mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-01-13 16:39:29 -05:00
docs: update release docs (#2226)
This commit is contained in:
parent
ec1bba7a8b
commit
c42e81bf23
@ -6,7 +6,6 @@ This checklist will prepare `v1.3.0` from `v1.2.0` (minor release) or `v1.3.1` f
|
|||||||
|
|
||||||
1. Search the code for TODOs and FIXMEs that should be resolved before releasing.
|
1. Search the code for TODOs and FIXMEs that should be resolved before releasing.
|
||||||
2. [Update titles and labels for all PRs relevant for this release](/dev-docs/conventions.md#pr-conventions) to aid in the [changelog generation](/.github/release.yml).
|
2. [Update titles and labels for all PRs relevant for this release](/dev-docs/conventions.md#pr-conventions) to aid in the [changelog generation](/.github/release.yml).
|
||||||
3. Check PRs for the label `iam upgrade`. If there is any, update `upgradeRequiresIAMMigration` in `iamupgradeapply.go`. This ensures the CLI issues a warning on `upgrade apply` to run `iam upgrade apply` before upgrading the cluster.
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -53,9 +52,20 @@ Releases should be performed using [the automated release pipeline](https://gith
|
|||||||
gh workflow run release.yml --ref ${working_branch} -F version=${ver} -F kind=minor
|
gh workflow run release.yml --ref ${working_branch} -F version=${ver} -F kind=minor
|
||||||
```
|
```
|
||||||
3. wait for the pipeline to finish
|
3. wait for the pipeline to finish
|
||||||
4. while in editing mode for the release, clear the textbox, select the last minor release and click "Generate release notes".
|
4. upgrade the dogfooding cluster. Note that `upgrade check --update-config` will not yet show the new image. But you can manually set it in the config:
|
||||||
5. look over the autogenerated draft release. When fixing the changelog, prioritize updating the PR title/labels/description and regenerating the changelog over fixing things in the final changelog. The changelog should be primarily aimed at users. Rule of thumb: first part of the sentence should describe what changed for the user, second part can describe what has been changed to achieve this.
|
```sh
|
||||||
6. publish.
|
./constellation upgrade check --update-config
|
||||||
|
yq eval -i '.image="v2.10.0"' constellation-conf.yaml
|
||||||
|
./constellation config fetch-measurements --insecure
|
||||||
|
./constellation upgrade apply --yes --debug
|
||||||
|
```
|
||||||
|
Then wait until the node / Kubernetes upgrades are finished by periodically checking:
|
||||||
|
```sh
|
||||||
|
./constellation status
|
||||||
|
```
|
||||||
|
5. while in editing mode for the release, clear the textbox, select the last minor release and click "Generate release notes".
|
||||||
|
6. look over the autogenerated draft release. When fixing the changelog, prioritize updating the PR title/labels/description and regenerating the changelog over fixing things in the final changelog. The changelog should be primarily aimed at users. Rule of thumb: first part of the sentence should describe what changed for the user, second part can describe what has been changed to achieve this.
|
||||||
|
7. publish.
|
||||||
|
|
||||||
## Post release steps
|
## Post release steps
|
||||||
|
|
||||||
@ -67,6 +77,7 @@ Releases should be performed using [the automated release pipeline](https://gith
|
|||||||
4. Move open issues and PRs from closed milestone to next milestone
|
4. Move open issues and PRs from closed milestone to next milestone
|
||||||
3. If the release is a minor version release, bump the pre-release version in the `version.txt` file.
|
3. If the release is a minor version release, bump the pre-release version in the `version.txt` file.
|
||||||
4. Update the `fromVersion` in `e2e-test-release.yml` and `e2e-test-weekly.yaml` to the newly released version. To check the current values, run: `grep "fromVersion: \[.*\]" -R .github`.
|
4. Update the `fromVersion` in `e2e-test-release.yml` and `e2e-test-weekly.yaml` to the newly released version. To check the current values, run: `grep "fromVersion: \[.*\]" -R .github`.
|
||||||
|
5. Reset `upgradeRequiresIAMMigration` in `iamupgradeapply.go`.
|
||||||
|
|
||||||
## Pipeline cleanup
|
## Pipeline cleanup
|
||||||
|
|
||||||
@ -79,7 +90,6 @@ Depending on how far the pipeline ran we need to delete:
|
|||||||
- the working branch (remove automated commits made by the process, keep any cherry picks)
|
- the working branch (remove automated commits made by the process, keep any cherry picks)
|
||||||
- the release tag create by the pipeline: `v1.3.0`/`v1.3.1`
|
- the release tag create by the pipeline: `v1.3.0`/`v1.3.1`
|
||||||
- (only minor releases) the branch to merge changes back to main: `feat/release/v1.3.0`
|
- (only minor releases) the branch to merge changes back to main: `feat/release/v1.3.0`
|
||||||
- invalidate the CDN caches. This may become necessary if e.g. during measurement updating the measurements of a previous run are still in the cache
|
|
||||||
|
|
||||||
### GCP
|
### GCP
|
||||||
1. Navigate to [Images](https://console.cloud.google.com/compute/images?tab=images&project=constellation-images) tab of the "constellation-images" project
|
1. Navigate to [Images](https://console.cloud.google.com/compute/images?tab=images&project=constellation-images) tab of the "constellation-images" project
|
||||||
@ -92,10 +102,6 @@ Depending on how far the pipeline ran we need to delete:
