changelog utility for merging stuff (#542)

solo-io · Nov 22, 2024 · e020563 · e020563
1 parent f51fc89
commit e020563
Show file tree

Hide file tree

Showing 5 changed files with 94 additions and 52 deletions.
diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml
@@ -30,10 +30,12 @@ jobs:
         service_account_key: ${{ secrets.GCP_SA_KEY }}
         export_default_credentials: true
       name: Gcloud Login
-    - name: Install Trivy
+    - name: Install Trivy (latest)
       run: |
-        wget https://github.com/aquasecurity/trivy/releases/download/v0.18.3/trivy_0.18.3_Linux-64bit.deb
-        sudo dpkg -i trivy_0.18.3_Linux-64bit.deb
+          TRIVY_VERSION=$(curl --silent "https://api.github.com/repos/aquasecurity/trivy/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v([^"]+)".*/\1/') 
+          echo Using Trivy v${TRIVY_VERSION}
+          wget https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.deb
+          sudo dpkg -i trivy_${TRIVY_VERSION}_Linux-64bit.deb
     - name: Set up Go
       uses: actions/setup-go@v4
       with:

diff --git a/changelog/v0.27.2/expose-morechangelogstuff.yaml b/changelog/v0.27.2/expose-morechangelogstuff.yaml
@@ -0,0 +1,6 @@
+changelog:
+  - type: NON_USER_FACING
+    description: >
+      Midterm update post gloo donation.
+      Eventually github tests should rely on this repo and not another repo
+      This also forced a trivy upgrade to the same style used else where
diff --git a/changeloggenutils/merged_release.go b/changeloggenutils/merged_release.go
@@ -111,16 +111,16 @@ func (g *MergedReleaseGenerator) GenerateJSON(ctx context.Context) (string, erro
 }
 
 func (g *MergedReleaseGenerator) GetMergedEnterpriseRelease(ctx context.Context) (*ReleaseData, error) {
-	ossReleases, err := NewMinorReleaseGroupedChangelogGenerator(Options{
-		RepoOwner: g.opts.RepoOwner,
-		MainRepo:  g.opts.DependentRepo,
-	}, g.client).
-		GetReleaseData(ctx, g.opts.DependentRepoReleases)
+
+	enterpriseReleases, err := NewMinorReleaseGroupedChangelogGenerator(g.opts, g.client).
+		GetReleaseData(ctx, g.opts.MainRepoReleases)
 	if err != nil {
 		return nil, err
 	}
-	enterpriseReleases, err := NewMinorReleaseGroupedChangelogGenerator(g.opts, g.client).
-		GetReleaseData(ctx, g.opts.MainRepoReleases)
+	ossOpts := g.opts
+	ossOpts.MainRepo = g.opts.DependentRepo
+	ossReleases, err := NewMinorReleaseGroupedChangelogGenerator(ossOpts, g.client).
+		GetReleaseData(ctx, g.opts.DependentRepoReleases)
 	if err != nil {
 		return nil, err
 	}
@@ -165,6 +165,7 @@ func (g *MergedReleaseGenerator) MergeEnterpriseReleaseWithOS(enterpriseReleases
 			var finalChangelogNotes = NewChangelogNotes()
 			for _, version := range depVersions {
 				//prefix := fmt.Sprintf("(From OSS %s) ", getGithubReleaseMarkdownLink(version.String(), g.RepoOwner, g.openSourceRepo))
+				fmt.Println(version.String())
 				notes, err := osReleases.GetChangelogNotes(version)
 				if err != nil {
 					return nil, err

diff --git a/changeloggenutils/minor_release.go b/changeloggenutils/minor_release.go
@@ -42,23 +42,55 @@ func NewMinorReleaseGroupedChangelogGenerator(opts Options, client *github.Clien
 	}
 }
 
