From 759309f8dd567857626953ee8f64d3258e915635 Mon Sep 17 00:00:00 2001 From: Noah Beard Date: Fri, 14 Oct 2022 14:44:38 -0400 Subject: [PATCH 01/17] Initial commit for new CD workflow --- .github/workflows/release.yml | 32 +++++++++ VERSION | 1 + codebuild/new_cd/pip-install-with-retry.py | 39 +++++++++++ codebuild/new_cd/publish-to-prod-pypi.yml | 29 ++++++++ codebuild/new_cd/publish-to-test-pypi.yml | 28 ++++++++ codebuild/new_cd/test-prod-pypi.yml | 33 +++++++++ codebuild/new_cd/test-test-pypi.yml | 34 ++++++++++ codebuild/new_cd/test-version-exists.sh | 40 +++++++++++ codebuild/new_cd/test-version-exists.yml | 16 +++++ update-version.sh | 78 ++++++++++++++++++++++ 10 files changed, 330 insertions(+) create mode 100644 .github/workflows/release.yml create mode 100644 VERSION create mode 100644 codebuild/new_cd/pip-install-with-retry.py create mode 100644 codebuild/new_cd/publish-to-prod-pypi.yml create mode 100644 codebuild/new_cd/publish-to-test-pypi.yml create mode 100644 codebuild/new_cd/test-prod-pypi.yml create mode 100644 codebuild/new_cd/test-test-pypi.yml create mode 100644 codebuild/new_cd/test-version-exists.sh create mode 100644 codebuild/new_cd/test-version-exists.yml create mode 100644 update-version.sh diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000..b22cc0ed --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,32 @@ +name: Release + +on: + release: + types: [created] + +jobs: + update-version: + runs-on: ubuntu-20.04 # latest + permissions: + contents: write # allow push + + steps: + - name: Checkout Sources + uses: actions/checkout@v2 + with: + fetch-depth: 0 + + - name: Update Version + run: ./update-version.sh ${{ secrets.GITHUB_TOKEN }} ${{ secrets.TAG_PR_TOKEN }} + + - name: configure AWS credentials (Release) + uses: aws-actions/configure-aws-credentials@v1 + with: + role-to-assume: ${{ secrets.AWS_CI_RELEASE_ROLE }} + aws-region: us-east-1 + + - name: Trigger Release + run: | + zip VERSION.zip VERSION + export S3_URL=$(aws secretsmanager get-secret-value --secret-id ci/python_v2_version --query "SecretString" | cut -f2 -d\") + aws s3 cp VERSION.zip $S3_URL diff --git a/VERSION b/VERSION new file mode 100644 index 00000000..361ffc5b --- /dev/null +++ b/VERSION @@ -0,0 +1 @@ +1.11.9 diff --git a/codebuild/new_cd/pip-install-with-retry.py b/codebuild/new_cd/pip-install-with-retry.py new file mode 100644 index 00000000..347e0dca --- /dev/null +++ b/codebuild/new_cd/pip-install-with-retry.py @@ -0,0 +1,39 @@ +import time +import sys +import subprocess + +DOCS = """Given cmdline args, executes: python3 -m pip install [args...] +Keeps retrying until the new version becomes available in pypi (or we time out)""" +if len(sys.argv) < 2: + sys.exit(DOCS) + +RETRY_INTERVAL_SECS = 10 +GIVE_UP_AFTER_SECS = 60 * 15 + +pip_install_args = [sys.executable, '-m', 'pip', 'install'] + sys.argv[1:] + +start_time = time.time() +while True: + print(subprocess.list2cmdline(pip_install_args)) + result = subprocess.run(pip_install_args, stdout=subprocess.PIPE, stderr=subprocess.STDOUT) + + stdout = result.stdout.decode().strip() + if stdout: + print(stdout) + + if result.returncode == 0: + # success + sys.exit(0) + + if "could not find a version" in stdout.lower(): + elapsed_secs = time.time() - start_time + if elapsed_secs < GIVE_UP_AFTER_SECS: + # try again + print("Retrying in", RETRY_INTERVAL_SECS, "secs...") + time.sleep(RETRY_INTERVAL_SECS) + continue + else: + print("Giving up on retries after", int(elapsed_secs), "total secs.") + + # fail + sys.exit(result.returncode) diff --git a/codebuild/new_cd/publish-to-prod-pypi.yml b/codebuild/new_cd/publish-to-prod-pypi.yml new file mode 100644 index 00000000..685fd732 --- /dev/null +++ b/codebuild/new_cd/publish-to-prod-pypi.yml @@ -0,0 +1,29 @@ + +# Assumes are running using the Ubuntu 16.04:x64 image +# Runs fifth - Makes a release deployment to production PyPi repo. +version: 0.2 +phases: + install: + commands: + - sudo apt-get update -y + - sudo apt-get install python3 python3-pip -y + - export PATH=$PATH:$HOME/.local/bin + - python3 -m pip install --user --upgrade pip + - python3 -m pip install --user --upgrade twine setuptools wheel awscli PyOpenSSL six + pre_build: + commands: + - cd $CODEBUILD_SRC_DIR/aws-iot-device-sdk-python-v2 + - pypirc=$(aws secretsmanager get-secret-value --secret-id "cd/aws-sdk-python-v2-prod/.pypirc" --query "SecretString" | cut -f2 -d\") && echo "$pypirc" > ~/.pypirc + - export PKG_VERSION=$(cat VERSION) + - echo "Updating package version to ${PKG_VERSION}" + - sed --in-place -E "s/__version__ = '.+'/__version__ = '${PKG_VERSION}'/" awsiot/__init__.py + build: + commands: + - echo Build started on `date` + + # Skip actual release for now! + # - python3 setup.py sdist bdist_wheel + # - python3 -m twine upload -r pypi dist/* + post_build: + commands: + - echo Build completed on `date` diff --git a/codebuild/new_cd/publish-to-test-pypi.yml b/codebuild/new_cd/publish-to-test-pypi.yml new file mode 100644 index 00000000..93823eb6 --- /dev/null +++ b/codebuild/new_cd/publish-to-test-pypi.yml @@ -0,0 +1,28 @@ +# Assumes are running using the Ubuntu 16.04:x64 image +# Runs third - Makes a release deployment to test PyPi repo. +version: 0.2 +phases: + install: + commands: + - sudo apt-get update -y + - sudo apt-get install python3 python3-pip -y + - export PATH=$PATH:$HOME/.local/bin + - python3 -m pip install --user --upgrade pip + - python3 -m pip install --user --upgrade twine setuptools wheel awscli PyOpenSSL six + pre_build: + commands: + - cd $CODEBUILD_SRC_DIR/aws-iot-device-sdk-python-v2 + - pypirc=$(aws secretsmanager get-secret-value --secret-id "cd/aws-sdk-python-v2-test/.pypirc" --query "SecretString" | cut -f2 -d\") && echo "$pypirc" > ~/.pypirc + - export PKG_VERSION=$(cat VERSION) + - echo "Updating package version to ${PKG_VERSION}" + - sed --in-place -E "s/__version__ = '.+'/__version__ = '${PKG_VERSION}'/" awsiot/__init__.py + build: + commands: + - echo Build started on `date` + + # Skip actual release for now! + # - python3 setup.py sdist bdist_wheel + # - python3 -m twine upload -r testpypi dist/* + post_build: + commands: + - echo Build completed on `date` diff --git a/codebuild/new_cd/test-prod-pypi.yml b/codebuild/new_cd/test-prod-pypi.yml new file mode 100644 index 00000000..7abfcb7a --- /dev/null +++ b/codebuild/new_cd/test-prod-pypi.yml @@ -0,0 +1,33 @@ +# Assumes are running using the Ubuntu 16.04:x64 image +# Runs sixth - makes sure the release to test PyPi repository worked +version: 0.2 +phases: + install: + commands: + - sudo apt-get update -y + - sudo apt-get install python3 python3-pip -y + - python3 -m pip install --upgrade pip + - python3 -m pip install --upgrade setuptools + + pre_build: + commands: + # - curl https://www.amazontrust.com/repository/AmazonRootCA1.pem --output /tmp/AmazonRootCA1.pem + # - cert=$(aws secretsmanager get-secret-value --secret-id "unit-test/certificate" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo "$cert" > /tmp/certificate.pem + # - key=$(aws secretsmanager get-secret-value --secret-id "unit-test/privatekey" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo "$key" > /tmp/privatekey.pem + # - ENDPOINT=$(aws secretsmanager get-secret-value --secret-id "unit-test/endpoint" --query "SecretString" | cut -f2 -d":" | sed -e 's/[\\\"\}]//g') + build: + commands: + - echo Build started on `date` + - cd $CODEBUILD_SRC_DIR/aws-iot-device-sdk-python-v2 + + # TODO: Pipeline does not (currently) make a release, so we cannot test it... + # - CURRENT_TAG_VERSION=$(cat VERSION) + # - python3 continuous-delivery/pip-install-with-retry.py --no-cache-dir --user awsiotsdk==$CURRENT_TAG_VERSION + + # TODO run basic discovery sample? + # - python3 samples/basic_discovery.py --region us-east-1 --cert /tmp/certificate.pem --key /tmp/privatekey.pem --ca_file /tmp/AmazonRootCA1.pem --thing_name aws-sdk-crt-unit-test --print_discover_resp_only --verbosity Trace + + post_build: + commands: + - echo Build completed on `date` + diff --git a/codebuild/new_cd/test-test-pypi.yml b/codebuild/new_cd/test-test-pypi.yml new file mode 100644 index 00000000..8c084851 --- /dev/null +++ b/codebuild/new_cd/test-test-pypi.yml @@ -0,0 +1,34 @@ +# Assumes are running using the Ubuntu 16.04:x64 image +# Runs fourth - makes sure the release to test PyPi repository worked +version: 0.2 +phases: + install: + commands: + - sudo apt-get update -y + - sudo apt-get install python3 python3-pip -y + - python3 -m pip install --upgrade pip + - python3 -m pip install --upgrade setuptools + + pre_build: + commands: + # - curl https://www.amazontrust.com/repository/AmazonRootCA1.pem --output /tmp/AmazonRootCA1.pem + # - cert=$(aws secretsmanager get-secret-value --secret-id "unit-test/certificate" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo "$cert" > /tmp/certificate.pem + # - key=$(aws secretsmanager get-secret-value --secret-id "unit-test/privatekey" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo "$key" > /tmp/privatekey.pem + # - ENDPOINT=$(aws secretsmanager get-secret-value --secret-id "unit-test/endpoint" --query "SecretString" | cut -f2 -d":" | sed -e 's/[\\\"\}]//g') + build: + commands: + - echo Build started on `date` + - cd $CODEBUILD_SRC_DIR/aws-iot-device-sdk-python-v2 + + # TODO: Pipeline does not (currently) make a release, so we cannot test it... + # - CURRENT_TAG_VERSION=$(cat VERSION) + # # this is here because typing isn't in test-pypi, so pull it from prod instead + # - python3 -m pip install typing + # - python3 codebuild/new_cd/pip-install-with-retry.py -i https://testpypi.python.org/simple --user awsiotsdk==$CURRENT_TAG_VERSION + + # TODO run basic discovery sample? + # - python3 samples/basic_discovery.py --region us-east-1 --cert /tmp/certificate.pem --key /tmp/privatekey.pem --ca_file /tmp/AmazonRootCA1.pem --thing_name aws-sdk-crt-unit-test --print_discover_resp_only --verbosity Trace + + post_build: + commands: + - echo Build completed on `date` diff --git a/codebuild/new_cd/test-version-exists.sh b/codebuild/new_cd/test-version-exists.sh new file mode 100644 index 00000000..5c56d734 --- /dev/null +++ b/codebuild/new_cd/test-version-exists.sh @@ -0,0 +1,40 @@ +#!