|
|||||||
3. Select image definition "constellation"
|
3. Select image definition "constellation"
|
||||||
4. Select "Versions" submenu and search for "1.3.0"
|
4. Select "Versions" submenu and search for "1.3.0"
|
||||||
5. Press "Delete" button NEXT TO THE IMAGE VERSION TABLE. Do no delete the image definition.
|
5. Press "Delete" button NEXT TO THE IMAGE VERSION TABLE. Do no delete the image definition.
|
||||||
6. Go back to "Azure compute galleries" page and select "Constellation" gallery (this is for trusted launch)
|
|
||||||
7. Select image definition "constellation"
|
|
||||||
8. Select "Versions" submenu and search for "1.3.0"
|
|
||||||
9. Press "Delete" button NEXT TO THE IMAGE VERSION TABLE. Do no delete the image definition.
|
|
||||||
|
|
||||||
### AWS
|
### AWS
|
||||||
**Important:** You need to repeat the following steps for every region supported by Constellation!
|
**Important:** You need to repeat the following steps for every region supported by Constellation!
|
||||||
@ -106,17 +112,24 @@ Currently, this includes:
|
|||||||
- Ohio (us-east-2)
|
- Ohio (us-east-2)
|
||||||
- Mumbai (ap-south-1)
|
- Mumbai (ap-south-1)
|
||||||
|
|
||||||
|
#### Automated script
|
||||||
|
This is a script to automate the deletion but please be super careful to set the version correctly.
|
||||||
|
```
|
||||||
|
VERSION=vX.XX.X # !! DOUBLE CHECK CORRECTNESS!
|
||||||
|
regions=("eu-central-1" "eu-west-1" "eu-west-3" "us-east-2" "ap-south-1")
|
||||||
|
for region in "${regions[@]}"
|
||||||
|
do
|
||||||
|
aws ec2 describe-images --filters "Name=name,Values=constellation-$VERSION-aws-sev-snp" --query "Images[0].ImageId" --output text --region "$region" | xargs -I {{image_id}} aws ec2 deregister-image --image-id {{image_id}} --region "$region"
|
||||||
|
aws ec2 describe-snapshots --filters Name=tag:Name,Values=constellation-$VERSION-aws-sev-snp --query 'Snapshots[].SnapshotId' --output text --region "$region" | xargs -n 1 aws ec2 delete-snapshot --snapshot-id --region "$region"
|
||||||
|
aws ec2 describe-images --filters "Name=name,Values=constellation-$VERSION-aws-nitro-tpm" --query "Images[0].ImageId" --output text --region "$region" | xargs -I {{image_id}} aws ec2 deregister-image --image-id {{image_id}} --region "$region"
|
||||||
|
aws ec2 describe-snapshots --filters Name=tag:Name,Values=constellation-$VERSION-aws-nitro-tpm --query 'Snapshots[].SnapshotId' --output text --region "$region" | xargs -n 1 aws ec2 delete-snapshot --snapshot-id --region "$region"
|
||||||
|
done
|
||||||
|
```
|
||||||
|
|
||||||
|
#### Manual GUI steps
|
||||||
1. Navigate to [AMI](https://eu-central-1.console.aws.amazon.com/ec2/home?region=eu-central-1#Images:visibility=owned-by-me)
|
1. Navigate to [AMI](https://eu-central-1.console.aws.amazon.com/ec2/home?region=eu-central-1#Images:visibility=owned-by-me)
|
||||||
2. Search for release version "constellation-v1.3.0" and select the AMIs for both variants ("constellation-v1.3.0-aws-sev-snp" and "constellation-v1.3.0-aws-nitro-tpm")
|
2. Search for release version "constellation-v1.3.0" and select the AMIs for both variants ("constellation-v1.3.0-aws-sev-snp" and "constellation-v1.3.0-aws-nitro-tpm")
|
||||||
3. On the "Actions" button (top right) select "Deregister AMI"
|
3. On the "Actions" button (top right) select "Deregister AMI"
|
||||||
4. Either follow the link on the deletion confirmation leading you to the [Snapshots](https://eu-central-1.console.aws.amazon.com/ec2/home?region=eu-central-1#Snapshots) panel or navigate there yourself
|
4. Either follow the link on the deletion confirmation leading you to the [Snapshots](https://eu-central-1.console.aws.amazon.com/ec2/home?region=eu-central-1#Snapshots) panel or navigate there yourself
|
||||||
5. Search for a snapshot by the same name "constellation-v1.3.0" and select it
|
5. Search for a snapshot by the same name "constellation-v1.3.0" and select it
|
||||||
6. On the "Actions" button (top right) select "Delete snapshot"
|
6. On the "Actions" button (top right) select "Delete snapshot"
|
||||||
|
|
||||||
### CDN cache invalidation
|
|
||||||
|
|
||||||
1. Navigate to the [Cloudfront management console](https://us-east-1.console.aws.amazon.com/cloudfront/v3/home?region=us-east-1#/distributions)
|
|
||||||
2. Select the distribution for public resources. Current domain name: "cdn.confidential.cloud"
|
|
||||||
3. Click the "Invalidations" ribbon
|
|
||||||
4. Click "Create Invalidation" and enter a wildcard path "/*". You can also enter a more specific path if you know exactly which object to invalidate.
|
|
||||||
5. Wait for completion.
|
|
||||||
|
Loading…
Reference in New Issue
Block a user