From afc730ee5d375a8a050750ad159e7b149c8c00d1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mudrini=C4=87?= Date: Tue, 30 Sep 2025 15:21:41 +0200 Subject: [PATCH 01/26] Add Prow jobs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On-behalf-of: @SAP marko.mudrinic@sap.com Signed-off-by: Marko Mudrinić --- .prow.yaml | 99 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 99 insertions(+) create mode 100644 .prow.yaml diff --git a/.prow.yaml b/.prow.yaml new file mode 100644 index 00000000..3def1c08 --- /dev/null +++ b/.prow.yaml @@ -0,0 +1,99 @@ +presubmits: + - name: pull-publishing-bot-build + always_run: true + decorate: true + # This is a fork of k8s.io/publishing-bot so we keep the same path_alias + path_alias: k8s.io/publishing-bot + spec: + containers: + - image: ghcr.io/kcp-dev/infra/build:1.24.5-1 + command: + - make + resources: + limits: + cpu: 2 + memory: 4Gi + requests: + cpu: 2 + memory: 4Gi + - name: pull-publishing-bot-test + always_run: true + decorate: true + path_alias: k8s.io/publishing-bot + spec: + containers: + - image: ghcr.io/kcp-dev/infra/build:1.24.5-1 + command: + - make + - test + resources: + limits: + cpu: 2 + memory: 4Gi + requests: + cpu: 2 + memory: 4Gi + - name: pull-publishing-bot-validate-rules + # TODO: change to true after rules are in place + always_run: false + decorate: true + path_alias: k8s.io/publishing-bot + extra_refs: + - org: kcp-dev + repo: kcp + base_ref: main + spec: + containers: + - image: ghcr.io/kcp-dev/infra/build:1.24.5-1 + env: + - name: "GOWORK" + value: "off" + command: + - go + args: + - run + - -mod=mod + - k8s.io/publishing-bot/cmd/validate-rules + - /home/prow/go/src/k8s.io/kubernetes/staging/publishing/rules.yaml + resources: + limits: + cpu: 2 + memory: 4Gi + requests: + cpu: 2 + memory: 4Gi + # TODO: Enable this job after publishing-bot is deployed to kcp-dev/kcp + # - name: pull-publishing-bot-test-kubernetes-master + # cluster: eks-prow-build-cluster + # always_run: false + # decorate: true + # decoration_config: + # timeout: 3h + # annotations: + # testgrid-dashboards: sig-release-publishing-bot + # testgrid-tab-name: pull-publishing-bot-test-k8s-master + # description: test publishing bot against k/k master + # labels: + # preset-dind-enabled: "true" + # path_alias: k8s.io/publishing-bot + # spec: + # containers: + # - image: gcr.io/k8s-staging-test-infra/kubekins-e2e:v20250925-95b5a2c7a5-master + # command: + # - runner.sh + # args: + # - bash + # - -ce + # - | + # make build-image + # test/k8s-gen-bot-config.sh k8s-bot-config + # test/run-bot-local.sh k8s-bot-config + # securityContext: + # privileged: true + # resources: + # requests: + # cpu: 2 + # memory: 2Gi + # limits: + # cpu: 2 + # memory: 2Gi From 91acda21cb2f9495d39b409a0be6a2056f753abc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mudrini=C4=87?= Date: Tue, 30 Sep 2025 15:22:35 +0200 Subject: [PATCH 02/26] Copy OWNERS from kcp-dev/kcp MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On-behalf-of: @SAP marko.mudrinic@sap.com Signed-off-by: Marko Mudrinić --- OWNERS | 16 ++++++---------- OWNERS_ALIASES | 25 ------------------------- 2 files changed, 6 insertions(+), 35 deletions(-) delete mode 100644 OWNERS_ALIASES diff --git a/OWNERS b/OWNERS index f2c6f91a..bb4aad29 100644 --- a/OWNERS +++ b/OWNERS @@ -1,11 +1,7 @@ approvers: - - sig-release-leads - - release-engineering-approvers - - dims - - nikhita - - sttts -reviewers: - - release-engineering-reviewers - - akhilerm -emeritus_approvers: - - caesarxuchao +- clubanderson +- scheeles +- sttts +- xrstf +- mjudeikis +- embik diff --git a/OWNERS_ALIASES b/OWNERS_ALIASES deleted file mode 100644 index 12ed34b2..00000000 --- a/OWNERS_ALIASES +++ /dev/null @@ -1,25 +0,0 @@ -# See the OWNERS docs at https://go.k8s.io/owners#owners_aliases - -aliases: - sig-release-leads: - - cpanato # SIG Technical Lead - - jeremyrickard # SIG Chair - - justaugustus # SIG Chair - - puerco # SIG Technical Lead - - saschagrunert # SIG Chair - - Verolop # SIG Technical Lead - release-engineering-approvers: - - cpanato # subproject owner / Release Manager - - jeremyrickard # subproject owner / Release Manager - - justaugustus # subproject owner / Release Manager - - palnabarun # Release Manager - - puerco # subproject owner / Release Manager - - saschagrunert # subproject owner / Release Manager - - xmudrii # Release Manager - - Verolop # subproject owner / Release Manager - release-engineering-reviewers: - - ameukam # Release Manager Associate - - cici37 # Release Manager Associate - - jimangel # Release Manager Associate - - jrsapi # Release Manager Associate - - salaxander # Release Manager Associate From 3f1a262686e5666655014ad8d7eafbf24ba23fa9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mudrini=C4=87?= Date: Tue, 30 Sep 2025 15:49:54 +0200 Subject: [PATCH 03/26] Make test target PHONY MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On-behalf-of: @SAP marko.mudrinic@sap.com Signed-off-by: Marko Mudrinić --- Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/Makefile b/Makefile index 5fa08340..42d65aef 100644 --- a/Makefile +++ b/Makefile @@ -107,3 +107,4 @@ deploy: init-deploy test: ## Run go tests go test -v -coverprofile=coverage.out ./... +.PHONY: test From efa85ad2c16e22015bb9fcb07d28f84b2a816268 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mudrini=C4=87?= Date: Tue, 30 Sep 2025 15:54:45 +0200 Subject: [PATCH 04/26] Make all targets PHONY MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On-behalf-of: @SAP marko.mudrinic@sap.com Signed-off-by: Marko Mudrinić --- Makefile | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Makefile b/Makefile index 42d65aef..733bf8fb 100644 --- a/Makefile +++ b/Makefile @@ -65,6 +65,7 @@ push-image: docker push $(DOCKER_REPO):$(GIT_TAG) docker push $(DOCKER_REPO):$(IMG_VERSION) docker push $(DOCKER_REPO):latest +.PHONY: push-image build-and-push-image: build-image push-image .PHONY: build-and-push-image @@ -94,16 +95,19 @@ init-deploy: validate $(KUBECTL) apply -n "$(NAMESPACE)" -f $(CONFIG)-configmap.yaml $(KUBECTL) apply -n "$(NAMESPACE)" -f $(CONFIG)-rules-configmap.yaml; \ $(KUBECTL) apply -n "$(NAMESPACE)" -f artifacts/manifests/pvc.yaml +.PHONY: init-deploy run: init-deploy { cat artifacts/manifests/pod.yaml && sed 's/^/ /' artifacts/manifests/podspec.yaml; } | \ $(call prepare_spec) | $(KUBECTL) apply -n "$(NAMESPACE)" -f - +.PHONY: run deploy: init-deploy $(KUBECTL) apply -n "$(NAMESPACE)" -f artifacts/manifests/service.yaml { cat artifacts/manifests/rs.yaml && sed 's/^/ /' artifacts/manifests/podspec.yaml; } | \ $(call prepare_spec) | sed 's/-interval=0/-interval=$(INTERVAL)/g' | \ $(KUBECTL) apply -n "$(NAMESPACE)" -f - +.PHONY: deploy test: ## Run go tests go test -v -coverprofile=coverage.out ./... From 00ae110a6b35f929ce3da2ddf03a844e492f6164 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mudrini=C4=87?= Date: Tue, 30 Sep 2025 16:12:18 +0200 Subject: [PATCH 05/26] Fix OWNERS order and indentation MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On-behalf-of: @SAP marko.mudrinic@sap.com Signed-off-by: Marko Mudrinić --- OWNERS | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/OWNERS b/OWNERS index bb4aad29..99dd5144 100644 --- a/OWNERS +++ b/OWNERS @@ -1,7 +1,7 @@ approvers: -- clubanderson -- scheeles -- sttts -- xrstf -- mjudeikis -- embik + - clubanderson + - embik + - mjudeikis + - scheeles + - sttts + - xrstf From c5863bdd656568d5eb5dedc8aaa63a244a045f18 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mudrini=C4=87?