2022-11-29 16:58:22 +01:00
|
|
|
/*
|
|
|
|
Copyright (c) Edgeless Systems GmbH
|
|
|
|
|
|
|
|
SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
*/
|
|
|
|
|
|
|
|
// add-version adds a new constellation release version to the list of available versions.
|
|
|
|
// It is meant to be run by the CI pipeline to make new versions available / discoverable.
|
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
|
|
|
"bytes"
|
|
|
|
"context"
|
|
|
|
"encoding/json"
|
|
|
|
"errors"
|
|
|
|
"flag"
|
|
|
|
"fmt"
|
|
|
|
"path"
|
|
|
|
"sort"
|
|
|
|
"time"
|
|
|
|
|
|
|
|
"github.com/aws/aws-sdk-go-v2/aws"
|
|
|
|
awsconfig "github.com/aws/aws-sdk-go-v2/config"
|
|
|
|
s3manager "github.com/aws/aws-sdk-go-v2/feature/s3/manager"
|
|
|
|
"github.com/aws/aws-sdk-go-v2/service/cloudfront"
|
|
|
|
cftypes "github.com/aws/aws-sdk-go-v2/service/cloudfront/types"
|
|
|
|
"github.com/aws/aws-sdk-go-v2/service/s3"
|
|
|
|
s3types "github.com/aws/aws-sdk-go-v2/service/s3/types"
|
|
|
|
"github.com/edgelesssys/constellation/v2/internal/constants"
|
|
|
|
"github.com/edgelesssys/constellation/v2/internal/logger"
|
|
|
|
"github.com/edgelesssys/constellation/v2/internal/update"
|
|
|
|
"go.uber.org/zap"
|
|
|
|
"go.uber.org/zap/zapcore"
|
|
|
|
"golang.org/x/mod/semver"
|
|
|
|
)
|
|
|
|
|
|
|
|
var errVersionListMissing = errors.New("version list does not exist")
|
|
|
|
|
|
|
|
const (
|
|
|
|
stream = "stable"
|
|
|
|
imageKind = "image"
|
|
|
|
defaultRegion = "eu-central-1"
|
|
|
|
defaultBucket = "cdn-constellation-backend"
|
|
|
|
defaultDistributionID = "E1H77EZTHC3NE4"
|
|
|
|
maxCacheInvalidationWaitTime = 5 * time.Minute
|
|
|
|
)
|
|
|
|
|
|
|
|
func main() {
|
|
|
|
version := flag.String("version", "", "Version to add (format: \"v1.2.3\")")
|
|
|
|
region := flag.String("region", defaultRegion, "AWS region")
|
|
|
|
bucket := flag.String("bucket", defaultBucket, "S3 bucket")
|
|
|
|
distributionID := flag.String("distribution-id", defaultDistributionID, "cloudfront distribution id")
|
|
|
|
flag.Parse()
|
|
|
|
|
|
|
|
log := logger.New(logger.JSONLog, zapcore.InfoLevel)
|
|
|
|
if err := validateVersion(*version); err != nil {
|
|
|
|
log.With(zap.Error(err)).Fatalf("Invalid version")
|
|
|
|
}
|
|
|
|
major := semver.Major(*version)
|
|
|
|
minor := semver.MajorMinor(*version)
|
|
|
|
|
|
|
|
ctx := context.Background()
|
|
|
|
|
|
|
|
updateFetcher := update.New()
|
|
|
|
versionManager, err := newVersionManager(ctx, *region, *bucket, *distributionID)
|
|
|
|
if err != nil {
|
|
|
|
log.With(zap.Error(err)).Fatalf("Failed to create version uploader")
|
|
|
|
}
|
|
|
|
|
|
|
|
// ensure minor version exists in list for base major version
|
|
|
|
minorVersions, err := versionManager.getMinorVersions(ctx, *version)
|
|
|
|
if err != nil {
|
|
|
|
if !errors.Is(err, errVersionListMissing) {
|
|
|
|
log.With(zap.Error(err)).Fatalf("Failed to get minor versions")
|
|
|
|
}
|
|
|
|
log.Infof("Version list for minor versions under %q does not exist. Creating new list.", major)
|
|
|
|
minorVersions = &update.VersionsList{
|
|
|
|
Stream: stream,
|
|
|
|
Granularity: "major",
|
|
|
|
Base: major,
|
|
|
|
Kind: imageKind,
|
|
|
|
Versions: []string{},
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if minorVersions.Contains(minor) {
|
|
|
|
log.Infof("Version %q already exists in list %v.", minor, minorVersions.Versions)
|
|
|
|
} else {
|
|
|
|
if err := versionManager.addMinorVersion(ctx, *version, minorVersions); err != nil {
|
|
|
|
log.With(zap.Error(err)).Fatalf("Failed to add minor version")
|
|
|
|
}
|
|
|
|
log.Infof("Added %q to list.", minor)
|
|
|
|
}
|
|
|
|
|
|
|
|
// ensure patch version exists in list for base minor version
|
|
|
|
patchVersions, err := versionManager.getPatchVersions(ctx, *version)
|
|
|
|
if err != nil {
|
|
|
|
if !errors.Is(err, errVersionListMissing) {
|
|
|
|
log.With(zap.Error(err)).Fatalf("Failed to get patch versions")
|
|
|
|
}
|
|
|
|
log.Infof("Version list for patch versions under %q does not exist. Creating new list.", minor)
|
|
|
|
patchVersions = &update.VersionsList{
|
|
|
|
Stream: stream,
|
|
|
|
Granularity: "minor",
|
|
|
|
Base: minor,
|
|
|
|
Kind: imageKind,
|
|
|
|
Versions: []string{},
