* [PATCH RFC 1/2] scripts: Add script to do the repetitive bits of the release process
@ 2019-04-05 17:13 ` George Dunlap
0 siblings, 0 replies; 8+ messages in thread
From: George Dunlap @ 2019-04-05 17:13 UTC (permalink / raw)
To: xen-devel; +Cc: Ian Jackson, George Dunlap
With this script, once the main checks are out of the way, doing a
release (either an RC or the final release) should mostly be a matter
of executing a sequence of 4 commands given by the `help` function in
this script.
Signed-off-by: George Dunlap <george.dunlap@citrix.com>
---
There's one hard-coded "default" path in here that refers to my own
directory structure. If Ian finds these scripts useful, we should
probably move that to a copy on mail.xenproject.org somewhere instead.
There are also lots of opportunities for this script to be improved,
by (for instance) implementing programmatic checks for the various
checks listed as 'manual' at the moment.
I plan to implement containerize-able tests for the first three steps
(tag, make tarball, push tag), using "dummy" paths and gpg keys. I've
made revisions to tarball-cvs-checkin-and-post which I haven't had the
opportunity to test yet; ideas for how to keep this "fresh" are
welcome.
CC: Ian Jackson <ian.jackson@citrix.com>
---
scripts/release | 450 ++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 450 insertions(+)
create mode 100755 scripts/release
diff --git a/scripts/release b/scripts/release
new file mode 100755
index 0000000000..0442cd4ef9
--- /dev/null
+++ b/scripts/release
@@ -0,0 +1,450 @@
+#!/bin/bash
+
+###
+# George's bash library core
+###
+
+# arg-parse debug
+_apd=false
+
+arg_parse_cmd=\
+"local -a args;
+local _a;
+local _vn;
+local _m;
+local CLVL=\$((\$CLVL+1))
+
+_m=true;
+
+for _a in \"\$@\" ; do
+ $_apd && echo \"Evaluating \${_a} [[ \"\${_a/=}\" = \"\${_a}\" ]]\";
+ if \$_m && [[ \"\${_a/=}\" != \"\${_a}\" ]] ; then
+ $_apd && echo Parameter;
+ _vn=\${_a%%=*};
+ eval \"local \$_vn\";
+ eval \"\$_a\";
+ elif \$_m && [[ \"\${_a}\" == \"--\" ]] ; then
+ $_apd && echo Separator;
+ _m=false;
+ else
+ $_apd && echo Argument;
+ _m=false;
+ args+=(\"\$_a\");
+ fi;
+done"
+
+arg_parse="eval $arg_parse_cmd"
+
+# Pass in either the current function name, or the name of the script
+requireargs="eval _func=\"\$FUNCNAME\" ; eval [[ -n \\\"\$_func\\\" ]] || _func=\$0 ; eval _require-args \$_func"
+
+function _require-args()
+{
+ local _arg
+ local _args
+
+ _args=($@)
+
+ for _arg in ${_args[@]:1} ; do
+ eval "[[ -n \"\${$_arg}\" ]] || fail \"${_args[0]}: Missing $_arg\""
+ done
+}
+
+function default()
+{
+ # l0: eval i="5"
+ # l1: default_post="eval $1=\"$2\""
+ # l3: eval "if [[ -z \"\$$1\" ]] ; then default_post=\"eval \$1=\\\"$2\\\"\" ; fi"
+ eval "if [[ -z \"\$$1\" ]] ; then default_post=\"eval local \$1=\\\"$2\\\"\" ; else unset default_post ; fi"
+}
+
+function fail()
+{
+ echo FATAL $@
+ [[ -n "$fail_cleanup" ]] && $fail_cleanup
+ exit 1
+}
+
+function info()
+{
+ echo INFO $CLVL $@ 1>&2
+}
+
+function error()
+{
+ echo ERROR $@ 1>&2
+}
+
+function status()
+{
+ echo STATUS $CLVL $@ 1>&2
+ return 0
+}
+
+function report-result()
+{
+ if [[ -n "$var" ]] ; then
+ eval "${var}=\"$1\""
+ else
+ if [[ -n "$1" ]] ; then
+ echo "$1"
+ else
+ echo "(empty)"
+ fi
+ fi
+}
+
+function cmdline()
+{
+ local cmd;
+
+ if [[ "$#" -eq "0" ]] ; then
+ help
+ exit 1
+ fi
+
+ $arg_parse
+ info Running "${args[0]}"
+ "${args[0]}" "${args[@]:1}" || exit 1
+
+ if ! [[ -z "$RET" ]] ; then
+ echo $RET
+ fi
+}
+
+###
+# release-specific code
+###
+
+# Global / meta variables:
+#
+# tdir: "root" directory to do tarball work.
+# rdir: Directory where tarball & sig will be put (==$tdir/$v)
+# rtgz: Base filename for tarball ($rdir/xen-$v.tar.gz)
+#
+# v: Full release version (e.g., 4.12.0-rc5, 4.10.3)
+# x: Major+minor xen release version (e.g., 4.12, 4.10)
+# p: point release (e.g., 0 in 4.12.0; 3 in 4.10.3)
+# #r: Numbers-only release (e.g., 4.12.0, 4.10.3) # PROBABLY NOT NEEDED
+# rc: -rcN
+#
+# s: branch name (e.g., master, stable-4.12, stable-4.10)
+# t: Tag from a given release (e.g,. 4.12.0-rc5, RELEASE-4.10.3)
+# isrc: Boolean indicating whether the version is an rc (e.g., true for 4.12.0-rc5, false for 4.10.3)
+
+
+
+function xen-make-prefix-config() {
+ $arg_parse
+
+ # TODO: Ping drall.uk.xensource.com to see if we can reach it?
+
+ default cache_prefix "git://drall.uk.xensource.com:9419/" ; $default_post
+
+ perl -ne "if(/^([A-Z_]+_URL) \?= (git.*)/) { print \"\$1 ?= ${cache_prefix}\$2\n\"; }" Config.mk >> .config || fail "Generating .config"
+ cat .config
+}
+
+function set-tdir() {
+ if [[ -z "$tdir" || ! -e "$tdir" ]] ; then
+ info "$tdir doesn't exist, using /tmp"
+ tdir="/tmp"
+ fi
+}
+
+# Take `v` and generate the appropriate metavariables variables.
+function parse-version() {
+ $arg_parse
+
+ $requireargs v
+
+ if [[ -n "$x" && -n "$p" ]] ; then
+ echo "Version already parsed"
+ return
+ fi
+
+ if [[ $v =~ ([0-9]+\.[0-9]+)\.([0-9])(-rc[0-9]) ]] ; then
+ x=${BASH_REMATCH[1]}
+ p=${BASH_REMATCH[2]}
+ rc=${BASH_REMATCH[3]}
+ isrc=true
+ elif [[ $v =~ ([0-9]+\.[0-9]+)\.([0-9]) ]] ; then
+ x=${BASH_REMATCH[1]}
+ p=${BASH_REMATCH[2]}
+ isrc=false
+ else
+ fail "Bad version"
+ fi
+
+ if $isrc ; then
+ t=$v
+ else
+ t=RELEASE-$v
+ fi
+}
+
+function check() {
+ # TODO: Automate some of these
+ info "Please perform manually: All XSAs have been applied"
+ info "Please perform manually: Check http://logs.test-lab.xenproject.org/osstest/results/all-branch-statuses.txt"
+ info "Please perform manually: Check version in README"
+ info "Please perform manually: Check version in SUPPORT.md"
+ info "Please perform manually: Tags for appropriate *_REVISION's in Config.mk"
+ info "Please perform manually: xen/Makefile:XEN_EXTRAVERSION set to 0"
+ info "Please perform manually: tools/Rules.mk: debug ?= n"
+ info "Please perform manually: xen/Kconfig.debug:config DEBUG should default to `n`"
+}
+
+# Usage:
+# tag v=[version you want to release] [c=commithash]
+# eg.
+# tag v=4.12.0-rc6
+# Other arguments:
+# key: Name of key to sign the commit with
+# tdir: Name of top-level tarball directory
+function tag() {
+ $arg_parse
+
+ default key "23E3222C145F4475FA8060A783FE14C957E82BD9"; $default_post
+
+ $requireargs v
+
+ set-tdir
+
+ $requireargs tdir
+
+ parse-version
+
+ $requireargs t
+
+ git fetch origin
+
+ if [[ -n "$c" ]] ; then
+ info "Checking out commit $c"
+ git checkout $c || fail
+ else
+ local q
+ git checkout stable-$x || fail "Couldn't check out stable branch"
+ git merge || fail "Merge"
+ git log -n 10
+ read -p "Enter to continue, anything else to quit: " q
+ [[ -z "$q" ]] || return
+ fi
+
+ # FIXME: Add checks:
+ # - Make sure Config.mk has tags, not hashes
+ # - sonames?
+ # - Appropriate version numbers in SUPPORT.md, xen/Makefile, &c
+
+ echo git tag -u "$key" -s -m "Xen $v" $t ; sleep 1
+ git tag -u "$key" -s -m "Xen $v" $t || fail "Creating signed tag"
+
+ info "Release tagged. Now run release make-tarball v=$v"
+}
+
+function push-tag() {
+ $arg_parse
+
+ $requireargs v
+
+ parse-version
+
+ git push origin $t || fail "Pushing tag"
+ # FIXME: This is in the release checklist, but I'm not sure why
+ # git push origin staging-$x || fail "Pushing tag commit"
+
+ info "Tag pushed. Now run release tarball-cvs-checkin-and-post v=$v"
+}
+
+function make-tarball-only()
+{
+ $arg_parse
+
+ $requireargs v tdir
+
+ parse-version
+
+ git fetch || fail "git fetch"
+
+ git checkout $t || fail "Checking out tag $t"
+
+ git clean -ffdx
+
+ xen-make-prefix-config
+
+ ./configure || fail "Configuring"
+
+ if $isrc ; then
+ make src-tarball || fail "Making src-tarball"
+ else
+ make src-tarball-release || fail "Making src-tarball"
+ fi
+
+ rm -rf $tdir/$v
+
+ mkdir -p $tdir/$v || fail "Couldn't make target directory"
+
+ cp dist/xen-$v.tar.gz $tdir/$v || fail "Couldn't copy tarball"
+}
+
+function buildtest-tarball() {
+ $arg_parse
+
+ default bdir "/tmp" ; $default_post
+
+ $requireargs tdir v
+
+ cd $bdir || fail "cd $bdir"
+
+ rm -rf build-$v
+ mkdir build-$v || fail "mkdir"
+
+ cd build-$v
+
+ tar xfz $tdir/$v/xen-$v.tar.gz || fail "Untar"
+
+ cd xen-$v || fail "cd"
+
+ xen-make-prefix-config
+ info "Testing build (tail -f $bdir/build-$v/log.$v)..."