= Date: Tue, 30 Sep 2025 23:05:25 +0200 Subject: [PATCH 06/26] Add GitHub Action for building and pushing images MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On-behalf-of: @SAP marko.mudrinic@sap.com Signed-off-by: Marko Mudrinić --- .github/workflows/build-image.yml | 61 +++++++++++++++++++++++++++++++ 1 file changed, 61 insertions(+) create mode 100644 .github/workflows/build-image.yml diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml new file mode 100644 index 00000000..78835d00 --- /dev/null +++ b/.github/workflows/build-image.yml @@ -0,0 +1,61 @@ +name: Build and push image + +on: + pull_request: + paths: + - .github/workflows/push-image.yml + - Dockerfile + push: + branches: + - master + tags: + - 'v*' + +permissions: + contents: read + packages: write + +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ toLower(github.repository) }} + +jobs: + docker: + runs-on: ubuntu-latest + steps: + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to GHCR + if: github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/v') + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Generate image metadata + id: meta + uses: docker/metadata-action@v5 + with: + images: | + ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: | + type=raw,value=latest,enable=${{ github.ref == 'refs/heads/master' }} + type=ref,event=tag + type=sha + + - name: Build and push + uses: docker/build-push-action@v6 + with: + context: . + file: ./Dockerfile + push: ${{ github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/v') }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + platforms: linux/amd64,linux/arm64 + cache-from: type=gha + cache-to: type=gha,mode=max From 4f539c5276bf6f4980c809b1587d1bc997dab827 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mudrini=C4=87?= Date: Wed, 1 Oct 2025 10:55:32 +0200 Subject: [PATCH 07/26] Drop non-existing function from build-image action MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On-behalf-of: @SAP marko.mudrinic@sap.com Signed-off-by: Marko Mudrinić --- .github/workflows/build-image.yml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index 78835d00..22cea461 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -3,7 +3,7 @@ name: Build and push image on: pull_request: paths: - - .github/workflows/push-image.yml + - .github/workflows/build-image.yml - Dockerfile push: branches: @@ -17,12 +17,17 @@ permissions: env: REGISTRY: ghcr.io - IMAGE_NAME: ${{ toLower(github.repository) }} + IMAGE_NAME: ${{ github.repository }} jobs: docker: runs-on: ubuntu-latest steps: + - name: Checkout + uses: actions/checkout@v5 + with: + fetch-depth: 0 + - name: Set up QEMU uses: docker/setup-qemu-action@v3 From 0c2fe16c2e0ad0b5c14f015a9002ea32ff35e1be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mudrini=C4=87?= Date: Wed, 1 Oct 2025 11:14:29 +0200 Subject: [PATCH 08/26] Add build project step to build-image action MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On-behalf-of: @SAP marko.mudrinic@sap.com Signed-off-by: Marko Mudrinić --- .github/workflows/build-image.yml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index 22cea461..eb0c0478 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -28,6 +28,11 @@ jobs: with: fetch-depth: 0 + - name: Setup Go + uses: actions/setup-go@v6 + with: + go-version: v1.24.5 + - name: Set up QEMU uses: docker/setup-qemu-action@v3 @@ -53,7 +58,10 @@ jobs: type=ref,event=tag type=sha - - name: Build and push + - name: Build project + run: 'make build' + + - name: Build and push image uses: docker/build-push-action@v6 with: context: . From 7315c519c3052f1732a117a9f516fab5f182208c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mudrini=C4=87?= Date: Wed, 1 Oct 2025 11:53:58 +0200 Subject: [PATCH 09/26] Pin GitHub Actions to SHAs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On-behalf-of: @SAP marko.mudrinic@sap.com Signed-off-by: Marko Mudrinić --- .github/workflows/build-image.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index eb0c0478..df6234e2 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -24,24 +24,24 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v5 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 0 - name: Setup Go - uses: actions/setup-go@v6 + uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 with: go-version: v1.24.5 - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 - name: Login to GHCR if: github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/v') - uses: docker/login-action@v3 + uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} @@ -49,7 +49,7 @@ jobs: - name: Generate image metadata id: meta - uses: docker/metadata-action@v5 + uses: docker/metadata-action@c1e51972afc2121e065aed6d45c65596fe445f3f # v5.8.0 with: images: | ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} @@ -62,7 +62,7 @@ jobs: run: 'make build' - name: Build and push image - uses: docker/build-push-action@v6 + uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0 with: context: . file: ./Dockerfile From 5a1e6533627cb0714c641762320d600a3fbdaab3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mudrini=C4=87?= Date: Wed, 1 Oct 2025 12:18:32 +0200 Subject: [PATCH 10/26] Clean up the repository MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On-behalf-of: @SAP marko.mudrinic@sap.com Signed-off-by: Marko Mudrinić --- .git-crypt/.gitattributes | 3 --- .../15476E78262C1E3CB37095DE4C68E0F19F95EC33.gpg | Bin 724 -> 0 bytes .../2583D03F747BF75DA761DAC4565C11F0FFCFA4EC.gpg | Bin 724 -> 0 bytes .../79BD02F25334F112CF8B5CC9BA44BA8341537357.gpg | Bin 468 -> 0 bytes .../A67E5FD880EB089F2317796780D83A796103BF59.gpg | Bin 726 -> 0 bytes .github/dependabot.yml | 2 -- .github/workflows/golangci-lint.yml | 8 +++----- artifacts/manifests/cronjob.yaml | 2 +- configs/kubernetes | 8 -------- configs/kubernetes-configmap.yaml | 12 ------------ configs/kubernetes-nightly | 6 ------ configs/kubernetes-nightly-configmap.yaml | 12 ------------ configs/kubernetes-nightly-rules-configmap.yaml | 6 ------ configs/kubernetes-nightly-token | Bin 69 -> 0 bytes configs/kubernetes-rules-configmap.yaml | 6 ------ configs/kubernetes-token | Bin 69 -> 0 bytes 16 files changed, 4 insertions(+), 61 deletions(-) delete mode 100644 .git-crypt/.gitattributes delete mode 100644 .git-crypt/keys/default/0/15476E78262C1E3CB37095DE4C68E0F19F95EC33.gpg delete mode 100644 .git-crypt/keys/default/0/2583D03F747BF75DA761DAC4565C11F0FFCFA4EC.gpg delete mode 100644 .git-crypt/keys/default/0/79BD02F25334F112CF8B5CC9BA44BA8341537357.gpg delete mode 100644 .git-crypt/keys/default/0/A67E5FD880EB089F2317796780D83A796103BF59.gpg delete mode 100644 configs/kubernetes delete mode 100644 configs/kubernetes-configmap.yaml delete mode 100644 configs/kubernetes-nightly delete mode 100644 configs/kubernetes-nightly-configmap.yaml delete mode 100644 configs/kubernetes-nightly-rules-configmap.yaml delete mode 100644 configs/kubernetes-nightly-token delete mode 100644 configs/kubernetes-rules-configmap.yaml delete mode 100644 configs/kubernetes-token diff --git a/.git-crypt/.gitattributes b/.git-crypt/.gitattributes deleted file mode 100644 index 17ef6016..00000000 --- a/.git-crypt/.gitattributes +++ /dev/null @@ -1,3 +0,0 @@ -# Do not edit this file. To specify the files to encrypt, create your own -# .gitattributes file in the directory where your files are. -* !filter !diff diff --git a/.git-crypt/keys/default/0/15476E78262C1E3CB37095DE4C68E0F19F95EC33.gpg b/.git-crypt/keys/default/0/15476E78262C1E3CB37095DE4C68E0F19F95EC33.gpg deleted file mode 100644 index bcc305e23a34608dca509ef94087396a4943ad18..