/usr/bin/env bash +if [ ! -f VERSION ]; then + echo "No VERSION file found! Cannot make release!" + exit 1 +else + echo "VERSION file found..." +fi +VERSION=$(cat VERSION) + +# Make sure the version variable is populated +if [ -z "${VERSION}" ]; then + echo "VERSION file is empty!" + exit 1 +else + echo "VERSION file contains: ${VERSION}" +fi + +# Make sure the version follows the correct format: major.minor.patch +LENGTH_CHECK="${VERSION//[^.]}" +if [ ${#LENGTH_CHECK} != 2 ]; then + echo "VERSION file contains invalid version (not in format major.minor.patch)" + exit 1 +fi +# Use RegX to ensure it only contains numbers and periods +REGX_CHECK='^([0-9]+\.){0,2}(\*|[0-9]+)$' +if [[ $VERSION =~ $REGX_CHECK ]]; then + echo "VERSION file contains valid version" +else + echo "VERSION file contains invalid version (RegX validator failed)" + exit 1 +fi + +# Does PyPi have the version? If so, do not allow it! +if python3 -m pip install --no-cache-dir -vvv awsiotsdk==$VERSION; then + echo "$VERSION is already in pypi, cut a new tag if you want to upload another version." + exit 1 +fi + +echo "$VERSION currently does not exist in pypi, allowing pipeline to continue." +exit 0 diff --git a/codebuild/new_cd/test-version-exists.yml b/codebuild/new_cd/test-version-exists.yml new file mode 100644 index 00000000..a3cea9a6 --- /dev/null +++ b/codebuild/new_cd/test-version-exists.yml @@ -0,0 +1,16 @@ +# Assumes are running using the Ubuntu 16.04:x64 image +# Runs second - makes sure the version in CD has not already been released. +# Will fail the build and stop the pipeline if the version has already been released. +# +# (The first step is to download source and does not have a YAML file associated with it at this time) +version: 0.2 +phases: + install: + commands: + - sudo apt-get update -y + - sudo apt-get install python3 python3-pip -y + - pip3 install --upgrade setuptools + build: + commands: + - cd $CODEBUILD_SRC_DIR/aws-iot-device-sdk-python-v2 + - bash ./codebuild/new_cd/test-version-exists.sh diff --git a/update-version.sh b/update-version.sh new file mode 100644 index 00000000..c6c8666e --- /dev/null +++ b/update-version.sh @@ -0,0 +1,78 @@ +#!/usr/bin/env bash + +set -ex + +# Redirect output to stderr. +exec 1>&2 + +GITHUB_TOKEN=$1 +[ -n "$GITHUB_TOKEN" ] + +TAG_PR_TOKEN=$2 +[ -n "$TAG_PR_TOKEN" ] + +pushd $(dirname $0) > /dev/null + +git checkout main + +version=$(git describe --tags --abbrev=0) +version_without_v=$(echo ${version} | cut -f2 -dv) +echo "${version_without_v}" > VERSION + +if git diff --exit-code VERSION > /dev/null; then + echo "No version change" +else + version_branch=AutoTag-${version} + git checkout -b ${version_branch} + + git config --local user.email "aws-sdk-common-runtime@amazon.com" + git config --local user.name "GitHub Actions" + git add VERSION + git commit -m "Updated version to ${version}" + + echo $TAG_PR_TOKEN | gh auth login --with-token + + # awkward - we need to snip the old release message and then force overwrite the tag with the new commit but + # preserving the old message + # the release message seems to be best retrievable by grabbing the last lines of the release view from the + # github cli + release_line_count=$(gh release view ${version} | wc -l) + let release_message_lines=release_line_count-8 + tag_message=$(gh release view ${version} | tail -n ${release_message_lines}) + title_line=$(gh release view ${version} | head -n 1) + title_value=$(echo $title_line | sed -n "s/title: \(.*\)/\1/p") + echo "Old release title is: ${title_value}" + echo "Old release message is: ${tag_message}" + + # push the commit + git push -u "https://${GITHUB_ACTOR}:${GITHUB_TOKEN}@github.com/aws/aws-iot-device-sdk-python-v2.git" ${version_branch} + + gh pr create --title "AutoTag PR for ${version}" --body "AutoTag PR for ${version}" --head ${version_branch} + + # this requires more permissions than the bot token currently has + # todo: can we update the bot token so that my pat isn't necessary? + gh pr merge --admin --squash + + # update local state with the merged pr + git fetch + git checkout main + git pull "https://${GITHUB_ACTOR}:${GITHUB_TOKEN}@github.com/aws/aws-iot-device-sdk-python-v2.git" main + + # delete old release + gh release delete -y ${version} + + # delete the old tag + git tag -d ${version} + git push "https://${GITHUB_ACTOR}:${GITHUB_TOKEN}@github.com/aws/aws-iot-device-sdk-python-v2.git" :refs/tags/${version} + + # create new tag on latest commit with old message + git tag -f ${version} -m "${tag_message}" + + # push new tag to github + git push "https://${GITHUB_ACTOR}:${GITHUB_TOKEN}@github.com/aws/aws-iot-device-sdk-python-v2.git" --tags + + # now recreate the release on the updated tag + gh release create ${version} --title "${title_value}" -p -n "${tag_message}" +fi + +popd > /dev/null From 41406a4bd11f0983bd7b80686712fba53e7242ed Mon Sep 17 00:00:00 2001 From: Noah Beard Date: Fri, 14 Oct 2022 15:03:15 -0400 Subject: [PATCH 02/17] Bump the version to a non-existent version to test full pipeline minus release --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 361ffc5b..393ccdb5 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -1.11.9 +1.12.10 From bfe7b6a134bf82fa2597c7cb00ff55bb5b4fcadc Mon Sep 17 00:00:00 2001 From: Noah Beard Date: Fri, 14 Oct 2022 15:15:44 -0400 Subject: [PATCH 03/17] Use the correct version again --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 393ccdb5..361ffc5b 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -1.12.10 +1.11.9 From cc92bc35f34fd0e9684a1be12f27ef6b7a4764ec Mon Sep 17 00:00:00 2001 From: Noah Beard Date: Fri, 11 Nov 2022 11:32:00 -0500 Subject: [PATCH 04/17] Bump to non-existent version to test pipeline --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 361ffc5b..f33bbfa1 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -1.11.9 +1.11.10 From 490b5b7e99d952492295ae7bea7dfab159917ee3 Mon Sep 17 00:00:00 2001 From: Noah Beard Date: Fri, 11 Nov 2022 11:53:11 -0500 Subject: [PATCH 05/17] Remove old CD files, move new CD files to correct location. Test PubSub in CI --- .../{new_cd => cd}/pip-install-with-retry.py | 0 .../{new_cd => cd}/publish-to-prod-pypi.yml | 0 .../{new_cd => cd}/publish-to-test-pypi.yml | 0 codebuild/cd/test-prod-pypi.yml | 33 ++++++++++++++++ codebuild/cd/test-test-pypi.yml | 34 ++++++++++++++++ .../{new_cd => cd}/test-version-exists.sh | 0 .../{new_cd => cd}/test-version-exists.yml | 2 +- codebuild/new_cd/test-prod-pypi.yml | 33 ---------------- codebuild/new_cd/test-test-pypi.yml | 34 ---------------- continuous-delivery/pip-install-with-retry.py | 39 ------------------- continuous-delivery/publish_to_prod_pypi.yml | 25 ------------ continuous-delivery/publish_to_test_pypi.yml | 25 ------------ continuous-delivery/test_prod_pypi.yml | 28 ------------- continuous-delivery/test_test_pypi.yml | 30 -------------- continuous-delivery/test_version_exists | 22 ----------- continuous-delivery/test_version_exists.yml | 21 ---------- 16 files changed, 68 insertions(+), 258 deletions(-) rename codebuild/{new_cd => cd}/pip-install-with-retry.py (100%) rename codebuild/{new_cd => cd}/publish-to-prod-pypi.yml (100%) rename codebuild/{new_cd => cd}/publish-to-test-pypi.yml (100%) create mode 100644 codebuild/cd/test-prod-pypi.yml create mode 100644 codebuild/cd/test-test-pypi.yml rename codebuild/{new_cd => cd}/test-version-exists.sh (100%) rename codebuild/{new_cd => cd}/test-version-exists.yml (91%) delete mode 100644 codebuild/new_cd/test-prod-pypi.yml delete mode 100644 codebuild/new_cd/test-test-pypi.yml delete mode 100644 continuous-delivery/pip-install-with-retry.py delete mode 100644 continuous-delivery/publish_to_prod_pypi.yml delete mode 100644 continuous-delivery/publish_to_test_pypi.yml delete mode 100644 continuous-delivery/test_prod_pypi.yml delete mode 100644 continuous-delivery/test_test_pypi.yml delete mode 100755 continuous-delivery/test_version_exists delete mode 100644 continuous-delivery/test_version_exists.yml diff --git a/codebuild/new_cd/pip-install-with-retry.py