+ (./configure && make -j4 && touch $tdir/$v/build-tested && echo OK) 2>&1 > ../log.$v
+
+ [[ -e $tdir/$v/build-tested ]] || fail "Build failed; log at $bdir/build-$v/log.$v"
+}
+
+function sign-tarball() {
+ $arg_parse
+
+ $requireargs v
+
+ if [[ -z "$rtgz" ]] ; then
+ set-tdir
+ rtgz=$tdir/$v/xen-$v.tar.gz
+ fi
+
+ default key "23E3222C145F4475FA8060A783FE14C957E82BD9" ; $default_post
+
+ if ! gpg --list-secret-keys | grep $key ; then
+ info "Signature required; please run the following command with the public key available"
+ info " gpg --detach-sign -u 'xen tree' $rtgz"
+ exit 0
+ fi
+
+ gpg --detach-sign -u $key $rtgz || fail "Signing $rtgz"
+}
+
+function tarball-checksig() {
+ gpg --verify $rtgz.sig || fail "Signature failed"
+}
+
+function make-tarball() {
+ local rdir
+ local rtgz
+
+ $arg_parse
+
+ $requireargs v
+
+ set-tdir
+
+ $requireargs tdir
+
+ parse-version
+
+ info "Using tag $t"
+
+ rdir=$tdir/$v
+
+ rtgz=$rdir/xen-$v.tar.gz
+
+ if [[ ! -e $rtgz ]] ; then
+ info "$rtgz not present, generating"
+ make-tarball-only
+ fi
+
+ info "Tarball created"
+
+ if [[ ! -e $rdir/build-tested ]] ; then
+ buildtest-tarball
+ fi
+
+ info "Build tested"
+
+ if [[ ! -e $rtgz.sig ]] ; then
+ sign-tarball
+ else
+ tarball-checksig
+ fi
+
+ info "Tarball made, signed, and build-tested. Now run release push-tag v=$v"
+}
+
+function tarball-cvs-checkin-and-post() {
+ $arg_parse
+
+ $requireargs v
+
+ # TODO: This tree probably wants to be put somewhere on
+ # mail.xenproject.org
+
+ default cvsdir "/build/hg/push/xen.org/" ; $default_post
+
+ if [[ ! -e $cvsdir ]] ; then
+ fail "$cvsdir does not exist"
+ fi
+
+ if [[ -z "$rtgz" ]] ; then
+ set-tdir
+ rtgz=$tdir/$v/xen-$v.tar.gz
+ fi
+
+ cd $cvsdir || fail "cd"
+
+ mkdir -p oss-xen/release/$v || fail "Creating directory in CVS"
+
+ cvs add -kb oss-xen/release/$v/ || fail "cvs add release directory"
+
+ cd oss-xen/release/$v || fail "cd"
+
+ cp $tdir/$v/xen-$v.tar.gz . || fail "Copying tarball"
+ cp $tdir/$v/xen-$v.tar.gz.sig . || fail "Copying sig"
+
+ cvs add -kb xen-$v.tar.gz || fail "cvs add tarball"
+ cvs add -kb xen-$v.tar.gz.sig || fail "cvs add sig"
+
+ cd ../../..
+
+ cvs ci -m $v || fail "cvs checkin"
+
+ ssh mail.xenproject.org "cd /data/downloads.xenproject.org/xen.org && cvs -q up -d" || fail "Deploying tarball"
+
+ info "Tarball Uploaded. Xen version $v released."
+}
+
+function help() {
+ cat <<EOF
+General workflow:
+
+* Do a number of pre-release sanity checks
+ release check v=4.12.0-rc5
+
+* Tag and sign a Xen commit
+ release tag v=4.12.0-rc5
+ or
+ release tag v=4.12.0-rc5 c=07c181c
+
+* Create, test, and sign a release tarball
+ release make-tarball v=4.12.0-rc5
+
+* Push tags
+ release push-tag v=4.12.0-rc5
+
+* Publish tarball
+ release tarball-cvs-checkin-and-post v=4.12.0-rc5
+EOF
+}
+
+###
+# The actual command-line
+###
+cmdline "$@"
--
2.20.1
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [Xen-devel] [PATCH RFC 1/2] scripts: Add script to do the repetitive bits of the release process
@ 2019-04-05 17:13 ` George Dunlap
0 siblings, 0 replies; 8+ messages in thread
From: George Dunlap @ 2019-04-05 17:13 UTC (permalink / raw)
To: xen-devel; +Cc: Ian Jackson, George Dunlap
With this script, once the main checks are out of the way, doing a
release (either an RC or the final release) should mostly be a matter
of executing a sequence of 4 commands given by the `help` function in
this script.
Signed-off-by: George Dunlap <george.dunlap@citrix.com>
---
There's one hard-coded "default" path in here that refers to my own
directory structure. If Ian finds these scripts useful, we should
probably move that to a copy on mail.xenproject.org somewhere instead.
There are also lots of opportunities for this script to be improved,
by (for instance) implementing programmatic checks for the various
checks listed as 'manual' at the moment.
I plan to implement containerize-able tests for the first three steps
(tag, make tarball, push tag), using "dummy" paths and gpg keys. I've
made revisions to tarball-cvs-checkin-and-post which I haven't had the
opportunity to test yet; ideas for how to keep this "fresh" are
welcome.
CC: Ian Jackson <ian.jackson@citrix.com>
---
scripts/release | 450 ++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 450 insertions(+)
create mode 100755 scripts/release
diff --git a/scripts/release b/scripts/release
new file mode 100755
index 0000000000..0442cd4ef9
--- /dev/null
+++ b/scripts/release
@@ -0,0 +1,450 @@
+#!/bin/bash
+
+###
+# George's bash library core
+###
+
+# arg-parse debug
+_apd=false
+
+arg_parse_cmd=\
+"local -a args;
+local _a;
+local _vn;
+local _m;
+local CLVL=\$((\$CLVL+1))
+
+_m=true;
+
+for _a in \"\$@\" ; do
+ $_apd && echo \"Evaluating \${_a} [[ \"\${_a/=}\" = \"\${_a}\" ]]\";
+ if \$_m && [[ \"\${_a/=}\" != \"\${_a}\" ]] ; then
+ $_apd && echo Parameter;
+ _vn=\${_a%%=*};
+ eval \"local \$_vn\";
+ eval \"\$_a\";
+ elif \$_m && [[ \"\${_a}\" == \"--\" ]] ; then
+ $_apd && echo Separator;
+ _m=false;
+ else
+ $_apd && echo Argument;
+ _m=false;
+ args+=(\"\$_a\");
+ fi;
+done"
+
+arg_parse="eval $arg_parse_cmd"
+
+# Pass in either the current function name, or the name of the script
+requireargs="eval _func=\"\$FUNCNAME\" ; eval [[ -n \\\"\$_func\\\" ]] || _func=\$0 ; eval _require-args \$_func"
+
+function _require-args()
+{
+ local _arg
+ local _args
+
+ _args=($@)
+
+ for _arg in ${_args[@]:1} ; do
+ eval "[[ -n \"\${$_arg}\" ]] || fail \"${_args[0]}: Missing $_arg\""
+ done
+}
+
+function default()
+{
+ # l0: eval i="5"
+ # l1: default_post="eval $1=\"$2\""
+ # l3: eval "if [[ -z \"\$$1\" ]] ; then default_post=\"eval \$1=\\\"$2\\\"\" ; fi"
+ eval "if [[ -z \"\$$1\" ]] ; then default_post=\"eval local \$1=\\\"$2\\\"\" ; else unset default_post ; fi"
+}
+
+function fail()
+{
+ echo FATAL $@
+ [[ -n "$fail_cleanup" ]] && $fail_cleanup
+ exit 1
+}
+
+function info()
+{
+ echo INFO $CLVL $@ 1>&2
+}
+
+function error()
+{
+ echo ERROR $@ 1>&2
+}
+
+function status()
+{
+ echo STATUS $CLVL $@ 1>&2
+ return 0
+}
+
+function report-result()
+{
+ if [[ -n "$var" ]] ; then
+ eval "${var}=\"$1\""
+ else
+ if [[ -n "$1" ]] ; then
+ echo "$1"
+ else
+ echo "(empty)"
+ fi
+ fi
+}
+
+function cmdline()
+{
+ local cmd;
+
+ if [[ "$#" -eq "0" ]] ; then
+ help
+ exit 1
+ fi
+
+ $arg_parse
+ info Running "${args[0]}"
+ "${args[0]}" "${args[@]:1}" || exit 1
+
+ if ! [[ -z "$RET" ]] ; then
+ echo $RET
+ fi
+}
+
+###
+# release-specific code
+###
+
+# Global / meta variables:
+#
+# tdir: "root" directory to do tarball work.
+# rdir: Directory where tarball & sig will be put (==$tdir/$v)
+# rtgz: Base filename for tarball ($rdir/xen-$v.tar.gz)
+#
+# v: Full release version (e.g., 4.12.0-rc5, 4.10.3)
+# x: Major+minor xen release version (e.g., 4.12, 4.10)
+# p: point release (e.g., 0 in 4.12.0; 3 in 4.10.3)
+# #r: Numbers-only release (e.g., 4.12.0, 4.10.3) # PROBABLY NOT NEEDED
+# rc: -rcN
+#
+# s: branch name (e.g., master, stable-4.12, stable-4.10)
+# t: Tag from a given release (e.g,. 4.12.0-rc5, RELEASE-4.10.3)
+# isrc: Boolean indicating whether the version is an rc (e.g., true for 4.12.0-rc5, false for 4.10.3)
+
+
+
+function xen-make-prefix-config() {
+ $arg_parse
+
+ # TODO: Ping drall.uk.xensource.com to see if we can reach it?
+
+ default cache_prefix "git://drall.uk.xensource.com:9419/" ; $default_post
+
+ perl -ne "if(/^([A-Z_]+_URL) \?= (git.*)/) { print \"\$1 ?= ${cache_prefix}\$2\n\"; }" Config.mk >> .config || fail "Generating .config"
+ cat .config
+}
+
+function set-tdir() {
+ if [[ -z "$tdir" || ! -e "$tdir" ]] ; then
+ info "$tdir doesn't exist, using /tmp"
+ tdir="/tmp"
+ fi
+}
+
+# Take `v` and generate the appropriate metavariables variables.
+function parse-version() {
+ $arg_parse
+
+ $requireargs v
+
+ if [[ -n "$x" && -n "$p" ]] ; then
+ echo "Version already parsed"
+ return
+ fi
+
+ if [[ $v =~ ([0-9]+\.[0-9]+)\.([0-9])(-rc[0-9]) ]] ; then
+ x=${BASH_REMATCH[1]}
+ p=${BASH_REMATCH[2]}
+ rc=${BASH_REMATCH[3]}
+ isrc=true
+ elif [[ $v =~ ([0-9]+\.[0-9]+)\.([0-9]) ]] ; then
+ x=${BASH_REMATCH[1]}
+ p=${BASH_REMATCH[2]}
+ isrc=false
+ else
+ fail "Bad version"
+ fi
+
+ if $isrc ; then
+ t=$v
+ else
+ t=RELEASE-$v
+ fi
+}
+
+function check() {
+ # TODO: Automate some of these
+ info "Please perform manually: All XSAs have been applied"
+ info "Please perform manually: Check http://logs.test-lab.xenproject.org/osstest/results/all-branch-statuses.txt"
+ info "Please perform manually: Check version in README"
+ info "Please perform manually: Check version in SUPPORT.md"
+ info "Please perform manually: Tags for appropriate *_REVISION's in Config.mk"
+ info "Please perform manually: xen/Makefile:XEN_EXTRAVERSION set to 0"
+ info "Please perform manually: tools/Rules.mk: debug ?= n"
+ info "Please perform manually: xen/Kconfig.debug:config DEBUG should default to `n`"
+}
+
+# Usage:
+# tag v=[version you want to release] [c=commithash]
+# eg.
+# tag v=4.12.0-rc6
+# Other arguments:
+# key: Name of key to sign the commit with
+# tdir: Name of top-level tarball directory
+function tag() {
+ $arg_parse
+
+ default key "23E3222C145F4475FA8060A783FE14C957E82BD9"; $default_post
+
+ $requireargs v
+
+ set-tdir
+
+ $requireargs tdir
+
+ parse-version
+
+ $requireargs t
+
+ git fetch origin
+
+ if [[ -n "$c" ]] ; then
+ info "Checking out commit $c"
+ git checkout $c || fail
+ else
+ local q
+ git checkout stable-$x || fail "Couldn't check out stable branch"
+ git merge || fail "Merge"
+ git log -n 10
+ read -p "Enter to continue, anything else to quit: " q
+ [[ -z "$q" ]] || return
+ fi
+
+ # FIXME: Add checks:
+ # - Make sure Config.mk has tags, not hashes
+ # - sonames?