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if patchVersions.Contains(*version) {
|
|
|
|
log.Infof("Version %q already exists in list %v.", *version, patchVersions.Versions)
|
|
|
|
} else {
|
|
|
|
if err := versionManager.addPatchVersion(ctx, *version, patchVersions); err != nil {
|
|
|
|
log.With(zap.Error(err)).Fatalf("Failed to add patch version")
|
|
|
|
}
|
|
|
|
log.Infof("Added %q to list.", *version)
|
|
|
|
}
|
|
|
|
|
|
|
|
log.Infof("Successfully added version %q at the following URLs:", *version)
|
|
|
|
log.Infof("major to minor url: %s", versionURL("major", major))
|
|
|
|
log.Infof("minor to patch url: %s", versionURL("minor", minor))
|
|
|
|
|
|
|
|
log.Infof("Waiting for cache invalidation.")
|
|
|
|
if err := versionManager.invalidateCaches(ctx, *version); err != nil {
|
|
|
|
log.With(zap.Error(err)).Fatalf("Failed to invalidate caches")
|
|
|
|
}
|
|
|
|
|
|
|
|
sawAddedVersions := true
|
|
|
|
if err := ensureMinorVersionExists(ctx, updateFetcher, *version); err != nil {
|
|
|
|
sawAddedVersions = false
|
|
|
|
log.Warnf("Failed to ensure minor version exists: %v. This may be resolved by waiting.", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := ensurePatchVersionExists(ctx, updateFetcher, *version); err != nil {
|
|
|
|
sawAddedVersions = false
|
|
|
|
log.Warnf("Failed to ensure patch version exists: %v. This may be resolved by waiting.", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
if sawAddedVersions {
|
|
|
|
log.Infof("Versions are available via API.")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func validateVersion(version string) error {
|
|
|
|
if !semver.IsValid(version) {
|
|
|
|
return fmt.Errorf("version %q is not a valid semantic version", version)
|
|
|
|
}
|
|
|
|
if semver.Canonical(version) != version {
|
|
|
|
return fmt.Errorf("version %q is not a canonical semantic version", version)
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func ensureMinorVersionExists(ctx context.Context, fetcher *update.VersionsFetcher, version string) error {
|
|
|
|
major := semver.Major(version)
|
|
|
|
minor := semver.MajorMinor(version)
|
|
|
|
existingMinorVersions, err := fetcher.MinorVersionsOf(ctx, stream, major, imageKind)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if !existingMinorVersions.Contains(minor) {
|
|
|
|
return errors.New("minor version does not exist")
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func ensurePatchVersionExists(ctx context.Context, fetcher *update.VersionsFetcher, version string) error {
|
|
|
|
minor := semver.MajorMinor(version)
|
|
|
|
patch := semver.Canonical(version)
|
|
|
|
existingPatchVersions, err := fetcher.PatchVersionsOf(ctx, stream, minor, imageKind)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if !existingPatchVersions.Contains(patch) {
|
|
|
|
return errors.New("patch version does not exist")
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
type versionManager struct {
|
|
|
|
config aws.Config
|
|
|
|
cloudfrontc *cloudfront.Client
|
|
|
|
s3c *s3.Client
|
|
|
|
uploader *s3manager.Uploader
|
|
|
|
bucket string
|
|
|
|
distributionID string
|
|
|
|
}
|
|
|
|
|
|
|
|
func newVersionManager(ctx context.Context, region, bucket, distributionID string) (*versionManager, error) {
|
|
|
|
cfg, err := awsconfig.LoadDefaultConfig(ctx, awsconfig.WithRegion(region))
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
cloudfrontc := cloudfront.NewFromConfig(cfg)
|
|
|
|
s3c := s3.NewFromConfig(cfg)
|
|
|
|
uploader := s3manager.NewUploader(s3c)
|
|
|
|
return &versionManager{
|
|
|
|
config: cfg,
|
|
|
|
cloudfrontc: cloudfrontc,
|
|
|
|
s3c: s3c,
|
|
|
|
uploader: uploader,
|
|
|
|
bucket: bucket,
|
|
|
|
distributionID: distributionID,
|
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (m *versionManager) getMinorVersions(ctx context.Context, version string) (*update.VersionsList, error) {
|
|
|
|
baseVersion := semver.Major(version)
|
|
|
|
return m.getVersions(ctx, baseVersion)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (m *versionManager) getPatchVersions(ctx context.Context, version string) (*update.VersionsList, error) {
|
|
|
|
baseVersion := semver.MajorMinor(version)
|
|
|
|
