Use new channel-based release process (#486)

* Use new channel-based release process * More verbose AMI sharing
zalando-stups · Feb 14, 2018 · 9ee2814 · 9ee2814
1 parent f9033b2
commit 9ee2814
Show file tree

Hide file tree

Showing 5 changed files with 85 additions and 161 deletions.
diff --git a/create-ami.sh b/create-ami.sh
@@ -14,10 +14,6 @@ function finally() {
 }
 trap finally EXIT
 
-
-# default description (may be overriden by config file)
-ami_description="STUPS' Taupage AMI with Docker runtime"
-
 # argument parsing
 if [ "$1" = "--dry-run" ]; then
     echo "Dry run requested."
@@ -31,7 +27,7 @@ if [ -z "$1" ] || [ ! -r "$1" ] || [ -z "$2" ]; then
     echo "Usage:  $0 [--dry-run] <config-file> <taupage-version>" >&2
     exit 1
 fi
-CONFIG_FILE=./$1
+CONFIG_FILE=$1
 TAUPAGE_VERSION=$2
 
 # load configuration file
@@ -62,14 +58,14 @@ result=$(aws ec2 run-instances \
     --region $region \
     --subnet-id $subnet)
 
-instanceid=$(echo $result | jq .Instances\[0\].InstanceId | sed 's/"//g')
+instanceid=$(echo $result | jq -r .Instances\[0\].InstanceId)
 echo "Instance: $instanceid"
 
 aws ec2 create-tags --region $region --resources $instanceid --tags "Key=Name,Value=Taupage AMI Builder, Key=Version,Value=$TAUPAGE_VERSION"
 
 while [ true ]; do
     result=$(aws ec2 describe-instances --region $region --instance-id $instanceid --output json)
-    ip=$(echo $result | jq .Reservations\[0\].Instances\[0\].PublicIpAddress | sed 's/"//g')
+    ip=$(echo $result | jq -r .Reservations\[0\].Instances\[0\].PublicIpAddress)
 
     [ ! -z "$ip" ] && [ "$ip" != "null" ] && break
 
@@ -164,7 +160,8 @@ echo "Setting EnaSupport flag"
 aws ec2 modify-instance-attribute --region $region --instance-id $instanceid --ena-support
 
 # create ami
-ami_name="Taupage${ami_suffix}-AMI-$(date +%Y%m%d-%H%M%S)"
+build_date="$(date +%Y%m%d-%H%M%S)"
+ami_name="TaupageBuild-${TAUPAGE_VERSION}"
 echo "Creating $ami_name ..."
 result=$(aws ec2 create-image \
     --region $region \
@@ -173,58 +170,39 @@ result=$(aws ec2 create-image \
     --name $ami_name \
     --description "$ami_description")
 
-imageid=$(echo $result | jq .ImageId | sed 's/"//g')
+imageid=$(echo $result | jq -r .ImageId)
 echo "Image: $imageid"
 
-state="no state yet"
-while [ true ]; do
-    echo "Waiting for AMI creation... ($state)"
-
-    result=$(aws ec2 describe-images --region $region --output json --image-id $imageid)
-    state=$(echo $result | jq .Images\[0\].State | sed 's/"//g')
-
-    if [ "$state" = "failed" ]; then
-        echo "Image creation failed."
-        exit 1
-    elif [ "$state" = "available" ]; then
-        # set AMI Version Tag
-        aws ec2 create-tags --region $region --resources $imageid --tags Key=Version,Value=$TAUPAGE_VERSION
-        break
-    fi
+function wait_for_ami() {
+    local region="$1"
+    local imageid="$2"
 
-    sleep 10
-done
-
-# run tests
-if [ "$disable_tests" = true ]; then
-    echo "skipping tests as DISABLE_TESTS set to TRUE"
-else
-    ./test.sh $CONFIG_FILE $TAUPAGE_VERSION
-fi
+    while true; do
+        local state=$(aws ec2 describe-images --region $region --output json --image-id $imageid | jq -r .Images\[0\].State)
+        echo "Waiting for AMI creation... ($state)"
 