+ # - Appropriate version numbers in SUPPORT.md, xen/Makefile, &c
+
+ echo git tag -u "$key" -s -m "Xen $v" $t ; sleep 1
+ git tag -u "$key" -s -m "Xen $v" $t || fail "Creating signed tag"
+
+ info "Release tagged. Now run release make-tarball v=$v"
+}
+
+function push-tag() {
+ $arg_parse
+
+ $requireargs v
+
+ parse-version
+
+ git push origin $t || fail "Pushing tag"
+ # FIXME: This is in the release checklist, but I'm not sure why
+ # git push origin staging-$x || fail "Pushing tag commit"
+
+ info "Tag pushed. Now run release tarball-cvs-checkin-and-post v=$v"
+}
+
+function make-tarball-only()
+{
+ $arg_parse
+
+ $requireargs v tdir
+
+ parse-version
+
+ git fetch || fail "git fetch"
+
+ git checkout $t || fail "Checking out tag $t"
+
+ git clean -ffdx
+
+ xen-make-prefix-config
+
+ ./configure || fail "Configuring"
+
+ if $isrc ; then
+ make src-tarball || fail "Making src-tarball"
+ else
+ make src-tarball-release || fail "Making src-tarball"
+ fi
+
+ rm -rf $tdir/$v
+
+ mkdir -p $tdir/$v || fail "Couldn't make target directory"
+
+ cp dist/xen-$v.tar.gz $tdir/$v || fail "Couldn't copy tarball"
+}
+
+function buildtest-tarball() {
+ $arg_parse
+
+ default bdir "/tmp" ; $default_post
+
+ $requireargs tdir v
+
+ cd $bdir || fail "cd $bdir"
+
+ rm -rf build-$v
+ mkdir build-$v || fail "mkdir"
+
+ cd build-$v
+
+ tar xfz $tdir/$v/xen-$v.tar.gz || fail "Untar"
+
+ cd xen-$v || fail "cd"
+
+ xen-make-prefix-config
+ info "Testing build (tail -f $bdir/build-$v/log.$v)..."
+ (./configure && make -j4 && touch $tdir/$v/build-tested && echo OK) 2>&1 > ../log.$v
+
+ [[ -e $tdir/$v/build-tested ]] || fail "Build failed; log at $bdir/build-$v/log.$v"
+}
+
+function sign-tarball() {
+ $arg_parse
+
+ $requireargs v
+
+ if [[ -z "$rtgz" ]] ; then
+ set-tdir
+ rtgz=$tdir/$v/xen-$v.tar.gz
+ fi
+
+ default key "23E3222C145F4475FA8060A783FE14C957E82BD9" ; $default_post
+
+ if ! gpg --list-secret-keys | grep $key ; then
+ info "Signature required; please run the following command with the public key available"
+ info " gpg --detach-sign -u 'xen tree' $rtgz"
+ exit 0
+ fi
+
+ gpg --detach-sign -u $key $rtgz || fail "Signing $rtgz"
+}
+
+function tarball-checksig() {
+ gpg --verify $rtgz.sig || fail "Signature failed"
+}
+
+function make-tarball() {
+ local rdir
+ local rtgz
+
+ $arg_parse
+
+ $requireargs v
+
+ set-tdir
+
+ $requireargs tdir
+
+ parse-version
+
+ info "Using tag $t"
+
+ rdir=$tdir/$v
+
+ rtgz=$rdir/xen-$v.tar.gz
+
+ if [[ ! -e $rtgz ]] ; then
+ info "$rtgz not present, generating"
+ make-tarball-only
+ fi
+
+ info "Tarball created"
+
+ if [[ ! -e $rdir/build-tested ]] ; then
+ buildtest-tarball
+ fi
+
+ info "Build tested"
+
+ if [[ ! -e $rtgz.sig ]] ; then
+ sign-tarball
+ else
+ tarball-checksig
+ fi
+
+ info "Tarball made, signed, and build-tested. Now run release push-tag v=$v"
+}
+
+function tarball-cvs-checkin-and-post() {
+ $arg_parse
+
+ $requireargs v
+
+ # TODO: This tree probably wants to be put somewhere on
+ # mail.xenproject.org
+
+ default cvsdir "/build/hg/push/xen.org/" ; $default_post
+
+ if [[ ! -e $cvsdir ]] ; then
+ fail "$cvsdir does not exist"
+ fi
+
+ if [[ -z "$rtgz" ]] ; then
+ set-tdir
+ rtgz=$tdir/$v/xen-$v.tar.gz
+ fi
+
+ cd $cvsdir || fail "cd"
+
+ mkdir -p oss-xen/release/$v || fail "Creating directory in CVS"
+
+ cvs add -kb oss-xen/release/$v/ || fail "cvs add release directory"
+
+ cd oss-xen/release/$v || fail "cd"
+
+ cp $tdir/$v/xen-$v.tar.gz . || fail "Copying tarball"
+ cp $tdir/$v/xen-$v.tar.gz.sig . || fail "Copying sig"
+
+ cvs add -kb xen-$v.tar.gz || fail "cvs add tarball"
+ cvs add -kb xen-$v.tar.gz.sig || fail "cvs add sig"
+
+ cd ../../..
+
+ cvs ci -m $v || fail "cvs checkin"
+
+ ssh mail.xenproject.org "cd /data/downloads.xenproject.org/xen.org && cvs -q up -d" || fail "Deploying tarball"
+
+ info "Tarball Uploaded. Xen version $v released."
+}
+
+function help() {
+ cat <<EOF
+General workflow:
+
+* Do a number of pre-release sanity checks
+ release check v=4.12.0-rc5
+
+* Tag and sign a Xen commit
+ release tag v=4.12.0-rc5
+ or
+ release tag v=4.12.0-rc5 c=07c181c
+
+* Create, test, and sign a release tarball
+ release make-tarball v=4.12.0-rc5
+
+* Push tags
+ release push-tag v=4.12.0-rc5
+
+* Publish tarball
+ release tarball-cvs-checkin-and-post v=4.12.0-rc5
+EOF
+}
+
+###
+# The actual command-line
+###
+cmdline "$@"
--
2.20.1
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [PATCH RFC 2/2] release: Update release-checklist.
@ 2019-04-05 17:13 ` George Dunlap
0 siblings, 0 replies; 8+ messages in thread
From: George Dunlap @ 2019-04-05 17:13 UTC (permalink / raw)
To: xen-devel; +Cc: Ian Jackson, George Dunlap
Rework release-technician-checklist.txt to be more accessible, while
still being focused on someone familiar with the process:
1. Have the "Quick cheat-sheet" at the top, with the very first
suggestion to run `release help`.
2. Include a slightly more verbose description of the checklist after
that.
3. Add an overview of the process for people not familiar with it,
as well as a "bootstrapping" process.
Get rid of most of the runes now present in `scripts/release`; retain
the runes not present there.
Signed-off-by: George Dunlap <george.dunlap@citrix.com>
---
CC: Ian Jackson <ian.jackson@citrix.com>
---
docs/process/release-technician-checklist.txt | 261 ++++++++++--------
1 file changed, 144 insertions(+), 117 deletions(-)
diff --git a/docs/process/release-technician-checklist.txt b/docs/process/release-technician-checklist.txt
index 5dd85dbc40..5dd0646e65 100644
--- a/docs/process/release-technician-checklist.txt
+++ b/docs/process/release-technician-checklist.txt
@@ -1,30 +1,155 @@
+# Quick cheat-sheet
-s=master
-#b=unstable
-v=$v-rc1
+From a different tree, run `scripts/release help` to get a quick
+overview. For a full description of the process, start with the
+"Details about the process" section below.
-OR
+Basic requirements for signing:
-x=4.1
-m=1
-rc=-rc2
+* Access to the private Xen signing key
+(23E3222C145F4475FA8060A783FE14C957E82BD9)
-r=$x.$m
-s=$x-testing
-#b=$x-testing
-v=$r$rc
+* A repo whose 'origin' will push to xenbits
-t=$r$rc
-OR
-t=RELEASE-$r
+Requirements for pushing to the website:
+* A local copy of the cvs repo (see below)
-# FIRSTLY
-# - check (for point releases, but not RCs) all XSAs have been applied (Lars)
-#
-* check, even for point releases
-* http://logs.test-lab.xenproject.org/osstest/results/all-branch-statuses.txt
+* ssh access to mail.xenproject.org
+The basic overview:
+
+* Do basic release checks (see the next section).
+
+* Create a signed tag based based on the release manager's specifications
+ $path/scripts/release tag v=4.13.0-rc1 c=<commit-hash>
+
+* Make, sign, and build-test a tarball
+ $path/scripts/release make-tarball v=4.13.0-rc1
+
+* Push the signed tag to the tree:
+ $path/scripts/release push-tag v=4.13.0-rc1
+
+* Push the tarball and signature to the website:
+ $path/scripts release tarball-cvs-checkin-and-post v=4.13.0-rc1
+
+RC vs RELEASE is automatically detected by the script; to tag an RC
+use `v=4.13.0-rc1`; to tag the corresponding release, run the same
+sequence of commands with `v=4.13.0`.
+
+Each command will also prompt you with the command to run next.
+
+# Detailed checklist
+
+* Consider bumping sonames of shared libraries
+
+* All XSAs have been applied
+
+* Tags (not commit hashes) for xenproject-related trees in Config.mk
+
+`grep Config.mk _REVISION` should turn up only tags for QEMU_UPSTREAM,
+MINIOS, and QEMU_TRADITIONAL. See below for more details.
+
+* The version has been appropriately updated in various places
+ - xen.git/README:
+ During development: "4.12-unstable"
+ For RCs: "4.12-rc"
+ For release: "4.12"
+
+ - xen.git/SUPPORT.md:Xen-Version
+ During development: "4.12-unstable"
+ For RCs: "4.12-rc"
+ For release: "4.12.0"
+
+ - xen.git/xen/Makefile:XEN_EXTRAVERSION
+ During development: "-unstable$(XEN_VENDORVERSION)"
+ For RCs: ".0-rc$(XEN_VENDORVERSION)"
+ For release: ".0$(XEN_VENDORVERSION)
+
+* Debug has been disabled
+ - tools/Rules.mk:debug ?= n
+ - xen/Kconfig.debug:config DEBUG should default to `n`
+
+* The branch or changeset in question has passed the pushgate
+
+See http://logs.test-lab.xenproject.org/osstest/results/all-branch-statuses.txt
+
+# Details about the process
+
+Two general outputs of this process:
+
+* A signed commit in the upstream repository
+
+* A tarball made from this commit, signed, placed on downloads.xenproject.org
+
+## Tag structure
+
+Tags for RCs follow the following form:
+ 4.13.0-rc1
+ 4.8.4-rc5
+
+Tags for releases follow the following form:
+ RELEASE-4.13.0
+ RELEASE-4.8.4
+
+## Requisite tags in other trees
+
+The Xen build pulls in a number of other git trees. Some of these,
+like seabios and ovmf, are outside our project; but qemu,
+qemu-traditional, and minios are inside. An exact revision is
+specified, such that the pushgate can test specific versions of Xen
+with specific versions of these other projects.
+
+During development, these revisions are normally a commit hash; but on
+release (even an RC), we want these revisions to be a tag signed with
+the XenProject private key.
+
+So before a release, Config.mk must be checked to see if there are
+hash-like values in any of the following values:
+`QEMU_UPSTREAM_REVISION`, `MINIOS_UPSTREAM_REVISION`, OR
+`QEMU_TRADITIONAL_REVISION`.
+
+If so, the following sequence of events must first happen:
+ * Those trees must have signed tags made (see below for a template)
+ * A commit must be made in xen.git pointing to those tags
+ * That commit must pass the push gate
+
+## cvs as a CMS
+
+`downloads.xenproject.org` points to `mail.xenproject.org`. In order
+to have traceability, and all the things you want from this sort of
+system, you want a version control system. Git is notoriously bad for
+large files, so CVS is used.