-// Entry point for generating changelog JSON
-func (g *MinorReleaseGroupedChangelogGenerator) GenerateJSON(ctx context.Context) (string, error) {
+type changelogOutput struct {
+	Opts        Options
+	ReleaseData *ReleaseData
+}
+
+// AddReleaseData without overriding the options.
+// Only adopt info that is not already present in the output.
+func (c changelogOutput) AddReleaseData(donorOutput changelogOutput) error {
+	if donorOutput.ReleaseData == nil {
+		return fmt.Errorf("donorOutput ReleaseData is nil")
+	}
+	for k, v := range donorOutput.ReleaseData.Releases {
+		if c.ReleaseData.Releases[k] == nil {
+			c.ReleaseData.Releases[k] = v
+		}
+	}
+	return nil
+}
+
+// GenerateJSON from a changelogoutput.
+// This simply marches the output to a JSON string.
+func (c changelogOutput) GenerateJSON() (string, error) {
+	res, err := json.Marshal(c)
+	return string(res), err
+}
+
+func (g *MinorReleaseGroupedChangelogGenerator) AddToOutput(ctx context.Context) (changelogOutput, error) {
+	var out changelogOutput
 	var err error
 	releaseData, err := g.GetReleaseData(ctx, g.opts.MainRepoReleases)
 	if err != nil {
-		return "", err
-	}
-	var out struct {
-		Opts        Options
-		ReleaseData *ReleaseData
+		return out, err
 	}
+
 	out.Opts = Options{
 		RepoOwner:     g.opts.RepoOwner,
 		MainRepo:      g.opts.MainRepo,
 		DependentRepo: g.opts.DependentRepo,
 	}
 	out.ReleaseData = releaseData
+	return out, nil
+}
+
+// Entry point for generating changelog JSON
+func (g *MinorReleaseGroupedChangelogGenerator) GenerateJSON(ctx context.Context) (string, error) {
+	out, err := g.AddToOutput(ctx)
+	if err != nil {
+		return "", err
+	}
 	res, err := json.Marshal(out)
 	return string(res), err
 }

diff --git a/securityscanutils/securityscan_test.go b/securityscanutils/securityscan_test.go
@@ -17,7 +17,8 @@ import (
 )
 
 const (
-	glooRepoName = "gloo"
+	repoName         = "gloo"
+	gatewayOwnerName = "solo-io"
 )
 
 var _ = Describe("Security Scan Suite", func() {
@@ -40,20 +41,20 @@ var _ = Describe("Security Scan Suite", func() {
 	Context("Security Scanner", func() {
 
 		It("works", func() {
-			verConstraint, err := semver.NewConstraint("=v1.6.0 || =v1.7.0")
+			verConstraint, err := semver.NewConstraint("=v1.14.0 || =v1.15.1")
 			Expect(err).NotTo(HaveOccurred())
 			fmt.Println("Output dir:", outputDir)
 			secScanner := &SecurityScanner{
 				Repos: []*SecurityScanRepo{{
-					Repo:  glooRepoName,
-					Owner: "solo-io",
+					Repo:  repoName,
+					Owner: gatewayOwnerName,
 					Opts: &SecurityScanOpts{
 						OutputDir:           outputDir,
 						OutputResultLocally: true,
 						ImagesPerVersion: map[string][]string{
-							"v1.6.0": {"gloo"},
+							"v1.14.0": {"gloo"},
 							// Scan should continue in the case an image cannot be found
-							"v1.7.0": {"thisimagecannotbefound", "gloo", "discovery"},
+							"v1.15.1": {"thisimagecannotbefound", "gloo", "discovery"},
 						},
 						VersionConstraint: verConstraint,
 						ImageRepo:         "quay.io/solo-io",
@@ -70,53 +71,53 @@ var _ = Describe("Security Scan Suite", func() {
 			glooDir := path.Join(outputDir, "gloo")
 			ExpectDirToHaveFiles(glooDir, "issue_results", "markdown_results")
 			githubIssueDir := path.Join(glooDir, "issue_results")
-			ExpectDirToHaveFiles(githubIssueDir, "1.6.0.md", "1.7.0.md")
+			ExpectDirToHaveFiles(githubIssueDir, "1.14.0.md", "1.15.1.md")
 			// Have a directory for each repo we scanned
 			markdownDir := path.Join(outputDir, "gloo", "markdown_results")
 			// Have a directory for each version we scanned
-			ExpectDirToHaveFiles(markdownDir, "1.6.0", "1.7.0")
+			ExpectDirToHaveFiles(markdownDir, "1.14.0", "1.15.1")
 			// Expect there to be a generated docgen file for each image per version
-			ExpectDirToHaveFiles(path.Join(markdownDir, "1.6.0"), "gloo_cve_report.docgen")
-			ExpectDirToHaveFiles(path.Join(markdownDir, "1.7.0"), "discovery_cve_report.docgen", "gloo_cve_report.docgen")
+			ExpectDirToHaveFiles(path.Join(markdownDir, "1.14.0"), "gloo_cve_report.docgen")
+			ExpectDirToHaveFiles(path.Join(markdownDir, "1.15.1"), "discovery_cve_report.docgen", "gloo_cve_report.docgen")
 		})
 