 
-#if test failed then dont share and copy the image to other regions
-if [ $? -eq 0 ];
-then
-    if [ "$disable_ami_sharing" = true ]; then
-        echo "skipping AMI sharing as disable_ami_sharing set to true"
-    else
-        ./share-ami.sh $CONFIG_FILE $TAUPAGE_VERSION
-    fi
-    # TODO exit if git is dirty
+        if [ "$state" = "failed" ]; then
+            echo "Image creation failed."
+            exit 1
+        elif [ "$state" = "available" ]; then
+            echo "AMI $region/$ami_name ($imageid) successfully created."
+            # set AMI tags
+            image_tags="$(jq -n --arg version "$TAUPAGE_VERSION" --arg build_date "$build_date" '[{Key: "Version", Value: $version}, {Key: "BuildDate", Value: $build_date}]')"
+            aws ec2 create-tags --region $region --resources $imageid --tags "$image_tags"
+            return
+        fi
 
+        sleep 10
+    done
+}
 
-    # finished!
-    echo "AMI $ami_name ($imageid) successfully created and shared."
+wait_for_ami "$region" "$imageid"
 
-    # HipChat notification
-    if [ "$hipchat_notification_enabled" = true ]; then
-        echo "Sending HipChat notification..."
-        curl -s -S -X POST -H "Content-Type: application/json" -d "{\"message\":\"$hipchat_message\"}" "https://${hipchat_server_address}/v2/room/${hipchat_room_id}/notification?auth_token=${hipchat_auth_token}"
+# copy to other regions
+for target_region in $copy_regions; do
+    if [[ "$target_region" != "$region" ]]; then
+        target_imageid="$(aws ec2 copy-image --source-region "$region" --source-image-id "$imageid" --region "$target_region" --name "$ami_name" --description "$ami_description" --output text)"
+        wait_for_ami "$target_region" "$target_imageid"
     fi
-
-else
-
-    echo "AMI $ami_name ($imageid) create failed "
-
-fi
+done
diff --git a/share-ami-public.sh b/share-ami-public.sh
diff --git a/share-ami.sh b/share-ami.sh
@@ -1,72 +1,73 @@
 #!/bin/bash
+set -euo pipefail
 
 CONFIG_FILE=$1
-CONFIG_DIR=$(dirname $CONFIG_FILE)
+CONFIG_DIR="$(dirname "$CONFIG_FILE")"
 TAUPAGE_VERSION=$2
+CHANNEL=$3
 
-cd $(dirname $0)
+cd "$(dirname "$0")"
 
 # load configuration file
-. $CONFIG_FILE
+. "$CONFIG_FILE"
 
-# get ami_id, ami_name and commitID
-result=$(aws ec2 describe-images --region $region --filters Name=tag-key,Values=Version Name=tag-value,Values=$TAUPAGE_VERSION --query 'Images[0]' --output json)
-imageid=$(echo $result | jq -r '.ImageId')
-ami_name=$(echo $result | jq -r '.Name')
+publish_date="$(date +%Y%m%d-%H%M%S)"
+ami_name="Taupage${CHANNEL}-AMI-${publish_date}"
 commit_id=$(git rev-parse HEAD)
 
-#share AMI in default region
-echo "Share AMI $imageid for $accounts"
-echo $accounts | xargs aws ec2 modify-image-attribute --region $region --image-id $imageid --attribute launchPermission --operation-type add --user-ids
-aws ec2 create-tags --region $region --resources $imageid --tags "Key=Shared,Value=Internal"
-
-for target_region in $copy_regions; do
-    target_imageid=$(aws ec2 describe-images --region $target_region --filters Name=tag-key,Values=Version Name=tag-value,Values=$TAUPAGE_VERSION --query 'Images[*].{ID:ImageId}' --output  text)
-    if [ -z "$target_imageid" ]; then
-        echo "Copying AMI to region $target_region ..."
-        target_imageid=$(aws ec2 copy-image --source-region $region --source-image-id $imageid --region $target_region --name $ami_name --description "$ami_description" --output text)
+share_ami() {
+    # share_ami region
+    local region="$1"
+    local ami_data=$(aws ec2 describe-images --region "$region" --filters "Name=name,Values=TaupageBuild-$TAUPAGE_VERSION" --query 'Images[0]' --output json)
+    local imageid=$(echo "$ami_data" | jq -r '.ImageId')
+    local build_date=$(echo "$ami_data" | jq -r '.Tags[] | select(.Key == "BuildDate") | .Value')
+    if [[ -z "$build_date" ]]; then
+        echo "BuildDate not set, cannot copy the image" >2
+        exit 1
+    fi
 