b/codebuild/cd/pip-install-with-retry.py similarity index 100% rename from codebuild/new_cd/pip-install-with-retry.py rename to codebuild/cd/pip-install-with-retry.py diff --git a/codebuild/new_cd/publish-to-prod-pypi.yml b/codebuild/cd/publish-to-prod-pypi.yml similarity index 100% rename from codebuild/new_cd/publish-to-prod-pypi.yml rename to codebuild/cd/publish-to-prod-pypi.yml diff --git a/codebuild/new_cd/publish-to-test-pypi.yml b/codebuild/cd/publish-to-test-pypi.yml similarity index 100% rename from codebuild/new_cd/publish-to-test-pypi.yml rename to codebuild/cd/publish-to-test-pypi.yml diff --git a/codebuild/cd/test-prod-pypi.yml b/codebuild/cd/test-prod-pypi.yml new file mode 100644 index 00000000..fd932940 --- /dev/null +++ b/codebuild/cd/test-prod-pypi.yml @@ -0,0 +1,33 @@ +# Assumes are running using the Ubuntu 16.04:x64 image +# Runs sixth - makes sure the release to test PyPi repository worked +version: 0.2 +phases: + install: + commands: + - sudo apt-get update -y + - sudo apt-get install python3 python3-pip -y + - python3 -m pip install --upgrade pip + - python3 -m pip install --upgrade setuptools + + pre_build: + commands: + - curl https://www.amazontrust.com/repository/AmazonRootCA1.pem --output /tmp/AmazonRootCA1.pem + - cert=$(aws secretsmanager get-secret-value --secret-id "ci/PubSub/cert" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo "$cert" > /tmp/certificate.pem + - key=$(aws secretsmanager get-secret-value --secret-id "ci/PubSub/key" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo "$key" > /tmp/privatekey.pem + - ENDPOINT=$(aws secretsmanager get-secret-value --secret-id "ci/endpoint" --query "SecretString" | cut -f2 -d":" | sed -e 's/[\\\"\}]//g') + build: + commands: + - echo Build started on `date` + - cd $CODEBUILD_SRC_DIR/aws-iot-device-sdk-python-v2 + + # For testing purposes - run a hard-coded version + # - CURRENT_TAG_VERSION=$(cat VERSION) + - CURRENT_TAG_VERSION=1.11.9 + - python3 codebuild/cd/pip-install-with-retry.py --no-cache-dir --user awsiotsdk==$CURRENT_TAG_VERSION + # Run PubSub sample + - python3 samples/pubsub.py --endpoint ${ENDPOINT} --cert /tmp/certificate.pem --key /tmp/privatekey.pem --ca_file /tmp/AmazonRootCA1.pem --verbosity Trace + + post_build: + commands: + - echo Build completed on `date` + diff --git a/codebuild/cd/test-test-pypi.yml b/codebuild/cd/test-test-pypi.yml new file mode 100644 index 00000000..03135d28 --- /dev/null +++ b/codebuild/cd/test-test-pypi.yml @@ -0,0 +1,34 @@ +# Assumes are running using the Ubuntu 16.04:x64 image +# Runs fourth - makes sure the release to test PyPi repository worked +version: 0.2 +phases: + install: + commands: + - sudo apt-get update -y + - sudo apt-get install python3 python3-pip -y + - python3 -m pip install --upgrade pip + - python3 -m pip install --upgrade setuptools + + pre_build: + commands: + - curl https://www.amazontrust.com/repository/AmazonRootCA1.pem --output /tmp/AmazonRootCA1.pem + - cert=$(aws secretsmanager get-secret-value --secret-id "ci/PubSub/cert" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo "$cert" > /tmp/certificate.pem + - key=$(aws secretsmanager get-secret-value --secret-id "ci/PubSub/key" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo "$key" > /tmp/privatekey.pem + - ENDPOINT=$(aws secretsmanager get-secret-value --secret-id "ci/endpoint" --query "SecretString" | cut -f2 -d":" | sed -e 's/[\\\"\}]//g') + build: + commands: + - echo Build started on `date` + - cd $CODEBUILD_SRC_DIR/aws-iot-device-sdk-python-v2 + + # For testing purposes - run a hard-coded version + # - CURRENT_TAG_VERSION=$(cat VERSION) + - CURRENT_TAG_VERSION=1.11.9 + # this is here because typing isn't in test-pypi, so pull it from prod instead + - python3 -m pip install typing + - python3 codebuild/cd/pip-install-with-retry.py -i https://testpypi.python.org/simple --user awsiotsdk==$CURRENT_TAG_VERSION + # Run PubSub sample + - python3 samples/pubsub.py --endpoint ${ENDPOINT} --cert /tmp/certificate.pem --key /tmp/privatekey.pem --ca_file /tmp/AmazonRootCA1.pem --verbosity Trace + + post_build: + commands: + - echo Build completed on `date` diff --git a/codebuild/new_cd/test-version-exists.sh b/codebuild/cd/test-version-exists.sh similarity index 100% rename from codebuild/new_cd/test-version-exists.sh rename to codebuild/cd/test-version-exists.sh diff --git a/codebuild/new_cd/test-version-exists.yml b/codebuild/cd/test-version-exists.yml similarity index 91% rename from codebuild/new_cd/test-version-exists.yml rename to codebuild/cd/test-version-exists.yml index a3cea9a6..8a07c138 100644 --- a/codebuild/new_cd/test-version-exists.yml +++ b/codebuild/cd/test-version-exists.yml @@ -13,4 +13,4 @@ phases: build: commands: - cd $CODEBUILD_SRC_DIR/aws-iot-device-sdk-python-v2 - - bash ./codebuild/new_cd/test-version-exists.sh + - bash ./codebuild/cd/test-version-exists.sh diff --git a/codebuild/new_cd/test-prod-pypi.yml b/codebuild/new_cd/test-prod-pypi.yml deleted file mode 100644 index 7abfcb7a..00000000 --- a/codebuild/new_cd/test-prod-pypi.yml +++ /dev/null @@ -1,33 +0,0 @@ -# Assumes are running using the Ubuntu 16.04:x64 image -# Runs sixth - makes sure the release to test PyPi repository worked -version: 0.2 -phases: - install: - commands: - - sudo apt-get update -y - - sudo apt-get install python3 python3-pip -y - - python3 -m pip install --upgrade pip - - python3 -m pip install --upgrade setuptools - - pre_build: - commands: - # - curl https://www.amazontrust.com/repository/AmazonRootCA1.pem --output /tmp/AmazonRootCA1.pem - # - cert=$(aws secretsmanager get-secret-value --secret-id "unit-test/certificate" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo "$cert" > /tmp/certificate.pem - # - key=$(aws secretsmanager get-secret-value --secret-id "unit-test/privatekey" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo "$key" > /tmp/privatekey.pem - # - ENDPOINT=$(aws secretsmanager get-secret-value --secret-id "unit-test/endpoint" --query "SecretString" | cut -f2 -d":" | sed -e 's/[\\\"\}]//g') - build: - commands: - - echo Build started on `date` - - cd $CODEBUILD_SRC_DIR/aws-iot-device-sdk-python-v2 - - # TODO: Pipeline does not (currently) make a release, so we cannot test it... - # - CURRENT_TAG_VERSION=$(cat VERSION) - # - python3 continuous-delivery/pip-install-with-retry.py --no-cache-dir --user awsiotsdk==$CURRENT_TAG_VERSION - - # TODO run basic discovery sample? - # - python3 samples/basic_discovery.py --region us-east-1 --cert /tmp/certificate.pem --key /tmp/privatekey.pem --ca_file /tmp/AmazonRootCA1.pem --thing_name aws-sdk-crt-unit-test --print_discover_resp_only --verbosity Trace - - post_build: - commands: - - echo Build completed on `date` - diff --git a/codebuild/new_cd/test-test-pypi.yml b/codebuild/new_cd/test-test-pypi.yml deleted file mode 100644 index 8c084851..00000000 --- a/codebuild/new_cd/test-test-pypi.yml +++ /dev/null @@ -1,34 +0,0 @@ -# Assumes are running using the Ubuntu 16.04:x64 image -# Runs fourth - makes sure the release to test PyPi repository worked -version: 0.2 -phases: - install: - commands: - - sudo apt-get update -y - - sudo apt-get install python3 python3-pip -y - - python3 -m pip install --upgrade pip - - python3 -m pip install --upgrade setuptools - - pre_build: - commands: - # - curl https://www.amazontrust.com/repository/AmazonRootCA1.pem --output /tmp/AmazonRootCA1.pem - # - cert=$(aws secretsmanager get-secret-value --secret-id "unit-test/certificate" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo "$cert" > /tmp/certificate.pem - # - key=$(aws secretsmanager get-secret-value --secret-id "unit-test/privatekey" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo "$key" > /tmp/privatekey.pem - # - ENDPOINT=$(aws secretsmanager get-secret-value --secret-id "unit-test/endpoint" --query "SecretString" | cut -f2 -d":" | sed -e 's/[\\\"\}]//g') - build: - commands: - - echo Build started on `date` - - cd $CODEBUILD_SRC_DIR/aws-iot-device-sdk-python-v2 - - # TODO: Pipeline does not (currently) make a release, so we cannot test it... - # - CURRENT_TAG_VERSION=$(cat VERSION) - # # this is here because typing isn't in test-pypi, so pull it from prod instead - # - python3 -m pip install typing - # - python3 codebuild/new_cd/pip-install-with-retry.py -i https://testpypi.python.org/simple --user awsiotsdk==$CURRENT_TAG_VERSION - - # TODO run basic discovery sample? - # - python3 samples/basic_discovery.py --region us-east-1 --cert /tmp/certificate.pem --key /tmp/privatekey.pem --ca_file /tmp/AmazonRootCA1.pem --thing_name aws-sdk-crt-unit-test --print_discover_resp_only --verbosity Trace - - post_build: - commands: - - echo Build completed on `date` diff --git a/continuous-delivery/pip-install-with-retry.py b/continuous-delivery/pip-install-with-retry.py deleted file mode 100644 index 347e0dca..00000000 --- a/continuous-delivery/pip-install-with-retry.py +++ /dev/null @@ -1,39 +0,0 @@ -import time -import sys -import subprocess - -DOCS = """Given cmdline args, executes: python3 -m pip install [args...] -Keeps retrying until the new version becomes