HBASE-25354 Update create-release scripts; rotted

README
 Add note on ssh-agent.

dev-support/create-release/do-release.sh
 move gpg check to non-docker context. Also cleanup tmp files when done.

dev-support/create-release/hbase-rm/Dockerfile
dev-support/create-release/mac-sshd-gpg-agent/Dockerfile
 Hack to update packages... the old ones  no longer available.

dev-support/create-release/release-util.sh
 Allow that there are no JIRA changes in a release. Good for testing.
This commit is contained in:
stack 2020-12-04 08:49:56 -08:00
parent 8634428724
commit b26395f3bb
6 changed files with 57 additions and 28 deletions

View File

@ -9,19 +9,21 @@ To run a build w/o invoking docker (not recommended!), use _do_release.sh_.
Both scripts will query interactively for needed parameters and passphrases. Both scripts will query interactively for needed parameters and passphrases.
For explanation of the parameters, execute: For explanation of the parameters, execute:
$ release-build.sh --help $ release-build.sh --help
Before starting the RC build, run a reconciliation of what is in Before starting the RC build, run a reconciliation of what is in JIRA with
JIRA with what is in the commit log. Make sure they align and that what is in the commit log. Make sure they align and that anomalies are
anomalies are explained up in JIRA. explained up in JIRA.
See http://hbase.apache.org/book.html#maven.release See http://hbase.apache.org/book.html#maven.release
Regardless of where your release build will run (locally, locally in docker, on a remote machine, Regardless of where your release build will run (locally, locally in docker,
etc) you will need a local gpg-agent with access to your secret keys. A quick way to tell gpg on a remote machine, etc) you will need a local gpg-agent with access to your
to clear out state and start a gpg-agent is via the following command phrase: secret keys. A quick way to tell gpg to clear out state and start a gpg-agent
is via the following command phrase:
$ gpgconf --kill all && gpg-connect-agent /bye $ gpgconf --kill all && gpg-connect-agent /bye
Before starting an RC build, make sure your local gpg-agent has configs Before starting an RC build, make sure your local gpg-agent has configs
to properly handle your credentials, especially if you want to avoid to properly handle your credentials, especially if you want to avoid
@ -33,6 +35,8 @@ on caching the unlocked secret via ~/.gnupg/gpg-agent.conf
default-cache-ttl 86400 default-cache-ttl 86400
max-cache-ttl 86400 max-cache-ttl 86400
Similarly, run ssh-agent with your ssh key added if building with docker.
Running a build on GCE is easy enough. Here are some notes if of use. Running a build on GCE is easy enough. Here are some notes if of use.
Create an instance. 4CPU/15G/10G disk seems to work well enough. Create an instance. 4CPU/15G/10G disk seems to work well enough.
Once up, run the below to make your machine fit for RC building: Once up, run the below to make your machine fit for RC building:

View File

@ -302,7 +302,7 @@ if [ "${HOST_OS}" == "DARWIN" ]; then
> "${WORKDIR}/gpg-agent-proxy.known_hosts" > "${WORKDIR}/gpg-agent-proxy.known_hosts"
if [ -s "${WORKDIR}/gpg-agent-proxy.known_hosts" ]; then if [ -s "${WORKDIR}/gpg-agent-proxy.known_hosts" ]; then
echo "Your ssh known_hosts does not include the entries for the gpg-agent proxy container." echo "Your ssh known_hosts does not include the entries for the gpg-agent proxy container."
echo "The following entry(ies) arre missing:" echo "The following entry(ies) are missing:"
sed -e 's/^/ /' "${WORKDIR}/gpg-agent-proxy.known_hosts" sed -e 's/^/ /' "${WORKDIR}/gpg-agent-proxy.known_hosts"
read -r -p "Okay to add these entries to ${HOME}/.ssh/known_hosts? [y/n] " ANSWER read -r -p "Okay to add these entries to ${HOME}/.ssh/known_hosts? [y/n] " ANSWER
if [ "$ANSWER" != "y" ]; then if [ "$ANSWER" != "y" ]; then

