We recently observed that this check was skipped. Indeed it was
possible to propose a bugfix version on the first release of a series
without facing validation errors [1].
The described situation was allowed by checks that we introduced
during Wallaby [2]. Those was designed to ensure that we can
build sdist from the proposed tag. Indeed, they temporarly created
the new git tag to build sdist from it. However we never delete this
tag after our tests so this temporary tag is see as an existing tag
and so that led us to the observed bug.
Our validation check that the first version number of series isn't a
bugfix after it tried to build the sdist from the new tag, so, without
this patch the tag newly created by the sdist check remains available
in the repo, and so a couple of next checks are skipped, including the
validation of the version number, because these checks are decorated
to ignore existing tags.
Indeed the function decorated with `skip_existing_tags` detect this
temporary tag as an existing tag, so, the decorated functions are
skipped.
We should notice that it surely impacted other checks in the same manner.
Indeed, all validation functions decorated with this function
`skip_existing_tags` are impacted by this bug.
Hopefully it didn't have too much side effects.
These changes delete the temporary tag after usage to ensure to restore
the initial environment and to stop skipping next checks.
[1] https://review.opendev.org/c/openstack/releases/+/795836
[2] 80652b5232
Change-Id: I5d9024528d08487a7582e0a0e73576b22708a6cf
This adds a new std-with-versions branch type. This is used to control
validation logic when branching to allow the Ironic team to create
intermediary stable branches based on major.minor version numbers in
addition to our normal expected stable/$series branches.
https://specs.openstack.org/openstack/ironic-specs/specs/not-implemented/new-release-model.html
Change-Id: Ic482c77a2c177162ffe37643a455ac1724a658b3
Signed-off-by: Sean McGinnis <sean.mcginnis@gmail.com>
Update docs building:
* Remove unneeded doc sections from setup.cfg
* Change constraints to use published document, use
new variable
* Import mock from unittest, remove imports from future
Change-Id: I8f33d4c0bf5fcba203d410cd021c548219a757ec
We don't want to allow tagging EM if there were no releases. We also
want to make sure the -em tag is on the last official release that was
done.
Change-Id: I7afb3a52cf2ec47d8e0154b51825b500806aa590
Signed-off-by: Sean McGinnis <sean.mcginnis@gmail.com>
Introduce an 'abandoned' release model for cycle-independent
deliverables. It should only be applied to deliverables in the
_independent directory. No new release should be accepted for
deliverables with this release-model.
Change-Id: I65c163888c37f7a7f77273abf3ca0633923a0fe2
Tempest plugins do not branch, therefore we do not need to enforce that
the minor version is incremented to leave room for stable releases.
Change-Id: I22ba5cb42070b5a450617872de2da337b327de1c
Signed-off-by: Sean McGinnis <sean.mcginnis@gmail.com>
Some "other" deliverables like tempest and patrole never
create stable branches. This allows to clearly mark such
deliverables and add a corner case in validation tests.
Change-Id: I2f6414d0f71baad58335702743f2180f8da3273f
Currently validation considers it valid to propose final versions
on a cycle-with-rc model without RC first:
https://review.opendev.org/#/c/613444/2
Relying on human review to catch that sounds risky. Let's fix it.
Change-Id: Id06794f165f0c852fb62dcacd53058bdc756899e
Task: 27762
We use release-types as a way to verify that versions are compatible and
if needed reflected accurately in the code (puppet, xstatic). If one
isn't set explicitly then we assume python-service.
In certain circumstances (anything other than the first release in a
series) we also perform python specific requirements checking on all
'python' types.
Add a new 'generic' type that uses the same rules to validate version
numbers but wont run any python specific checks.
We need this a projects (like monasca-thresh) will fail the requirements
check for 2nd or greater releases[1].
An alternate would be to have the requirements code check if setup.py
exists before calling it but that seems like the wrong layer to me.
[1] http://logs.openstack.org/54/652854/1/check/openstack-tox-validate/80df01c/job-output.txt.gz#_2019-04-16_06_08_00_636538
Change-Id: I3fcde5eb266f954fddb6871ce8690b93b8fd7a8d
This updates commands and tools to work with the cycle-with-rc model.
Change-Id: I8df85df1c84ae6d8fb37a5206e155f84f8fac947
Signed-off-by: Sean McGinnis <sean.mcginnis@gmail.com>
This change removes support for driver fixes branches. It will prevent
any releases from projects with those branches listed in the deliverable
file in any series, which should prevent us from re-creating branches
that we are trying to remove when we do releases.
