Add build date (#14957)

* add BuildDate to version base * populate BuildDate with ldflags * include BuildDate in FullVersionNumber * add BuildDate to seal-status and associated status cmd * extend core/versions entries to include BuildDate * include BuildDate in version-history API and CLI * fix version history tests * fix sys status tests * fix TestStatusFormat * remove extraneous LD_FLAGS from build.sh * add BuildDate to build.bat * fix TestSysUnseal_Reset * attempt to add build-date to release builds * add branch to github build workflow * add get-build-date to build-* job needs * fix release build command vars * add missing quote in release build command * Revert "add branch to github build workflow" This reverts commit b835699. * add changelog entry
hashicorp · Apr 27, 2022 · 1fce2ac · 1fce2ac
1 parent 841e680
commit 1fce2ac
Show file tree

Hide file tree

Showing 19 changed files with 163 additions and 109 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -27,6 +27,18 @@ jobs:
           echo "::set-output name=product-version::$(make version)"
           echo "::set-output name=product-base-version::${BASE_VERSION}"
 
+  get-build-date:
+    runs-on: ubuntu-latest
+    outputs:
+      build-date: ${{ steps.get-build-date.outputs.build-date }}
+    steps:
+      - uses: actions/checkout@v2
+      - name: get build date
+        id: get-build-date
+        run: |
+          make build-date
+          echo "::set-output name=build-date::$(make build-date)"
+
   generate-metadata-file:
     needs: get-product-version
     runs-on: ubuntu-latest
@@ -48,7 +60,7 @@ jobs:
           path: ${{ steps.generate-metadata-file.outputs.filepath }}
 
   build-other:
-    needs: get-product-version
+    needs: [ get-product-version, get-build-date ]
     runs-on: ubuntu-latest
     strategy:
       matrix:
@@ -92,15 +104,15 @@ jobs:
           CGO_ENABLED: 0
         run: |
           mkdir dist out
-          GO_TAGS="${{ env.GO_TAGS }}" VAULT_VERSION=${{ needs.get-product-version.outputs.product-base-version }} VAULT_REVISION="$(git rev-parse HEAD)" make build
+          GO_TAGS="${{ env.GO_TAGS }}" VAULT_VERSION=${{ needs.get-product-version.outputs.product-base-version }} VAULT_REVISION="$(git rev-parse HEAD)" VAULT_BUILD_DATE="${{ needs.get-build-date.outputs.build-date }}" make build
           zip -r -j out/${{ env.PKG_NAME }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip dist/
       - uses: actions/upload-artifact@v2
         with:
           name: ${{ env.PKG_NAME }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip
           path: out/${{ env.PKG_NAME }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip
 
   build-linux:
-    needs: get-product-version
+    needs: [ get-product-version, get-build-date ]
     runs-on: ubuntu-latest
     strategy:
       matrix:
@@ -138,7 +150,7 @@ jobs:
           CGO_ENABLED: 0
         run: |
           mkdir dist out
-          GO_TAGS="${{ env.GO_TAGS }}" VAULT_VERSION=${{ needs.get-product-version.outputs.product-base-version }} VAULT_REVISION="$(git rev-parse HEAD)" make build
+          GO_TAGS="${{ env.GO_TAGS }}" VAULT_VERSION=${{ needs.get-product-version.outputs.product-base-version }} VAULT_REVISION="$(git rev-parse HEAD)" VAULT_BUILD_DATE="${{ needs.get-build-date.outputs.build-date }}" make build
           zip -r -j out/${{ env.PKG_NAME }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip dist/
       - uses: actions/upload-artifact@v2
         with:
@@ -177,7 +189,7 @@ jobs:
           path: out/${{ env.DEB_PACKAGE }}
 
