Add changelog for releases and changelog generation script

CHANGELOG.md

@@ -0,0 +1,30 @@
+# Changelog
+
+## v0.4.0
+* Add option to pass configmap with mapping between SA and IAM role ([#142](https://github.com/aws/amazon-eks-pod-identity-webhook/pull/139), @olemarkus)
+* add cert manager deployment ([#139](https://github.com/aws/amazon-eks-pod-identity-webhook/pull/139), @prasita123)
+* Add warning for --in-cluster=true to README ([#138](https://github.com/aws/amazon-eks-pod-identity-webhook/pull/138), @nckturner)
+* Use certwatcher to support mounting cert-manager certificates. ([#134](https://github.com/aws/amazon-eks-pod-identity-webhook/pull/134), @colinhoglund)
+
+## v0.3.0
+* Fix serviceaccount regional sts annotation not taking effect unless flag is true ([#120](https://github.com/aws/amazon-eks-pod-identity-webhook/pull/120), @wongma7)
+* add metrics for knowing adoption ([#122](https://github.com/aws/amazon-eks-pod-identity-webhook/pull/122), @jyotimahapatra)
+* Refactor service account cache to accept informer arg and unit test it  ([#117](https://github.com/aws/amazon-eks-pod-identity-webhook/pull/117), @wongma7)
+* Add additional log statements and update client-go ([#92](https://github.com/aws/amazon-eks-pod-identity-webhook/pull/92), @shravan-achar)
+* Add a debug handler to list cache contents and log mutation decision ([#90](https://github.com/aws/amazon-eks-pod-identity-webhook/pull/90), @shravan-achar)
+* README: add documentation for running containers as non-root ([#88](https://github.com/aws/amazon-eks-pod-identity-webhook/pull/88), @josselin-c)
+* patch pod spec even if it's already been patched ([#62](https://github.com/aws/amazon-eks-pod-identity-webhook/pull/62), @yangkev)
+* Fix panic in cache informer ([#70](https://github.com/aws/amazon-eks-pod-identity-webhook/pull/70), @mfojtik)
+* Change master branch image tag and update README ([#81](https://github.com/aws/amazon-eks-pod-identity-webhook/pull/81), @josselin-c)
+* Add github worflow to automate docker image creation ([#80](https://github.com/aws/amazon-eks-pod-identity-webhook/pull/80), @josselin-c)
+* deploy: add sideEffects to webhook ([#79](https://github.com/aws/amazon-eks-pod-identity-webhook/pull/79), @sjenning)
+* Add attribution document to container ([#76](https://github.com/aws/amazon-eks-pod-identity-webhook/pull/76), @josselin-c)
+* Update Makefile to delete created tls cert ([#60](https://github.com/aws/amazon-eks-pod-identity-webhook/pull/60), @Smuggla)
+* Update ecr login command for both aws-cli v1 and v2 ([#53](https://github.com/aws/amazon-eks-pod-identity-webhook/pull/53), @int128)
+
+## v0.2.0
+* Making changes for finding the oidc discovery endpoint in README.md ([#19](https://github.com/aws/amazon-eks-pod-identity-webhook/pull/19), @bhks)
+* Fix jsonpatch operation if no volumes are present ([#18](https://github.com/aws/amazon-eks-pod-identity-webhook/pull/18), @FaHeymann)
+* Added K8s 1.16 compatible kid to jwks JSON ([#13](https://github.com/aws/amazon-eks-pod-identity-webhook/pull/13), @micahhausler)
+* Removed key id from jwks JSON hack script  ([#9](https://github.com/aws/amazon-eks-pod-identity-webhook/pull/9), @micahhausler)
+* Added self-hosted cluster setup guide ([#7](https://github.com/aws/amazon-eks-pod-identity-webhook/pull/7), @micahhausler)

hack/changelog.py

@@ -0,0 +1,72 @@
+#!/usr/bin/env python3
+
+import argparse
+import re
+from subprocess import Popen, PIPE
+import sys
+from github import Github
+
+# Generate a changelog from github commit history (pull request merges)
+
+
+class ChangelogGenerator:
+    def __init__(self, github_repo, token):
+        self._github = Github(token)
+        self._github_repo = self._github.get_repo(github_repo)
+
+    def generate(self, pr_id):
+        pr = self._github_repo.get_pull(pr_id)
+        return f'{pr.title} ([#{pr_id}]({pr.html_url}), @{pr.user.login})'
+
+
+def git_log(range=''):
+    process = Popen(['git', 'log', range], stdout=PIPE, stderr=PIPE)
+    stdout, stderr = process.communicate()
+    if process.returncode != 0:
+        raise RuntimeError(
+            f'git log returned {process.returncode} and failed with error: {stderr.decode("utf-8")}')
+    return stdout.decode("utf-8")
+
+
+if __name__ == '__main__':
+    parser = argparse.ArgumentParser(prog='changelog')
+    parser.add_argument('--token', help='Your github token.')
+    parser.add_argument('--changelog-file',
+                        help='The path to the changelog output file.')
+    parser.add_argument('--print-only', action='store_true',
+                        help='Only print the output.')
+    parser.add_argument('--range', help='The range of commit logs to inspect in the repository.  You can (and should) use tags here.  Example: v5..v10 (This argument is passed to git log, so read the git log documentation for clarification.')
+    parser.add_argument(
+        '--section-title', help='The title for the section in the changelog that is generated')
+    args = parser.parse_args()
+
+    if args.section_title is None:
+        print('--section-title is required')
+        sys.exit(1)
+    if args.token is None:
+        print('--token is required')
+        sys.exit(1)
+    if args.range is None:
+        print('--range is required')
+        sys.exit(1)
+    if args.changelog_file is None and args.print_only is None:
+        print('Either --print-only or --changelog-file is required.')
+        sys.exit(1)
+
+    logs = git_log(args.range)
+
+    changelog = f'## {args.section_title}\n'
+    g = ChangelogGenerator('aws/amazon-eks-pod-identity-webhook', args.token)
+    for pr_match in re.finditer(r'Merge pull request #(\d+)', logs):
+        pr_id = int(pr_match.group(1))
+        changelog += f'* {g.generate(pr_id)}\n'
+
+    if args.print_only:
+        print(changelog)
+        sys.exit(0)
+    else:
+        with open(args.changelog_file, 'r') as f:
+            existing = f.read()
+        with open(args.changelog_file, 'w') as f:
+            f.write(changelog)
+            f.write(existing)