available in pypi (or we time out)""" -if len(sys.argv) < 2: - sys.exit(DOCS) - -RETRY_INTERVAL_SECS = 10 -GIVE_UP_AFTER_SECS = 60 * 15 - -pip_install_args = [sys.executable, '-m', 'pip', 'install'] + sys.argv[1:] - -start_time = time.time() -while True: - print(subprocess.list2cmdline(pip_install_args)) - result = subprocess.run(pip_install_args, stdout=subprocess.PIPE, stderr=subprocess.STDOUT) - - stdout = result.stdout.decode().strip() - if stdout: - print(stdout) - - if result.returncode == 0: - # success - sys.exit(0) - - if "could not find a version" in stdout.lower(): - elapsed_secs = time.time() - start_time - if elapsed_secs < GIVE_UP_AFTER_SECS: - # try again - print("Retrying in", RETRY_INTERVAL_SECS, "secs...") - time.sleep(RETRY_INTERVAL_SECS) - continue - else: - print("Giving up on retries after", int(elapsed_secs), "total secs.") - - # fail - sys.exit(result.returncode) diff --git a/continuous-delivery/publish_to_prod_pypi.yml b/continuous-delivery/publish_to_prod_pypi.yml deleted file mode 100644 index 0e72e510..00000000 --- a/continuous-delivery/publish_to_prod_pypi.yml +++ /dev/null @@ -1,25 +0,0 @@ -version: 0.2 -# this image assumes Ubuntu base image -phases: - install: - commands: - - sudo apt-get update -y - - sudo apt-get install python3 python3-pip -y - - export PATH=$PATH:$HOME/.local/bin - - python3 -m pip install --user --upgrade pip - - python3 -m pip install --user --upgrade twine setuptools wheel awscli PyOpenSSL six - pre_build: - commands: - - cd aws-iot-device-sdk-python-v2 - - pypirc=$(aws secretsmanager get-secret-value --secret-id "prod/aws-sdk-python-v2/.pypirc" --query "SecretString" | cut -f2 -d\") && echo "$pypirc" > ~/.pypirc - - export PKG_VERSION=$(git describe --tags | cut -f2 -dv) - - echo "Updating package version to ${PKG_VERSION}" - - sed --in-place -E "s/__version__ = '.+'/__version__ = '${PKG_VERSION}'/" awsiot/__init__.py - build: - commands: - - echo Build started on `date` - - python3 setup.py sdist bdist_wheel - - python3 -m twine upload -r pypi dist/* - post_build: - commands: - - echo Build completed on `date` diff --git a/continuous-delivery/publish_to_test_pypi.yml b/continuous-delivery/publish_to_test_pypi.yml deleted file mode 100644 index 809f828a..00000000 --- a/continuous-delivery/publish_to_test_pypi.yml +++ /dev/null @@ -1,25 +0,0 @@ -version: 0.2 -# this image assumes Ubuntu base image -phases: - install: - commands: - - sudo apt-get update -y - - sudo apt-get install python3 python3-pip -y - - export PATH=$PATH:$HOME/.local/bin - - python3 -m pip install --user --upgrade pip - - python3 -m pip install --user --upgrade twine setuptools wheel awscli PyOpenSSL six - pre_build: - commands: - - pypirc=$(aws secretsmanager get-secret-value --secret-id "alpha/aws-crt-python/.pypirc" --query "SecretString" | cut -f2 -d\") && echo "$pypirc" > ~/.pypirc - - cd aws-iot-device-sdk-python-v2 - - export PKG_VERSION=$(git describe --tags | cut -f2 -dv) - - echo "Updating package version to ${PKG_VERSION}" - - sed --in-place -E "s/__version__ = '.+'/__version__ = '${PKG_VERSION}'/" awsiot/__init__.py - build: - commands: - - echo Build started on `date` - - python3 setup.py sdist bdist_wheel - - python3 -m twine upload -r testpypi dist/* - post_build: - commands: - - echo Build completed on `date` diff --git a/continuous-delivery/test_prod_pypi.yml b/continuous-delivery/test_prod_pypi.yml deleted file mode 100644 index 9261ff5e..00000000 --- a/continuous-delivery/test_prod_pypi.yml +++ /dev/null @@ -1,28 +0,0 @@ -version: 0.2 -# this image assumes Ubuntu 14.04 base image -phases: - install: - commands: - - sudo apt-get update -y - - sudo apt-get install python3 python3-pip -y - - python3 -m pip install --upgrade pip - - python3 -m pip install --upgrade setuptools - - pre_build: - commands: - - curl https://www.amazontrust.com/repository/AmazonRootCA1.pem --output /tmp/AmazonRootCA1.pem - - cert=$(aws secretsmanager get-secret-value --secret-id "unit-test/certificate" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo "$cert" > /tmp/certificate.pem - - key=$(aws secretsmanager get-secret-value --secret-id "unit-test/privatekey" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo "$key" > /tmp/privatekey.pem - - ENDPOINT=$(aws secretsmanager get-secret-value --secret-id "unit-test/endpoint" --query "SecretString" | cut -f2 -d":" | sed -e 's/[\\\"\}]//g') - build: - commands: - - echo Build started on `date` - - cd aws-iot-device-sdk-python-v2 - - CURRENT_TAG_VERSION=$(git describe --tags | cut -f2 -dv) - - python3 continuous-delivery/pip-install-with-retry.py --no-cache-dir --user awsiotsdk==$CURRENT_TAG_VERSION - - python3 samples/basic_discovery.py --region us-east-1 --cert /tmp/certificate.pem --key /tmp/privatekey.pem --ca_file /tmp/AmazonRootCA1.pem --thing_name aws-sdk-crt-unit-test --print_discover_resp_only --verbosity Trace - - post_build: - commands: - - echo Build completed on `date` - diff --git a/continuous-delivery/test_test_pypi.yml b/continuous-delivery/test_test_pypi.yml deleted file mode 100644 index 79113c0a..00000000 --- a/continuous-delivery/test_test_pypi.yml +++ /dev/null @@ -1,30 +0,0 @@ -version: 0.2 -# this image assumes Ubuntu 14.04 base image -phases: - install: - commands: - - sudo apt-get update -y - - sudo apt-get install python3 python3-pip -y - - python3 -m pip install --upgrade pip - - python3 -m pip install --upgrade setuptools - - pre_build: - commands: - - curl https://www.amazontrust.com/repository/AmazonRootCA1.pem --output /tmp/AmazonRootCA1.pem - - cert=$(aws secretsmanager get-secret-value --secret-id "unit-test/certificate" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo "$cert" > /tmp/certificate.pem - - key=$(aws secretsmanager get-secret-value --secret-id "unit-test/privatekey" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo "$key" > /tmp/privatekey.pem - - ENDPOINT=$(aws secretsmanager get-secret-value --secret-id "unit-test/endpoint" --query "SecretString" | cut -f2 -d":" | sed -e 's/[\\\"\}]//g') - build: - commands: - - echo Build started on `date` - - cd aws-iot-device-sdk-python-v2 - - CURRENT_TAG_VERSION=$(git describe --tags | cut -f2 -dv) - # this is here because typing isn't in testpypi, so pull it from prod instead - - python3 -m pip install typing - - python3 continuous-delivery/pip-install-with-retry.py -i https://testpypi.python.org/simple --user awsiotsdk==$CURRENT_TAG_VERSION - - python3 samples/basic_discovery.py --region us-east-1 --cert /tmp/certificate.pem --key /tmp/privatekey.pem --ca_file /tmp/AmazonRootCA1.pem --thing_name aws-sdk-crt-unit-test --print_discover_resp_only --verbosity Trace - - post_build: - commands: - - echo Build completed on `date` - diff --git a/continuous-delivery/test_version_exists b/continuous-delivery/test_version_exists deleted file mode 100755 index c869ec44..00000000 --- a/continuous-delivery/test_version_exists +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/bin/env bash -set -e -set -x -# force a failure if there's no tag -git describe --tags -# now get the tag -CURRENT_TAG=$(git describe --tags | cut -f2 -dv) -# convert v0.2.12-2-g50254a9 to 0.2.12 -CURRENT_TAG_VERSION=$(git describe --tags | cut -f1 -d'-' | cut -f2 -dv) -# if there's a hash on the tag, then this is not a release tagged commit -if [ "$CURRENT_TAG" != "$CURRENT_TAG_VERSION" ]; then - echo "Current tag version is not a release tag, cut a new release if you want to publish." - exit 1 -fi - -if python3 -m pip install --no-cache-dir -vvv awsiotsdk==$CURRENT_TAG_VERSION; then - echo "$CURRENT_TAG_VERSION is already in pypi, cut a new tag if you want to upload another version." - exit 1 -fi - -echo "$CURRENT_TAG_VERSION currently does not exist in pypi, allowing pipeline to continue." -exit 0 diff --git a/continuous-delivery/test_version_exists.yml b/continuous-delivery/test_version_exists.yml deleted file mode 100644 index ca67e644..00000000 --- a/continuous-delivery/test_version_exists.yml +++ /dev/null @@ -1,21 +0,0 @@ -version: 0.2 -#this build spec assumes the ubuntu 14.04 trusty image -#this build run simply verifies we haven't published something at this tag yet. -#if we have we fail the build and stop the pipeline, if we haven't we allow the pipeline to run. -phases: - install: - commands: - - sudo apt-get update -y - - sudo apt-get install python3 python3-pip -y - - pip3 install --upgrade setuptools - pre_build: - commands: - build: - commands: - - echo Build started on `date` - - cd aws-iot-device-sdk-python-v2 - - bash ./continuous-delivery/test_version_exists - post_build: - commands: - - echo Build completed on `date` - From 7ec811a46c121c897f494df11becbe9a16a43adf Mon Sep 17 00:00:00 2001 From: Noah Beard Date: Fri, 11 Nov 2022 12:16:38 -0500 Subject: [PATCH 06/17] Use proper version, allow CD to release --- VERSION | 2 +- codebuild/cd/publish-to-prod-pypi.yml | 16 +++++++++------- codebuild/cd/publish-to-test-pypi.yml | 15 +++++++++------ codebuild/cd/test-prod-pypi.yml | 15 +++++++++------ codebuild/cd/test-test-pypi.yml | 14 ++++++++------ codebuild/cd/test-version-exists.yml | 9 ++++++--- 6 