Skip to content

feat: add interactive automation #1793

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
bwplotka wants to merge 1 commit into from
Closed

feat: add interactive automation #1793

bwplotka wants to merge 1 commit into from

Conversation

@bwplotka
Copy link
Collaborator

@bwplotka bwplotka commented Oct 30, 2025
edited
Loading

FYI: I finalized and stabilized all scripts in #1817

This is a PR for a feature branch to adds more interactive scripts for common OSS release (or pre-release) operations.

See gmp:toil-automation

This has to be reviewed and cleaned, but I already use it on our repos and I recommend trying it out and contributing to this branch! (e.g. PR on top of the scripts branch).

I will write playbooks/readme, but keeping it here for now:

How to use / What works now

  • Clone this repo on this branch. It's easier if you have a separate repo clone for script code
git clone --single-branch -b scripts https://github.com/GoogleCloudPlatform/prometheus-engine.git pescripts
  • Go to this repo root, you can execute all commands from this place.
cd pescripts
  • All scripts should work on all our repos (prometheus, alertmanager, prometheus-engine).
  • All scripts should be readable. Just check what they do if you have questions.
  • They all follow same similar "checkout flow":
    • CHECKOUT_DIR is where you expect prometheus, alertmanager, prometheus-engine clones. If you use a dir with existing clones (recommended as cloning is slow!), script will ask you if you want to reuse it y, hard reset it n or cancel (ctrl+c). I typically say y for quick workflows and my repos are in ~/Repos.
    • PR_BRANCH typically "working" branch and something that script will force push (if you allow, it will ask).
    • BRANCH origin branch, it matters to understand what repo you refer to (AM, Prom or prometheus-engine) and for cases when repo in CHECKOUT_DIR has to be recreated.

Vulnerability check + upgrade

./hack/release-vulnfix.sh script ensures our artifacts has no artifacts (except NPM):

bash ./hack/release-vulnfix.sh help

For example to iterate quickly on ~/Repos/prometheus-engine repo, with bump-img14 branched manually checked in, I can run:

BRANCH=release/0.14 PR_BRANCH=bump-img14 CHECKOUT_DIR=~/Repos bash ./hack/release-vulnfix.sh

Long term plan

  • get this reviewed and cleaned
  • update playbook (as a secondary "tab" to manual process explanation)
  • move to git worktree (thx @bernot-dev for suggesting).
  • build TUI for it reusing https://github.com/jesseduffield/lazygit architecture and Go code for UI parts. (: All in OSS ideally.

This was referenced Oct 30, 2025
Merged
Closed
@bwplotka bwplotka force-pushed the scripts branch 2 times, most recently from 1464094 to 7a1c41c Compare October 30, 2025 12:44
@bwplotka bwplotka mentioned this pull request Oct 30, 2025
Merged
@bwplotka bwplotka force-pushed the scripts branch 2 times, most recently from 618e961 to a2616da Compare October 30, 2025 14:07
@bernot-dev
Copy link
Collaborator

bernot-dev commented Oct 30, 2025

Your instructions for cloning the branch looks like what git worktree does, except you don't have to clone again with a worktree.

bernot-dev
bernot-dev reviewed Oct 30, 2025
View reviewed changes
bernot-dev
bernot-dev reviewed Oct 30, 2025
View reviewed changes
bwplotka
bwplotka commented Nov 25, 2025
View reviewed changes
hack/lib.sh
fi
}

release-lib::idemp::vulnlist() {
Copy link
Collaborator Author

@bwplotka bwplotka Nov 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Discussion with @bernot-dev: Should this be on CI.

@bwplotka
feat: add release scripts
5e96846 
See go/gmp:toil-automation for motivation.

* listing Go vulns + severity
* create a security vuln fix commit
* create a new fork release that syncs with certain upstream tag (see go/gmp:fork-toil)
* cut RC

Signed-off-by: bwplotka <bwplotka@google.com>

chore: update

chore: add go version check

Signed-off-by: bwplotka <bwplotka@gmail.com>
@bwplotka bwplotka force-pushed the scripts branch 2 times, most recently from 447296c to 5e96846 Compare December 3, 2025 22:28
@bwplotka
Copy link
Collaborator Author

bwplotka commented Dec 4, 2025

Replaced by #1817

@bwplotka bwplotka closed this Dec 4, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bernot-dev bernot-dev bernot-dev left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bwplotka @bernot-dev