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 724 zcmV;_0xSK60t^EXtzEzUNe2o65C3;rZEN2d=&1+?HG_IQ8?VWOcW|~1sU()b&bZ@n zogU@wCreYrO5X}j7B?fhme5+?M5Z!u-r~U=yOYW#Ih^&K=atfz^UZ#GKKm!7zMmo` zFAi+j3H}^>fPm!*Dino2;w&z`T7?bHqg<}Pn9vC{t9JW7H)U&cH=$Tq&o#P#Lx8rO zKF=vRgaor-v?pfAM-%+0(rzQGV@mAb+xgkl2d70pjzaXNnX zbxyU|qM3zzVlU{DiARNclj#>W-PqZi)7nrSxiSNdF;1^GMBq!ml6~8TUK5~s#cpo3^%S+Gz*nEE))^Y{ERKJw~fJo)_ivy*&fOwzQ;Y zk@;tnjBGhQ3^Wz}YcG4%yPbC2pO>?pcLg6j0dc#KWMoX1T}@$RZyO6$ej<^+a|ekh z)a!?@>9hNi)ARqp!xrgNRZob{rtorp(q--FM$&~3`1LwI$bKuzm9te4 z^gI)0kmb@-c6aV;n$^<40s+omFk1dBQDN-5RwdxxfPfiqHA?oN;3|DX=(7Bc``rm&`6ths}<+09DlYEH}+1O>fq9$Ypwv? zOp;5)L9$#JxlCnXUr*Ayo|gQ-kfQA&H&?IC#-H^*6ABnP4aIL~-k_>(JN^6WTl!mX zd_<!J*=vE9o@+tGM;Wx=gisyE=UPP zkGeX8VpYP^LWF~OaTfsblVt=YWi@hr4>MymK*Z@W+Y_nzO(pB8^Wq6O5}!j0^^l zkcT_4`{5K>y*3j5gQTB`xX5!7wk6RUYNOf1_XDDolVL#zbfU{J>w+NCA-@PtV-r$z z9w7+ituwW5bU0Mz>5>vJ=7R|>3^zONovkV?VDlDV!XOPet<@3whb!tR*v znX(-s58(wOUFfyDo?LxP@4aN&E!P=rtTu3)Z5;EEzlyL@mkR~(0ZO`W{wz-JzZw1Y GOUykbI$+HJ diff --git a/.git-crypt/keys/default/0/79BD02F25334F112CF8B5CC9BA44BA8341537357.gpg b/.git-crypt/keys/default/0/79BD02F25334F112CF8B5CC9BA44BA8341537357.gpg deleted file mode 100644 index bbc29c7980a67c892c1d9d819edebf31ae7d28ca..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 468 zcmV;_0W1E60Sp5}zfG7#jZ|s@2mpw{yxb$-12K6w$I~xQBqaLf@)c=Wl;-j;f8HH4 zin#z;H^9@jDeaLe2V@G{=vD?U>ZtH?eHPpvBys7w3-qE$Am0j?^X|{d_l@s#HOzk8 zjiGWh@j2^xF}Yw+ZbdRta0E}@r7qW@Xx(jBsqZD=H+%Srv28uQL*9!9QEUjoz0~Gp zvMB5cTo3TQFG1GGbN|7d1h&$;CT-dQgJMow2qi;4-HllfLUr^u#ap&)rFyh7N(T8I zTEGV;W#}X_h*B$WMHa{L7TEJbT_)wH_U6lIAdY?pvbM0Bp6t%<{+zCMo&B&) zJjQKirMH7sSctZixHad5Gr=P}n=n}OS|2#R<`Y@BV6hIiE99RsKELUG6gT0`BTLd{ z#vFS*>`xAQ%75p}ryhK(u9*A?+ z)ZqVo@0`9Y4#jK6!;Z3-Pf=NVhf-h3h8qCT+@&$qrp^SXgJ;CWLh*+tc9~sbwZ}VV z>5+5!D+={-toC{};*R_`QI0+xJF%Z(;)4K{#Q>0K?92rDAB0L@{zfwK#X_k;D1@A% z-2q;coX@OT>>kR~TiwWR>7w@wiOxD7E&C_p?-5yZ{dhvzvFeVYr~Rs2Q_pyZ6a&?i zV*u~(aleLHy#9}K+z*wseZdF*HEX&p)3-W^`HsMAO^GE7aM_sNs=~XArMjT%d@IyW5$>vowTX5JdQws9Sn%elg}SYnrH*u_<3E89h!hEM|*XQGN_mAIR~ zz}k6$E3EdAixp?C+{xn_ZunGng(?zQA^)mjS@879UU5p7gbgxWy|*q zO^iR5aDYq$4&SDukJM#&+n6TFFfpI3HzSz=4nFRuSJ(L!5JFyiyR-_n`fJ1P}`2)i5 zF$n!tjwH|S-9?^QoK4Iv9$bI*gvMuOta9{a3j5Y61VRE|4W0%gsv7r5@G^O7PH2VS z`kA7o3%YKsf}@n=TrJDi7^}Z`tJn?Uv`iyLSi>3eQ>b{wwbbUVV}N?r5JvakSY}!= ItdxRnxAl^6!T diff --git a/configs/kubernetes-rules-configmap.yaml b/configs/kubernetes-rules-configmap.yaml deleted file mode 100644 index 59c510e8..00000000 --- a/configs/kubernetes-rules-configmap.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: publisher-rules -data: - config: | diff --git a/configs/kubernetes-token b/configs/kubernetes-token deleted file mode 100644 index c62e5bd2946008747cc447016f9d98e53b969c61..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 69 zcmV-L0J{GGM@dveQdv+`0RPZ%J9xPKQuGbU=YI%FcXO!RG56dL#!+HxA^#E<49*^& b$eMm2aZCp5tZ}5ObEsWL@)A{#2=4mmJt82> From 058acf3e1fd6c088b7dd48374adedcd2b2ea9ce4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mudrini=C4=87?= Date: Wed, 1 Oct 2025 12:33:51 +0200 Subject: [PATCH 11/26] Add a note about fork MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On-behalf-of: @SAP marko.mudrinic@sap.com Signed-off-by: Marko Mudrinić --- README.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/README.md b/README.md index 8d814436..10d67fe3 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,13 @@ +> [!IMPORTANT] +> This is a fork of the [Kubernetes publishing-bot project](https://github.com/kubernetes/publishing-bot). +> +> The reason for this fork is that the upstream publishing-bot project has a lot of hardcoded values that are +> not compatible with kcp. These hardcoded values are project-specific, so the only option was to fork the +> project and change these values to make it compatible with kcp and its infrastructure. +> +> For any inquires, see [our web page](https://docs.kcp.io/kcp/main/#getting-in-touch) for information on how to +> get in touch with us. + # Kubernetes Publishing Bot [![sig-release-publishing-bot/build](https://testgrid.k8s.io/q/summary/sig-release-publishing-bot/build/tests_status?style=svg)](https://testgrid.k8s.io/sig-release-publishing-bot#build) From 77d1d941782432edf416db7e0e0fa9ca5dd29e29 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mudrini=C4=87?= Date: Wed, 1 Oct 2025 12:37:13 +0200 Subject: [PATCH 12/26] Change manifests to be compatible with kcp infra MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On-behalf-of: @SAP marko.mudrinic@sap.com Signed-off-by: Marko Mudrinić --- Makefile | 9 +++++---- artifacts/manifests/pvc.yaml | 2 +- artifacts/manifests/storage-class.yaml | 7 ------- 3 files changed, 6 insertions(+), 12 deletions(-) delete mode 100644 artifacts/manifests/storage-class.yaml diff --git a/Makefile b/Makefile index 733bf8fb..a452966c 100644 --- a/Makefile +++ b/Makefile @@ -37,6 +37,7 @@ CPU_LIMITS ?= 2 CPU_REQUESTS ?= 300m MEMORY_REQUESTS ?= 200Mi MEMORY_LIMITS ?= 1639Mi +STORAGE_CLASS ?= ebs-sc GOOS ?= linux build_cmd = mkdir -p _output && GOOS=$(GOOS) CGO_ENABLED=0 go build -o _output/$(1) ./cmd/$(1) @@ -90,11 +91,11 @@ init-deploy: validate $(KUBECTL) delete -n "$(NAMESPACE)" --ignore-not-found=true replicaset publisher $(KUBECTL) delete -n "$(NAMESPACE)" --ignore-not-found=true pod publisher while $(KUBECTL) get pod -n "$(NAMESPACE)" publisher -a &>/dev/null; do echo -n .; sleep 1; done - $(KUBECTL) apply -n "$(NAMESPACE)" -f artifacts/manifests/storage-class.yaml || true - $(KUBECTL) get StorageClass ssd + $(KUBECTL) get StorageClass "$(STORAGE_CLASS)" $(KUBECTL) apply -n "$(NAMESPACE)" -f $(CONFIG)-configmap.yaml - $(KUBECTL) apply -n "$(NAMESPACE)" -f $(CONFIG)-rules-configmap.yaml; \ - $(KUBECTL) apply -n "$(NAMESPACE)" -f artifacts/manifests/pvc.yaml + $(KUBECTL) apply -n "$(NAMESPACE)" -f $(CONFIG)-rules-configmap.yaml + { cat artifacts/manifests/pvc.yaml && sed 's,SC_NAME,$(STORAGE_CLASS),g' artifacts/manifests/pvc.yaml; } | \ + $(KUBECTL) apply -f - .PHONY: init-deploy run: init-deploy diff --git a/artifacts/manifests/pvc.yaml b/artifacts/manifests/pvc.yaml index 6867638e..6d1dd384 100644 --- a/artifacts/manifests/pvc.yaml +++ b/artifacts/manifests/pvc.yaml @@ -10,4 +10,4 @@ spec: resources: requests: storage: 100Gi - storageClassName: ssd + storageClassName: "SC_NAME" diff --git a/artifacts/manifests/storage-class.yaml b/artifacts/manifests/storage-class.yaml deleted file mode 100644 index a87cca26..00000000 --- a/artifacts/manifests/storage-class.yaml +++ /dev/null @@ -1,7 +0,0 @@ -kind: StorageClass -apiVersion: storage.k8s.io/v1 -metadata: - name: ssd -provisioner: kubernetes.io/gce-pd -parameters: - type: pd-ssd From 50a5ddd3abb7b71ab60f4a89f777d1a7245fdf6e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mudrini=C4=87?