Change-Id: Ied35b936af1345e893da1384762f30547601ae8f
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
When the current code needs the repo checked out to a specific commit it
calls clone_repo. The clone_repo call makes sure the repo has been
cloned locally, performs a fetch to get all tags and prunes any
references no longer on the remote, then finally checks out the
requested ref.
The validation logic starts with cloning all necessary repos and
performing these actions, so after that point, we should be able to just
checkout the ref that we need for the given check. This will greatly
improve the execution time of the validate job for repos that have had a
large number of releases.
Change-Id: Ie444c8ef8e91832c38ee69307382ddb5fb8e1b08
Signed-off-by: Sean McGinnis <sean.mcginnis@gmail.com>
If a release does not include all of the repositories in the
deliverable report an error instead of a warning.
Change-Id: I7980b204995647fc77657123fa8d7bb565b55247
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
Now that storyboard-webclient no longer displays the project id
number in project URLs by default, it is harder for people to look
them up without referring to the API. Conversely, we could just use
the newer name-based project query support in the API instead. As a
transitional step, support both. Also switch openstack-infra/shade
from id to name to prove that the validate tool change is effective.
Change-Id: I9da97a1af40bb3527c1c7e8a66a267c76b9db564
At the end of rocky we had a couple of cases where a forced branch was
created from a release that was not the most current. This validation
change should prevent that from happening again in the future.
Change-Id: Ie8635b74ccbce988b5f4e53c0848daf50625b239
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
Add validation support for $series-em tags, using the same rules as
$series-eol tags for now.
Story: #2001879
Task: #22613
Change-Id: I689fc8fee0ded41da202cc4e84cfed6a9daa9846
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
Create a decorator we can use to bypass checks when tags exist and
apply it to the validation functions that make sense.
Change-Id: I91a26abd2934b6a65ae1c1c15d125fd183cd4a23
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
This will make it easier to reuse the git repo fixture.
Change-Id: I8922029fcd60fa94dad73cb187982904289d9a3b
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
Update the version string validation to allow a series-eol
tag. Require that the EOL tag for a deliverable match the series and
be applied to all repositories that are part of the deliverable.
Extend the Release data object to understand whether its tag is an EOL
tag and if so to return the series component from it as eol_series.
Story: #2001879
Task: #14344
Change-Id: I40b6822c942b559dc6f18a4b6be6abb5407c4d7c
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
We agreed at the PTG in Dublin that we would not allow releases from
branches in 'extended maintenance' mode, so that leaves 'development'
and 'maintenance'.
Story: #2001852
Change-Id: I129bdd1c6103615179a7fb7918d37fd02ba0b914
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
Add a validation rule to prevent someone from tagging a release using
a pre-release version (alpha, beta, rc) in a series after a final has
been tagged for that series.
Change-Id: Ia0c84d37bec43725d93b0c7daea0a68bace6407d
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
Avoid cloning a repository that is going to change state to verify the
behavior for existing tags.
Change-Id: Ifd9f88785852f38bd61ceb0692180469b8ee3ce2
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
Create a local repository instead of cloning one from the git server
for the tests that verify the SHA values being tagged.
Change-Id: I12b65577b93f07d383b9cfa131ef56d68bdd130a
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
Ensure the tests do not need internet access.
Change-Id: I4f3ea775314225bf7c300e921a04d5b9194eb680
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
Provide some function decorators to skip validation checks for common
cases like there are no releases or the release is not being made from
the current series.
Change-Id: Ib5d85dca1d2e8bb51207d62330bddedfebab8d39
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
Rather than testing the series condition outside of the validation
function, go ahead and call it and let the function skip the
deliverable if its rules do not apply.
Change-Id: Ib02cdec2cba088bd13ba307822f0ecbb14ddc899
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
This makes the signatures of all of the validation functions the same.
Change-Id: I97c5fc9422055aa46803424e4e05bc16e7cc289c
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
The last checks being done by validate_releases are all related to
ensuring that one release in a series is on a commit that comes after
another commit in the same series' branch. Rename the function to
reflect that.
Change-Id: I05161eb6244da0fbd0e973d046c34ee93f8fcfa0
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
We were checking that 'untagged' deliverables didn't have releases in
the validate_releases function instead of in validate_model.
Change-Id: I0fcfecb6163fa45be79d9b24570b60f038e3c0a0
Signed-off-by: Doug Hellmann <doug@doughellmann.com>