+
+On `mail.xenproject.org`, there is a master repository at
+`/home/downloads-cvs/cvs-repos/xen.org`. This repo is checked out at
+`/data/downloads.xenproject.org/xen.org`. The specific directory used
+for release tarballs is `oss-xen/release/$v/` (which will show up at
+`http://downloads.xenproject.org/release/xen/$v/`).
+
+So the general process for publishing a xen tarball and signature is:
+
+* Add the tarball and signature to a locally-checked-out copy of the cvs tree
+
+ cvs add -kb oss-xen/release/$v/
+ cvs add -kb oss-xen/release/$v/xen-$v.tar.gz
+ cvs add -kb oss-xen/release/$v/xen-$v.tar.gz.sig
+
+* "Check in" the files (which pushes them to the central repo)
+
+ cvs ci -m $v
+
+* Update the CVS repo in the website copy of the repo.
+
+(From `mail.xenproject.org:/data/downloads.xenproject.org/xen.org`)
+
+ cvs -q up -d
+
+You can get your own local copy of this using the following rune:
+
+ cvs -d mail.xenproject.org:/home/downloads-cvs/cvs-repos co xen.org
+
+# Making tags for subprojects
# QEMU
@@ -46,101 +171,3 @@ t=RELEASE-$r
git tag -u 'xen tree' -s -m "Xen $r$rc" qemu-xen-$v
git push osstest@xenbits.xen.org:/home/xen/git/qemu-xen.git qemu-xen-$v
-* consider bumping sonames of shlibs
-
-* change xen-unstable README (should say "Xen 4.5" in releases and on stable branches, "Xen 4.5-unstable" on unstable)
-* change xen-unstable Config.mk (QEMU_UPSTREAM_REVISION, QEMU_TRADITIONAL_REVISION, MINIOS_UPSTREAM_REVISION)
-* change SUPPORT.md heading version number; -unstable or -rc tag
-* (empty in stable branches after .0 release).
-* insert correct version number in release-notes link
-* change xen-unstable xen/Makefile XEN_EXTRAVERSION
-# if main version number has changed (eg 4.7 -> 4.8) rerun ./autogen.sh
-* rerun ./autogen.sh to update version number in configure
-# - XEN_EXTRAVERSION should be `.0-rc$(XEN_VENDORVERSION)'
-#
-# - turn off debug on stable branches, if not already done
-# - tools/Rules.mk
-# debug ?= n
-# - xen/Kconfig.debug
-# config DEBUG
-# default n
-
-* tag xen-unstable
-
-# In xen.git
- git-fetch origin
- git-checkout staging-$x
- git-pull
- git-show # should show commit updating version to right version
- git-tag -u 'xen tree' -s -m "Xen $r$rc" $t
- git-push origin $t
- git-push origin staging-$x
-## hg tag <tag_name> ; hg sign -k "Xen tree" <tag_name>
-
-
-
-HANDLING TAG GENERATED BY RELEASE MANAGER
-
- fetch the tag into my tree
- make the tarball (RELEASE TARBALL, below)
- test build (see below)
- website (see below)
- merge tag into staging and push to staging
- maybe force push into master
- definitely push tag to xenbits
- git-push origin $t
-
-
-
-
-RELEASE TARBALL
-
- for 4.5 and later, use tarball target
- git checkout $t
- git clean -xdff
- # export http_proxy=http://localhost:3128/
- ./configure
- make src-tarball-release # must be used for actual releases
- make src-tarball # uses git-describe (best for RCs)
- # ^find some way to add git-cache-proxy to this (done in ~iwj/.gitconfig)
- mkdir /volatile/iwj/website-thing/xen.org/oss-xen/release/$v
- mv dist/xen-$v.tar.gz /volatile/iwj/website-thing/xen.org/oss-xen/release/$v/.
-
- # website-thing/xen.org is cvs -d mail.xenproject.org:/home/downloads-cvs/cvs-repos co xen.org
- cd /volatile/iwj/website-thing/xen.org
-
-# test build
- cd /volatile/iwj/d
- mkdir build
- cd build
- tar zxf /volatile/iwj/website-thing/xen.org/oss-xen/release/$v/xen-$v.tar.gz
-# rsync -a --delete xen-$v build/
- cd xen-$v
- export http_proxy=http://localhost:3128/
- (./configure && make -j4 KERNELS='' && echo ok.) 2>&1 | tee ../log.$v # post 4.2
-
-# [[ test build amd64 ]]
-
- cvs add -kb oss-xen/release/$v/
-
- cd oss-xen/release/$v
- gpg --digest-algo=SHA256 --detach-sign -u 'xen tree' xen-$v.tar.gz
- cvs add -kb xen-$v.tar.gz
- cvs add -kb xen-$v.tar.gz.sig
- cd ../../..
-
- cvs ci -m $v
-
- ssh downloads-cvs@mail.xenproject.org
- cd /data/downloads.xenproject.org/xen.org
- cvs -q up -d
- # should show something like
- # U oss-xen/release/4.8.0-rc2/xen-4.8.0-rc2.tar.gz
- # U oss-xen/release/4.8.0-rc2/xen-4.8.0-rc2.tar.gz.sig
-
-
-update xenbits front page to change references to old stable branch
- into references to new stable branch
-
-Edit website
-
--
2.20.1
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [Xen-devel] [PATCH RFC 2/2] release: Update release-checklist.
@ 2019-04-05 17:13 ` George Dunlap
0 siblings, 0 replies; 8+ messages in thread
From: George Dunlap @ 2019-04-05 17:13 UTC (permalink / raw)
To: xen-devel; +Cc: Ian Jackson, George Dunlap
Rework release-technician-checklist.txt to be more accessible, while
still being focused on someone familiar with the process:
1. Have the "Quick cheat-sheet" at the top, with the very first
suggestion to run `release help`.
2. Include a slightly more verbose description of the checklist after
that.
3. Add an overview of the process for people not familiar with it,
as well as a "bootstrapping" process.
Get rid of most of the runes now present in `scripts/release`; retain
the runes not present there.
Signed-off-by: George Dunlap <george.dunlap@citrix.com>
---
CC: Ian Jackson <ian.jackson@citrix.com>
---
docs/process/release-technician-checklist.txt | 261 ++++++++++--------
1 file changed, 144 insertions(+), 117 deletions(-)
diff --git a/docs/process/release-technician-checklist.txt b/docs/process/release-technician-checklist.txt
index 5dd85dbc40..5dd0646e65 100644
--- a/docs/process/release-technician-checklist.txt
+++ b/docs/process/release-technician-checklist.txt
@@ -1,30 +1,155 @@
+# Quick cheat-sheet
-s=master
-#b=unstable
-v=$v-rc1
+From a different tree, run `scripts/release help` to get a quick
+overview. For a full description of the process, start with the
+"Details about the process" section below.
-OR
+Basic requirements for signing:
-x=4.1
-m=1
-rc=-rc2
+* Access to the private Xen signing key
+(23E3222C145F4475FA8060A783FE14C957E82BD9)
-r=$x.$m
-s=$x-testing
-#b=$x-testing
-v=$r$rc
+* A repo whose 'origin' will push to xenbits
-t=$r$rc
-OR
-t=RELEASE-$r
+Requirements for pushing to the website:
+* A local copy of the cvs repo (see below)
-# FIRSTLY
-# - check (for point releases, but not RCs) all XSAs have been applied (Lars)
-#
-* check, even for point releases
-* http://logs.test-lab.xenproject.org/osstest/results/all-branch-statuses.txt
+* ssh access to mail.xenproject.org
+The basic overview:
+
+* Do basic release checks (see the next section).
+
+* Create a signed tag based based on the release manager's specifications
+ $path/scripts/release tag v=4.13.0-rc1 c=<commit-hash>
+
+* Make, sign, and build-test a tarball
+ $path/scripts/release make-tarball v=4.13.0-rc1
+
+* Push the signed tag to the tree:
+ $path/scripts/release push-tag v=4.13.0-rc1
+
+* Push the tarball and signature to the website:
+ $path/scripts release tarball-cvs-checkin-and-post v=4.13.0-rc1
+
+RC vs RELEASE is automatically detected by the script; to tag an RC
+use `v=4.13.0-rc1`; to tag the corresponding release, run the same
+sequence of commands with `v=4.13.0`.
+
+Each command will also prompt you with the command to run next.
+
+# Detailed checklist
+
+* Consider bumping sonames of shared libraries
+
+* All XSAs have been applied
+
+* Tags (not commit hashes) for xenproject-related trees in Config.mk
+
+`grep Config.mk _REVISION` should turn up only tags for QEMU_UPSTREAM,
+MINIOS, and QEMU_TRADITIONAL. See below for more details.
+
+* The version has been appropriately updated in various places
+ - xen.git/README:
+ During development: "4.12-unstable"
+ For RCs: "4.12-rc"
+ For release: "4.12"
+
+ - xen.git/SUPPORT.md:Xen-Version
+ During development: "4.12-unstable"
+ For RCs: "4.12-rc"
+ For release: "4.12.0"
+
+ - xen.git/xen/Makefile:XEN_EXTRAVERSION
+ During development: "-unstable$(XEN_VENDORVERSION)"
+ For RCs: ".0-rc$(XEN_VENDORVERSION)"
+ For release: ".0$(XEN_VENDORVERSION)
+
+* Debug has been disabled
+ - tools/Rules.mk:debug ?= n
+ - xen/Kconfig.debug:config DEBUG should default to `n`
+
+* The branch or changeset in question has passed the pushgate
+
+See http://logs.test-lab.xenproject.org/osstest/results/all-branch-statuses.txt
+
+# Details about the process
+
+Two general outputs of this process:
+
+* A signed commit in the upstream repository
+
+* A tarball made from this commit, signed, placed on downloads.xenproject.org
+
+## Tag structure
+
+Tags for RCs follow the following form:
+ 4.13.0-rc1
+ 4.8.4-rc5
+
+Tags for releases follow the following form:
+ RELEASE-4.13.0
+ RELEASE-4.8.4
+
+## Requisite tags in other trees
+
+The Xen build pulls in a number of other git trees. Some of these,
+like seabios and ovmf, are outside our project; but qemu,
+qemu-traditional, and minios are inside. An exact revision is
+specified, such that the pushgate can test specific versions of Xen
+with specific versions of these other projects.
+
+During development, these revisions are normally a commit hash; but on
+release (even an RC), we want these revisions to be a tag signed with
+the XenProject private key.
+
+So before a release, Config.mk must be checked to see if there are
+hash-like values in any of the following values:
+`QEMU_UPSTREAM_REVISION`, `MINIOS_UPSTREAM_REVISION`, OR
+`QEMU_TRADITIONAL_REVISION`.
+
+If so, the following sequence of events must first happen:
+ * Those trees must have signed tags made (see below for a template)
+ * A commit must be made in xen.git pointing to those tags
+ * That commit must pass the push gate
+
+## cvs as a CMS
+
+`downloads.xenproject.org` points to `mail.xenproject.org`. In order
+to have traceability, and all the things you want from this sort of
+system, you want a version control system. Git is notoriously bad for
+large files, so CVS is used.
+
+On `mail.xenproject.org`, there is a master repository at
+`/home/downloads-cvs/cvs-repos/xen.org`. This repo is checked out at
+`/data/downloads.xenproject.org/xen.org`. The specific directory used
+for release tarballs is `oss-xen/release/$v/` (which will show up at
+`http://downloads.xenproject.org/release/xen/$v/`).
+
+So the general process for publishing a xen tarball and signature is:
+
+* Add the tarball and signature to a locally-checked-out copy of the cvs tree
+
+ cvs add -kb oss-xen/release/$v/
+ cvs add -kb oss-xen/release/$v/xen-$v.tar.gz
+ cvs add -kb oss-xen/release/$v/xen-$v.tar.gz.sig
+
+* "Check in" the files (which pushes them to the central repo)
+
+ cvs ci -m $v
+
+* Update the CVS repo in the website copy of the repo.