= Date: Wed, 1 Oct 2025 12:47:16 +0200 Subject: [PATCH 13/26] Add kcp-dev and kcp-nightly configurations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On-behalf-of: @SAP marko.mudrinic@sap.com Signed-off-by: Marko Mudrinić --- configs/kcp-dev | 8 ++++++++ configs/kcp-dev-configmap.yaml | 13 +++++++++++++ configs/kcp-dev-rules-configmap.yaml | 6 ++++++ configs/kcp-nightly | 8 ++++++++ configs/kcp-nightly-configmap.yaml | 13 +++++++++++++ configs/kcp-nightly-rules-configmap.yaml | 6 ++++++ 6 files changed, 54 insertions(+) create mode 100644 configs/kcp-dev create mode 100644 configs/kcp-dev-configmap.yaml create mode 100644 configs/kcp-dev-rules-configmap.yaml create mode 100644 configs/kcp-nightly create mode 100644 configs/kcp-nightly-configmap.yaml create mode 100644 configs/kcp-nightly-rules-configmap.yaml diff --git a/configs/kcp-dev b/configs/kcp-dev new file mode 100644 index 00000000..d739f7e7 --- /dev/null +++ b/configs/kcp-dev @@ -0,0 +1,8 @@ +DOCKER_REPO = ghcr.io/kcp-dev/publishing-bot +NAMESPACE = publishing-bot +SCHEDULE = * */4 * * * +INTERVAL = 14400 +CPU_LIMITS = 2 +CPU_REQUESTS = 300m +MEMORY_REQUESTS = 2Gi +MEMORY_LIMITS = 2Gi diff --git a/configs/kcp-dev-configmap.yaml b/configs/kcp-dev-configmap.yaml new file mode 100644 index 00000000..68c42f6e --- /dev/null +++ b/configs/kcp-dev-configmap.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: publisher-config +data: + config: | + source-org: kcp-dev + source-repo: kcp + target-org: kcp-dev + rules-file: https://raw.githubusercontent.com/kcp-dev/kcp/refs/heads/main/staging/publishing/rules.yaml + git-default-branch: main + github-issue: 1 + dry-run: false diff --git a/configs/kcp-dev-rules-configmap.yaml b/configs/kcp-dev-rules-configmap.yaml new file mode 100644 index 00000000..59c510e8 --- /dev/null +++ b/configs/kcp-dev-rules-configmap.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: publisher-rules +data: + config: | diff --git a/configs/kcp-nightly b/configs/kcp-nightly new file mode 100644 index 00000000..6f3b304c --- /dev/null +++ b/configs/kcp-nightly @@ -0,0 +1,8 @@ +DOCKER_REPO = ghcr.io/kcp-dev/publishing-bot +NAMESPACE = publishing-bot-nightly +SCHEDULE = * */4 * * * +INTERVAL = 14400 +CPU_LIMITS = 2 +CPU_REQUESTS = 300m +MEMORY_REQUESTS = 2Gi +MEMORY_LIMITS = 2Gi diff --git a/configs/kcp-nightly-configmap.yaml b/configs/kcp-nightly-configmap.yaml new file mode 100644 index 00000000..83d99222 --- /dev/null +++ b/configs/kcp-nightly-configmap.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: publisher-config +data: + config: | + source-org: kcp-nightly + source-repo: kcp + target-org: kcp-nightly + rules-file: https://raw.githubusercontent.com/kcp-nightly/kcp/refs/heads/main/staging/publishing/rules.yaml + git-default-branch: main + github-issue: 1 + dry-run: false diff --git a/configs/kcp-nightly-rules-configmap.yaml b/configs/kcp-nightly-rules-configmap.yaml new file mode 100644 index 00000000..59c510e8 --- /dev/null +++ b/configs/kcp-nightly-rules-configmap.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: publisher-rules +data: + config: | From a12f49d40a96e59c991f1a49ecefbad279f3c1ec Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mudrini=C4=87?= Date: Wed, 1 Oct 2025 12:50:01 +0200 Subject: [PATCH 14/26] Change GIT_COMMITTER_NAME and GIT_COMMITTER_EMAIL to kcp-ci-bot MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On-behalf-of: @SAP marko.mudrinic@sap.com Signed-off-by: Marko Mudrinić --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 0ae0e9b7..94ba28db 100644 --- a/Dockerfile +++ b/Dockerfile @@ -23,8 +23,8 @@ RUN apt-get update \ ENV GOPATH="/go-workspace" ENV GOROOT="/go-workspace/go" ENV PATH="${GOPATH}/bin:/go-workspace/go/bin:${PATH}" -ENV GIT_COMMITTER_NAME="Kubernetes Publisher" -ENV GIT_COMMITTER_EMAIL="k8s-publishing-bot@users.noreply.github.com" +ENV GIT_COMMITTER_NAME="kcp CI Bot" +ENV GIT_COMMITTER_EMAIL="kcp-ci-bot@xrstf.de" ENV TERM=xterm ENV PS1='\h:\w\$' ENV SHELL=/bin/bash From 3fcff8937ff68012387d6a4473bc34d2385f5883 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mudrini=C4=87?= Date: Wed, 1 Oct 2025 12:59:34 +0200 Subject: [PATCH 15/26] Update scripts to work with kcp-dev org MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On-behalf-of: @SAP marko.mudrinic@sap.com Signed-off-by: Marko Mudrinić --- hack/create-repos.sh | 8 ++++---- hack/fetch-all-latest-and-push.sh | 8 ++++---- hack/repos.sh | 29 ----------------------------- hack/verify-golangci-lint.sh | 2 +- test/k8s-gen-bot-config.sh | 12 ++++++------ test/run-bot-local.sh | 6 +++--- 6 files changed, 18 insertions(+), 47 deletions(-) diff --git a/hack/create-repos.sh b/hack/create-repos.sh index c5aa9a9c..5d19db52 100755 --- a/hack/create-repos.sh +++ b/hack/create-repos.sh @@ -28,7 +28,7 @@ if [ "$#" = 0 ] || [ "$#" -gt 2 ]; then exit 1 fi -FROM="kubernetes" +FROM="kcp-dev" TO="${1}" if [ "$#" -ge 2 ]; then FROM="${TO}" @@ -39,8 +39,8 @@ GITHUB_HOST=${GITHUB_HOST:-github.com} repo_count=${#repos[@]} # safety check -if [ "${TO}" = "kubernetes" ]; then - echo "Cannot operate on kubernetes directly" 1>&2 +if [ "${TO}" = "kcp-dev" ]; then + echo "Cannot operate on kcp-dev directly" 1>&2 exit 1 fi @@ -69,6 +69,6 @@ for (( i=0; i<${repo_count}; i++ )); do echo "repository found: ${repos[i]}" else echo "repository not found: ${repos[i]}" - gh repo fork "kubernetes/${repos[i]}" --org "${TO}" --remote --clone=false + gh repo fork "kcp-dev/${repos[i]}" --org "${TO}" --remote --clone=false fi done diff --git a/hack/fetch-all-latest-and-push.sh b/hack/fetch-all-latest-and-push.sh index 97ecea89..7b7e604d 100755 --- a/hack/fetch-all-latest-and-push.sh +++ b/hack/fetch-all-latest-and-push.sh @@ -25,7 +25,7 @@ if [ "$#" = 0 ] || [ "$#" -gt 2 ]; then exit 1 fi -FROM="kubernetes" +FROM="kcp-dev" TO="${1}" if [ "$#" -ge 2 ]; then FROM="${TO}" @@ -46,8 +46,8 @@ function delete() { trap delete EXIT INT # safety check -if [ "${TO}" = "kubernetes" ]; then - echo "Cannot operate on kubernetes directly" 1>&2 +if [ "${TO}" = "kcp-dev" ]; then + echo "Cannot operate on kcp-dev directly" 1>&2 exit 1 fi @@ -61,7 +61,7 @@ for (( i=0; i<${repo_count}; i++ )); do # delete all tags and branches in origin rm -f .git/refs/tags/* - branches=$(git branch -r | grep "^ *origin" | sed 's,^ *origin/,,' | grep -v HEAD | grep -v '^master' || true) + branches=$(git branch -r | grep "^ *origin" | sed 's,^ *origin/,,' | grep -v HEAD | grep -v '^master' | grep -v '^main' || true) tags=$(git tag | sed 's,^,refs/tags/,') if [ -n "${branches}${tags}" ]; then git push --atomic --delete origin ${branches} ${tags} diff --git a/hack/repos.sh b/hack/repos.sh index 01992750..85619079 100644 --- a/hack/repos.sh +++ b/hack/repos.sh @@ -20,36 +20,7 @@ set -o pipefail # shellcheck disable=SC2034 repos=( - api - apiextensions-apiserver apimachinery - apiserver - cli-runtime client-go - cloud-provider - cluster-bootstrap code-generator - component-base - component-helpers - controller-manager - cri-api - cri-client - csi-translation-lib - dynamic-resource-allocation - externaljwt - endpointslice - kms - kube-aggregator - kube-controller-manager - kube-proxy - kube-scheduler - kubectl - kubelet - legacy-cloud-providers - metrics - mount-utils - pod-security-admission - sample-apiserver - sample-cli-plugin - sample-controller ) diff --git a/hack/verify-golangci-lint.sh b/hack/verify-golangci-lint.sh index 5ca7bc35..c9f2b0fd 100755 --- a/hack/verify-golangci-lint.sh +++ b/hack/verify-golangci-lint.sh @@ -18,7 +18,7 @@ set -o errexit set -o nounset set -o pipefail -VERSION=v1.55.2 +VERSION=v2.5.0 URL_BASE=https://raw.githubusercontent.com/golangci/golangci-lint URL=$URL_BASE/$VERSION/install.sh diff --git a/test/k8s-gen-bot-config.sh b/test/k8s-gen-bot-config.sh index 12ad10e3..a0dfa06c 100755 --- a/test/k8s-gen-bot-config.sh +++ b/test/k8s-gen-bot-config.sh @@ -19,7 +19,7 @@ set -o nounset set -o pipefail set -o xtrace -# This script generates the config and rules required for testing the master branch of k/k +# This script generates the config and rules required for testing the main branch