files changed, 42 insertions(+), 29 deletions(-) diff --git a/VERSION b/VERSION index f33bbfa1..361ffc5b 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -1.11.10 +1.11.9 diff --git a/codebuild/cd/publish-to-prod-pypi.yml b/codebuild/cd/publish-to-prod-pypi.yml index 685fd732..6f6fefe8 100644 --- a/codebuild/cd/publish-to-prod-pypi.yml +++ b/codebuild/cd/publish-to-prod-pypi.yml @@ -1,6 +1,8 @@ - -# Assumes are running using the Ubuntu 16.04:x64 image -# Runs fifth - Makes a release deployment to production PyPi repo. +# Assumes are running using the Ubuntu Codebuild standard image +# Makes a release deployment to production PyPi repo. +# +# NOTE: This script assumes that the AWS CLI-V2 is pre-installed! +# - AWS CLI-V2 is a requirement to run this script. version: 0.2 phases: install: @@ -10,6 +12,8 @@ phases: - export PATH=$PATH:$HOME/.local/bin - python3 -m pip install --user --upgrade pip - python3 -m pip install --user --upgrade twine setuptools wheel awscli PyOpenSSL six + - echo "\nBuild version data:" + - echo "\nPython Version:"; python3 --version pre_build: commands: - cd $CODEBUILD_SRC_DIR/aws-iot-device-sdk-python-v2 @@ -20,10 +24,8 @@ phases: build: commands: - echo Build started on `date` - - # Skip actual release for now! - # - python3 setup.py sdist bdist_wheel - # - python3 -m twine upload -r pypi dist/* + - python3 setup.py sdist bdist_wheel + - python3 -m twine upload -r pypi dist/* post_build: commands: - echo Build completed on `date` diff --git a/codebuild/cd/publish-to-test-pypi.yml b/codebuild/cd/publish-to-test-pypi.yml index 93823eb6..131205d5 100644 --- a/codebuild/cd/publish-to-test-pypi.yml +++ b/codebuild/cd/publish-to-test-pypi.yml @@ -1,5 +1,8 @@ -# Assumes are running using the Ubuntu 16.04:x64 image -# Runs third - Makes a release deployment to test PyPi repo. +# Assumes are running using the Ubuntu Codebuild standard image +# Makes a release deployment to test PyPi repo. +# +# NOTE: This script assumes that the AWS CLI-V2 is pre-installed! +# - AWS CLI-V2 is a requirement to run this script. version: 0.2 phases: install: @@ -9,6 +12,8 @@ phases: - export PATH=$PATH:$HOME/.local/bin - python3 -m pip install --user --upgrade pip - python3 -m pip install --user --upgrade twine setuptools wheel awscli PyOpenSSL six + - echo "\nBuild version data:" + - echo "\nPython Version:"; python3 --version pre_build: commands: - cd $CODEBUILD_SRC_DIR/aws-iot-device-sdk-python-v2 @@ -19,10 +24,8 @@ phases: build: commands: - echo Build started on `date` - - # Skip actual release for now! - # - python3 setup.py sdist bdist_wheel - # - python3 -m twine upload -r testpypi dist/* + - python3 setup.py sdist bdist_wheel + - python3 -m twine upload -r testpypi dist/* post_build: commands: - echo Build completed on `date` diff --git a/codebuild/cd/test-prod-pypi.yml b/codebuild/cd/test-prod-pypi.yml index fd932940..97874145 100644 --- a/codebuild/cd/test-prod-pypi.yml +++ b/codebuild/cd/test-prod-pypi.yml @@ -1,5 +1,8 @@ -# Assumes are running using the Ubuntu 16.04:x64 image -# Runs sixth - makes sure the release to test PyPi repository worked +# Assumes are running using the Ubuntu Codebuild standard image +# Makes sure the release to test PyPi repository worked +# +# NOTE: This script assumes that the AWS CLI-V2 is pre-installed! +# - AWS CLI-V2 is a requirement to run this script. version: 0.2 phases: install: @@ -8,9 +11,12 @@ phases: - sudo apt-get install python3 python3-pip -y - python3 -m pip install --upgrade pip - python3 -m pip install --upgrade setuptools + - echo "\nBuild version data:" + - echo "\nPython Version:"; python3 --version pre_build: commands: + # Material for PubSub sample - curl https://www.amazontrust.com/repository/AmazonRootCA1.pem --output /tmp/AmazonRootCA1.pem - cert=$(aws secretsmanager get-secret-value --secret-id "ci/PubSub/cert" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo "$cert" > /tmp/certificate.pem - key=$(aws secretsmanager get-secret-value --secret-id "ci/PubSub/key" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo "$key" > /tmp/privatekey.pem @@ -19,10 +25,7 @@ phases: commands: - echo Build started on `date` - cd $CODEBUILD_SRC_DIR/aws-iot-device-sdk-python-v2 - - # For testing purposes - run a hard-coded version - # - CURRENT_TAG_VERSION=$(cat VERSION) - - CURRENT_TAG_VERSION=1.11.9 + - CURRENT_TAG_VERSION=$(cat VERSION) - python3 codebuild/cd/pip-install-with-retry.py --no-cache-dir --user awsiotsdk==$CURRENT_TAG_VERSION # Run PubSub sample - python3 samples/pubsub.py --endpoint ${ENDPOINT} --cert /tmp/certificate.pem --key /tmp/privatekey.pem --ca_file /tmp/AmazonRootCA1.pem --verbosity Trace diff --git a/codebuild/cd/test-test-pypi.yml b/codebuild/cd/test-test-pypi.yml index 03135d28..668f4e51 100644 --- a/codebuild/cd/test-test-pypi.yml +++ b/codebuild/cd/test-test-pypi.yml @@ -1,5 +1,8 @@ -# Assumes are running using the Ubuntu 16.04:x64 image -# Runs fourth - makes sure the release to test PyPi repository worked +# Assumes are running using the Ubuntu Codebuild standard image +# Makes sure the release to test PyPi repository worked +# +# NOTE: This script assumes that the AWS CLI-V2 is pre-installed! +# - AWS CLI-V2 is a requirement to run this script. version: 0.2 phases: install: @@ -8,6 +11,8 @@ phases: - sudo apt-get install python3 python3-pip -y - python3 -m pip install --upgrade pip - python3 -m pip install --upgrade setuptools + - echo "\nBuild version data:" + - echo "\nPython Version:"; python3 --version pre_build: commands: @@ -19,10 +24,7 @@ phases: commands: - echo Build started on `date` - cd $CODEBUILD_SRC_DIR/aws-iot-device-sdk-python-v2 - - # For testing purposes - run a hard-coded version - # - CURRENT_TAG_VERSION=$(cat VERSION) - - CURRENT_TAG_VERSION=1.11.9 + - CURRENT_TAG_VERSION=$(cat VERSION) # this is here because typing isn't in test-pypi, so pull it from prod instead - python3 -m pip install typing - python3 codebuild/cd/pip-install-with-retry.py -i https://testpypi.python.org/simple --user awsiotsdk==$CURRENT_TAG_VERSION diff --git a/codebuild/cd/test-version-exists.yml b/codebuild/cd/test-version-exists.yml index 8a07c138..0b9a65e7 100644 --- a/codebuild/cd/test-version-exists.yml +++ b/codebuild/cd/test-version-exists.yml @@ -1,8 +1,9 @@ -# Assumes are running using the Ubuntu 16.04:x64 image -# Runs second - makes sure the version in CD has not already been released. +# Assumes are running using the Ubuntu Codebuild standard image +# Makes sure the version in CD has not already been released. # Will fail the build and stop the pipeline if the version has already been released. # -# (The first step is to download source and does not have a YAML file associated with it at this time) +# NOTE: This script assumes that the AWS CLI-V2 is pre-installed! +# - AWS CLI-V2 is a requirement to run this script. version: 0.2 phases: install: @@ -10,6 +11,8 @@ phases: - sudo apt-get update -y - sudo apt-get install python3 python3-pip -y - pip3 install --upgrade setuptools + - echo "\nBuild version data:" + - echo "\nPython Version:"; python3 --version build: commands: - cd $CODEBUILD_SRC_DIR/aws-iot-device-sdk-python-v2 From a176019413139eb4dfae25d18718c36100e66b01 Mon Sep 17 00:00:00 2001 From: Noah Beard Date: Fri, 11 Nov 2022 17:18:13 -0500 Subject: [PATCH 07/17] While testing stuff, make sure the new CD pipeline is fully disabled for extra safety --- codebuild/cd/publish-to-prod-pypi.yml | 6 ++++-- codebuild/cd/publish-to-test-pypi.yml | 5 +++-- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/codebuild/cd/publish-to-prod-pypi.yml b/codebuild/cd/publish-to-prod-pypi.yml index 6f6fefe8..73a2ea16 100644 --- a/codebuild/cd/publish-to-prod-pypi.yml +++ b/codebuild/cd/publish-to-prod-pypi.yml @@ -24,8 +24,10 @@ phases: build: commands: - echo Build started on `date` - - python3 setup.py sdist bdist_wheel - - python3 -m twine upload -r pypi dist/* + + # TMP DEBUG ONLY - not that I plan to accidentally run the workflow, but disable all this just for extra safety while experimenting! + # - python3 setup.py sdist bdist_wheel + # - python3 -m twine upload -r pypi dist/* post_build: commands: - echo Build completed on `date` diff --git a/codebuild/cd/publish-to-test-pypi.yml b/codebuild/cd/publish-to-test-pypi.yml index 131205d5..92d081f1 100644 --- a/codebuild/cd/publish-to-test-pypi.yml +++ b/codebuild/cd/publish-to-test-pypi.yml @@ -24,8 +24,9 @@ phases: build: commands: - echo Build started on `date` - - python3 setup.py sdist bdist_wheel - - python3 -m twine upload -r testpypi dist/* + # TMP DEBUG ONLY - not that I plan to accidentally run the workflow, but disable all this just for extra safety while experimenting! + # - python3 setup.py sdist bdist_wheel + # - python3 -m twine upload -r testpypi dist/* post_build: commands: - echo Build completed on `date` From b9bcde21b962b1f18474ce2921d4ca005dfa896d Mon Sep 17 00:00:00 2001 From: Noah Beard Date: Mon, 14 Nov 2022 13:13:49 -0500 Subject: [PATCH 08/17] Make release using manual workflow instead of catching release event --- .github/workflows/release.yml | 39 ++++++++++++----- VERSION | 1 - publish-release.sh | 81 +++++++++++++++++++++++++++++++++++ update-version.sh | 78 --------------------------------- 4 files changed, 109 insertions(+), 90 deletions(-) delete mode 100644 VERSION create mode 100755 publish-release.sh delete mode 100644 update-version.sh diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b22cc0ed..150e4106 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,8 +1,26 @@ name: Release +env: + GH_TOKEN: ${{ github.token }} + on: - release: - types: [created] + workflow_dispatch: + inputs: + release_type: + type: choice + description: "The type of release to make (Minor, Patch, etc)" + required: true + options: + - PATCH + - MINOR + release_title: + description: "The title of the release" + required: true + pre_release: + type: boolean + description: "Is this release a pre-release?" + required: false + default: false jobs: update-version: @@ -16,17 +34,16 @@ jobs: with: fetch-depth: 0 - - name: Update Version - run: ./update-version.sh ${{ secrets.GITHUB_TOKEN }} ${{ secrets.TAG_PR_TOKEN }} - - - name: configure AWS credentials (Release) - uses: aws-actions/configure-aws-credentials@v1 - with: - role-to-assume: ${{ secrets.AWS_CI_RELEASE_ROLE }} - aws-region: us-east-1 + - name: Make new release + run: | + ./publish-release.sh "${{ github.event.inputs.release_type }}" "${{ github.event.inputs.release_title }}" "${{ github.event.inputs.pre_release }}" - - name: Trigger Release + - name: "Create VERSION file and trigger release" run: | + version=$(git describe --tags --abbrev=0) + version_without_v=$(echo ${version} | cut -f2 -dv) + echo "${version_without_v}" > VERSION + zip VERSION.zip VERSION export S3_URL=$(aws secretsmanager get-secret-value --secret-id ci/python_v2_version --query "SecretString" | cut -f2 -d\") aws s3 cp VERSION.zip $S3_URL diff --git a/VERSION b/VERSION deleted file mode 100644 index 361ffc5b..00000000 --- a/VERSION +++ /dev/null @@ -1 +0,0 @@ -1.11.9 diff --git a/publish-release.sh b/publish-release.sh new file mode 100755 index 00000000..e659eec6 --- /dev/null +++ b/publish-release.sh @@ -0,0 +1,81 @@ +#!/usr/bin/env bash + +set -ex + +# Redirect output to stderr. +exec 1>&2 + +RELEASE_TYPE=$1 +RELEASE_TITLE=$2 +IS_PRE_RELEASE=$3 + +# Increments the version up by one +# Credit: https://stackoverflow.com/a/64390598 +increment_version() { + local delimiter=. + local array=($(echo "$1" | tr $delimiter '\n')) + array[$2]=$((array[$2]+1)) + if [ $2 -lt 2 ]; then array[2]=0; fi + if [ $2 -lt 1 ]; then array[1]=0; fi + echo $(local IFS=$delimiter ; echo "${array[*]}") +} + +pushd $(dirname $0) > /dev/null + +# Get the current version +git checkout main +current_version=$(git describe --tags --abbrev=0) +current_version_without_v=$(echo ${current_version} | cut -f2 -dv) + +echo "Current release version is ${current_version_without_v}" + +# Validate that RELEASE_TYPE is what we expect and bump the version: +new_version=${current_version_without_v} +if [ $RELEASE_TYPE == "PATCH" ]; then + new_version=$(increment_version ${current_version_without_v} 2 ) +elif [ $RELEASE_TYPE == "MINOR" ]; then + new_version=$(increment_version ${current_version_without_v} 1 ) +elif [ $RELEASE_TYPE == "MAJOR" ]; then + new_version=$(increment_version ${current_version_without_v} 0 ) +else + echo "ERROR: Unknown release type! Exitting..." + exit -1 +fi +echo "New version is ${new_version}" + +# Validate that the title is set +if [ $RELEASE_TITLE == "" ]; then + echo "ERROR: No title set! Cannot make release. Exitting..." + exit -1 +fi +# (We do not need to validate the pre-release input, it either will be 'true' or not) + +# Setup Github credentials +git config --local user.email "aws-sdk-common-runtime@amazon.com" +git config --local user.name "GitHub Actions" + +# NOTE - if you need to make changes BEFORE making a release, do it here. See Java V2 SDK for example. + +# Update local state with the merged pr (if one was made) and just generally make sure we're up to date +git fetch +git checkout main +git pull "https://${GITHUB_ACTOR}:${GITHUB_TOKEN}@github.com/aws/aws-iot-device-sdk-python-v2.git" main + +# Create new tag on latest commit with the release title +git tag -f v${new_version} -m "${RELEASE_TITLE}" +# Push new tag to github +git push "https://${GITHUB_ACTOR}:${GITHUB_TOKEN}@github.com/aws/aws-iot-device-sdk-python-v2.git" --tags + +# now recreate the release on the updated tag +# (If a pre-release, then -p needs to be added) + +# Create the release with auto-generated notes as the description +# - NOTE: This will only add stuff if there is at least one PR. If there is no PRs, +# - then this will be blank and need manual input/changing after running. +if [ $IS_PRE_RELEASE == "true" ]; then + gh release create "v${new_version}" -p --generate-notes --notes-start-tag "$current_version" --target main -t "${RELEASE_TITLE}" +else + gh release create "v${new_version}" --generate-notes --notes-start-tag "$current_version" --target main -t "${RELEASE_TITLE}" +fi + +popd > /dev/null diff --git a/update-version.sh b/update-version.sh deleted file mode 100644 index c6c8666e..00000000 --- a/update-version.sh +++ /dev/null @@ -1,78 +0,0 @@ -#!/usr/bin/env bash - -set -ex - -# Redirect output to stderr. -exec 1>&2 - -GITHUB_TOKEN=$1 -[ -n "$GITHUB_TOKEN" ] - -TAG_PR_TOKEN=$2 -[ -n "$TAG_PR_TOKEN" ] - -pushd $(dirname $0) > /dev/null - -git checkout main - -version=$(git describe --tags --abbrev=0) -version_without_v=$(echo ${version} | cut -f2 -dv) -echo "${version_without_v}" > VERSION - -if git diff --exit-code VERSION > /dev/null; then - echo "No version change" -else - version_branch=AutoTag-${version} - git checkout -b ${version_branch} - - git config --local user.email "aws-sdk-common-runtime@amazon.com" - git config --local user.name "GitHub Actions" - git add VERSION - git commit -m "Updated version to ${version}" - - echo $TAG_PR_TOKEN | gh auth login --with-token - - # awkward - we need to snip the old release message and then force overwrite the tag with the new commit but - # preserving the old message - # the release message seems to be best retrievable by grabbing the last lines of the release view from the - # github cli - release_line_count=$(gh release view ${version} | wc -l) - let release_message_lines=release_line_count-8 - tag_message=$(gh release view ${version} | tail -n ${release_message_lines}) - title_line=$(gh release view ${version} | head -n 1) - title_value=$(echo $title_line | sed -n "s/title: \(.*\)/\1/p") - echo "Old release title is: ${title_value}" - echo "Old release message is: ${tag_message}" - - # push the commit - git push -u "https://${GITHUB_ACTOR}:${GITHUB_TOKEN}@github.com/aws/aws-iot-device-sdk-python-v2.git" ${version_branch} - - gh pr create --title "AutoTag PR for ${version}" --body "AutoTag PR for ${version}" --head ${version_branch} - - # this requires more permissions than the bot token currently has - # todo: can we update the bot token so that my pat isn't necessary? - gh pr merge --admin --squash - - # update local state with the merged pr - git fetch - git checkout main - git pull "https://${GITHUB_ACTOR}:${GITHUB_TOKEN}@github.com/aws/aws-iot-device-sdk-python-v2.git" main - - # delete old release - gh release delete -y ${version} - - # delete the old tag - git tag -d ${version} - git push "https://${GITHUB_ACTOR}:${GITHUB_TOKEN}@github.com/aws/aws-iot-device-sdk-python-v2.git" :refs/tags/${version} - - # create new tag on latest commit with old message - git tag -f ${version} -m "${tag_message}" - - # push new tag to github - git push "https://${GITHUB_ACTOR}:${GITHUB_TOKEN}@github.com/aws/aws-iot-device-sdk-python-v2.git" --tags - - # now recreate the release on the updated tag - gh release create ${version} --title "${title_value}" -p -n "${tag_message}" -fi - -popd > /dev/null From f90c59bd243a92375b37d4b9687dee8ab3c6716a Mon Sep 17 00:00:00 2001 From: Noah Beard Date: Mon, 14 Nov 2022 13:15:15 -0500 Subject: [PATCH 09/17] Enable CD workflow again --- codebuild/cd/publish-to-prod-pypi.yml | 6 ++---- codebuild/cd/publish-to-test-pypi.yml | 5 ++--- 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/codebuild/cd/publish-to-prod-pypi.yml b/codebuild/cd/publish-to-prod-pypi.yml index 73a2ea16..6f6fefe8 100644 --- a/codebuild/cd/publish-to-prod-pypi.yml +++ b/codebuild/cd/publish-to-prod-pypi.yml @@ -24,10 +24,8 @@ phases: build: commands: - echo Build started on `date` - - # TMP DEBUG ONLY - not that I plan to accidentally run the workflow, but disable all this just for extra safety while experimenting! - # - python3 setup.py sdist bdist_wheel - # - python3 -m twine upload -r pypi dist/* + - python3 setup.py sdist bdist_wheel + - python3 -m twine upload -r pypi dist/* post_build: commands: - echo Build completed on `date` diff --git a/codebuild/cd/publish-to-test-pypi.yml b/codebuild/cd/publish-to-test-pypi.yml index 92d081f1..131205d5 100644 --- a/codebuild/cd/publish-to-test-pypi.yml +++ b/codebuild/cd/publish-to-test-pypi.yml @@ -24,9 +24,8 @@ phases: build: commands: - echo Build started on `date` - # TMP DEBUG ONLY - not that I plan to accidentally run the workflow, but