   build-darwin:
-    needs: get-product-version
+    needs: [ get-product-version, get-build-date ]
     runs-on: macos-latest
     strategy:
       matrix:
@@ -214,7 +226,7 @@ jobs:
           CGO_ENABLED: 0
         run: |
           mkdir dist out
-          GO_TAGS="${{ env.GO_TAGS }}" VAULT_VERSION=${{ needs.get-product-version.outputs.product-base-version }} VAULT_REVISION="$(git rev-parse HEAD)" make build
+          GO_TAGS="${{ env.GO_TAGS }}" VAULT_VERSION=${{ needs.get-product-version.outputs.product-base-version }} VAULT_REVISION="$(git rev-parse HEAD)" VAULT_BUILD_DATE="${{ needs.get-build-date.outputs.build-date }}" make build
           zip -r -j out/${{ env.PKG_NAME }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip dist/
       - uses: actions/upload-artifact@v2
         with:

diff --git a/Makefile b/Makefile
@@ -267,9 +267,14 @@ ci-verify:
 # This is used for release builds by .github/workflows/build.yml
 build:
 	@echo "--> Building Vault $(VAULT_VERSION)"
-	@go build -v -tags "$(GO_TAGS)" -ldflags " -X github.com/hashicorp/vault/sdk/version.Version=$(VAULT_VERSION) -X github.com/hashicorp/vault/sdk/version.GitCommit=$(VAULT_REVISION)" -o dist/
+	@go build -v -tags "$(GO_TAGS)" -ldflags " -X github.com/hashicorp/vault/sdk/version.Version=$(VAULT_VERSION) -X github.com/hashicorp/vault/sdk/version.GitCommit=$(VAULT_REVISION) -X github.com/hashicorp/vault/sdk/version.BuildDate=$(VAULT_BUILD_DATE)" -o dist/
 
 .PHONY: version
 # This is used for release builds by .github/workflows/build.yml
 version:
 	@$(CURDIR)/scripts/version.sh sdk/version/version_base.go
+
+.PHONY: build-date
+# This is used for release builds by .github/workflows/build.yml
+build-date:
+	@$(CURDIR)/scripts/build_date.sh
diff --git a/api/sys_seal.go b/api/sys_seal.go
@@ -101,6 +101,7 @@ type SealStatusResponse struct {
 	Progress     int    `json:"progress"`
 	Nonce        string `json:"nonce"`
 	Version      string `json:"version"`
+	BuildDate    string `json:"build_date"`
 	Migration    bool   `json:"migration"`
 	ClusterName  string `json:"cluster_name,omitempty"`
 	ClusterID    string `json:"cluster_id,omitempty"`

diff --git a/changelog/14957.txt b/changelog/14957.txt
@@ -0,0 +1,3 @@
+```release-note:improvement
+core: Include build date in `sys/seal-status` and `sys/version-history` endpoints.
+```
diff --git a/command/format.go b/command/format.go
@@ -259,6 +259,7 @@ func (t TableFormatter) OutputSealStatusStruct(ui cli.Ui, secret *api.Secret, da
 	}
 
 	out = append(out, fmt.Sprintf("Version | %s", status.Version))
+	out = append(out, fmt.Sprintf("Build Date | %s", status.BuildDate))
 	out = append(out, fmt.Sprintf("Storage Type | %s", status.StorageType))
 
 	if status.ClusterName != "" && status.ClusterID != "" {

diff --git a/command/format_test.go b/command/format_test.go
@@ -111,6 +111,7 @@ Unseal Progress               3/1
 Unseal Nonce                  nonce
 Seal Migration in Progress    true
 Version                       version
+Build Date                    build date
 Storage Type                  storage type
 Cluster Name                  cluster name
 Cluster ID                    cluster id
@@ -141,6 +142,7 @@ Unseal Progress               3/1
 Unseal Nonce                  nonce
 Seal Migration in Progress    true
 Version                       version
+Build Date                    build date
 Storage Type                  n/a
 HA Enabled                    false`
 