of kcp-dev/kcp # with publishing bot BOT_CONFIG_DIRECTORY="${1:-bot-configs}" @@ -28,7 +28,7 @@ mkdir "${BOT_CONFIG_DIRECTORY}" ## generate the required config # use the content from configmap in the data section -sed -e '1,/config: |/d' configs/kubernetes-configmap.yaml > "${BOT_CONFIG_DIRECTORY}"/config +sed -e '1,/config: |/d' configs/kcp-dev-configmap.yaml > "${BOT_CONFIG_DIRECTORY}"/config # The additional .tmp extension is used after -i to make it portable across *BSD and GNU. # Ref: https://unix.stackexchange.com/a/92907 # Also \t is not recognized in non GNU sed implementation. Therefore a tab is used as is. @@ -41,12 +41,12 @@ sed -i.tmp -e 's/dry-run: false/dry-run: true/g' "${BOT_CONFIG_DIRECTORY}"/confi ## generate the required rules # get the rules file from the k/k repo -wget https://raw.githubusercontent.com/kubernetes/kubernetes/master/staging/publishing/rules.yaml -O "${BOT_CONFIG_DIRECTORY}"/rules +wget https://raw.githubusercontent.com/kcp-dev/kcp/main/staging/publishing/rules.yaml -O "${BOT_CONFIG_DIRECTORY}"/rules # change permission so that yq container can make changes to the rules file chmod 666 "${BOT_CONFIG_DIRECTORY}"/rules -# only work on master branch -# yq is used to remove non master branch related rules +# only work on main branch +# yq is used to remove non main branch related rules docker run \ --rm \ -v "${PWD}/${BOT_CONFIG_DIRECTORY}":/workdir \ - mikefarah/yq:4.32.2 -i 'del( .rules.[].branches.[] | select (.name != "master"))' rules + mikefarah/yq:4.32.2 -i 'del( .rules.[].branches.[] | select (.name != "main"))' rules diff --git a/test/run-bot-local.sh b/test/run-bot-local.sh index 49d120fe..4d9a223f 100755 --- a/test/run-bot-local.sh +++ b/test/run-bot-local.sh @@ -21,7 +21,7 @@ set -o xtrace # This script expects a config and rules file in the BOT_CONFIG_DIRECTORY which will be used for running # the publishing bot -# The image gcr.io/k8s-staging-publishing-bot/k8s-publishing-bot:latest should be available locally +# The image ghcr.io/kcp-dev/publishing-bot:latest should be available locally # in the docker daemon BOT_CONFIG_DIRECTORY="${1:-bot-configs}" @@ -34,7 +34,7 @@ docker run --rm \ -v local-go-workspace:/go-workspace \ -v cache:/.cache \ -v "${PWD}/${BOT_CONFIG_DIRECTORY}":/etc/bot-configs \ - gcr.io/k8s-staging-publishing-bot/k8s-publishing-bot:latest \ + ghcr.io/kcp-dev/publishing-bot:latest \ /init-repo \ --alsologtostderr \ --config=/etc/bot-configs/config \ @@ -45,7 +45,7 @@ docker run --rm \ -v local-go-workspace:/go-workspace \ -v cache:/.cache \ -v "${PWD}/${BOT_CONFIG_DIRECTORY}":/etc/bot-configs \ - gcr.io/k8s-staging-publishing-bot/k8s-publishing-bot:latest \ + ghcr.io/kcp-dev/publishing-bot:latest \ /publishing-bot \ --alsologtostderr \ --config=/etc/bot-configs/config \ From efd666e00282a9163de3ba6ce6de2a08239eab20 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mudrini=C4=87?= Date: Wed, 1 Oct 2025 13:05:08 +0200 Subject: [PATCH 16/26] Update image references in Makefile MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On-behalf-of: @SAP marko.mudrinic@sap.com Signed-off-by: Marko Mudrinić --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index a452966c..88635c46 100644 --- a/Makefile +++ b/Makefile @@ -21,8 +21,8 @@ all: build GIT_TAG ?= $(shell git describe --tags --always --dirty) # Image variables -IMG_REGISTRY ?= gcr.io/k8s-staging-publishing-bot -IMG_NAME = k8s-publishing-bot +IMG_REGISTRY ?= ghcr.io/kcp-dev +IMG_NAME = publishing-bot IMG_VERSION ?= v0.0.0-2 From 2e88e6c8624f7ca05c844efb4dac9c84f0d1cfb7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mudrini=C4=87?= Date: Wed, 1 Oct 2025 13:11:09 +0200 Subject: [PATCH 17/26] Disable noctx linter MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On-behalf-of: @SAP marko.mudrinic@sap.com Signed-off-by: Marko Mudrinić --- .golangci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.golangci.yml b/.golangci.yml index b83e318b..05f629dc 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -49,7 +49,7 @@ linters: - musttag - nakedret - nilerr - - noctx + # - noctx - nolintlint - nosprintfhostport - prealloc From 95b3ce6948ad028ee2ae35aabf4e57f5783a1967 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mudrini=C4=87?= Date: Fri, 26 Sep 2025 19:11:37 +0200 Subject: [PATCH 18/26] PATCH: Fix git command failing due to missing remote MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On-behalf-of: @SAP marko.mudrinic@sap.com Signed-off-by: Marko Mudrinić --- artifacts/scripts/util.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/artifacts/scripts/util.sh b/artifacts/scripts/util.sh index 406a9b5d..c751ff39 100755 --- a/artifacts/scripts/util.sh +++ b/artifacts/scripts/util.sh @@ -171,7 +171,7 @@ sync_repo() { local f_mainline_commits="" if [ "${new_branch}" = "true" ] && [ "${src_branch}" = "${git_default_branch}" ]; then # new master branch - filter-branch "${commit_msg_tag}" "${subdirectories}" "${recursive_delete_pattern}" ${src_branch} filtered-branch + filter-branch "${commit_msg_tag}" "${subdirectories}" "${recursive_delete_pattern}" "upstream/${src_branch}" filtered-branch # find commits on the main line (will mostly be merges, but could be non-merges if filter-branch dropped # the corresponding fast-forward merge and left the feature branch commits) From f00c63dd5c420ad28ca6e1e206fe418636ea3705 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mudrini=C4=87?= Date: Fri, 26 Sep 2025 19:14:46 +0200 Subject: [PATCH 19/26] PATCH: skip-non-semver-tags and destination-tag-base options MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On-behalf-of: @SAP marko.mudrinic@sap.com Signed-off-by: Marko Mudrinić --- artifacts/scripts/construct.sh | 18 +++++++++++------ cmd/publishing-bot/config/rules.go | 13 ++++++++---- cmd/publishing-bot/publisher.go | 8 ++++++++ cmd/sync-tags/main.go | 32 +++++++++++++++++++++++++----- 4 files changed, 56 insertions(+), 15 deletions(-) diff --git a/artifacts/scripts/construct.sh b/artifacts/scripts/construct.sh index 939987eb..72e3f5d4 100755 --- a/artifacts/scripts/construct.sh +++ b/artifacts/scripts/construct.sh @@ -37,8 +37,8 @@ set -o nounset set -o pipefail set -o xtrace -if [ ! $# -eq 15 ]; then - echo "usage: $0 repo src_branch dst_branch dependent_k8s.io_repos required_packages kubernetes_remote subdirectories source_repo_org source_repo_name base_package is_library recursive_delete_pattern skip_tags last_published_upstream_hash git_default_branch" +if [ ! $# -eq 17 ]; then + echo "usage: $0 repo src_branch dst_branch dependent_k8s.io_repos required_packages kubernetes_remote subdirectories source_repo_org source_repo_name base_package is_library recursive_delete_pattern skip_tags skip_non_semver_tags semver_tags_base last_published_upstream_hash git_default_branch" exit 1 fi @@ -72,12 +72,16 @@ IS_LIBRARY="${2}" RECURSIVE_DELETE_PATTERN="${3}" # Skip syncing tags SKIP_TAGS="${4}" +# Skip tags that do not start with 'v' +SKIP_NON_SEMVER_TAGS="${5}" +# Major version to use for building the tag (e.g. v1, v2...) +SEMVER_TAGS_BASE="${6}" # last published upstream hash of this branch -LAST_PUBLISHED_UPSTREAM_HASH="${5}" +LAST_PUBLISHED_UPSTREAM_HASH="${7}" # name of the main branch. master for k8s.io/kubernetes -GIT_DEFAULT_BRANCH="${6}" +GIT_DEFAULT_BRANCH="${8}" -readonly REPO SRC_BRANCH DST_BRANCH DEPS REQUIRED SOURCE_REMOTE SOURCE_REPO_ORG SUBDIRS SOURCE_REPO_NAME BASE_PACKAGE IS_LIBRARY RECURSIVE_DELETE_PATTERN SKIP_TAGS LAST_PUBLISHED_UPSTREAM_HASH GIT_DEFAULT_BRANCH +readonly REPO SRC_BRANCH DST_BRANCH DEPS REQUIRED SOURCE_REMOTE SOURCE_REPO_ORG SUBDIRS SOURCE_REPO_NAME BASE_PACKAGE IS_LIBRARY RECURSIVE_DELETE_PATTERN SKIP_TAGS SKIP_NON_SEMVER_TAGS SEMVER_TAGS_BASE LAST_PUBLISHED_UPSTREAM_HASH GIT_DEFAULT_BRANCH SCRIPT_DIR=$(dirname "${BASH_SOURCE}") source "${SCRIPT_DIR}"/util.sh @@ -177,7 +181,9 @@ if [ -z "${SKIP_TAGS}" ]; then --push-script ${PUSH_SCRIPT} \ --dependencies "${DEPS}" \ --mapping-output-file "../tag-${REPO}-{{.Tag}}-mapping" \ - --publish-v0-semver \ + --publish-semver-tags \ + --skip-non-semver-tags="${SKIP_NON_SEMVER_TAGS}" \ + --semver-tags-base "${SEMVER_TAGS_BASE}" \ -alsologtostderr \ "${EXTRA_ARGS[@]-}" if [ "${LAST_HEAD}" != "$(git rev-parse ${LAST_BRANCH})" ]; then diff --git a/cmd/publishing-bot/config/rules.go b/cmd/publishing-bot/config/rules.go index fae1a69f..5d570ad2 100644 --- a/cmd/publishing-bot/config/rules.go +++ b/cmd/publishing-bot/config/rules.go @@ -73,6 +73,8 @@ type BranchRule struct { type RepositoryRule struct { DestinationRepository string `yaml:"destination"` Branches []BranchRule `yaml:"branches"` + // the value to use as vX in vX.Y.Z published at the destination repo + DestinationTagBase string `yaml:"destination-tag-base,omitempty"` // SmokeTest applies to all branches SmokeTest string `yaml:"smoke-test,omitempty"` // a multiline bash script Library bool `yaml:"library,omitempty"` @@ -81,10 +83,13 @@ type RepositoryRule struct { } type RepositoryRules struct { - SkippedSourceBranches []string `yaml:"skip-source-branches,omitempty"` - SkipGomod bool `yaml:"skip-gomod,omitempty"` - SkipTags bool `yaml:"skip-tags,omitempty"` - Rules []RepositoryRule `yaml:"rules"` + SkippedSourceBranches []string `yaml:"skip-source-branches,omitempty"` + SkipGomod bool `yaml:"skip-gomod,omitempty"` + SkipTags bool `yaml:"skip-tags,omitempty"` + // this skips tags in the source repo that are not valid semver tags + // e.g. v1.2.3 is valid, but /v1.2.3 is not valid. + SkipNonSemverTags bool `yaml:"skip-non-semver-tags,omitempty"` + Rules []RepositoryRule `yaml:"rules"` // ls-files patterns like: */BUILD *.ext pkg/foo.go Makefile RecursiveDeletePatterns []string `yaml:"recursive-delete-patterns"` diff --git a/cmd/publishing-bot/publisher.go b/cmd/publishing-bot/publisher.go index e643a32c..765afb54 100644 --- a/cmd/publishing-bot/publisher.go +++ b/cmd/publishing-bot/publisher.go @@ -292,6 +292,12 @@ func (p *PublisherMunger) construct() error { p.plog.Infof("synchronizing tags is disabled") } + skipNonSemverTags := "false" + if p.reposRules.SkipNonSemverTags { + skipNonSemverTags = "true" + p.plog.Infof("synchronizing non-semver tags is disabled") + } + // get old published hash to eventually skip cherry picking var lastPublishedUpstreamHash string bs, err := os.ReadFile(path.Join(p.baseRepoPath, publishedFileName(repoRule.DestinationRepository, branchRule.Name))) @@ -318,6 +324,8 @@ func (p *PublisherMunger) construct() error { strconv.FormatBool(repoRule.Library), strings.Join(p.reposRules.RecursiveDeletePatterns, " "), skipTags, + skipNonSemverTags, + repoRule.DestinationTagBase, lastPublishedUpstreamHash, p.config.GitDefaultBranch, ) diff --git a/cmd/sync-tags/main.go b/cmd/sync-tags/main.go index 7b261c3e..0479469a 100644 --- a/cmd/sync-tags/main.go +++ b/cmd/sync-tags/main.go @@ -24,6 +24,7 @@ import ( "io" "os" "os/exec" + "regexp" "strings" "text/template" "time" @@ -78,7 +79,10 @@ func main() { dependencies := flag.String("dependencies", "", "comma-separated list of repo:branch pairs of dependencies") skipFetch := flag.Bool("skip-fetch", false, "skip fetching tags") mappingOutputFile := flag.String("mapping-output-file", "", "a file name to write the source->dest hash mapping to ({{.Tag}} is substituted with the tag name, {{.Branch}} with the local branch name)") - publishSemverTags := flag.Bool("publish-v0-semver", false, "publish v0.x.y tag at destination repo for v1.x.y tag at the source repo") + publishV0Semver := flag.Bool("publish-v0-semver", false, "publish v0.x.y tag at destination repo for v1.x.y tag at the source repo") + publishSemverTags := flag.Bool("publish-semver-tags", false, "publish vX.Y.Z tag at destination repo for vX.Y.Z tag at the source repo") + skipNonSemverTags := flag.Bool("skip-non-semver-tags", false, "skip non-semver tags at the source repo") + semverTagsBase := flag.String("semver-tags-base", "v0", "the value to use as vX in vX.Y.Z published at the destination repo") flag.Usage = Usage flag.Parse() @@ -91,6 +95,10 @@ func main() { glog.Fatalf("source-branch cannot be empty") } + if *publishV0Semver && *publishSemverTags { + glog.Fatalf("only one of publish-v0-semver and publish-semver-tags can be true") + } + var dependentRepos []string if *dependencies != "" { for _, pair := range strings.Split(*dependencies, ",") { @@ -188,23 +196,37 @@ func main() { // create or update tags from srcTagCommits as local tags with the given prefix createdTags := []string{} for name, kh := range srcTagCommits { + if *skipNonSemverTags { + if _, semverErr := semver.Parse(strings.TrimPrefix(name, "v")); semverErr != nil { + continue + } + } + bName := name if *prefix != "" { bName = *prefix + name[1:] // remove the v } var ( - semverTag = "" - publishSemverTag = false + semverTag = "" + publishSemverTag = false + versionPrefixRegex = regexp.MustCompile(`^v\d+\.`) ) // if we are publishing semver tags - if *publishSemverTags { + if *publishV0Semver { // and this is a valid v1... semver tag if _, semverErr := semver.Parse(name[1:]); semverErr == nil && strings.HasPrefix(name, "v1.") { publishSemverTag = true semverTag = "v0." + strings.TrimPrefix(name, "v1.") // replace v1.x.y with v0.x.y } } + if *publishSemverTags { + // and this is a valid semver tag + if _, semverErr := semver.Parse(strings.TrimPrefix(name, "v")); semverErr == nil { + publishSemverTag = true + semverTag = *semverTagsBase + "." + versionPrefixRegex.ReplaceAllString(name, "") + } + } // ignore non-annotated tags tag, err := r.TagObject(kh) @@ -291,7 +313,7 @@ func main() { fmt.Printf("Writing source->dest hash mapping to %q\n", fname) f, err := os.Create(fname) if err != nil { - glog.Fatal(f) + glog.Fatal(err) } if err := writeKubeCommitMapping(f, sourceCommitsToDstCommits, srcFirstParents); err != nil { glog.Fatal(err) From 98bc8f13a918a73cbbfea1dba395078f02df52e4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mudrini=C4=87?= Date: Wed, 1 Oct 2025 14:08:51 +0200 Subject: [PATCH 20/26] PATCH: Add support for ARM64 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On-behalf-of: @SAP marko.mudrinic@sap.com Signed-off-by: Marko Mudrinić --- pkg/golang/install.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pkg/golang/install.go b/pkg/golang/install.go index b504b83d..7e3c636f 100644 --- a/pkg/golang/install.go +++ b/pkg/golang/install.go @@ -21,6 +21,7 @@ import ( "os" "os/exec" "path/filepath" + "runtime" "strings" "github.com/golang/glog" @@ -95,7 +96,7 @@ func installGoVersion(v, pth string) error { } defer os.RemoveAll(tmpPath) - cmd := exec.Command("/bin/bash", "-c", fmt.Sprintf("curl -SLf https://storage.googleapis.com/golang/go%s.linux-amd64.tar.gz | tar -xz --strip 1 -C %s", v, tmpPath)) + cmd := exec.Command("/bin/bash", "-c", fmt.Sprintf("curl -SLf https://storage.googleapis.com/golang/go%s.%s-%s.tar.gz | tar -xz --strip 1 -C %s", v, runtime.GOOS, runtime.GOARCH, tmpPath)) cmd.Dir = tmpPath cmd.Stdout = os.Stdout cmd.Stderr = os.Stderr From 8aada0a306b58d5e170d28d748d2e08a08418be2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mudrini=C4=87?