mirror of https://github.com/hashicorp/consul
Browse Source
* build: consolidate Envoy version management Simplify Envoy version management by consolidating all runtime, build, and CI sources of Envoy versions into a single plaintext file. The goal of this change is to avoid common mistakes missing an update of some Envoy versions (both in general and due to release branch inconsistency), and enable automated Envoy version updates in the future. * ci: add missing ref argument for get-go-version Supports nightly tests.NET-10288-Bump-go-to-resolve-CVE-2024-24791
Michael Zalimeni
5 months ago
committed by
Sarah Alsmiller
19 changed files with 460 additions and 221 deletions
@ -0,0 +1,71 @@
|
||||
name: get-envoy-versions |
||||
|
||||
# Reads the canonical ENVOY_VERSIONS file for either the current branch or a specified version of Consul, |
||||
# and returns both the max and all supported Envoy versions. |
||||
|
||||
on: |
||||
workflow_call: |
||||
inputs: |
||||
ref: |
||||
description: | |
||||
The Consul ref/branch (e.g. release/1.18.x) for which to determine supported Envoy versions. |
||||
If not provided, the default actions/checkout value (current ref) is used. |
||||
type: string |
||||
outputs: |
||||
max-envoy-version: |
||||
description: The max supported Envoy version for the specified Consul version |
||||
value: ${{ jobs.get-envoy-versions.outputs.max-envoy-version }} |
||||
envoy-versions: |
||||
description: | |
||||
All supported Envoy versions for the specified Consul version (formatted as multiline string with one version |
||||
per line, in descending order) |
||||
value: ${{ jobs.get-envoy-versions.outputs.envoy-versions }} |
||||
envoy-versions-json: |
||||
description: | |
||||
All supported Envoy versions for the specified Consul version (formatted as JSON array) |
||||
value: ${{ jobs.get-envoy-versions.outputs.envoy-versions-json }} |
||||
|
||||
jobs: |
||||
get-envoy-versions: |
||||
name: "Determine supported Envoy versions" |
||||
runs-on: ubuntu-latest |
||||
outputs: |
||||
max-envoy-version: ${{ steps.get-envoy-versions.outputs.max-envoy-version }} |
||||
envoy-versions: ${{ steps.get-envoy-versions.outputs.envoy-versions }} |
||||
envoy-versions-json: ${{ steps.get-envoy-versions.outputs.envoy-versions-json }} |
||||
steps: |
||||
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 |
||||
with: |
||||
# If not set, will default to current branch. |
||||
ref: ${{ inputs.ref }} |
||||
- name: Determine Envoy versions |
||||
id: get-envoy-versions |
||||
# Note that this script assumes that the ENVOY_VERSIONS file is in the envoyextensions/xdscommon directory. |
||||
# If in the future this file moves between branches, we could introduce a workflow input for the path that |
||||
# defaults to the new value, and manually configure the old value as needed. |
||||
run: | |
||||
MAX_ENVOY_VERSION=$(cat envoyextensions/xdscommon/ENVOY_VERSIONS | grep '^[[:digit:]]' | sort -nr | head -n 1) |
||||
ENVOY_VERSIONS=$(cat envoyextensions/xdscommon/ENVOY_VERSIONS | grep '^[[:digit:]]' | sort -nr) |
||||
ENVOY_VERSIONS_JSON=$(echo -n '[' && echo "${ENVOY_VERSIONS}" | awk '{printf "\"%s\",", $0}' | sed 's/,$//' && echo -n ']') |
||||
|
||||
# Loop through each line of ENVOY_VERSIONS and compare it to the regex |
||||
while IFS= read -r version; do |
||||
if ! [[ $version =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then |
||||
echo 'Invalid version in ENVOY_VERSIONS: '$version' does not match the pattern ^[0-9]+\.[0-9]+\.[0-9]+$' |
||||
exit 1 |
||||
fi |
||||
done <<< "$ENVOY_VERSIONS" |
||||
if ! [[ $MAX_ENVOY_VERSION =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then |
||||
echo 'Invalid MAX_ENVOY_VERSION: '$MAX_ENVOY_VERSION' does not match the pattern ^[0-9]+\.[0-9]+\.[0-9]+$' |
||||
exit 1 |
||||
fi |
||||
|
||||
echo "Supported Envoy versions:" |
||||
echo "${ENVOY_VERSIONS}" |
||||
echo "envoy-versions<<EOF" >> $GITHUB_OUTPUT |
||||
echo "${ENVOY_VERSIONS}" >> $GITHUB_OUTPUT |
||||
echo "EOF" >> $GITHUB_OUTPUT |
||||
echo "Supported Envoy versions JSON: ${ENVOY_VERSIONS_JSON}" |
||||
echo "envoy-versions-json=${ENVOY_VERSIONS_JSON}" >> $GITHUB_OUTPUT |
||||
echo "Max supported Envoy version: ${MAX_ENVOY_VERSION}" |
||||
echo "max-envoy-version=${MAX_ENVOY_VERSION}" >> $GITHUB_OUTPUT |
@ -0,0 +1,14 @@
|
||||
# This file represents the canonical list of supported Envoy versions for this version of Consul. |
||||
# |
||||
# Every line must contain a valid version number in the format "x.y.z" where x, y, and z are integers. |
||||
# All other lines must be comments beginning with a "#", or a blank line. |
||||
# |
||||
# Every prior "minor" version for a given "major" (x.y) version is implicitly supported unless excluded by |
||||
# `xdscommon.UnsupportedEnvoyVersions`. For example, 1.28.3 implies support for 1.28.0, 1.28.1, and 1.28.2. |
||||
# |
||||
# See https://www.consul.io/docs/connect/proxies/envoy#supported-versions for more information on Consul's Envoy |
||||
# version support. |
||||
1.29.5 |
||||
1.28.4 |
||||
1.27.6 |
||||
1.26.8 |
Loading…
Reference in new issue