 		It("scans all images from all constraints matched", func() {
-			verConstraint, err := semver.NewConstraint("=v1.7.0")
+			verConstraint, err := semver.NewConstraint("=v1.15.0")
 			Expect(err).NotTo(HaveOccurred())
 			fmt.Println("Output dir:", outputDir)
 			secScanner := &SecurityScanner{
 				Repos: []*SecurityScanRepo{{
-					Repo:  glooRepoName,
-					Owner: "solo-io",
+					Repo:  repoName,
+					Owner: gatewayOwnerName,
 					Opts: &SecurityScanOpts{
 						OutputDir: outputDir,
 						// Specify redundant constraints
 						ImagesPerVersion: map[string][]string{
-							">v1.6.0":  {"gloo", "discovery"},
-							">=v1.7.0": {"glooGreaterThan17"},
+							">v1.14.0":  {"gloo", "discovery"},
+							">=v1.15.0": {"glooGreaterThan17"},
 						},
 						VersionConstraint: verConstraint,
 						ImageRepo:         "quay.io/solo-io",
 					},
 				}},
 			}
 
-			imagesToScan, err := secScanner.Repos[0].GetImagesToScan(semver.MustParse("v1.7.7"))
+			imagesToScan, err := secScanner.Repos[0].GetImagesToScan(semver.MustParse("v1.15.7"))
 			Expect(imagesToScan).To(ContainElements("gloo", "discovery", "glooGreaterThan17"))
 		})
 
 		It("errors if no constraint is matched", func() {
-			verConstraint, err := semver.NewConstraint("=v1.7.0")
+			verConstraint, err := semver.NewConstraint("=v1.15.0")
 			Expect(err).NotTo(HaveOccurred())
 			fmt.Println("Output dir:", outputDir)
 			secScanner := &SecurityScanner{
 				Repos: []*SecurityScanRepo{{
-					Repo:  glooRepoName,
-					Owner: "solo-io",
+					Repo:  repoName,
+					Owner: gatewayOwnerName,
 					Opts: &SecurityScanOpts{
 						OutputDir: outputDir,
 						ImagesPerVersion: map[string][]string{
-							"v1.6.0": {"gloo", "discovery"},
+							"v1.14.0": {"gloo", "discovery"},
 						},
 						VersionConstraint: verConstraint,
 						ImageRepo:         "quay.io/solo-io",
@@ -126,23 +127,23 @@ var _ = Describe("Security Scan Suite", func() {
 
 			err = secScanner.GenerateSecurityScans(context.TODO())
 			Expect(err).To(HaveOccurred())
-			Expect(err.Error()).To(ContainSubstring("version 1.7.0 matched no constraints and has no images to scan"))
+			Expect(err.Error()).To(ContainSubstring("version 1.15.0 matched no constraints and has no images to scan"))
 		})
 