= Date: Wed, 8 Oct 2025 15:48:24 +0200 Subject: [PATCH 21/26] Update status issue number for kcp-dev MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Marko Mudrinić --- configs/kcp-dev-configmap.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configs/kcp-dev-configmap.yaml b/configs/kcp-dev-configmap.yaml index 68c42f6e..64dfce1f 100644 --- a/configs/kcp-dev-configmap.yaml +++ b/configs/kcp-dev-configmap.yaml @@ -9,5 +9,5 @@ data: target-org: kcp-dev rules-file: https://raw.githubusercontent.com/kcp-dev/kcp/refs/heads/main/staging/publishing/rules.yaml git-default-branch: main - github-issue: 1 + github-issue: 3619 dry-run: false From ab14a486dc258555104cbb0064e6a65b868c3dc1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mudrini=C4=87?= Date: Tue, 28 Oct 2025 21:47:18 +0100 Subject: [PATCH 22/26] Properly handle non-v0 tags MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On-behalf-of: @SAP marko.mudrinic@sap.com Signed-off-by: Marko Mudrinić --- artifacts/scripts/util.sh | 54 ++++++++++++++++++++++++++++++++++++++- 1 file changed, 53 insertions(+), 1 deletion(-) diff --git a/artifacts/scripts/util.sh b/artifacts/scripts/util.sh index c751ff39..f1c54d94 100755 --- a/artifacts/scripts/util.sh +++ b/artifacts/scripts/util.sh @@ -881,7 +881,59 @@ update-deps-in-gomod() { } gomod-pseudo-version() { - TZ=GMT git show -q --pretty='format:v0.0.0-%cd-%h' --date='format-local:%Y%m%d%H%M%S' --abbrev=12 + local commit_sha + commit_sha="$(git rev-parse --short=12 HEAD)" + + local commit_ts + commit_ts="$(TZ=UTC git show -s --date='format-local:%Y%m%d%H%M%S' --format=%cd HEAD)" + + local tag + tag="$(git describe --tags --abbrev=0 --match 'v[0-9]*' 2>/dev/null || true)" + + # tag does not exist at all -> v0.0.0-- + if [[ -z "${tag:-}" ]]; then + echo "v0.0.0-${commit_ts}-${commit_sha}" + return + fi + + local head_rev + head_rev="$(git rev-parse HEAD)" + local tag_rev + tag_rev="$(git rev-list -n1 "$tag")" + + # tag on head -> tag + if [[ "$head_rev" == "$tag_rev" ]]; then + echo "$tag" + return + fi + + local current_major + current_major="$(grep '^module ' go.mod | sed -E 's|^module .*/(v[0-9]+)$|\1|; t; s|.*|v0|')" + + # head is not a tag -> + # - the latest available tag is vX.Y.Z -> vX.Y.(Z+1)-0.- + # - the latest available tag is vX.Y.Z-PR -> vX.Y.Z-PR.0.- + if [[ "$tag" =~ ^v([0-9]+)\.([0-9]+)\.([0-9]+)(-.+)?$ ]]; then + local major="${BASH_REMATCH[1]}" + local minor="${BASH_REMATCH[2]}" + local patch="${BASH_REMATCH[3]}" + local pre="${BASH_REMATCH[4]}" + + # if go.mod major matches the latest tag major + if [[ "$current_major" == "v$major" ]]; then + if [[ -z "${pre}" ]]; then + echo "v${major}.${minor}.$((patch+1))-0.${commit_ts}-${commit_sha}" + else + echo "${tag}.0.${commit_ts}-${commit_sha}" + fi + # if go.mod major does not match the latest tag major, then logic similar to v0.0.0 is used + else + echo "${current_major}.0.0-${commit_ts}-${commit_sha}" + fi + else + # the latest tag is not semver -> ignore it + echo "${current_major}.0.0-${commit_ts}-${commit_sha}" + fi } # checkout the dependencies to the versions corresponding to the kube commit of HEAD From e5f46d52be23885a6510011ba6c988f7792a710f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mudrini=C4=87?= Date: Wed, 29 Oct 2025 16:49:54 +0100 Subject: [PATCH 23/26] Fix handling for non-v0 tags MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On-behalf-of: @SAP marko.mudrinic@sap.com Signed-off-by: Marko Mudrinić --- artifacts/scripts/util.sh | 40 ++++++++++++++++++--------------------- 1 file changed, 18 insertions(+), 22 deletions(-) diff --git a/artifacts/scripts/util.sh b/artifacts/scripts/util.sh index f1c54d94..029cb76d 100755 --- a/artifacts/scripts/util.sh +++ b/artifacts/scripts/util.sh @@ -887,52 +887,48 @@ gomod-pseudo-version() { local commit_ts commit_ts="$(TZ=UTC git show -s --date='format-local:%Y%m%d%H%M%S' --format=%cd HEAD)" - local tag - tag="$(git describe --tags --abbrev=0 --match 'v[0-9]*' 2>/dev/null || true)" + local commit_tag + commit_tag="$(git describe --tags --exact-match --abbrev=0 2>/dev/null || true)" - # tag does not exist at all -> v0.0.0-- - if [[ -z "${tag:-}" ]]; then - echo "v0.0.0-${commit_ts}-${commit_sha}" + # latest commit has a tag -> tag + if [[ -n "${commit_tag}" ]]; then + echo "${commit_tag}" return fi - local head_rev - head_rev="$(git rev-parse HEAD)" - local tag_rev - tag_rev="$(git rev-list -n1 "$tag")" - - # tag on head -> tag - if [[ "$head_rev" == "$tag_rev" ]]; then - echo "$tag" + local latest_tag + latest_tag="$(git ls-remote --tags origin 2>/dev/null | awk -F/ '{print $3}' | grep -E '^v[0-9]+(\.[0-9]+)*$' | sort -V | tail -n1)" + + # tag does not exist at all -> v0.0.0-- + if [[ -z "${latest_tag:-}" ]]; then + echo "v0.0.0-${commit_ts}-${commit_sha}" return fi - local current_major - current_major="$(grep '^module ' go.mod | sed -E 's|^module .*/(v[0-9]+)$|\1|; t; s|.*|v0|')" + local module_major + module_major="$(grep '^module ' go.mod | sed -E 's|^module .*/(v[0-9]+)$|\1|; t; s|.*|v0|')" # head is not a tag -> # - the latest available tag is vX.Y.Z -> vX.Y.(Z+1)-0.- # - the latest available tag is vX.Y.Z-PR -> vX.Y.Z-PR.0.- - if [[ "$tag" =~ ^v([0-9]+)\.([0-9]+)\.([0-9]+)(-.+)?$ ]]; then + if [[ "$latest_tag" =~ ^v([0-9]+)\.([0-9]+)\.([0-9]+)(-.+)?$ ]]; then local major="${BASH_REMATCH[1]}" local minor="${BASH_REMATCH[2]}" local patch="${BASH_REMATCH[3]}" local pre="${BASH_REMATCH[4]}" - # if go.mod major matches the latest tag major - if [[ "$current_major" == "v$major" ]]; then + if [[ "$module_major" == "v$major" ]]; then if [[ -z "${pre}" ]]; then echo "v${major}.${minor}.$((patch+1))-0.${commit_ts}-${commit_sha}" else - echo "${tag}.0.${commit_ts}-${commit_sha}" + echo "${latest_tag}.0.${commit_ts}-${commit_sha}" fi - # if go.mod major does not match the latest tag major, then logic similar to v0.0.0 is used else - echo "${current_major}.0.0-${commit_ts}-${commit_sha}" + echo "${latest_tag}+incompatible" fi else # the latest tag is not semver -> ignore it - echo "${current_major}.0.0-${commit_ts}-${commit_sha}" + echo "v0.0.0-${commit_ts}-${commit_sha}" fi } From ec96f2a1a225f94cbf45f32a5d0f091ba7ef6634 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mudrini=C4=87?= Date: Wed, 29 Oct 2025 18:02:20 +0100 Subject: [PATCH 24/26] Fix getting the latest commit/tag MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Marko Mudrinić --- artifacts/scripts/util.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/artifacts/scripts/util.sh b/artifacts/scripts/util.sh index 029cb76d..17534c18 100755 --- a/artifacts/scripts/util.sh +++ b/artifacts/scripts/util.sh @@ -888,7 +888,7 @@ gomod-pseudo-version() { commit_ts="$(TZ=UTC git show -s --date='format-local:%Y%m%d%H%M%S' --format=%cd HEAD)" local commit_tag - commit_tag="$(git describe --tags --exact-match --abbrev=0 2>/dev/null || true)" + commit_tag="$( (git tag --points-at HEAD 2>/dev/null || true) | grep 'origin\/v' | sed 's|^origin/||' | sort -V | tail -n1)" # latest commit has a tag -> tag if [[ -n "${commit_tag}" ]]; then @@ -897,7 +897,7 @@ gomod-pseudo-version() { fi local latest_tag - latest_tag="$(git ls-remote --tags origin 2>/dev/null | awk -F/ '{print $3}' | grep -E '^v[0-9]+(\.[0-9]+)*$' | sort -V | tail -n1)" + latest_tag="$( (git ls-remote --tags origin 2>/dev/null || true) | awk -F/ '{print $3}' | grep -v '\^{}' | grep 'v' | sort -V | tail -n1)" # tag does not exist at all -> v0.0.0-- if [[ -z "${latest_tag:-}" ]]; then From f1f8f183a669e729053590b624a238ee4d8c2553 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mudrini=C4=87?