-        state="no state yet"
-        while [ true ]; do
-            echo "Waiting for AMI creation in $target_region ... ($state)"
+    # create an updated AMI skeleton. most of the properties we copy from the original AMI, but
+    # we need to remove 'encrypted' from the EBS volumes and update the name
+    local updated_ami="$(echo "$ami_data" | jq --arg name "$ami_name" '{Description, Architecture, RootDeviceName, VirtualizationType, SriovNetSupport, EnaSupport, Name: $name, BlockDeviceMappings: .BlockDeviceMappings | map(del(.Ebs.Encrypted))}')"
 
-            state=$(aws ec2 describe-images --region $target_region --query 'Images[0].State' --output text --image-id $target_imageid)
+    echo "Copying AMI $imageid in $region as $ami_name..."
+    local target_imageid=$(aws ec2 register-image --region "$region" --cli-input-json "$updated_ami" --output text)
 
-            if [ "$state" = "failed" ]; then
-                echo "copying Image failed."
-                exit 1
-            elif [ "$state" = "available" ]; then
-                break
-            fi
+    # Wait until the image is available
+    while true; do
+        local state="$(aws ec2 describe-images --region "$region" --query 'Images[0].State' --output text --image-id "$target_imageid")"
 
+        if [ "$state" = "failed" ]; then
+            echo "Copying failed."
+            exit 1
+        elif [ "$state" = "available" ]; then
+            echo "AMI $region/$ami_name ($target_imageid) successfully created."
+            break
+        else
+            echo "Waiting for AMI creation in $region ... ($state)"
             sleep 10
-        done
+        fi
+    done
 
-        # set tags in other account
-        aws ec2 create-tags --region $target_region --resources $target_imageid --tags "Key=Version,Value=$TAUPAGE_VERSION" "Key=CommitID,Value=$commit_id" "Key=Shared,Value=Internal"
-    else
-        echo "Image still exist ($target_imageid). Skip copy."
-        state="available"
-    fi
+    # Update the image tags
+    local tags="$(jq -n --arg build_date "$build_date" --arg version "$TAUPAGE_VERSION" --arg source_ami "$imageid" --arg commit_id "$commit_id" '[{Key: "BuildDate", Value: $build_date}, {Key: "SourceAMI", Value: $source_ami}, {Key: "CommitID", Value: $commit_id}, {Key: "Version", Value: $version}]')"
+    aws ec2 create-tags --region "$region" --resources "$target_imageid" --tags "$tags"
+
+    echo "Sharing the AMI with AWS accounts: $all_accounts"
 
-    echo "Share AMI $target_imageid for $accounts"
-    echo $accounts | xargs aws ec2 modify-image-attribute --region $target_region --image-id $target_imageid --attribute launchPermission --operation-type add --user-ids
+    # Share the image
+    echo $all_accounts | xargs aws ec2 modify-image-attribute --region "$region" --image-id "$target_imageid" --attribute launchPermission --operation-type add --user-ids
+}
+
+for target_rgn in $copy_regions; do
+    share_ami $target_rgn
 done
 
-#check if image creation/copy was successfull
-if [ "$state" = "available" ]; then
-    # git add new release tag
-    git tag $ami_name
+# git add new release tag
+git tag $ami_name
+git push --tags
+if [ -d "$CONFIG_DIR" ]; then
+    cd "$CONFIG_DIR"
+    git tag "$ami_name"
     git push --tags
-    if [ -d "$CONFIG_DIR" ]; then
-        cd "$CONFIG_DIR"
-        git tag $ami_name
-        git push --tags
-        cd -
-    fi
-
-    #tag image in Frankfurt with commitID
-    aws ec2 create-tags --region $region --resources $imageid --tags Key=CommitID,Value=$commit_id
-else
-    echo "Image creation/copy failed."
 fi
diff --git a/test.sh b/test.sh
@@ -58,7 +58,7 @@ if [ -n "$mint_bucket" ]; then
 	sed -i "1,$ s/mint_bucket.*$/mint_bucket:\ $MINT_BUCKET/" $taupageyamlfile
 fi
 
-AMI_ID=$(aws ec2 describe-images --region $region --filters Name=tag-key,Values=Version Name=tag-value,Values=$TAUPAGE_VERSION --query 'Images[*].{ID:ImageId}' --output  text)
+AMI_ID=$(aws ec2 describe-images --region $region --filters "Name=name,Values=TaupageBuild-$TAUPAGE_VERSION" --query 'Images[*].{ID:ImageId}' --output  text)
 
 if [ -z "$testinstance_types" ]; then
 	testinstance_types="$instance_type"

diff --git a/unshare-ami.sh b/unshare-ami.sh