* continue to use provided 'release' value if specified
* continue to use 'edge' for edge versions
* deduce 'release' value from the version on the alpine-base APK in https://dl-cdn.alpinelinux.org/alpine/v<version/main/<arch>/
* update test profile with 3.13
3.13.0 release
* add version 3.13 profile
* 3.13 end-of-life is 2022-11-01
* note we're an official Alpine project now!
* releases/alpine.yaml has been "--trim release"'d
* updated releases/README.md
scripts/builder.py
* fix ReleaseReadme() to not die when release contains "_rc"
* add --trim to releases-yaml
* tweak some --help for release-yaml and prune
scripts/setup-ami
* explicitly lock AMI root account
Subcommands
* merge 'resolve-profiles' and 'make-amis' into 'amis'
* rename 'update-releases' to 'release-yaml'
* rename 'gen-release-readme' to 'release-readme'
* rename 'prune-amis' to 'prune'
* reorder to match the usual workflow
* use argparse mutually-exclusive group where appropriate
* use argparse 'metavar' and 'nargs' for more salient help
release
* can now specify multiple AMIs on command line
* add explicit '--private' argument
* if no '--private', '--public', or '--allow-account' is specified, default to propagate the source AMI's permissions to its copies
* move 'iter_regions' and 'get*image' methods out of ReleaseAMIs class because they're also used elsewhere
* 'update_image_permissions' resets perms before adding new perms
* pending_copy loop, reports on everything in progress, waits 3m before reporting on everything again, and then waits 30s between reports
* pending_copy also notes when a copy has completed (and only queues for pending_perms if they need adjustment)
Releases class
* used by release-yaml and prune subcommands
* caches region client objects for later use (by prune)
* loads images from region - either from a profile or "unknown" (no profile tag)
* builds the releases object - now structured release -> build (instead of build -> release)
ReleasesReadme
* works with new releases object format
* improve sorting and selection of latest per version per-build AMIs
* empty cell if a region doesn't happen to have a build AMI there
PruneAMIs
* rename 'version' level to 'end-of-life'
* add 'UNKNOWN' pruning level
* works, even if you don't want to --use-broker
* --keep N - keeps an additional N AMIs that would otherwise have been purged per build
* --defer-eol DAYS - give EOL AMIs a grace period past their official EOL date
* no AMI deletion happens unless --no-pretend arg is provided
* improve pruning criteria scan and candidate selection
Co-authored-by: Jake Buchholz <jake@jakesys.net>
scripts/builder.py...
GenReleaseReadme:
* combine with ReleaseReadmeUpdater
* generates README_<profile>.md
* README_alpine.md is a symlink to README.md
* don't crash when README doesn't preexist
* append image list to README if no list found to replace
MakeAMIs:
* collect all artifact IDs and report after all builds
* don't update releases/readme
PruneAMIs:
* defaults to pretend mode, unless --no-pretend
* improve readability
UpdateReleases:
* replace code with what was RefreshReleases
* Add refresh-releases subcommand, etc.
* builder.py
+ gen-release-readme
- convert `build_time` to int
+ release
- add `source_region` to copied AMI tags
- check source AMI's permissions, queue for fixing, if necessary
+ refresh-releases
- update releases/<profile>.yaml based on AMIs that exist in regions
+ explicitly call out `python-dateutil` dependency and `pip install` it into the venv
* Release Alpine 3.12.2 & today's edge
ENI Hotplug / udhcpc script
* works with all Alpine versions back to 3.9
* udhcpc handles ENI's primary IPv4
* post-bound/post-renews eth-eni-hook handles secondary IPv4 & IPv6 addresses, route tables, and rules
setup-ami tweaks
* move scripts to be installed into setup-ami.d/
* move config snippets into setup-ami.d/etc/ (previously embedded in setup-ami)
Profiles can specify 'setup_script' to do additional things. If additional files/dirs are required, a 'setup_copy' map will copy them to the build instance so that 'setup_script' can use/install them.
TBD: docs.
There is an increasing need to share components among the various
commands, especially with the introduction of the identity broker API.
Rather than trying to assemble an importable python library of code for
the build process I think we can just combine everything into one file
and use argparse sub-commands to integrate them into a set of
individually callable scripts. This change does that integration.