+
+(From `mail.xenproject.org:/data/downloads.xenproject.org/xen.org`)
+
+ cvs -q up -d
+
+You can get your own local copy of this using the following rune:
+
+ cvs -d mail.xenproject.org:/home/downloads-cvs/cvs-repos co xen.org
+
+# Making tags for subprojects
# QEMU
@@ -46,101 +171,3 @@ t=RELEASE-$r
git tag -u 'xen tree' -s -m "Xen $r$rc" qemu-xen-$v
git push osstest@xenbits.xen.org:/home/xen/git/qemu-xen.git qemu-xen-$v
-* consider bumping sonames of shlibs
-
-* change xen-unstable README (should say "Xen 4.5" in releases and on stable branches, "Xen 4.5-unstable" on unstable)
-* change xen-unstable Config.mk (QEMU_UPSTREAM_REVISION, QEMU_TRADITIONAL_REVISION, MINIOS_UPSTREAM_REVISION)
-* change SUPPORT.md heading version number; -unstable or -rc tag
-* (empty in stable branches after .0 release).
-* insert correct version number in release-notes link
-* change xen-unstable xen/Makefile XEN_EXTRAVERSION
-# if main version number has changed (eg 4.7 -> 4.8) rerun ./autogen.sh
-* rerun ./autogen.sh to update version number in configure
-# - XEN_EXTRAVERSION should be `.0-rc$(XEN_VENDORVERSION)'
-#
-# - turn off debug on stable branches, if not already done
-# - tools/Rules.mk
-# debug ?= n
-# - xen/Kconfig.debug
-# config DEBUG
-# default n
-
-* tag xen-unstable
-
-# In xen.git
- git-fetch origin
- git-checkout staging-$x
- git-pull
- git-show # should show commit updating version to right version
- git-tag -u 'xen tree' -s -m "Xen $r$rc" $t
- git-push origin $t
- git-push origin staging-$x
-## hg tag <tag_name> ; hg sign -k "Xen tree" <tag_name>
-
-
-
-HANDLING TAG GENERATED BY RELEASE MANAGER
-
- fetch the tag into my tree
- make the tarball (RELEASE TARBALL, below)
- test build (see below)
- website (see below)
- merge tag into staging and push to staging
- maybe force push into master
- definitely push tag to xenbits
- git-push origin $t
-
-
-
-
-RELEASE TARBALL
-
- for 4.5 and later, use tarball target
- git checkout $t
- git clean -xdff
- # export http_proxy=http://localhost:3128/
- ./configure
- make src-tarball-release # must be used for actual releases
- make src-tarball # uses git-describe (best for RCs)
- # ^find some way to add git-cache-proxy to this (done in ~iwj/.gitconfig)
- mkdir /volatile/iwj/website-thing/xen.org/oss-xen/release/$v
- mv dist/xen-$v.tar.gz /volatile/iwj/website-thing/xen.org/oss-xen/release/$v/.
-
- # website-thing/xen.org is cvs -d mail.xenproject.org:/home/downloads-cvs/cvs-repos co xen.org
- cd /volatile/iwj/website-thing/xen.org
-
-# test build
- cd /volatile/iwj/d
- mkdir build
- cd build
- tar zxf /volatile/iwj/website-thing/xen.org/oss-xen/release/$v/xen-$v.tar.gz
-# rsync -a --delete xen-$v build/
- cd xen-$v
- export http_proxy=http://localhost:3128/
- (./configure && make -j4 KERNELS='' && echo ok.) 2>&1 | tee ../log.$v # post 4.2
-
-# [[ test build amd64 ]]
-
- cvs add -kb oss-xen/release/$v/
-
- cd oss-xen/release/$v
- gpg --digest-algo=SHA256 --detach-sign -u 'xen tree' xen-$v.tar.gz
- cvs add -kb xen-$v.tar.gz
- cvs add -kb xen-$v.tar.gz.sig
- cd ../../..
-
- cvs ci -m $v
-
- ssh downloads-cvs@mail.xenproject.org
- cd /data/downloads.xenproject.org/xen.org
- cvs -q up -d
- # should show something like
- # U oss-xen/release/4.8.0-rc2/xen-4.8.0-rc2.tar.gz
- # U oss-xen/release/4.8.0-rc2/xen-4.8.0-rc2.tar.gz.sig
-
-
-update xenbits front page to change references to old stable branch
- into references to new stable branch
-
-Edit website
-
--
2.20.1
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply related [flat|nested] 8+ messages in thread
* Re: [PATCH RFC 1/2] scripts: Add script to do the repetitive bits of the release process
@ 2019-05-01 14:56 ` George Dunlap
0 siblings, 0 replies; 8+ messages in thread
From: George Dunlap @ 2019-05-01 14:56 UTC (permalink / raw)
To: xen-devel; +Cc: Ian Jackson
Ping?
On 4/5/19 6:13 PM, George Dunlap wrote:
> With this script, once the main checks are out of the way, doing a
> release (either an RC or the final release) should mostly be a matter
> of executing a sequence of 4 commands given by the `help` function in
> this script.
>
> Signed-off-by: George Dunlap <george.dunlap@citrix.com>
> ---
> There's one hard-coded "default" path in here that refers to my own
> directory structure. If Ian finds these scripts useful, we should
> probably move that to a copy on mail.xenproject.org somewhere instead.
>
> There are also lots of opportunities for this script to be improved,
> by (for instance) implementing programmatic checks for the various
> checks listed as 'manual' at the moment.
>
> I plan to implement containerize-able tests for the first three steps
> (tag, make tarball, push tag), using "dummy" paths and gpg keys. I've
> made revisions to tarball-cvs-checkin-and-post which I haven't had the
> opportunity to test yet; ideas for how to keep this "fresh" are
> welcome.
>
> CC: Ian Jackson <ian.jackson@citrix.com>
> ---
> scripts/release | 450 ++++++++++++++++++++++++++++++++++++++++++++++++
> 1 file changed, 450 insertions(+)
> create mode 100755 scripts/release
>
> diff --git a/scripts/release b/scripts/release
> new file mode 100755
> index 0000000000..0442cd4ef9
> --- /dev/null
> +++ b/scripts/release
> @@ -0,0 +1,450 @@
> +#!/bin/bash
> +
> +###
> +# George's bash library core
> +###
> +
> +# arg-parse debug
> +_apd=false
> +
> +arg_parse_cmd=\
> +"local -a args;
> +local _a;
> +local _vn;
> +local _m;
> +local CLVL=\$((\$CLVL+1))
> +
> +_m=true;
> +
> +for _a in \"\$@\" ; do
> + $_apd && echo \"Evaluating \${_a} [[ \"\${_a/=}\" = \"\${_a}\" ]]\";
> + if \$_m && [[ \"\${_a/=}\" != \"\${_a}\" ]] ; then
> + $_apd && echo Parameter;
> + _vn=\${_a%%=*};
> + eval \"local \$_vn\";
> + eval \"\$_a\";
> + elif \$_m && [[ \"\${_a}\" == \"--\" ]] ; then
> + $_apd && echo Separator;
> + _m=false;
> + else
> + $_apd && echo Argument;
> + _m=false;
> + args+=(\"\$_a\");
> + fi;
> +done"
> +
> +arg_parse="eval $arg_parse_cmd"
> +
> +# Pass in either the current function name, or the name of the script
> +requireargs="eval _func=\"\$FUNCNAME\" ; eval [[ -n \\\"\$_func\\\" ]] || _func=\$0 ; eval _require-args \$_func"
> +
> +function _require-args()
> +{
> + local _arg
> + local _args
> +
> + _args=($@)
> +
> + for _arg in ${_args[@]:1} ; do
> + eval "[[ -n \"\${$_arg}\" ]] || fail \"${_args[0]}: Missing $_arg\""
> + done
> +}
> +
> +function default()
> +{
> + # l0: eval i="5"
> + # l1: default_post="eval $1=\"$2\""
> + # l3: eval "if [[ -z \"\$$1\" ]] ; then default_post=\"eval \$1=\\\"$2\\\"\" ; fi"
> + eval "if [[ -z \"\$$1\" ]] ; then default_post=\"eval local \$1=\\\"$2\\\"\" ; else unset default_post ; fi"
> +}
> +
> +function fail()
> +{
> + echo FATAL $@
> + [[ -n "$fail_cleanup" ]] && $fail_cleanup
> + exit 1
> +}
> +
> +function info()
> +{
> + echo INFO $CLVL $@ 1>&2
> +}
> +
> +function error()
> +{
> + echo ERROR $@ 1>&2
> +}
> +
> +function status()
> +{
> + echo STATUS $CLVL $@ 1>&2
> + return 0
> +}
> +
> +function report-result()
> +{
> + if [[ -n "$var" ]] ; then
> + eval "${var}=\"$1\""
> + else
> + if [[ -n "$1" ]] ; then
> + echo "$1"
> + else
> + echo "(empty)"
> + fi
> + fi
> +}
> +
> +function cmdline()
> +{
> + local cmd;
> +
> + if [[ "$#" -eq "0" ]] ; then
> + help
> + exit 1
> + fi
> +
> + $arg_parse
> + info Running "${args[0]}"
> + "${args[0]}" "${args[@]:1}" || exit 1
> +
> + if ! [[ -z "$RET" ]] ; then
> + echo $RET
> + fi
> +}
> +
> +###
> +# release-specific code
> +###
> +
> +# Global / meta variables:
> +#
> +# tdir: "root" directory to do tarball work.
> +# rdir: Directory where tarball & sig will be put (==$tdir/$v)
> +# rtgz: Base filename for tarball ($rdir/xen-$v.tar.gz)
> +#
> +# v: Full release version (e.g., 4.12.0-rc5, 4.10.3)
> +# x: Major+minor xen release version (e.g., 4.12, 4.10)
> +# p: point release (e.g., 0 in 4.12.0; 3 in 4.10.3)
> +# #r: Numbers-only release (e.g., 4.12.0, 4.10.3) # PROBABLY NOT NEEDED
> +# rc: -rcN
> +#
> +# s: branch name (e.g., master, stable-4.12, stable-4.10)
> +# t: Tag from a given release (e.g,. 4.12.0-rc5, RELEASE-4.10.3)
> +# isrc: Boolean indicating whether the version is an rc (e.g., true for 4.12.0-rc5, false for 4.10.3)
> +
> +
> +
> +function xen-make-prefix-config() {
> + $arg_parse
> +
> + # TODO: Ping drall.uk.xensource.com to see if we can reach it?
> +
> + default cache_prefix "git://drall.uk.xensource.com:9419/" ; $default_post
> +
> + perl -ne "if(/^([A-Z_]+_URL) \?= (git.*)/) { print \"\$1 ?= ${cache_prefix}\$2\n\"; }" Config.mk >> .config || fail "Generating .config"
> + cat .config
> +}
> +
> +function set-tdir() {
> + if [[ -z "$tdir" || ! -e "$tdir" ]] ; then
> + info "$tdir doesn't exist, using /tmp"
> + tdir="/tmp"
> + fi
> +}
> +
> +# Take `v` and generate the appropriate metavariables variables.
> +function parse-version() {
> + $arg_parse
> +
> + $requireargs v
> +
> + if [[ -n "$x" && -n "$p" ]] ; then
> + echo "Version already parsed"
> + return
> + fi
> +
> + if [[ $v =~ ([0-9]+\.[0-9]+)\.([0-9])(-rc[0-9]) ]] ; then
> + x=${BASH_REMATCH[1]}
> + p=${BASH_REMATCH[2]}
> + rc=${BASH_REMATCH[3]}
> + isrc=true
> + elif [[ $v =~ ([0-9]+\.[0-9]+)\.([0-9]) ]] ; then
> + x=${BASH_REMATCH[1]}
> + p=${BASH_REMATCH[2]}
> + isrc=false
> + else
> + fail "Bad version"
> + fi
> +
> + if $isrc ; then
> + t=$v
> + else
> + t=RELEASE-$v
> + fi
> +}
> +
> +function check() {
> + # TODO: Automate some of these
> + info "Please perform manually: All XSAs have been applied"
> + info "Please perform manually: Check http://logs.test-lab.xenproject.org/osstest/results/all-branch-statuses.txt"
> + info "Please perform manually: Check version in README"
> + info "Please perform manually: Check version in SUPPORT.md"
> + info "Please perform manually: Tags for appropriate *_REVISION's in Config.mk"
> + info "Please perform manually: xen/Makefile:XEN_EXTRAVERSION set to 0"
> + info "Please perform manually: tools/Rules.mk: debug ?= n"
> + info "Please perform manually: xen/Kconfig.debug:config DEBUG should default to `n`"
> +}
> +
> +# Usage:
> +# tag v=[version you want to release] [c=commithash]
> +# eg.