View File

@ -17,6 +17,10 @@
# limitations under the License. # limitations under the License.
# #
# Make a tmp dir into which we put files cleaned-up on exit.
TMPDIR=$(mktemp -d)
trap "rm -rf $TMPDIR" EXIT
set -e set -e
# Use the adjacent do-release-docker.sh instead, if you can. # Use the adjacent do-release-docker.sh instead, if you can.
# Otherwise, this runs core of the release creation. # Otherwise, this runs core of the release creation.
@ -84,19 +88,22 @@ if [ "$RUNNING_IN_DOCKER" = "1" ]; then
else else
# Outside docker, need to ask for information about the release. # Outside docker, need to ask for information about the release.
get_release_info get_release_info
# Run this stuff when not in docker to check gpg.
gpg_test_file="${TMPDIR}/gpg_test.$$.txt"
echo "Testing gpg signing ${GPG} ${GPG_ARGS[@]} --detach --armor --sign ${gpg_test_file}"
echo "foo" > "${gpg_test_file}"
if ! "${GPG}" "${GPG_ARGS[@]}" --detach --armor --sign "${gpg_test_file}" ; then
gpg_agent_help
fi
# In --batch mode we have to be explicit about what we are verifying
if ! "${GPG}" "${GPG_ARGS[@]}" --verify "${gpg_test_file}.asc" "${gpg_test_file}" ; then
gpg_agent_help
fi
fi fi
GPG_TTY="$(tty)" GPG_TTY="$(tty)"
export GPG_TTY export GPG_TTY
echo "Testing gpg signing."
echo "foo" > gpg_test.txt
if ! "${GPG}" "${GPG_ARGS[@]}" --detach --armor --sign gpg_test.txt ; then
gpg_agent_help
fi
# In --batch mode we have to be explicit about what we are verifying
if ! "${GPG}" "${GPG_ARGS[@]}" --verify gpg_test.txt.asc gpg_test.txt ; then
gpg_agent_help
fi
if [[ -z "$RELEASE_STEP" ]]; then if [[ -z "$RELEASE_STEP" ]]; then
# If doing all stages, leave out 'publish-snapshot' # If doing all stages, leave out 'publish-snapshot'

View File

@ -34,7 +34,7 @@ RUN DEBIAN_FRONTEND=noninteractive apt-get -qq -y update \
libxml2-dev='2.9.4+dfsg1-*' \ libxml2-dev='2.9.4+dfsg1-*' \
lsof='4.89+dfsg-*' \ lsof='4.89+dfsg-*' \
maven='3.6.0-*' \ maven='3.6.0-*' \
openjdk-8-jdk='8u252-b09-*' \ openjdk-8-jdk='8u*' \
python-pip='9.0.1-*' \ python-pip='9.0.1-*' \
subversion='1.9.7-*' \ subversion='1.9.7-*' \
wget='1.19.4-*' \ wget='1.19.4-*' \

View File

@ -83,7 +83,7 @@ FROM ubuntu:18.04
# into the container rather than launching a new docker container. # into the container rather than launching a new docker container.
RUN DEBIAN_FRONTEND=noninteractive apt-get -qq -y update \ RUN DEBIAN_FRONTEND=noninteractive apt-get -qq -y update \
&& DEBIAN_FRONTEND=noninteractive apt-get -qq -y install --no-install-recommends \ && DEBIAN_FRONTEND=noninteractive apt-get -qq -y install --no-install-recommends \
openssh-server=1:7.6p1-4ubuntu0.3 gnupg2=2.2.4-1ubuntu1.2 && mkdir /run/sshd \ openssh-server=1:7.6p1-4ubuntu0.3 gnupg2=2.2.4-1ubuntu1.3 && mkdir /run/sshd \
&& echo "StreamLocalBindUnlink yes" >> /etc/ssh/sshd_config \ && echo "StreamLocalBindUnlink yes" >> /etc/ssh/sshd_config \
&& apt-get clean \ && apt-get clean \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*