disable all this just for extra safety while experimenting! - # - python3 setup.py sdist bdist_wheel - # - python3 -m twine upload -r testpypi dist/* + - python3 setup.py sdist bdist_wheel + - python3 -m twine upload -r testpypi dist/* post_build: commands: - echo Build completed on `date` From a5e20a9f33c83ba5444ff0d65aae519a0b83688d Mon Sep 17 00:00:00 2001 From: Noah Beard Date: Mon, 14 Nov 2022 13:41:56 -0500 Subject: [PATCH 10/17] Use the S3 version file, not the repository one, in CD --- codebuild/cd/publish-to-prod-pypi.yml | 2 +- codebuild/cd/publish-to-test-pypi.yml | 2 +- codebuild/cd/test-prod-pypi.yml | 2 +- codebuild/cd/test-test-pypi.yml | 2 +- codebuild/cd/test-version-exists.sh | 6 ++++-- codebuild/cd/test-version-exists.yml | 2 +- 6 files changed, 9 insertions(+), 7 deletions(-) mode change 100644 => 100755 codebuild/cd/test-version-exists.sh diff --git a/codebuild/cd/publish-to-prod-pypi.yml b/codebuild/cd/publish-to-prod-pypi.yml index 6f6fefe8..859c0cbc 100644 --- a/codebuild/cd/publish-to-prod-pypi.yml +++ b/codebuild/cd/publish-to-prod-pypi.yml @@ -18,7 +18,7 @@ phases: commands: - cd $CODEBUILD_SRC_DIR/aws-iot-device-sdk-python-v2 - pypirc=$(aws secretsmanager get-secret-value --secret-id "cd/aws-sdk-python-v2-prod/.pypirc" --query "SecretString" | cut -f2 -d\") && echo "$pypirc" > ~/.pypirc - - export PKG_VERSION=$(cat VERSION) + - export PKG_VERSION=$(cat $CODEBUILD_SRC_DIR/VERSION) - echo "Updating package version to ${PKG_VERSION}" - sed --in-place -E "s/__version__ = '.+'/__version__ = '${PKG_VERSION}'/" awsiot/__init__.py build: diff --git a/codebuild/cd/publish-to-test-pypi.yml b/codebuild/cd/publish-to-test-pypi.yml index 131205d5..9450aa80 100644 --- a/codebuild/cd/publish-to-test-pypi.yml +++ b/codebuild/cd/publish-to-test-pypi.yml @@ -18,7 +18,7 @@ phases: commands: - cd $CODEBUILD_SRC_DIR/aws-iot-device-sdk-python-v2 - pypirc=$(aws secretsmanager get-secret-value --secret-id "cd/aws-sdk-python-v2-test/.pypirc" --query "SecretString" | cut -f2 -d\") && echo "$pypirc" > ~/.pypirc - - export PKG_VERSION=$(cat VERSION) + - export PKG_VERSION=$(cat $CODEBUILD_SRC_DIR/VERSION) - echo "Updating package version to ${PKG_VERSION}" - sed --in-place -E "s/__version__ = '.+'/__version__ = '${PKG_VERSION}'/" awsiot/__init__.py build: diff --git a/codebuild/cd/test-prod-pypi.yml b/codebuild/cd/test-prod-pypi.yml index 97874145..9777dc96 100644 --- a/codebuild/cd/test-prod-pypi.yml +++ b/codebuild/cd/test-prod-pypi.yml @@ -25,7 +25,7 @@ phases: commands: - echo Build started on `date` - cd $CODEBUILD_SRC_DIR/aws-iot-device-sdk-python-v2 - - CURRENT_TAG_VERSION=$(cat VERSION) + - CURRENT_TAG_VERSION=$(cat $CODEBUILD_SRC_DIR/VERSION) - python3 codebuild/cd/pip-install-with-retry.py --no-cache-dir --user awsiotsdk==$CURRENT_TAG_VERSION # Run PubSub sample - python3 samples/pubsub.py --endpoint ${ENDPOINT} --cert /tmp/certificate.pem --key /tmp/privatekey.pem --ca_file /tmp/AmazonRootCA1.pem --verbosity Trace diff --git a/codebuild/cd/test-test-pypi.yml b/codebuild/cd/test-test-pypi.yml index 668f4e51..d202dcce 100644 --- a/codebuild/cd/test-test-pypi.yml +++ b/codebuild/cd/test-test-pypi.yml @@ -24,7 +24,7 @@ phases: commands: - echo Build started on `date` - cd $CODEBUILD_SRC_DIR/aws-iot-device-sdk-python-v2 - - CURRENT_TAG_VERSION=$(cat VERSION) + - CURRENT_TAG_VERSION=$(cat $CODEBUILD_SRC_DIR/VERSION) # this is here because typing isn't in test-pypi, so pull it from prod instead - python3 -m pip install typing - python3 codebuild/cd/pip-install-with-retry.py -i https://testpypi.python.org/simple --user awsiotsdk==$CURRENT_TAG_VERSION diff --git a/codebuild/cd/test-version-exists.sh b/codebuild/cd/test-version-exists.sh old mode 100644 new mode 100755 index 5c56d734..82f91339 --- a/codebuild/cd/test-version-exists.sh +++ b/codebuild/cd/test-version-exists.sh @@ -1,11 +1,13 @@ #!/usr/bin/env bash -if [ ! -f VERSION ]; then + +VERSION_FILE_PATH=$1 +if [ ! readlink -e "$VERSION_FILE_PATH" ]; then echo "No VERSION file found! Cannot make release!" exit 1 else echo "VERSION file found..." fi -VERSION=$(cat VERSION) +VERSION=$(cat $VERSION_FILE_PATH) # Make sure the version variable is populated if [ -z "${VERSION}" ]; then diff --git a/codebuild/cd/test-version-exists.yml b/codebuild/cd/test-version-exists.yml index 0b9a65e7..877ca0b1 100644 --- a/codebuild/cd/test-version-exists.yml +++ b/codebuild/cd/test-version-exists.yml @@ -16,4 +16,4 @@ phases: build: commands: - cd $CODEBUILD_SRC_DIR/aws-iot-device-sdk-python-v2 - - bash ./codebuild/cd/test-version-exists.sh + - bash ./codebuild/cd/test-version-exists.sh $CODEBUILD_SRC_DIR/VERSION From 3457792d7e81bc4335a214aab0d8f6d04e0226ea Mon Sep 17 00:00:00 2001 From: Noah Beard Date: Mon, 14 Nov 2022 15:24:07 -0500 Subject: [PATCH 11/17] Set the pre-release tag based on whether the major version is zero or not --- .github/workflows/release.yml | 7 +------ publish-release.sh | 12 +++++++++--- 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 150e4106..e65910a5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -16,11 +16,6 @@ on: release_title: description: "The title of the release" required: true - pre_release: - type: boolean - description: "Is this release a pre-release?" - required: false - default: false jobs: update-version: @@ -36,7 +31,7 @@ jobs: - name: Make new release run: | - ./publish-release.sh "${{ github.event.inputs.release_type }}" "${{ github.event.inputs.release_title }}" "${{ github.event.inputs.pre_release }}" + ./publish-release.sh "${{ github.event.inputs.release_type }}" "${{ github.event.inputs.release_title }}" - name: "Create VERSION file and trigger release" run: | diff --git a/publish-release.sh b/publish-release.sh index e659eec6..99ae1a95 100755 --- a/publish-release.sh +++ b/publish-release.sh @@ -7,7 +7,6 @@ exec 1>&2 RELEASE_TYPE=$1 RELEASE_TITLE=$2 -IS_PRE_RELEASE=$3 # Increments the version up by one # Credit: https://stackoverflow.com/a/64390598 @@ -66,8 +65,15 @@ git tag -f v${new_version} -m "${RELEASE_TITLE}" # Push new tag to github git push "https://${GITHUB_ACTOR}:${GITHUB_TOKEN}@github.com/aws/aws-iot-device-sdk-python-v2.git" --tags -# now recreate the release on the updated tag -# (If a pre-release, then -p needs to be added) +# Determine if this is a pre-release or not based on the major version +IS_PRE_RELEASE="false" +VERSION_STRING_DELIMITER=. +VERSION_STRING_ARRAY=($(echo "$new_version" | tr $VERSION_STRING_DELIMITER '\n')) +if [ ${VERSION_STRING_ARRAY[0]} == "0" ]; then + IS_PRE_RELEASE="true" +else + IS_PRE_RELEASE="false" +fi # Create the release with auto-generated notes as the description # - NOTE: This will only add stuff if there is at least one PR. If there is no PRs, From 5c7fe3d879ad4fec68b5277a86ba35427eb7a20a Mon Sep 17 00:00:00 2001 From: Noah Beard Date: Mon, 14 Nov 2022 15:26:03 -0500 Subject: [PATCH 12/17] Comment cleanup --- publish-release.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/publish-release.sh b/publish-release.sh index 99ae1a95..c239cb63 100755 --- a/publish-release.sh +++ b/publish-release.sh @@ -47,7 +47,6 @@ if [ $RELEASE_TITLE == "" ]; then echo "ERROR: No title set! Cannot make release. Exitting..." exit -1 fi -# (We do not need to validate the pre-release input, it either will be 'true' or not) # Setup Github credentials git config --local user.email "aws-sdk-common-runtime@amazon.com" @@ -76,7 +75,7 @@ else fi # Create the release with auto-generated notes as the description -# - NOTE: This will only add stuff if there is at least one PR. If there is no PRs, +# - NOTE: This will only add notes if there is at least one PR. If there is no PRs, # - then this will be blank and need manual input/changing after running. if [ $IS_PRE_RELEASE == "true" ]; then gh release create "v${new_version}" -p --generate-notes --notes-start-tag "$current_version" --target main -t "${RELEASE_TITLE}" From 460c576f184aaf67650e69f1d808015675f8f27f Mon Sep 17 00:00:00 2001 From: Noah Beard Date: Mon, 14 Nov 2022 15:32:15 -0500 Subject: [PATCH 13/17] Add AWS release role so file can be uploaded to S3 correctly --- .github/workflows/release.