 		When("scan has unrecoverable error", func() {
 			It("short-circuits", func() {
-				verConstraint, err := semver.NewConstraint("=v1.6.0 || =v1.7.0")
+				verConstraint, err := semver.NewConstraint("=v1.13.0 || =v1.14.0")
 				Expect(err).NotTo(HaveOccurred())
 				fmt.Println("Output dir:", outputDir)
 				secScanner := &SecurityScanner{
 					Repos: []*SecurityScanRepo{{
-						Repo:  glooRepoName,
-						Owner: "solo-io",
+						Repo:  repoName,
+						Owner: gatewayOwnerName,
 						Opts: &SecurityScanOpts{
 							OutputDir:           outputDir,
 							OutputResultLocally: true,
 							ImagesPerVersion: map[string][]string{
-								"v1.7.0": {"gloo; $(poorly formatted image name to force UnrecoverableError)"},
+								"v1.14.0": {"gloo; $(poorly formatted image name to force UnrecoverableError)"},
 							},
 							VersionConstraint: verConstraint,
 							ImageRepo:         "quay.io/solo-io",
@@ -163,25 +164,25 @@ var _ = Describe("Security Scan Suite", func() {
 				// Have a directory for each repo we scanned
 				markdownDir := path.Join(outputDir, "gloo", "markdown_results")
 				// Have a directory for each version we scanned
-				ExpectDirToHaveFiles(markdownDir, "1.7.0")
-				ExpectDirToHaveFiles(path.Join(markdownDir, "1.7.0"))
+				ExpectDirToHaveFiles(markdownDir, "1.14.0")
+				ExpectDirToHaveFiles(path.Join(markdownDir, "1.14.0"))
 			})
 		})
 
 		When("scan has recoverable error", func() {
 			It("contains error in generated file", func() {
-				verConstraint, err := semver.NewConstraint("=v1.7.0")
+				verConstraint, err := semver.NewConstraint("=v1.15.0")
 				Expect(err).NotTo(HaveOccurred())
 				fmt.Println("Output dir:", outputDir)
 				secScanner := &SecurityScanner{
 					Repos: []*SecurityScanRepo{{
-						Repo:  glooRepoName,
-						Owner: "solo-io",
+						Repo:  repoName,
+						Owner: gatewayOwnerName,
 						Opts: &SecurityScanOpts{
 							OutputDir:           outputDir,
 							OutputResultLocally: true,
 							ImagesPerVersion: map[string][]string{
-								"v1.7.0": {"thisimagedoesnotexist"},
+								"v1.15.0": {"thisimagedoesnotexist"},
 							},
 							VersionConstraint: verConstraint,
 							ImageRepo:         "quay.io/solo-io",
@@ -198,15 +199,15 @@ var _ = Describe("Security Scan Suite", func() {
 				glooDir := path.Join(outputDir, "gloo")
 				ExpectDirToHaveFiles(glooDir, "issue_results", "markdown_results")
 				localIssueDir := path.Join(glooDir, "issue_results")
-				ExpectDirToHaveFiles(localIssueDir, "1.7.0.md")
-				contents, err := fileutils.ReadFileString(path.Join(localIssueDir, "1.7.0.md"))
+				ExpectDirToHaveFiles(localIssueDir, "1.15.0.md")
+				contents, err := fileutils.ReadFileString(path.Join(localIssueDir, "1.15.0.md"))
 				Expect(err).NotTo(HaveOccurred())
 				Expect(contents).To(ContainSubstring(ImageNotFoundError.Error()))
 				// Have a directory for each repo we scanned
 				markdownDir := path.Join(outputDir, "gloo", "markdown_results")
 				// Have a directory for each version we scanned
-				ExpectDirToHaveFiles(markdownDir, "1.7.0")
-				ExpectDirToHaveFiles(path.Join(markdownDir, "1.7.0"))
+				ExpectDirToHaveFiles(markdownDir, "1.15.0")
+				ExpectDirToHaveFiles(path.Join(markdownDir, "1.15.0"))
 			})
 		})
 	})