> +# tag v=4.12.0-rc6
> +# Other arguments:
> +# key: Name of key to sign the commit with
> +# tdir: Name of top-level tarball directory
> +function tag() {
> + $arg_parse
> +
> + default key "23E3222C145F4475FA8060A783FE14C957E82BD9"; $default_post
> +
> + $requireargs v
> +
> + set-tdir
> +
> + $requireargs tdir
> +
> + parse-version
> +
> + $requireargs t
> +
> + git fetch origin
> +
> + if [[ -n "$c" ]] ; then
> + info "Checking out commit $c"
> + git checkout $c || fail
> + else
> + local q
> + git checkout stable-$x || fail "Couldn't check out stable branch"
> + git merge || fail "Merge"
> + git log -n 10
> + read -p "Enter to continue, anything else to quit: " q
> + [[ -z "$q" ]] || return
> + fi
> +
> + # FIXME: Add checks:
> + # - Make sure Config.mk has tags, not hashes
> + # - sonames?
> + # - Appropriate version numbers in SUPPORT.md, xen/Makefile, &c
> +
> + echo git tag -u "$key" -s -m "Xen $v" $t ; sleep 1
> + git tag -u "$key" -s -m "Xen $v" $t || fail "Creating signed tag"
> +
> + info "Release tagged. Now run release make-tarball v=$v"
> +}
> +
> +function push-tag() {
> + $arg_parse
> +
> + $requireargs v
> +
> + parse-version
> +
> + git push origin $t || fail "Pushing tag"
> + # FIXME: This is in the release checklist, but I'm not sure why
> + # git push origin staging-$x || fail "Pushing tag commit"
> +
> + info "Tag pushed. Now run release tarball-cvs-checkin-and-post v=$v"
> +}
> +
> +function make-tarball-only()
> +{
> + $arg_parse
> +
> + $requireargs v tdir
> +
> + parse-version
> +
> + git fetch || fail "git fetch"
> +
> + git checkout $t || fail "Checking out tag $t"
> +
> + git clean -ffdx
> +
> + xen-make-prefix-config
> +
> + ./configure || fail "Configuring"
> +
> + if $isrc ; then
> + make src-tarball || fail "Making src-tarball"
> + else
> + make src-tarball-release || fail "Making src-tarball"
> + fi
> +
> + rm -rf $tdir/$v
> +
> + mkdir -p $tdir/$v || fail "Couldn't make target directory"
> +
> + cp dist/xen-$v.tar.gz $tdir/$v || fail "Couldn't copy tarball"
> +}
> +
> +function buildtest-tarball() {
> + $arg_parse
> +
> + default bdir "/tmp" ; $default_post
> +
> + $requireargs tdir v
> +
> + cd $bdir || fail "cd $bdir"
> +
> + rm -rf build-$v
> + mkdir build-$v || fail "mkdir"
> +
> + cd build-$v
> +
> + tar xfz $tdir/$v/xen-$v.tar.gz || fail "Untar"
> +
> + cd xen-$v || fail "cd"
> +
> + xen-make-prefix-config
> + info "Testing build (tail -f $bdir/build-$v/log.$v)..."
> + (./configure && make -j4 && touch $tdir/$v/build-tested && echo OK) 2>&1 > ../log.$v
> +
> + [[ -e $tdir/$v/build-tested ]] || fail "Build failed; log at $bdir/build-$v/log.$v"
> +}
> +
> +function sign-tarball() {
> + $arg_parse
> +
> + $requireargs v
> +
> + if [[ -z "$rtgz" ]] ; then
> + set-tdir
> + rtgz=$tdir/$v/xen-$v.tar.gz
> + fi
> +
> + default key "23E3222C145F4475FA8060A783FE14C957E82BD9" ; $default_post
> +
> + if ! gpg --list-secret-keys | grep $key ; then
> + info "Signature required; please run the following command with the public key available"
> + info " gpg --detach-sign -u 'xen tree' $rtgz"
> + exit 0
> + fi
> +
> + gpg --detach-sign -u $key $rtgz || fail "Signing $rtgz"
> +}
> +
> +function tarball-checksig() {
> + gpg --verify $rtgz.sig || fail "Signature failed"
> +}
> +
> +function make-tarball() {
> + local rdir
> + local rtgz
> +
> + $arg_parse
> +
> + $requireargs v
> +
> + set-tdir
> +
> + $requireargs tdir
> +
> + parse-version
> +
> + info "Using tag $t"
> +
> + rdir=$tdir/$v
> +
> + rtgz=$rdir/xen-$v.tar.gz
> +
> + if [[ ! -e $rtgz ]] ; then
> + info "$rtgz not present, generating"
> + make-tarball-only
> + fi
> +
> + info "Tarball created"
> +
> + if [[ ! -e $rdir/build-tested ]] ; then
> + buildtest-tarball
> + fi
> +
> + info "Build tested"
> +
> + if [[ ! -e $rtgz.sig ]] ; then
> + sign-tarball
> + else
> + tarball-checksig
> + fi
> +
> + info "Tarball made, signed, and build-tested. Now run release push-tag v=$v"
> +}
> +
> +function tarball-cvs-checkin-and-post() {
> + $arg_parse
> +
> + $requireargs v
> +
> + # TODO: This tree probably wants to be put somewhere on
> + # mail.xenproject.org
> +
> + default cvsdir "/build/hg/push/xen.org/" ; $default_post
> +
> + if [[ ! -e $cvsdir ]] ; then
> + fail "$cvsdir does not exist"
> + fi
> +
> + if [[ -z "$rtgz" ]] ; then
> + set-tdir
> + rtgz=$tdir/$v/xen-$v.tar.gz
> + fi
> +
> + cd $cvsdir || fail "cd"
> +
> + mkdir -p oss-xen/release/$v || fail "Creating directory in CVS"
> +
> + cvs add -kb oss-xen/release/$v/ || fail "cvs add release directory"
> +
> + cd oss-xen/release/$v || fail "cd"
> +
> + cp $tdir/$v/xen-$v.tar.gz . || fail "Copying tarball"
> + cp $tdir/$v/xen-$v.tar.gz.sig . || fail "Copying sig"
> +
> + cvs add -kb xen-$v.tar.gz || fail "cvs add tarball"
> + cvs add -kb xen-$v.tar.gz.sig || fail "cvs add sig"
> +
> + cd ../../..
> +
> + cvs ci -m $v || fail "cvs checkin"
> +
> + ssh mail.xenproject.org "cd /data/downloads.xenproject.org/xen.org && cvs -q up -d" || fail "Deploying tarball"
> +
> + info "Tarball Uploaded. Xen version $v released."
> +}
> +
> +function help() {
> + cat <<EOF
> +General workflow:
> +
> +* Do a number of pre-release sanity checks
> + release check v=4.12.0-rc5
> +
> +* Tag and sign a Xen commit
> + release tag v=4.12.0-rc5
> + or
> + release tag v=4.12.0-rc5 c=07c181c
> +
> +* Create, test, and sign a release tarball
> + release make-tarball v=4.12.0-rc5
> +
> +* Push tags
> + release push-tag v=4.12.0-rc5
> +
> +* Publish tarball
> + release tarball-cvs-checkin-and-post v=4.12.0-rc5
> +EOF
> +}
> +
> +###
> +# The actual command-line
> +###
> +cmdline "$@"
>
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [Xen-devel] [PATCH RFC 1/2] scripts: Add script to do the repetitive bits of the release process
@ 2019-05-01 14:56 ` George Dunlap
0 siblings, 0 replies; 8+ messages in thread
From: George Dunlap @ 2019-05-01 14:56 UTC (permalink / raw)
To: xen-devel; +Cc: Ian Jackson
Ping?
On 4/5/19 6:13 PM, George Dunlap wrote:
> With this script, once the main checks are out of the way, doing a
> release (either an RC or the final release) should mostly be a matter
> of executing a sequence of 4 commands given by the `help` function in
> this script.
>
> Signed-off-by: George Dunlap <george.dunlap@citrix.com>
> ---
> There's one hard-coded "default" path in here that refers to my own
> directory structure. If Ian finds these scripts useful, we should
> probably move that to a copy on mail.xenproject.org somewhere instead.
>
> There are also lots of opportunities for this script to be improved,
> by (for instance) implementing programmatic checks for the various
> checks listed as 'manual' at the moment.
>
> I plan to implement containerize-able tests for the first three steps
> (tag, make tarball, push tag), using "dummy" paths and gpg keys. I've
> made revisions to tarball-cvs-checkin-and-post which I haven't had the
> opportunity to test yet; ideas for how to keep this "fresh" are
> welcome.
>
> CC: Ian Jackson <ian.jackson@citrix.com>
> ---
> scripts/release | 450 ++++++++++++++++++++++++++++++++++++++++++++++++
> 1 file changed, 450 insertions(+)
> create mode 100755 scripts/release
>
> diff --git a/scripts/release b/scripts/release
> new file mode 100755
> index 0000000000..0442cd4ef9
> --- /dev/null
> +++ b/scripts/release
> @@ -0,0 +1,450 @@
> +#!/bin/bash
> +
> +###
> +# George's bash library core
> +###
> +
> +# arg-parse debug
> +_apd=false
> +
> +arg_parse_cmd=\
> +"local -a args;
> +local _a;
> +local _vn;
> +local _m;
> +local CLVL=\$((\$CLVL+1))
> +
> +_m=true;
> +
> +for _a in \"\$@\" ; do
> + $_apd && echo \"Evaluating \${_a} [[ \"\${_a/=}\" = \"\${_a}\" ]]\";
> + if \$_m && [[ \"\${_a/=}\" != \"\${_a}\" ]] ; then
> + $_apd && echo Parameter;
> + _vn=\${_a%%=*};
> + eval \"local \$_vn\";
> + eval \"\$_a\";
> + elif \$_m && [[ \"\${_a}\" == \"--\" ]] ; then
> + $_apd && echo Separator;
> + _m=false;
> + else
> + $_apd && echo Argument;
> + _m=false;
> + args+=(\"\$_a\");
> + fi;
> +done"
> +
> +arg_parse="eval $arg_parse_cmd"
> +
> +# Pass in either the current function name, or the name of the script
> +requireargs="eval _func=\"\$FUNCNAME\" ; eval [[ -n \\\"\$_func\\\" ]] || _func=\$0 ; eval _require-args \$_func"
> +
> +function _require-args()
> +{
> + local _arg
> + local _args
> +
> + _args=($@)
> +
> + for _arg in ${_args[@]:1} ; do
> + eval "[[ -n \"\${$_arg}\" ]] || fail \"${_args[0]}: Missing $_arg\""
> + done
> +}
> +
> +function default()
> +{
> + # l0: eval i="5"
> + # l1: default_post="eval $1=\"$2\""
> + # l3: eval "if [[ -z \"\$$1\" ]] ; then default_post=\"eval \$1=\\\"$2\\\"\" ; fi"
> + eval "if [[ -z \"\$$1\" ]] ; then default_post=\"eval local \$1=\\\"$2\\\"\" ; else unset default_post ; fi"
> +}
> +
> +function fail()
> +{
> + echo FATAL $@
> + [[ -n "$fail_cleanup" ]] && $fail_cleanup
> + exit 1
> +}
> +
> +function info()
> +{
> + echo INFO $CLVL $@ 1>&2
> +}
> +
> +function error()
> +{
> + echo ERROR $@ 1>&2
> +}
> +
> +function status()
> +{
> + echo STATUS $CLVL $@ 1>&2
> + return 0
> +}
> +
> +function report-result()
> +{
> + if [[ -n "$var" ]] ; then
> + eval "${var}=\"$1\""
> + else
> + if [[ -n "$1" ]] ; then
> + echo "$1"
> + else
> + echo "(empty)"
> + fi
> + fi
> +}
> +
> +function cmdline()
> +{
> + local cmd;
> +
> + if [[ "$#" -eq "0" ]] ; then
> + help
> + exit 1
> + fi
> +
> + $arg_parse
> + info Running "${args[0]}"
> + "${args[0]}" "${args[@]:1}" || exit 1
> +
> + if ! [[ -z "$RET" ]] ; then
> + echo $RET
> + fi
> +}
> +
> +###
> +# release-specific code
> +###
> +
> +# Global / meta variables:
> +#
> +# tdir: "root" directory to do tarball work.
