mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-01-13 08:29:38 -05:00
Prepare release checklist for v2.3 (#690)
This commit is contained in:
parent
61dec913ec
commit
e67f65709f
41
.github/docs/release.md
vendored
41
.github/docs/release.md
vendored
@ -27,15 +27,14 @@ This checklist will prepare `v1.3.0` from `v1.2.0`. Adjust your version numbers
|
|||||||
|
|
||||||
```sh
|
```sh
|
||||||
minor=$(echo $ver | cut -d '.' -f 1,2)
|
minor=$(echo $ver | cut -d '.' -f 1,2)
|
||||||
gcpVer=$(echo $ver | tr "." "-")
|
|
||||||
echo $minor # should be 1.3
|
echo $minor # should be 1.3
|
||||||
echo $gcpVer # should be 1-3-0
|
|
||||||
```
|
```
|
||||||
|
|
||||||
```sh
|
```sh
|
||||||
gh workflow run build-micro-service-manual.yml --ref release/v$minor -F microService=join-service -F imageTag=v$ver -F version=$ver --repo edgelesssys/constellation
|
gh workflow run build-micro-service-manual.yml --ref release/v$minor -F microService=join-service -F imageTag=v$ver -F version=$ver --repo edgelesssys/constellation
|
||||||
gh workflow run build-micro-service-manual.yml --ref release/v$minor -F microService=kmsserver -F imageTag=v$ver -F version=$ver --repo edgelesssys/constellation
|
gh workflow run build-micro-service-manual.yml --ref release/v$minor -F microService=kmsserver -F imageTag=v$ver -F version=$ver --repo edgelesssys/constellation
|
||||||
gh workflow run build-micro-service-manual.yml --ref release/v$minor -F microService=verification-service -F imageTag=v$ver -F version=$ver --repo edgelesssys/constellation
|
gh workflow run build-micro-service-manual.yml --ref release/v$minor -F microService=verification-service -F imageTag=v$ver -F version=$ver --repo edgelesssys/constellation
|
||||||
|
gh workflow run build-micro-service-manual.yml --ref release/v$minor -F microService=qemu-metadata-api -F imageTag=v$ver -F version=$ver --repo edgelesssys/constellation
|
||||||
```
|
```
|
||||||
|
|
||||||
3. Use [Build operator manual](https://github.com/edgelesssys/constellation/actions/workflows/build-operator-manual.yml) and run the pipeline once with the following parameters:
|
3. Use [Build operator manual](https://github.com/edgelesssys/constellation/actions/workflows/build-operator-manual.yml) and run the pipeline once with the following parameters:
|
||||||
@ -51,18 +50,19 @@ This checklist will prepare `v1.3.0` from `v1.2.0`. Adjust your version numbers
|
|||||||
1. Rename the "Unreleased" heading to "[v1.3.0] - YYYY-MM-DD" and link the version to the upcoming release tag.
|
1. Rename the "Unreleased" heading to "[v1.3.0] - YYYY-MM-DD" and link the version to the upcoming release tag.
|
||||||
2. Create a new block for unreleased changes
|
2. Create a new block for unreleased changes
|
||||||
5. Update project version in [CMakeLists.txt](/CMakeLists.txt) to `1.3.0` (without v).
|
5. Update project version in [CMakeLists.txt](/CMakeLists.txt) to `1.3.0` (without v).
|
||||||
6. Update the `version` key in [constellation-services/Chart.yaml](/cli/internal/helm/charts/edgeless/constellation-services/Chart.yaml). Also update the `version` key for all subcharts, e.g. [Chart.yaml](/cli/internal/helm/charts/edgeless/constellation-services/charts/kms/Chart.yaml). Lastly, update the `dependencies.*.version` key for all dependencies in the main chart [constellation-services/Chart.yaml](/cli/internal/helm/charts/edgeless/constellation-services/Chart.yaml).
|
6. Update the `version` key in [constellation-services/Chart.yaml](/cli/internal/helm/charts/edgeless/constellation-services/Chart.yaml) and [operators/Chart.yaml](/cli/internal/helm/charts/edgeless/operators/Chart.yaml). Also update the `version` key for all subcharts, e.g. [Chart.yaml](/cli/internal/helm/charts/edgeless/constellation-services/charts/kms/Chart.yaml). Lastly, update the `dependencies.*.version` key for all dependencies in the main charts [constellation-services/Chart.yaml](/cli/internal/helm/charts/edgeless/constellation-services/Chart.yaml) and [operators/Chart.yaml](/cli/internal/helm/charts/edgeless/operators/Chart.yaml).
|
||||||
7. Update [default image versions in enterprise config](/internal/config/images_enterprise.go)
|
7. Update [default image versions in enterprise config](/internal/config/images_enterprise.go)
|
||||||
8. Increase version number of QEMU image `ConstellationQEMUImageURL` in [versions.go](../../internal/versions/versions.go#L64)
|
8. Increase version number of QEMU image `ConstellationQEMUImageURL` in [versions.go](../../internal/versions/versions.go#L64)
|
||||||
9. When the microservice builds are finished update versions in [versions.go](../../internal/versions/versions.go#L33-L39) to `v1.3.0`, **add the container hashes** and **push your changes**.