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e65910a5..833f6e42 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -33,6 +33,12 @@ jobs: run: | ./publish-release.sh "${{ github.event.inputs.release_type }}" "${{ github.event.inputs.release_title }}" + - name: configure AWS credentials (Release) + uses: aws-actions/configure-aws-credentials@v1 + with: + role-to-assume: ${{ secrets.AWS_CI_RELEASE_ROLE }} + aws-region: us-east-1 + - name: "Create VERSION file and trigger release" run: | version=$(git describe --tags --abbrev=0) From 8a7442ebd61ba76c9a21b5480b9d132665584e41 Mon Sep 17 00:00:00 2001 From: Noah Beard Date: Wed, 16 Nov 2022 18:10:31 -0500 Subject: [PATCH 14/17] CR changes: Moved script to utils, sanitize input, make sure arguments are always two --- .github/workflows/release.yml | 14 +++++++---- .../publish-release.sh | 24 ++++++++++++------- 2 files changed, 25 insertions(+), 13 deletions(-) rename publish-release.sh => utils/publish-release.sh (84%) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 833f6e42..3b2aab45 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -8,11 +8,11 @@ on: inputs: release_type: type: choice - description: "The type of release to make (Minor, Patch, etc)" + description: "Release type:" required: true options: - - PATCH - - MINOR + - bug fix (PATCH) + - new feature (MINOR) release_title: description: "The title of the release" required: true @@ -30,8 +30,14 @@ jobs: fetch-depth: 0 - name: Make new release + env: + Title: ${{ github.event.inputs.release_title }} run: | - ./publish-release.sh "${{ github.event.inputs.release_type }}" "${{ github.event.inputs.release_title }}" + Title=$(echo ${Title//[\"]\\\"}) + Title=$(echo ${Title//[\']\\\'}) + Title=$(echo ${Title//[\$]}) + + ./utils/publish-release.sh "${{ github.event.inputs.release_type }}" "$Title" - name: configure AWS credentials (Release) uses: aws-actions/configure-aws-credentials@v1 diff --git a/publish-release.sh b/utils/publish-release.sh similarity index 84% rename from publish-release.sh rename to utils/publish-release.sh index c239cb63..26027ba8 100755 --- a/publish-release.sh +++ b/utils/publish-release.sh @@ -1,12 +1,18 @@ #!/usr/bin/env bash -set -ex +set -euxo pipefail # Redirect output to stderr. exec 1>&2 -RELEASE_TYPE=$1 -RELEASE_TITLE=$2 +RELEASE_TYPE="$1" +RELEASE_TITLE="$2" + +# Make sure there are ONLY two arguments +if [ "$#" != "2" ]; then + echo "ERROR: Arguments passed is NOT equal to two!" + exit 1 +fi # Increments the version up by one # Credit: https://stackoverflow.com/a/64390598 @@ -29,12 +35,12 @@ current_version_without_v=$(echo ${current_version} | cut -f2 -dv) echo "Current release version is ${current_version_without_v}" # Validate that RELEASE_TYPE is what we expect and bump the version: -new_version=${current_version_without_v} -if [ $RELEASE_TYPE == "PATCH" ]; then +new_version="${current_version_without_v}" +if [ "$RELEASE_TYPE" == "bug fix (PATCH)" ]; then new_version=$(increment_version ${current_version_without_v} 2 ) -elif [ $RELEASE_TYPE == "MINOR" ]; then +elif [ "$RELEASE_TYPE" == "new feature (MINOR)" ]; then new_version=$(increment_version ${current_version_without_v} 1 ) -elif [ $RELEASE_TYPE == "MAJOR" ]; then +elif [ "$RELEASE_TYPE" == "new version (MAJOR)" ]; then new_version=$(increment_version ${current_version_without_v} 0 ) else echo "ERROR: Unknown release type! Exitting..." @@ -43,7 +49,7 @@ fi echo "New version is ${new_version}" # Validate that the title is set -if [ $RELEASE_TITLE == "" ]; then +if [ "$RELEASE_TITLE" == "" ]; then echo "ERROR: No title set! Cannot make release. Exitting..." exit -1 fi @@ -68,7 +74,7 @@ git push "https://${GITHUB_ACTOR}:${GITHUB_TOKEN}@github.com/aws/aws-iot-device- IS_PRE_RELEASE="false" VERSION_STRING_DELIMITER=. VERSION_STRING_ARRAY=($(echo "$new_version" | tr $VERSION_STRING_DELIMITER '\n')) -if [ ${VERSION_STRING_ARRAY[0]} == "0" ]; then +if [ "${VERSION_STRING_ARRAY[0]}" == "0" ]; then IS_PRE_RELEASE="true" else IS_PRE_RELEASE="false" From 156839749bd956168c90aa47af3fee5e0ed29757 Mon Sep 17 00:00:00 2001 From: Noah Beard Date: Thu, 17 Nov 2022 09:53:22 -0500 Subject: [PATCH 15/17] Use a Python script to update the version and check type input is correct --- utils/publish-release.sh | 23 +++--------------- utils/update_semantic_version.py | 40 ++++++++++++++++++++++++++++++++ 2 files changed, 43 insertions(+), 20 deletions(-) create mode 100644 utils/update_semantic_version.py diff --git a/utils/publish-release.sh b/utils/publish-release.sh index 26027ba8..c6e1eb5e 100755 --- a/utils/publish-release.sh +++ b/utils/publish-release.sh @@ -14,17 +14,6 @@ if [ "$#" != "2" ]; then exit 1 fi -# Increments the version up by one -# Credit: https://stackoverflow.com/a/64390598 -increment_version() { - local delimiter=. - local array=($(echo "$1" | tr $delimiter '\n')) - array[$2]=$((array[$2]+1)) - if [ $2 -lt 2 ]; then array[2]=0; fi - if [ $2 -lt 1 ]; then array[1]=0; fi - echo $(local IFS=$delimiter ; echo "${array[*]}") -} - pushd $(dirname $0) > /dev/null # Get the current version @@ -34,15 +23,9 @@ current_version_without_v=$(echo ${current_version} | cut -f2 -dv) echo "Current release version is ${current_version_without_v}" -# Validate that RELEASE_TYPE is what we expect and bump the version: -new_version="${current_version_without_v}" -if [ "$RELEASE_TYPE" == "bug fix (PATCH)" ]; then - new_version=$(increment_version ${current_version_without_v} 2 ) -elif [ "$RELEASE_TYPE" == "new feature (MINOR)" ]; then - new_version=$(increment_version ${current_version_without_v} 1 ) -elif [ "$RELEASE_TYPE" == "new version (MAJOR)" ]; then - new_version=$(increment_version ${current_version_without_v} 0 ) -else +# Validate that RELEASE_TYPE is what we expect and bump the version +new_version=$(python3 ./update_semantic_version.py --version "${current_version_without_v}" --type "${RELEASE_TYPE}") +if [ "$new_version" == "0.0.0" ]; then echo "ERROR: Unknown release type! Exitting..." exit -1 fi diff --git a/utils/update_semantic_version.py b/utils/update_semantic_version.py new file mode 100644 index 00000000..ae9729ef --- /dev/null +++ b/utils/update_semantic_version.py @@ -0,0 +1,40 @@ +import argparse +import sys + +# A simple little helper script for increasing the semantic version passed in. +# Used in the CD workflow. + + +def main(): + argument_parser = argparse.ArgumentParser( + description="Get a new semantic version bumped by the passed-in string") + argument_parser.add_argument("--version", metavar="<1.2.3 for example>", + required=True, help="The version string to update") + argument_parser.add_argument("--type", metavar="", + required=True, help="Which version number to bump") + parsed_commands = argument_parser.parse_args() + + version_tuple = parsed_commands.version.split(".") + if len(version_tuple) != 3: + print("0.0.0") # Error + sys.exit(1) + + if "PATCH" in parsed_commands.type: + version_tuple[2] = str(int(version_tuple[2]) + 1) + elif "MINOR" in parsed_commands.type: + version_tuple[1] = str(int(version_tuple[1]) + 1) + version_tuple[2] = "0" + elif "MAJOR" in parsed_commands.type: + version_tuple[0] = str(int(version_tuple[0]) + 1) + version_tuple[1] = "0" + version_tuple[2] = "0" + else: + print("0.0.0") # error + sys.exit(1) + + print(f"{version_tuple[0]}.{version_tuple[1]}.{version_tuple[2]}") + sys.exit(0) + + +if __name__ == "__main__": + main() From 401ca13b4d5e6b4284a1fe59ef3fafaaa53ad37a Mon Sep 17 00:00:00 2001 From: Noah Beard Date: Thu, 17 Nov 2022 13:46:05 -0500 Subject: [PATCH 16/17] Add comment about escaping special characters --- .github/workflows/release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 3b2aab45..f5c6770f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -33,6 +33,7 @@ jobs: env: Title: ${{ github.event.inputs.release_title }} run: | + # Escape special characters Title=$(echo ${Title//[\"]\\\"}) Title=$(echo ${Title//[\']\\\'}) Title=$(echo ${Title//[\$]}) From 36ae159e57736e1dc8c2eacb411d8b599231ad74 Mon Sep 17 00:00:00 2001 From: Noah Beard Date: Wed, 7 Dec 2022 12:23:32 -0500 Subject: [PATCH 17/17] Add the version to the README. Always make a PR with a release --- .github/workflows/release.yml | 1 + README.md | 2 ++ utils/publish-release.sh | 18 +++++++++++++++++- 3 files changed, 20 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f5c6770f..2f75d1f8 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -22,6 +22,7 @@ jobs: runs-on: ubuntu-20.04 # latest permissions: contents: write # allow push + pull-requests: write # allow making PR steps: - name: Checkout Sources diff --git a/README.md b/README.md index 4fe9517a..07aec71c 100644 --- a/README.md +++ b/README.md @@ -99,3 +99,5 @@ We need your help in making this SDK great. Please participate in the community ## License This library is licensed under the [Apache 2.0 License](./documents/LICENSE). + +Latest released version: v1.12.0 diff --git a/utils/publish-release.sh b/utils/publish-release.sh index c6e1eb5e..242f288b 100755 --- a/utils/publish-release.sh +++ b/utils/publish-release.sh @@ -41,7 +41,23 @@ fi git config --local user.email "aws-sdk-common-runtime@amazon.com" git config --local user.name "GitHub Actions" -# NOTE - if you need to make changes BEFORE making a release, do it here. See Java V2 SDK for example. +# --==-- +new_version_branch=AutoTag-v${new_version} +git checkout -b ${new_version_branch} + +# Update the version in the README to show the latest +sed -i -r "s/.*Latest released version:.*/Latest released version: v${new_version}/" ../README.md +git add ../README.md +# Make the commit +git commit -m "[v$new_version] $RELEASE_TITLE" + +# # push the commit and create a PR +git push -u "https://${GITHUB_ACTOR}:${GH_TOKEN}@github.com/aws/aws-iot-device-sdk-python-v2.git" ${new_version_branch} +gh pr create --title "AutoTag PR for v${new_version}" --body "AutoTag PR for v${new_version}" --head ${new_version_branch} + +# # Merge the PR +gh pr merge --admin --squash +# --==-- # Update local state with the merged pr (if one was made) and just generally make sure we're up to date git fetch