View File

@ -501,10 +501,17 @@ function update_releasenotes {
local jira_project local jira_project
local timing_token local timing_token
timing_token="$(start_step)" timing_token="$(start_step)"
changelog="CHANGELOG.${jira_fix_version}.md"
releasenotes="RELEASENOTES.${jira_fix_version}.md"
if [ -f ${changelog} ]; then
rm ${changelog}
fi
if [ -f ${releasenotes} ]; then
rm ${releasenotes}
fi
jira_project="$(get_jira_name "$(basename "$project_dir")")" jira_project="$(get_jira_name "$(basename "$project_dir")")"
"${YETUS_HOME}/bin/releasedocmaker" -p "${jira_project}" --fileversions -v "${jira_fix_version}" \ "${YETUS_HOME}/bin/releasedocmaker" -p "${jira_project}" --fileversions -v "${jira_fix_version}" \
-l --sortorder=newer --skip-credits -l --sortorder=newer --skip-credits || true
pwd
# First clear out the changes written by previous RCs. # First clear out the changes written by previous RCs.
if [ -f "${project_dir}/CHANGES.md" ]; then if [ -f "${project_dir}/CHANGES.md" ]; then
sed -i -e \ sed -i -e \
@ -517,24 +524,35 @@ function update_releasenotes {
"${project_dir}/RELEASENOTES.md" || true "${project_dir}/RELEASENOTES.md" || true
fi fi
# Yetus will not generate CHANGES if no JIRAs fixed against the release version
# (Could happen if a release were bungled such that we had to make a new one
# without changes)
if [ ! -f "${changelog}" ]; then
echo -e "## Release ${jira_fix_version} - Unreleased (as of `date`)\nNo changes\n" > "${changelog}"
fi
if [ ! -f "${releasenotes}" ]; then
echo -e "# hbase ${jira_fix_version} Release Notes\nNo changes\n" > "${releasenotes}"
fi
# The releasedocmaker call above generates RELEASENOTES.X.X.X.md and CHANGELOG.X.X.X.md. # The releasedocmaker call above generates RELEASENOTES.X.X.X.md and CHANGELOG.X.X.X.md.
if [ -f "${project_dir}/CHANGES.md" ]; then if [ -f "${project_dir}/CHANGES.md" ]; then
# To insert into project's CHANGES.md...need to cut the top off the # To insert into project's CHANGES.md...need to cut the top off the
# CHANGELOG.X.X.X.md file removing license and first line and then # CHANGELOG.X.X.X.md file removing license and first line and then
# insert it after the license comment closing where we have a # insert it after the license comment closing where we have a
# DO NOT REMOVE marker text! # DO NOT REMOVE marker text!
sed -i -e '/## Release/,$!d' "CHANGELOG.${jira_fix_version}.md" sed -i -e '/## Release/,$!d' "${changelog}"
sed -i -e "/DO NOT REMOVE/r CHANGELOG.${jira_fix_version}.md" "${project_dir}/CHANGES.md" sed -i -e '2,${/^# HBASE Changelog/d;}' "${project_dir}/CHANGES.md"
sed -i -e "/DO NOT REMOVE/r ${changelog}" "${project_dir}/CHANGES.md"
else else
mv "CHANGELOG.${jira_fix_version}.md" "${project_dir}/CHANGES.md" mv "${changelog}" "${project_dir}/CHANGES.md"
fi fi
if [ -f "${project_dir}/RELEASENOTES.md" ]; then if [ -f "${project_dir}/RELEASENOTES.md" ]; then
# Similar for RELEASENOTES but slightly different. # Similar for RELEASENOTES but slightly different.
sed -i -e '/Release Notes/,$!d' "RELEASENOTES.${jira_fix_version}.md" sed -i -e '/Release Notes/,$!d' "${releasenotes}"
sed -i -e "/DO NOT REMOVE/r RELEASENOTES.${jira_fix_version}.md" \ sed -i -e '2,${/^# RELEASENOTES/d;}' "${project_dir}/RELEASENOTES.md"
"${project_dir}/RELEASENOTES.md" sed -i -e "/DO NOT REMOVE/r ${releasenotes}" "${project_dir}/RELEASENOTES.md"
else else
mv "RELEASENOTES.${jira_fix_version}.md" "${project_dir}/RELEASENOTES.md" mv "${releasenotes}" "${project_dir}/RELEASENOTES.md"
fi fi
stop_step "${timing_token}" stop_step "${timing_token}"
} }