@@ -166,6 +168,7 @@ func getMockStatusData(emptyFields bool) SealStatusOutput {
 			Progress:     3,
 			Nonce:        "nonce",
 			Version:      "version",
+			BuildDate:    "build date",
 			Migration:    true,
 			ClusterName:  "cluster name",
 			ClusterID:    "cluster id",
@@ -197,6 +200,7 @@ func getMockStatusData(emptyFields bool) SealStatusOutput {
 			Progress:     3,
 			Nonce:        "nonce",
 			Version:      "version",
+			BuildDate:    "build date",
 			Migration:    true,
 			ClusterName:  "",
 			ClusterID:    "",

diff --git a/command/version_history.go b/command/version_history.go
@@ -100,7 +100,7 @@ func (c *VersionHistoryCommand) Run(args []string) int {
 		return 2
 	}
 
-	table := []string{"Version | Installation Time"}
+	table := []string{"Version | Installation Time | Build Date"}
 	columnConfig := columnize.DefaultConfig()
 
 	for _, versionRaw := range keys {
@@ -119,7 +119,7 @@ func (c *VersionHistoryCommand) Run(args []string) int {
 			return 2
 		}
 
-		table = append(table, fmt.Sprintf("%s | %s", version, versionInfo["timestamp_installed"]))
+		table = append(table, fmt.Sprintf("%s | %s | %s", version, versionInfo["timestamp_installed"], versionInfo["build_date"]))
 	}
 
 	c.UI.Warn("")

diff --git a/http/sys_seal_test.go b/http/sys_seal_test.go
@@ -11,6 +11,7 @@ import (
 	"github.com/go-test/deep"
 	"github.com/hashicorp/vault/helper/namespace"
 	"github.com/hashicorp/vault/sdk/logical"
+	"github.com/hashicorp/vault/sdk/version"
 	"github.com/hashicorp/vault/vault"
 )
 
@@ -36,6 +37,7 @@ func TestSysSealStatus(t *testing.T) {
 		"recovery_seal": false,
 		"initialized":   true,
 		"migration":     false,
+		"build_date":    version.BuildDate,
 	}
 	testResponseStatus(t, resp, 200)
 	testResponseBody(t, resp, &actual)
@@ -120,6 +122,7 @@ func TestSysUnseal(t *testing.T) {
 			"recovery_seal": false,
 			"initialized":   true,
 			"migration":     false,
+			"build_date":    version.BuildDate,
 		}
 		if i == len(keys)-1 {
 			expected["sealed"] = false
@@ -201,6 +204,7 @@ func TestSysUnseal_Reset(t *testing.T) {
 			"recovery_seal": false,
 			"initialized":   true,
 			"migration":     false,
+			"build_date":    version.BuildDate,
 		}
 		testResponseStatus(t, resp, 200)
 		testResponseBody(t, resp, &actual)
@@ -240,6 +244,7 @@ func TestSysUnseal_Reset(t *testing.T) {
 		"type":          "shamir",
 		"recovery_seal": false,
 		"initialized":   true,
+		"build_date":    version.BuildDate,
 		"migration":     false,
 	}
 	testResponseStatus(t, resp, 200)

diff --git a/scripts/build.sh b/scripts/build.sh
@@ -7,8 +7,9 @@ GO_CMD=${GO_CMD:-go}
 
 # Get the parent directory of where this script is.
 SOURCE="${BASH_SOURCE[0]}"
+SOURCE_DIR=$( dirname "$SOURCE" )
 while [ -h "$SOURCE" ] ; do SOURCE="$(readlink "$SOURCE")"; done
-DIR="$( cd -P "$( dirname "$SOURCE" )/.." && pwd )"
+DIR="$( cd -P "$SOURCE_DIR/.." && pwd )"
 