return m.getVersions(ctx, baseVersion)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (m *versionManager) addMinorVersion(ctx context.Context, version string, minorVersions *update.VersionsList) error {
|
|
|
|
baseVersion := semver.Major(version)
|
|
|
|
minorVersion := semver.MajorMinor(version)
|
|
|
|
return m.addVersion(ctx, baseVersion, minorVersion, minorVersions)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (m *versionManager) addPatchVersion(ctx context.Context, version string, patchVersions *update.VersionsList) error {
|
|
|
|
baseVersion := semver.MajorMinor(version)
|
|
|
|
patchVersion := semver.Canonical(version)
|
|
|
|
return m.addVersion(ctx, baseVersion, patchVersion, patchVersions)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (m *versionManager) getVersions(ctx context.Context, baseVersion string) (*update.VersionsList, error) {
|
|
|
|
granularity, err := granularityFromVersion(baseVersion)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
out, err := m.s3c.GetObject(ctx, &s3.GetObjectInput{
|
|
|
|
Bucket: aws.String(m.bucket),
|
|
|
|
Key: aws.String(versionJSONPath(granularity, baseVersion)),
|
|
|
|
})
|
|
|
|
if err != nil {
|
|
|
|
var nosuchkey *s3types.NoSuchKey
|
|
|
|
if errors.As(err, &nosuchkey) {
|
|
|
|
return nil, errVersionListMissing
|
|
|
|
}
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
defer out.Body.Close()
|
|
|
|
var versions update.VersionsList
|
|
|
|
if err := json.NewDecoder(out.Body).Decode(&versions); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return &versions, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (m *versionManager) addVersion(ctx context.Context, baseVersion, version string, list *update.VersionsList) error {
|
|
|
|
granularity, err := granularityFromVersion(baseVersion)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
list.Versions = append(list.Versions, version)
|
|
|
|
sort.Strings(list.Versions)
|
|
|
|
if err := list.Validate(); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
rawList, err := json.Marshal(list)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
_, err = m.uploader.Upload(ctx, &s3.PutObjectInput{
|
|
|
|
Bucket: aws.String(m.bucket),
|
|
|
|
Key: aws.String(versionJSONPath(granularity, baseVersion)),
|
|
|
|
Body: bytes.NewBuffer(rawList),
|
|
|
|
})
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
func (m *versionManager) invalidateCaches(ctx context.Context, version string) error {
|
|
|
|
major := semver.Major(version)
|
|
|
|
minor := semver.MajorMinor(version)
|
|
|
|
invalidation, err := m.cloudfrontc.CreateInvalidation(ctx, &cloudfront.CreateInvalidationInput{
|
|
|
|
DistributionId: aws.String(m.distributionID),
|
|
|
|
InvalidationBatch: &cftypes.InvalidationBatch{
|
|
|
|
CallerReference: aws.String(fmt.Sprintf("%d", time.Now().Unix())),
|
|
|
|
Paths: &cftypes.Paths{
|
|
|
|
Quantity: aws.Int32(2),
|
|
|
|
Items: []string{
|
|
|
|
"/" + versionJSONPath("major", major),
|
|
|
|
"/" + versionJSONPath("minor", minor),
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
})
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
waiter := cloudfront.NewInvalidationCompletedWaiter(m.cloudfrontc)
|
|
|
|
if err := waiter.Wait(ctx, &cloudfront.GetInvalidationInput{
|
|
|
|
DistributionId: aws.String(m.distributionID),
|
|
|
|
Id: invalidation.Invalidation.Id,
|
|
|
|
}, maxCacheInvalidationWaitTime); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func granularityFromVersion(version string) (string, error) {
|
|
|
|
switch {
|
|
|
|
case semver.Major(version) == version:
|
|
|
|
return "major", nil
|
|
|
|
case semver.MajorMinor(version) == version:
|
|
|
|
return "minor", nil
|
|
|
|
case semver.Canonical(version) == version:
|
|
|
|
return "patch", nil
|
|
|
|
default:
|
|
|
|
return "", fmt.Errorf("invalid version %q", version)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func versionJSONPath(granularity, base string) string {
|
2022-11-30 15:19:53 +01:00
|
|
|
return path.Join(constants.CDNVersionsPath, "stream", stream, granularity, base, imageKind+".json")
|
2022-11-29 16:58:22 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
func versionURL(granularity, base string) string {
|
|
|
|
return constants.CDNRepositoryURL + "/" + versionJSONPath(granularity, base)
|
|
|
|
}
|