= Date: Wed, 29 Oct 2025 19:47:44 +0100 Subject: [PATCH 25/26] Modify go mod replace to account for module version MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Marko Mudrinić --- artifacts/scripts/util.sh | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/artifacts/scripts/util.sh b/artifacts/scripts/util.sh index 17534c18..f04de56e 100755 --- a/artifacts/scripts/util.sh +++ b/artifacts/scripts/util.sh @@ -827,9 +827,16 @@ update-deps-in-gomod() { for (( i=0; i<${dep_count}; i++ )); do local dep="${deps_array[i]%%:*}" local dep_commit=$(cd ../${dep}; gomod-pseudo-version) - echo "Updating ${base_package}/${dep} to point to ${dep_commit}" - GO111MODULE=on go mod edit -fmt -require "${base_package}/${dep}@${dep_commit}" - GO111MODULE=on go mod edit -fmt -replace "${base_package}/${dep}=${base_package}/${dep}@${dep_commit}" + local mod_major=$(cd ../${dep}; gomod-module-major) + local go_pkg="${base_package}/${dep}" + + if [ "${mod_major}" != "v0" ] && [ "${mod_major}" != "v1" ]; then + go_pkg="${go_pkg}/${mod_major}" + fi + + echo "Updating ${go_pkg} to point to ${dep_commit}" + GO111MODULE=on go mod edit -fmt -require "${go_pkg}@${dep_commit}" + GO111MODULE=on go mod edit -fmt -replace "${go_pkg}=${go_pkg}@${dep_commit}" done GO111MODULE=on go mod edit -json | jq -r '.Replace[]? | select(.New.Path | startswith("../")) | "-dropreplace \(.Old.Path)"' | GO111MODULE=on xargs -L 100 go mod edit -fmt @@ -880,6 +887,10 @@ update-deps-in-gomod() { ensure-clean-working-dir } +gomod-module-major() { + grep '^module ' go.mod | sed -E 's|^module .*/(v[0-9]+)$|\1|; t; s|.*|v0|' +} + gomod-pseudo-version() { local commit_sha commit_sha="$(git rev-parse --short=12 HEAD)" @@ -906,7 +917,7 @@ gomod-pseudo-version() { fi local module_major - module_major="$(grep '^module ' go.mod | sed -E 's|^module .*/(v[0-9]+)$|\1|; t; s|.*|v0|')" + module_major="$(gomod-module-major)" # head is not a tag -> # - the latest available tag is vX.Y.Z -> vX.Y.(Z+1)-0.- From e593c5d7486443e4f51bd44dd3ef92da435272a2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mudrini=C4=87?= Date: Thu, 30 Oct 2025 16:46:11 +0100 Subject: [PATCH 26/26] Clean-up non-v0 major handling MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On-behalf-of: @SAP marko.mudrinic@sap.com Signed-off-by: Marko Mudrinić --- artifacts/scripts/util.sh | 50 +++++++++++++++++++++++------- configs/kcp-nightly-configmap.yaml | 1 + 2 files changed, 40 insertions(+), 11 deletions(-) diff --git a/artifacts/scripts/util.sh b/artifacts/scripts/util.sh index f04de56e..6eda3f91 100755 --- a/artifacts/scripts/util.sh +++ b/artifacts/scripts/util.sh @@ -887,6 +887,8 @@ update-deps-in-gomod() { ensure-clean-working-dir } +# Reads the module major version from go.mod. +# If no major version suffix is found, returns "v0". gomod-module-major() { grep '^module ' go.mod | sed -E 's|^module .*/(v[0-9]+)$|\1|; t; s|.*|v0|' } @@ -898,47 +900,68 @@ gomod-pseudo-version() { local commit_ts commit_ts="$(TZ=UTC git show -s --date='format-local:%Y%m%d%H%M%S' --format=%cd HEAD)" + # Get tag pointing at HEAD (the current commit), if any local commit_tag - commit_tag="$( (git tag --points-at HEAD 2>/dev/null || true) | grep 'origin\/v' | sed 's|^origin/||' | sort -V | tail -n1)" - - # latest commit has a tag -> tag - if [[ -n "${commit_tag}" ]]; then + commit_tag="$(git tag --points-at HEAD 2>/dev/null || true)" + + # We assume that tags will always be valid semver tags starting with 'v'. + # Repositories cloned by the publishing-bot always have two remotes: + # - origin: the published repository (e.g. github.com/kcp-dev/apimachinery) + # - upstream: the local source repository (e.g. ../kcp) + # We only consider tags from the published repository (origin). + # Technically, we should never ever hit this case. That's because tags are synced + # only after the initial publishing is done. We might eventually hit this case if + # there are two different tags/versions on the same commit. + if [[ -n "${commit_tag:-}" ]]; then + commit_tag=$(echo "${commit_tag}" | grep 'origin\/v' | sed 's|^origin/||' | sort -V | tail -n1) echo "${commit_tag}" return fi - + + # Get the latest tag from the published repository (origin). + # This tag does not point at HEAD, otherwise the previous case would handle it. local latest_tag - latest_tag="$( (git ls-remote --tags origin 2>/dev/null || true) | awk -F/ '{print $3}' | grep -v '\^{}' | grep 'v' | sort -V | tail -n1)" + latest_tag="$(git ls-remote --tags origin 2>/dev/null || true)" - # tag does not exist at all -> v0.0.0-- if [[ -z "${latest_tag:-}" ]]; then + # No tag exists, generate and return a pseudo-version string. echo "v0.0.0-${commit_ts}-${commit_sha}" return fi + # "git ls-remote" returns a bit more data than needed, so we parse it take valid semver tag. + latest_tag="$(echo "${latest_tag}" | awk -F/ '{print $3}' | grep -v '\^{}' | grep 'v' | sort -V | tail -n1)" + + # This returns the module major version as defined in go.mod. local module_major module_major="$(gomod-module-major)" - # head is not a tag -> - # - the latest available tag is vX.Y.Z -> vX.Y.(Z+1)-0.- - # - the latest available tag is vX.Y.Z-PR -> vX.Y.Z-PR.0.- + # Parse the latest tag and determine the semver elements. if [[ "$latest_tag" =~ ^v([0-9]+)\.([0-9]+)\.([0-9]+)(-.+)?$ ]]; then local major="${BASH_REMATCH[1]}" local minor="${BASH_REMATCH[2]}" local patch="${BASH_REMATCH[3]}" local pre="${BASH_REMATCH[4]}" + # If the module's major version matches the latest tag's major version. if [[ "$module_major" == "v$major" ]]; then if [[ -z "${pre}" ]]; then + # Stable tags are handled by incrementing the patch version + # and appending the pseudo-version suffix. echo "v${major}.${minor}.$((patch+1))-0.${commit_ts}-${commit_sha}" else + # Pre-release tags are handled by appending the pseudo-version suffix + # to the pre-release tag. echo "${latest_tag}.0.${commit_ts}-${commit_sha}" fi else + # Otherwise, Go handles this in a little strange way. It takes the latest tag + # and appends "+incompatible" to it. echo "${latest_tag}+incompatible" fi else - # the latest tag is not semver -> ignore it + # If we hit this case, the latest tag is not a valid semver tag. + # We just generate v0.0.0 pseudo-version string instead. echo "v0.0.0-${commit_ts}-${commit_sha}" fi } @@ -986,7 +1009,12 @@ checkout-deps-to-kube-commit() { git checkout -q "${dep_commit}" local pseudo_version=$(gomod-pseudo-version) + local mod_major=$(gomod-module-major) local cache_dir="${GOPATH}/pkg/mod/cache/download/${base_package}/${dep}/@v" + if [ "${mod_major}" != "v0" ] && [ "${mod_major}" != "v1" ]; then + cache_dir="${GOPATH}/pkg/mod/cache/download/${base_package}/${dep}/@v/${mod_major}" + fi + if [ -f "${cache_dir}/list" ] && grep -q "${pseudo_version}" "${cache_dir}/list"; then echo "Pseudo version ${pseudo_version} is already packaged up." else diff --git a/configs/kcp-nightly-configmap.yaml b/configs/kcp-nightly-configmap.yaml index 83d99222..c6d700b2 100644 --- a/configs/kcp-nightly-configmap.yaml +++ b/configs/kcp-nightly-configmap.yaml @@ -7,6 +7,7 @@ data: source-org: kcp-nightly source-repo: kcp target-org: kcp-nightly + base-package: github.com/kcp-dev rules-file: https://raw.githubusercontent.com/kcp-nightly/kcp/refs/heads/main/staging/publishing/rules.yaml git-default-branch: main github-issue: 1