 # Change into that directory
 cd "$DIR"
@@ -20,6 +21,8 @@ BUILD_TAGS="${BUILD_TAGS:-"vault"}"
 GIT_COMMIT="$(git rev-parse HEAD)"
 GIT_DIRTY="$(test -n "`git status --porcelain`" && echo "+CHANGES" || true)"
 
+BUILD_DATE=$("$SOURCE_DIR"/build_date.sh)
+
 # If its dev mode, only build for ourself
 if [ "${VAULT_DEV_BUILD}x" != "x" ] && [ "${XC_OSARCH}x" == "x" ]; then
     XC_OS=$(${GO_CMD} env GOOS)
@@ -54,7 +57,7 @@ echo "==> Building..."
 gox \
     -osarch="${XC_OSARCH}" \
     -gcflags "${GCFLAGS}" \
-    -ldflags "${LD_FLAGS}-X github.com/hashicorp/vault/sdk/version.GitCommit='${GIT_COMMIT}${GIT_DIRTY}'" \
+    -ldflags "${LD_FLAGS}-X github.com/hashicorp/vault/sdk/version.GitCommit='${GIT_COMMIT}${GIT_DIRTY}' -X github.com/hashicorp/vault/sdk/version.BuildDate=${BUILD_DATE}" \
     -output "pkg/{{.OS}}_{{.Arch}}/vault" \
     ${GOX_PARALLEL_BUILDS+-parallel="${GOX_PARALLEL_BUILDS}"} \
     -tags="${BUILD_TAGS}" \

diff --git a/scripts/build_date.sh b/scripts/build_date.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+# it's tricky to do an RFC3339 format in a cross platform way, so we hardcode UTC
+DATE_FORMAT="%Y-%m-%dT%H:%M:%SZ"
+
+# we're using this for build date because it's stable across platform builds
+git show -s --format=%cd --date=format:"$DATE_FORMAT" HEAD
diff --git a/scripts/windows/build.bat b/scripts/windows/build.bat
@@ -13,6 +13,7 @@ md bin 2>nul
 :: Get the git commit
 set _GIT_COMMIT_FILE=%TEMP%\vault-git_commit.txt
 set _GIT_DIRTY_FILE=%TEMP%\vault-git_dirty.txt
+set _GIT_COMMIT_DATE_FILE=%TEMP%\vault-git_commit_date.txt
 
 set _NUL_CMP_FILE=%TEMP%\vault-nul_cmp.txt
 type nul >%_NUL_CMP_FILE%
@@ -21,6 +22,10 @@ git rev-parse HEAD >"%_GIT_COMMIT_FILE%"
 set /p _GIT_COMMIT=<"%_GIT_COMMIT_FILE%"
 del /f "%_GIT_COMMIT_FILE%" 2>nul
 
+git show -s --format=%cd --date=format:"%Y-%m-%dT%H:%M:%SZ" HEAD >"%_GIT_COMMIT__DATE_FILE%"
+set /p _BUILD_DATE=<"%_GIT_COMMIT_DATE_FILE%"
+del /f "%_GIT_COMMIT_DATE_FILE%" 2>nul
+
 set _GIT_DIRTY=
 git status --porcelain >"%_GIT_DIRTY_FILE%"
 fc "%_GIT_DIRTY_FILE%" "%_NUL_CMP_FILE%" >nul
@@ -60,7 +65,7 @@ echo ==^> Building...
 gox^
  -os="%_XC_OS%"^
  -arch="%_XC_ARCH%"^
- -ldflags "-X github.com/hashicorp/vault/sdk/version.GitCommit=%_GIT_COMMIT%%_GIT_DIRTY%"^
+ -ldflags "-X github.com/hashicorp/vault/sdk/version.GitCommit=%_GIT_COMMIT%%_GIT_DIRTY% -X github.com/hashicorp/vault/sdk/version.BuildDate=%_BUILD_DATE%"^
  -output "pkg/{{.OS}}_{{.Arch}}/vault"^
  .
 