> +# rdir: Directory where tarball & sig will be put (==$tdir/$v)
> +# rtgz: Base filename for tarball ($rdir/xen-$v.tar.gz)
> +#
> +# v: Full release version (e.g., 4.12.0-rc5, 4.10.3)
> +# x: Major+minor xen release version (e.g., 4.12, 4.10)
> +# p: point release (e.g., 0 in 4.12.0; 3 in 4.10.3)
> +# #r: Numbers-only release (e.g., 4.12.0, 4.10.3) # PROBABLY NOT NEEDED
> +# rc: -rcN
> +#
> +# s: branch name (e.g., master, stable-4.12, stable-4.10)
> +# t: Tag from a given release (e.g,. 4.12.0-rc5, RELEASE-4.10.3)
> +# isrc: Boolean indicating whether the version is an rc (e.g., true for 4.12.0-rc5, false for 4.10.3)
> +
> +
> +
> +function xen-make-prefix-config() {
> + $arg_parse
> +
> + # TODO: Ping drall.uk.xensource.com to see if we can reach it?
> +
> + default cache_prefix "git://drall.uk.xensource.com:9419/" ; $default_post
> +
> + perl -ne "if(/^([A-Z_]+_URL) \?= (git.*)/) { print \"\$1 ?= ${cache_prefix}\$2\n\"; }" Config.mk >> .config || fail "Generating .config"
> + cat .config
> +}
> +
> +function set-tdir() {
> + if [[ -z "$tdir" || ! -e "$tdir" ]] ; then
> + info "$tdir doesn't exist, using /tmp"
> + tdir="/tmp"
> + fi
> +}
> +
> +# Take `v` and generate the appropriate metavariables variables.
> +function parse-version() {
> + $arg_parse
> +
> + $requireargs v
> +
> + if [[ -n "$x" && -n "$p" ]] ; then
> + echo "Version already parsed"
> + return
> + fi
> +
> + if [[ $v =~ ([0-9]+\.[0-9]+)\.([0-9])(-rc[0-9]) ]] ; then
> + x=${BASH_REMATCH[1]}
> + p=${BASH_REMATCH[2]}
> + rc=${BASH_REMATCH[3]}
> + isrc=true
> + elif [[ $v =~ ([0-9]+\.[0-9]+)\.([0-9]) ]] ; then
> + x=${BASH_REMATCH[1]}
> + p=${BASH_REMATCH[2]}
> + isrc=false
> + else
> + fail "Bad version"
> + fi
> +
> + if $isrc ; then
> + t=$v
> + else
> + t=RELEASE-$v
> + fi
> +}
> +
> +function check() {
> + # TODO: Automate some of these
> + info "Please perform manually: All XSAs have been applied"
> + info "Please perform manually: Check http://logs.test-lab.xenproject.org/osstest/results/all-branch-statuses.txt"
> + info "Please perform manually: Check version in README"
> + info "Please perform manually: Check version in SUPPORT.md"
> + info "Please perform manually: Tags for appropriate *_REVISION's in Config.mk"
> + info "Please perform manually: xen/Makefile:XEN_EXTRAVERSION set to 0"
> + info "Please perform manually: tools/Rules.mk: debug ?= n"
> + info "Please perform manually: xen/Kconfig.debug:config DEBUG should default to `n`"
> +}
> +
> +# Usage:
> +# tag v=[version you want to release] [c=commithash]
> +# eg.
> +# tag v=4.12.0-rc6
> +# Other arguments:
> +# key: Name of key to sign the commit with
> +# tdir: Name of top-level tarball directory
> +function tag() {
> + $arg_parse
> +
> + default key "23E3222C145F4475FA8060A783FE14C957E82BD9"; $default_post
> +
> + $requireargs v
> +
> + set-tdir
> +
> + $requireargs tdir
> +
> + parse-version
> +
> + $requireargs t
> +
> + git fetch origin
> +
> + if [[ -n "$c" ]] ; then
> + info "Checking out commit $c"
> + git checkout $c || fail
> + else
> + local q
> + git checkout stable-$x || fail "Couldn't check out stable branch"
> + git merge || fail "Merge"
> + git log -n 10
> + read -p "Enter to continue, anything else to quit: " q
> + [[ -z "$q" ]] || return
> + fi
> +
> + # FIXME: Add checks:
> + # - Make sure Config.mk has tags, not hashes
> + # - sonames?
> + # - Appropriate version numbers in SUPPORT.md, xen/Makefile, &c
> +
> + echo git tag -u "$key" -s -m "Xen $v" $t ; sleep 1
> + git tag -u "$key" -s -m "Xen $v" $t || fail "Creating signed tag"
> +
> + info "Release tagged. Now run release make-tarball v=$v"
> +}
> +
> +function push-tag() {
> + $arg_parse
> +
> + $requireargs v
> +
> + parse-version
> +
> + git push origin $t || fail "Pushing tag"
> + # FIXME: This is in the release checklist, but I'm not sure why
> + # git push origin staging-$x || fail "Pushing tag commit"
> +
> + info "Tag pushed. Now run release tarball-cvs-checkin-and-post v=$v"
> +}
> +
> +function make-tarball-only()
> +{
> + $arg_parse
> +
> + $requireargs v tdir
> +
> + parse-version
> +
> + git fetch || fail "git fetch"
> +
> + git checkout $t || fail "Checking out tag $t"
> +
> + git clean -ffdx
> +
> + xen-make-prefix-config
> +
> + ./configure || fail "Configuring"
> +
> + if $isrc ; then
> + make src-tarball || fail "Making src-tarball"
> + else
> + make src-tarball-release || fail "Making src-tarball"
> + fi
> +
> + rm -rf $tdir/$v
> +
> + mkdir -p $tdir/$v || fail "Couldn't make target directory"
> +
> + cp dist/xen-$v.tar.gz $tdir/$v || fail "Couldn't copy tarball"
> +}
> +
> +function buildtest-tarball() {
> + $arg_parse
> +
> + default bdir "/tmp" ; $default_post
> +
> + $requireargs tdir v
> +
> + cd $bdir || fail "cd $bdir"
> +
> + rm -rf build-$v
> + mkdir build-$v || fail "mkdir"
> +
> + cd build-$v
> +
> + tar xfz $tdir/$v/xen-$v.tar.gz || fail "Untar"
> +
> + cd xen-$v || fail "cd"
> +
> + xen-make-prefix-config
> + info "Testing build (tail -f $bdir/build-$v/log.$v)..."
> + (./configure && make -j4 && touch $tdir/$v/build-tested && echo OK) 2>&1 > ../log.$v
> +
> + [[ -e $tdir/$v/build-tested ]] || fail "Build failed; log at $bdir/build-$v/log.$v"
> +}
> +
> +function sign-tarball() {
> + $arg_parse
> +
> + $requireargs v
> +
> + if [[ -z "$rtgz" ]] ; then
> + set-tdir
> + rtgz=$tdir/$v/xen-$v.tar.gz
> + fi
> +
> + default key "23E3222C145F4475FA8060A783FE14C957E82BD9" ; $default_post
> +
> + if ! gpg --list-secret-keys | grep $key ; then
> + info "Signature required; please run the following command with the public key available"
> + info " gpg --detach-sign -u 'xen tree' $rtgz"
> + exit 0
> + fi
> +
> + gpg --detach-sign -u $key $rtgz || fail "Signing $rtgz"
> +}
> +
> +function tarball-checksig() {
> + gpg --verify $rtgz.sig || fail "Signature failed"
> +}
> +
> +function make-tarball() {
> + local rdir
> + local rtgz
> +
> + $arg_parse
> +
> + $requireargs v
> +
> + set-tdir
> +
> + $requireargs tdir
> +
> + parse-version
> +
> + info "Using tag $t"
> +
> + rdir=$tdir/$v
> +
> + rtgz=$rdir/xen-$v.tar.gz
> +
> + if [[ ! -e $rtgz ]] ; then
> + info "$rtgz not present, generating"
> + make-tarball-only
> + fi
> +
> + info "Tarball created"
> +
> + if [[ ! -e $rdir/build-tested ]] ; then
> + buildtest-tarball
> + fi
> +
> + info "Build tested"
> +
> + if [[ ! -e $rtgz.sig ]] ; then
> + sign-tarball
> + else
> + tarball-checksig
> + fi
> +
> + info "Tarball made, signed, and build-tested. Now run release push-tag v=$v"
> +}
> +
> +function tarball-cvs-checkin-and-post() {
> + $arg_parse
> +
> + $requireargs v
> +
> + # TODO: This tree probably wants to be put somewhere on
> + # mail.xenproject.org
> +
> + default cvsdir "/build/hg/push/xen.org/" ; $default_post
> +
> + if [[ ! -e $cvsdir ]] ; then
> + fail "$cvsdir does not exist"
> + fi
> +
> + if [[ -z "$rtgz" ]] ; then
> + set-tdir
> + rtgz=$tdir/$v/xen-$v.tar.gz
> + fi
> +
> + cd $cvsdir || fail "cd"
> +
> + mkdir -p oss-xen/release/$v || fail "Creating directory in CVS"
> +
> + cvs add -kb oss-xen/release/$v/ || fail "cvs add release directory"
> +
> + cd oss-xen/release/$v || fail "cd"
> +
> + cp $tdir/$v/xen-$v.tar.gz . || fail "Copying tarball"
> + cp $tdir/$v/xen-$v.tar.gz.sig . || fail "Copying sig"
> +
> + cvs add -kb xen-$v.tar.gz || fail "cvs add tarball"
> + cvs add -kb xen-$v.tar.gz.sig || fail "cvs add sig"
> +
> + cd ../../..
> +
> + cvs ci -m $v || fail "cvs checkin"
> +
> + ssh mail.xenproject.org "cd /data/downloads.xenproject.org/xen.org && cvs -q up -d" || fail "Deploying tarball"
> +
> + info "Tarball Uploaded. Xen version $v released."
> +}
> +
> +function help() {
> + cat <<EOF
> +General workflow:
> +
> +* Do a number of pre-release sanity checks
> + release check v=4.12.0-rc5
> +
> +* Tag and sign a Xen commit
> + release tag v=4.12.0-rc5
> + or
> + release tag v=4.12.0-rc5 c=07c181c
> +
> +* Create, test, and sign a release tarball
> + release make-tarball v=4.12.0-rc5
> +
> +* Push tags
> + release push-tag v=4.12.0-rc5
> +
> +* Publish tarball
> + release tarball-cvs-checkin-and-post v=4.12.0-rc5
> +EOF
> +}
> +
> +###
> +# The actual command-line
> +###
> +cmdline "$@"
>
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [Xen-devel] [PATCH RFC 1/2] scripts: Add script to do the repetitive bits of the release process
2019-04-05 17:13 ` [Xen-devel] " George Dunlap
` (2 preceding siblings ...)
