flatcar_production_image.bin.bz2" + echo + # Provide a python3 command for the CVE DB parsing + export PATH="$PATH:$PWD/scripts/ci-automation/python-bin" + # The first changelog we print is always against the previous version of the new channel (is only same as CHANNEL_A VERSION_A without a transition) + flatcar-build-scripts/show-changes "${NEW_CHANNEL}-${NEW_CHANNEL_VERSION_A}" "${NEW_VERSION}" + # See if a channel transition happened and print the changelog against CHANNEL_A VERSION_A which is the previous release + if [ "${CHANNEL_A}" != "${NEW_CHANNEL}" ]; then + flatcar-build-scripts/show-changes "${CHANNEL_A}-${VERSION_A}" "${NEW_VERSION}" + fi ) } # -- diff --git a/ci-automation/python-bin/python3 b/ci-automation/python-bin/python3 new file mode 100755 index 0000000000..ccc29501dc --- /dev/null +++ b/ci-automation/python-bin/python3 @@ -0,0 +1,6 @@ +#!/bin/sh +# Expects to be invoked as interpreter through a shebang +FOLDER="$(dirname "$(readlink -f "$1")")" +docker pull docker.io/python:alpine 2>/dev/null >/dev/null +# Map the current and the script folder, install the pip package needed for flatcar-build-scripts/show-fixed-kernel-cves.py +exec docker run --rm -i -v "${FOLDER}:${FOLDER}" -v "${PWD}:${PWD}" -w "${PWD}" docker.io/python:alpine sh -c "pip install packaging 2>/dev/null >/dev/null; python3 $*"