From 36098402568ab8e9b20e0cd7bb2d3476eaec1167 Mon Sep 17 00:00:00 2001 From: James Blair Date: Wed, 22 Jan 2025 10:57:23 +1300 Subject: [PATCH 1/2] Update scripts & documentation for artifact registry adoption. Signed-off-by: James Blair --- Documentation/contributor-guide/release.md | 2 ++ scripts/build-docker.sh | 1 + scripts/release_notes.tpl.txt | 20 ++++++++++---------- scripts/test_images.sh | 2 +- 4 files changed, 14 insertions(+), 11 deletions(-) diff --git a/Documentation/contributor-guide/release.md b/Documentation/contributor-guide/release.md index 266b500d1c4..a2344605434 100644 --- a/Documentation/contributor-guide/release.md +++ b/Documentation/contributor-guide/release.md @@ -62,6 +62,7 @@ which don't need to be executed before releasing each version. 4. Authenticate the image registry, refer to [Authentication methods](https://cloud.google.com/container-registry/docs/advanced-authentication). - `gcloud auth login` - `gcloud auth configure-docker` + - `gcloud auth configure-docker us-docker.pkg.dev` 5. Install gh, refer to [GitHub's documentation](https://github.com/cli/cli#installation). Ensure that running `gh auth login` succeeds for the GitHub account you use to contribute to etcd, and that `gh auth status` has a clean exit and doesn't show any issues. @@ -73,6 +74,7 @@ which don't need to be executed before releasing each version. 3. Once permissions are elevated, temporarily relax [branch protections](https://github.com/etcd-io/etcd/settings/branches) to allow pushing changes directly to `release-*` branches in GitHub. 4. Verify you can pass the authentication to the image registries, - `docker login gcr.io` + - `docker login us-docker.pkg.dev` - `docker login quay.io` - If the release person doesn't have access to 1password, one of the owners (@ahrtr, @ivanvc, @jmhbnz, @serathius) needs to share the password with them per [this guide](https://support.1password.com/share-items/). See rough steps below, - [Sign in](https://team-etcd.1password.com/home) to your account on 1password.com. diff --git a/scripts/build-docker.sh b/scripts/build-docker.sh index 6f86fb46a75..24f17ab4217 100755 --- a/scripts/build-docker.sh +++ b/scripts/build-docker.sh @@ -45,6 +45,7 @@ if [ -z "${TAG:-}" ]; then # From https://stackoverflow.com/q/72144329/ DOCKER_BUILDKIT=1 docker build --build-arg="ARCH=${ARCH}" -t "gcr.io/etcd-development/etcd:${VERSION}" "${IMAGEDIR}" DOCKER_BUILDKIT=1 docker build --build-arg="ARCH=${ARCH}" -t "quay.io/coreos/etcd:${VERSION}" "${IMAGEDIR}" + DOCKER_BUILDKIT=1 docker build --build-arg="ARCH=${ARCH}" -t "us-docker.pkg.dev/etcd-development/etcd/etcd:${VERSION}" "${IMAGEDIR}" else docker build -t "${TAG}:${VERSION}" "${IMAGEDIR}" fi diff --git a/scripts/release_notes.tpl.txt b/scripts/release_notes.tpl.txt index 67701d9886e..cb656cbf9ed 100644 --- a/scripts/release_notes.tpl.txt +++ b/scripts/release_notes.tpl.txt @@ -55,19 +55,19 @@ mv /tmp/etcd-${ETCD_VER}-darwin-amd64/* /tmp/etcd-download-test && rm -rf mv /tm ###### Docker -etcd uses [`gcr.io/etcd-development/etcd`](https://gcr.io/etcd-development/etcd) as a primary container registry, and [`quay.io/coreos/etcd`](https://quay.io/coreos/etcd) as secondary. +etcd uses [`us-docker.pkg.dev/etcd-development/etcd/etcd`](https://console.cloud.google.com/artifacts/docker/etcd-development/us/etcd) as a primary container registry, and [`quay.io/coreos/etcd`](https://quay.io/coreos/etcd) as secondary. ```sh ETCD_VER=${RELEASE_VERSION} rm -rf /tmp/etcd-data.tmp && mkdir -p /tmp/etcd-data.tmp && \ - docker rmi gcr.io/etcd-development/etcd:${ETCD_VER} || true && \ + docker rmi us-docker.pkg.dev/etcd-development/etcd/etcd:${ETCD_VER} || true && \ docker run \ -p 2379:2379 \ -p 2380:2380 \ --mount type=bind,source=/tmp/etcd-data.tmp,destination=/etcd-data \ - --name etcd-gcr-${ETCD_VER} \ - gcr.io/etcd-development/etcd:${ETCD_VER} \ + --name etcd-${ETCD_VER} \ + us-docker.pkg.dev/etcd-development/etcd/etcd:${ETCD_VER} \ /usr/local/bin/etcd \ --name s1 \ --data-dir /etcd-data \ @@ -82,10 +82,10 @@ rm -rf /tmp/etcd-data.tmp && mkdir -p /tmp/etcd-data.tmp && \ --logger zap \ --log-outputs stderr -docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcd --version -docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcdctl version -docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcdutl version -docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcdctl endpoint health -docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcdctl put foo bar -docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcdctl get foo +docker exec etcd-${ETCD_VER} /usr/local/bin/etcd --version +docker exec etcd-${ETCD_VER} /usr/local/bin/etcdctl version +docker exec etcd-${ETCD_VER} /usr/local/bin/etcdutl version +docker exec etcd-${ETCD_VER} /usr/local/bin/etcdctl endpoint health +docker exec etcd-${ETCD_VER} /usr/local/bin/etcdctl put foo bar +docker exec etcd-${ETCD_VER} /usr/local/bin/etcdctl get foo ``` diff --git a/scripts/test_images.sh b/scripts/test_images.sh index 3cdb606b259..b4e07ff10de 100755 --- a/scripts/test_images.sh +++ b/scripts/test_images.sh @@ -38,7 +38,7 @@ fi # Pick defaults based on release workflow ARCH=$(go env GOARCH) -REPOSITARY=${REPOSITARY:-"gcr.io/etcd-development/etcd"} +REPOSITARY=${REPOSITARY:-"us-docker.pkg.dev/etcd-development/etcd/etcd"} if [ -n "$VERSION" ]; then # Expected Format: v3.6.99-amd64 TAG=v"${VERSION}"-"${ARCH}" From 0dd4344254c7f6eca6a5f11cf29da9118ead1722 Mon Sep 17 00:00:00 2001 From: James Blair Date: Wed, 22 Jan 2025 11:25:53 +1300 Subject: [PATCH 2/2] Update scripts/release.sh to push to artifact registry. Signed-off-by: James Blair --- scripts/release.sh | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/scripts/release.sh b/scripts/release.sh index aaa1e612c43..4efe5471058 100755 --- a/scripts/release.sh +++ b/scripts/release.sh @@ -268,7 +268,7 @@ main() { if [ "${DRY_RUN}" == "true" ] || [ "${NO_DOCKER_PUSH}" == 1 ]; then log_callout "Skipping docker push. --no-docker-push flat is set." else - read -p "Publish etcd ${RELEASE_VERSION} docker images to quay.io [y/N]? " -r confirm + read -p "Publish etcd ${RELEASE_VERSION} docker images to quay.io, gcr.io & artifact registry [y/N]? " -r confirm [[ "${confirm,,}" == "y" ]] || exit 1 # shellcheck disable=SC2034 for i in {1..5}; do @@ -281,6 +281,8 @@ main() { maybe_run docker push "quay.io/coreos/etcd:${RELEASE_VERSION}-${TARGET_ARCH}" log_callout "Pushing container images to gcr.io ${RELEASE_VERSION}-${TARGET_ARCH}" maybe_run docker push "gcr.io/etcd-development/etcd:${RELEASE_VERSION}-${TARGET_ARCH}" + log_callout "Pushing container images to artifact registry ${RELEASE_VERSION}-${TARGET_ARCH}" + maybe_run docker push "us-docker.pkg.dev/etcd-development/etcd/etcd:${RELEASE_VERSION}-${TARGET_ARCH}" done log_callout "Creating manifest-list (multi-image)..." @@ -291,6 +293,9 @@ main() { maybe_run docker manifest create --amend "gcr.io/etcd-development/etcd:${RELEASE_VERSION}" "gcr.io/etcd-development/etcd:${RELEASE_VERSION}-${TARGET_ARCH}" maybe_run docker manifest annotate "gcr.io/etcd-development/etcd:${RELEASE_VERSION}" "gcr.io/etcd-development/etcd:${RELEASE_VERSION}-${TARGET_ARCH}" --arch "${TARGET_ARCH}" + + maybe_run docker manifest create --amend "us-docker.pkg.dev/etcd-development/etcd/etcd:${RELEASE_VERSION}" "us-docker.pkg.dev/etcd-development/etcd/etcd:${RELEASE_VERSION}-${TARGET_ARCH}" + maybe_run docker manifest annotate "us-docker.pkg.dev/etcd-development/etcd/etcd:${RELEASE_VERSION}" "us-docker.pkg.dev/etcd-development/etcd/etcd:${RELEASE_VERSION}-${TARGET_ARCH}" --arch "${TARGET_ARCH}" done log_callout "Pushing container manifest list to quay.io ${RELEASE_VERSION}" @@ -298,6 +303,9 @@ main() { log_callout "Pushing container manifest list to gcr.io ${RELEASE_VERSION}" maybe_run docker manifest push "gcr.io/etcd-development/etcd:${RELEASE_VERSION}" + + log_callout "Pushing container manifest list to artifact registry ${RELEASE_VERSION}" + maybe_run docker manifest push "us-docker.pkg.dev/etcd-development/etcd/etcd:${RELEASE_VERSION}" fi ### Release validation