diff --git a/sdk/version/version.go b/sdk/version/version.go
@@ -11,6 +11,7 @@ type VersionInfo struct {
 	Version           string `json:"version,omitempty"`
 	VersionPrerelease string `json:"version_prerelease,omitempty"`
 	VersionMetadata   string `json:"version_metadata,omitempty"`
+	BuildDate         string `json:"build_date,omitempty"`
 }
 
 func GetVersion() *VersionInfo {
@@ -29,6 +30,7 @@ func GetVersion() *VersionInfo {
 		Version:           ver,
 		VersionPrerelease: rel,
 		VersionMetadata:   md,
+		BuildDate:         BuildDate,
 	}
 }
 
@@ -70,5 +72,9 @@ func (c *VersionInfo) FullVersionNumber(rev bool) string {
 		fmt.Fprintf(&versionString, " (%s)", c.Revision)
 	}
 
+	if c.BuildDate != "" {
+		fmt.Fprintf(&versionString, ", built %s", c.BuildDate)
+	}
+
 	return versionString.String()
 }
diff --git a/sdk/version/version_base.go b/sdk/version/version_base.go
@@ -5,6 +5,9 @@ var (
 	GitCommit   string
 	GitDescribe string
 
+	// The compilation date. This will be filled in by the compiler.
+	BuildDate string
+
 	// Whether cgo is enabled or not; set at build time
 	CgoEnabled bool
 

diff --git a/vault/core.go b/vault/core.go
@@ -611,11 +611,12 @@ type Core struct {
 	// disableSSCTokens is used to disable server side consistent token creation/usage
 	disableSSCTokens bool
 
-	// versionTimestamps is a map of vault versions to timestamps when the version
+	// versionHistory is a map of vault versions to VaultVersion. The
+	// VaultVersion.TimestampInstalled when the version will denote when the version
 	// was first run. Note that because perf standbys should be upgraded first, and
 	// only the active node will actually write the new version timestamp, a perf
 	// standby shouldn't rely on the stored version timestamps being present.
-	versionTimestamps map[string]time.Time
+	versionHistory map[string]VaultVersion
 }
 
 func (c *Core) HAState() consts.HAState {
@@ -1112,9 +1113,9 @@ func NewCore(conf *CoreConfig) (*Core, error) {
 		return nil, err
 	}
 
-	if c.versionTimestamps == nil {
-		c.logger.Info("Initializing versionTimestamps for core")
-		c.versionTimestamps = make(map[string]time.Time)
+	if c.versionHistory == nil {
+		c.logger.Info("Initializing version history cache for core")
+		c.versionHistory = make(map[string]VaultVersion)
 	}
 
 	return c, nil
@@ -1124,15 +1125,22 @@ func NewCore(conf *CoreConfig) (*Core, error) {
 // storage, and then loads all versions and upgrade timestamps out from storage.
 func (c *Core) handleVersionTimeStamps(ctx context.Context) error {
 	currentTime := time.Now().UTC()
-	isUpdated, err := c.storeVersionTimestamp(ctx, version.Version, currentTime, false)
+
+	vaultVersion := &VaultVersion{
+		TimestampInstalled: currentTime,
+		Version:            version.Version,
+		BuildDate:          version.BuildDate,
+	}
+
+	isUpdated, err := c.storeVersionEntry(ctx, vaultVersion, false)
 	if err != nil {
 		return fmt.Errorf("error storing vault version: %w", err)
 	}
 	if isUpdated {
-		c.logger.Info("Recorded vault version", "vault version", version.Version, "upgrade time", currentTime)
+		c.logger.Info("Recorded vault version", "vault version", version.Version, "upgrade time", currentTime, "build date", version.BuildDate)
 	}
-	// Finally, load the versions into core fields
-	err = c.loadVersionTimestamps(ctx)
+	// Finally, populate the version history cache
+	err = c.loadVersionHistory(ctx)
 	if err != nil {
 		return err
 	}