(?)
@ 2019-08-05 10:57 ` Ian Jackson
2019-08-06 13:37 ` George Dunlap
-1 siblings, 1 reply; 8+ messages in thread
From: Ian Jackson @ 2019-08-05 10:57 UTC (permalink / raw)
To: George Dunlap; +Cc: xen-devel
Hi. Thanks for looking into this. Sorry about the delay to the
review. I found it, unsent, while recovering a crashed mailreader
session...
George Dunlap writes ("[PATCH RFC 1/2] scripts: Add script to do the repetitive bits of the release process"):
> With this script, once the main checks are out of the way, doing a
> release (either an RC or the final release) should mostly be a matter
> of executing a sequence of 4 commands given by the `help` function in
> this script.
Script is missing set -e. I'm generally not happy with the || fail
pattern, except for improving error messages. It makes it far too
easy to accidentally miss an error check. Your script has at least a
few missing error checks and I don't want to read it and try to spot
them all. Can you change this ?
> +###
> +# George's bash library core
> +###
You've cloned (and presumably not hacked) some personal library of
your own ? What's wrong with getopt(1) eg
eval "$(getopt -s bash ... "$@")"
See /usr/share/doc/util-linux/examples/getopt-parse.bash.
Although, it's not clear to me that a full-blown option parser is
a better approach than
var1=DEFAULT1
var2=DEFAULT2
for x in "$@"; do eval "$x"; done
for this script, since it will have few users.
> +function cmdline()
I think the keyword `function' here is unidiomatic shell. (I think the
brace place is too but I don't want to quibble about style.)
+ info Running "${args[0]}"
+ "${args[0]}" "${args[@]:1}" || exit 1
You should probably namespace these with an appropriate prefix, rather
than exposing every internal function as a toplevel verb.
> +function xen-make-prefix-config() {
> + $arg_parse
> +
> + # TODO: Ping drall.uk.xensource.com to see if we can reach it?
> +
> + default cache_prefix "git://drall.uk.xensource.com:9419/" ; $default_post
> +
> + perl -ne "if(/^([A-Z_]+_URL) \?= (git.*)/) { print \"\$1 ?= ${cache_prefix}\$2\n\"; }" Config.mk >> .config || fail "Generating .config"
> + cat .config
> +}
Maybe we can expect the caller to have this in their global git
config. I do this:
mariner:~> git-config -l | grep instead
url.git://git-cache.xs.citrite.net:9419/git://.insteadof=git://
url.git://git-cache.xs.citrite.net:9419/.insteadof=git://git-cache.xs.citrite.net:9419/
url.git://drall:9419/http://.insteadof=git://drall:9419/http://
url.git://drall:9419/https://.insteadof=git://drall:9419/https://
url.git://drall:9419/git://.insteadof=git://drall:9419/git://
mariner:~>
> +function set-tdir() {
> + if [[ -z "$tdir" || ! -e "$tdir" ]] ; then
> + info "$tdir doesn't exist, using /tmp"
> + tdir="/tmp"
> + fi
It is not OK to use /tmp/$v, because of tmpfile races. If you don't
want to use somewhere in ~ then you need to mess with mktemp.
> +function tag() {
> + $arg_parse
Overall I am surprised at how much code there is in this script. It
seems much longer than the current runes in the release checklist.
> + if [[ -n "$c" ]] ; then
> + info "Checking out commit $c"
> + git checkout $c || fail
> + else
> + local q
> + git checkout stable-$x || fail "Couldn't check out stable branch"
> + git merge || fail "Merge"
Surely we rarely want to do this, and never automatically.
> + git log -n 10
> + read -p "Enter to continue, anything else to quit: " q
Better to ask for a "y". read might return "" due to eof.
> + cvs ci -m $v || fail "cvs checkin"
> +
> + ssh mail.xenproject.org "cd /data/downloads.xenproject.org/xen.org && cvs -q up -d" || fail "Deploying tarball"
Should surely read ssh downloads.xenproject.org and then it should
be a variable. Also the scriptlet could be formatted across
multiple lines (and start with set -e, rather than using &&).
Thanks,
Ian.
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [Xen-devel] [PATCH RFC 1/2] scripts: Add script to do the repetitive bits of the release process
2019-08-05 10:57 ` Ian Jackson
@ 2019-08-06 13:37 ` George Dunlap
0 siblings, 0 replies; 8+ messages in thread
From: George Dunlap @ 2019-08-06 13:37 UTC (permalink / raw)
To: Ian Jackson; +Cc: xen-devel
On 8/5/19 11:57 AM, Ian Jackson wrote:
> Hi. Thanks for looking into this. Sorry about the delay to the
> review. I found it, unsent, while recovering a crashed mailreader
> session...
Thanks for the review -- I was going to come back and ping this at some
point; it would be nice to have it in tree before we actually need it
again. :-)
So just in general: I'm willing to make fixes and small tweaks, but I'm
not going to invest a lot of time rewriting this script. It was useful
for me; if you don't want it in tree, then I'll just use it myself when
I find it useful.
> George Dunlap writes ("[PATCH RFC 1/2] scripts: Add script to do the repetitive bits of the release process"):
>> With this script, once the main checks are out of the way, doing a
>> release (either an RC or the final release) should mostly be a matter
>> of executing a sequence of 4 commands given by the `help` function in
>> this script.
>
> Script is missing set -e. I'm generally not happy with the || fail
> pattern, except for improving error messages. It makes it far too
> easy to accidentally miss an error check. Your script has at least a
> few missing error checks and I don't want to read it and try to spot
> them all. Can you change this ?
I've never run with `set -e` before, but let me give it a try and see
how it goes.
>> +###
>> +# George's bash library core
>> +###
>
> You've cloned (and presumably not hacked) some personal library of
> your own ?
I C&P my personal library, yes. (Not sure what "hacked" means in this
context.) I've got a reasonably extensive set of personal scripts that
use this calling convention as their core. It's also the basis for a
bunch of scripting I did around the CentOS package maintenanace:
https://github.com/CentOS-virt7/xen/tree/xen-412/lib
(I've C&P'd here a subset of 'core.sh' in that directory.)
> What's wrong with getopt(1) eg
> eval "$(getopt -s bash ... "$@")"
* It's ugly and hard to read naturally
* You have to think about short names for every option you want; if you
want more than 26, then you start to run out of meaningful letters.
* You have to encode everything in a single line of runes. "$arg_parse"
sets local variables for all your arguments; "$requireargs" is a more
natual way of saying what's required, and "$default" allows line-by-line
specification of defaults if something isn't specified.
* You don't get "inheritance". One of the explicit reasons I developed
this type of framework was so that I could do something like:
```
tgt=c6_01;
vm-start
tgt-ssh "<some command>"
vm-shutdown
```
(In case it isn't clear, `vm-start`, `tgt-ssh`, and `vm-shutdown` all
take `tgt` as an argument.)
Obviously this makes some things easier by making other things more
dangerous; but bash already has inherited variables anyway. If I wanted
real scoping I'd switch to a locally-scoped programming language.
In any case, in line with what I said above -- I'm used to writing bash
scripts in this way; I find it useful. And although the core
"arg_parse" machinery is somewhat ugly, it's been tested and refined
over several years. I'm not going to spend a lot of time rewriting this
script to do something else.
>> +function cmdline()
>
> I think the keyword `function' here is unidiomatic shell. (I think the
> brace place is too but I don't want to quibble about style.)
What would you prefer instead?
>
> + info Running "${args[0]}"
> + "${args[0]}" "${args[@]:1}" || exit 1
>
> You should probably namespace these with an appropriate prefix, rather
> than exposing every internal function as a toplevel verb.
You mean namespace the internal "library" functions like `fail`? Or
helper functions like `tag`?
Either way, I don't see a big issue from allowing them to be called from
the command-line: sometimes it's helpful (if only for unit testing); and
although calling `release fail "blah"` seems a bit pointless, it's not
harmful, and I'd prefer to keep names of the "library" functions short.
>> +function xen-make-prefix-config() {
>> + $arg_parse
>> +
>> + # TODO: Ping drall.uk.xensource.com to see if we can reach it?
>> +
>> + default cache_prefix "git://drall.uk.xensource.com:9419/" ; $default_post
>> +
>> + perl -ne "if(/^([A-Z_]+_URL) \?= (git.*)/) { print \"\$1 ?= ${cache_prefix}\$2\n\"; }" Config.mk >> .config || fail "Generating .config"
>> + cat .config
>> +}
>
> Maybe we can expect the caller to have this in their global git
> config. I do this:
>
> mariner:~> git-config -l | grep instead
> url.git://git-cache.xs.citrite.net:9419/git://.insteadof=git://
> url.git://git-cache.xs.citrite.net:9419/.insteadof=git://git-cache.xs.citrite.net:9419/
> url.git://drall:9419/http://.insteadof=git://drall:9419/http://
> url.git://drall:9419/https://.insteadof=git://drall:9419/https://
> url.git://drall:9419/git://.insteadof=git://drall:9419/git://
> mariner:~>
It looks like only the first one of those does anything? Or am I
misunderstanding the syntax?
At any rate, yes, that's probably a cleaner solution; we can add that to
the instructions for the script. (I didn't know about `insteadof`.)
>> +function set-tdir() {
>> + if [[ -z "$tdir" || ! -e "$tdir" ]] ; then
>> + info "$tdir doesn't exist, using /tmp"
>> + tdir="/tmp"
>> + fi
>
> It is not OK to use /tmp/$v, because of tmpfile races. If you don't
> want to use somewhere in ~ then you need to mess with mktemp.
>
>> +function tag() {
>> + $arg_parse
>
> Overall I am surprised at how much code there is in this script. It
> seems much longer than the current runes in the release checklist.
Some of it is boilerplate to be able to make functions; a lot of it is
encoding error and exception handling which is implicit in a checklist
(because expert humans know what an error looks like and how to fix
things up).
>> + if [[ -n "$c" ]] ; then
>> + info "Checking out commit $c"
>> + git checkout $c || fail
>> + else
>> + local q
>> + git checkout stable-$x || fail "Couldn't check out stable branch"
>> + git merge || fail "Merge"
>
> Surely we rarely want to do this, and never automatically.
Oh, this should have an `--ff-only`. (I've got --ff-only enabled by
default in my .gitconfig). So for me this will just update to the
newest commit on the origin/stable-$x branch (and fail if an actual
merge commit would be needed).
If we don't want to auto-ff, then we should check to see how many
commits we are away from upstream and fail out if that number is 0.
>> + git log -n 10
>> + read -p "Enter to continue, anything else to quit: " q
>
> Better to ask for a "y". read might return "" due to eof.
Sure.
>> + cvs ci -m $v || fail "cvs checkin"
>> +
>> + ssh mail.xenproject.org "cd /data/downloads.xenproject.org/xen.org && cvs -q up -d" || fail "Deploying tarball"
>
> Should surely read ssh downloads.xenproject.org and then it should
> be a variable. Also the scriptlet could be formatted across
> multiple lines (and start with set -e, rather than using &&).
Can you 'set -e' in an ssh command like this?
In any case -- before I invest a lot of time cleaning this up further,
are you willing to take it with my quirky calling conventions rather
than getopt? If not I'll probably just keep this locally.
-George
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2019-08-06 13:38 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-04-05 17:13 [PATCH RFC 1/2] scripts: Add script to do the repetitive bits of the release process George Dunlap
2019-04-05 17:13 ` [Xen-devel] " George Dunlap
2019-04-05 17:13 ` [PATCH RFC 2/2] release: Update release-checklist George Dunlap
2019-04-05 17:13 ` [Xen-devel] " George Dunlap
2019-05-01 14:56 ` [PATCH RFC 1/2] scripts: Add script to do the repetitive bits of the release process George Dunlap
2019-05-01 14:56 ` [Xen-devel] " George Dunlap
2019-08-05 10:57 ` Ian Jackson
2019-08-06 13:37 ` George Dunlap
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.