|
9. When the microservice builds are finished update versions in [versions.go](../../internal/versions/versions.go#L33-L39) to `v1.3.0`, **add the container hashes** and **push your changes**.
|
||||||
|
|
||||||
```sh
|
```sh
|
||||||
# crane: https://github.com/google/go-containerregistry/blob/main/cmd/crane/doc/crane.md
|
# crane: https://github.com/google/go-containerregistry/blob/main/cmd/crane/doc/crane.md
|
||||||
crane digest ghcr.io/edgelesssys/constellation/node-operator-catalog:v$ver
|
crane digest ghcr.io/edgelesssys/constellation/node-operator:v$ver
|
||||||
crane digest ghcr.io/edgelesssys/constellation/join-service:v$ver
|
crane digest ghcr.io/edgelesssys/constellation/join-service:v$ver
|
||||||
crane digest ghcr.io/edgelesssys/constellation/access-manager:v$ver
|
crane digest ghcr.io/edgelesssys/constellation/access-manager:v$ver
|
||||||
crane digest ghcr.io/edgelesssys/constellation/kmsserver:v$ver
|
crane digest ghcr.io/edgelesssys/constellation/kmsserver:v$ver
|
||||||
crane digest ghcr.io/edgelesssys/constellation/verification-service:v$ver
|
crane digest ghcr.io/edgelesssys/constellation/verification-service:v$ver
|
||||||
|
crane digest ghcr.io/edgelesssys/constellation/qemu-metadata-api:v$ver
|
||||||
```
|
```
|
||||||
|
|
||||||
10. Create a [production OS image](/.github/workflows/build-os-image.yml)
|
10. Create a [production OS image](/.github/workflows/build-os-image.yml)
|
||||||
@ -71,13 +71,6 @@ This checklist will prepare `v1.3.0` from `v1.2.0`. Adjust your version numbers
|
|||||||
gh workflow run build-os-image.yml --ref release/v$minor -F debug=false -F imageVersion=v$ver
|
gh workflow run build-os-image.yml --ref release/v$minor -F debug=false -F imageVersion=v$ver
|
||||||
```
|
```
|
||||||
|
|
||||||
* Once the pipeline has finished, download the artifact `image-qemu`.
|
|
||||||
* Unzip the downloaded artifact, rename it to `constellation.raw`.
|
|
||||||
* Go to the [S3 bucket for QEMU images](https://s3.console.aws.amazon.com/s3/buckets/cdn-constellation-backend?region=eu-central-1&prefix=constellation/images/mini-constellation/&showversions=false)
|
|
||||||
* Create a new folder for the given version, and upload `constellation.raw` into it.
|
|
||||||
|
|
||||||
* Replace AWS AMIs for this version and next in docs in `first-steps.md`.
|
|
||||||
|
|
||||||
11. Run manual E2E tests using [Linux](/.github/workflows/e2e-test-manual.yml) and [macOS](/.github/workflows/e2e-test-manual-macos.yml) to confirm functionality and stability.
|
11. Run manual E2E tests using [Linux](/.github/workflows/e2e-test-manual.yml) and [macOS](/.github/workflows/e2e-test-manual-macos.yml) to confirm functionality and stability.
|
||||||
|
|
||||||
```sh
|
```sh
|
||||||
@ -110,7 +103,14 @@ This checklist will prepare `v1.3.0` from `v1.2.0`. Adjust your version numbers
|
|||||||
|
|
||||||
* The previous step will create a draft release. Check build output for link to draft release. Review & approve.
|
* The previous step will create a draft release. Check build output for link to draft release. Review & approve.
|
||||||
|
|
||||||
6. Export, download and make image available in S3 for trusted launch users. To achieve this:
|
6. Check if the Constellation OS image is available via the versions API.
|
||||||
|
|
||||||
|
```sh
|
||||||
|
curl -s "https://cdn.confidential.cloud/constellation/v1/versions/stream/stable/minor/v${minor}/image.json"
|
||||||
|
# list of versions should contain the new version
|
||||||
|
```
|
||||||
|
|
||||||
|
7. Export, download and make image available in S3 for trusted launch users. To achieve this:
|
||||||
|
|
||||||
```sh
|
```sh
|
||||||
TARGET_DISK=export-${ver}
|
TARGET_DISK=export-${ver}
|
||||||
@ -126,21 +126,20 @@ This checklist will prepare `v1.3.0` from `v1.2.0`. Adjust your version numbers
|
|||||||
* Upload both image and state into the newly created folder.
|
* Upload both image and state into the newly created folder.
|
||||||
* Delete the disk in Azure!
|
* Delete the disk in Azure!
|
||||||
|
|
||||||
7. To bring updated version numbers and other changes (if any) to main, create a new branch `feat/release` from `release/v1.3`, rebase it onto main, and create a PR to main
|
8. To bring updated version numbers and other changes (if any) to main, create a new branch `feat/release` from `release/v1.3`, rebase it onto main, and create a PR to main
|
||||||
8. Milestones management
|
9. Milestones management
|
||||||
1. Create a new milestone for the next release
|
1. Create a new milestone for the next release
|
||||||
2. Add the next release manager and an approximate release date to the milestone description
|
2. Add the next release manager and an approximate release date to the milestone description
|
||||||
3. Close the milestone for the release
|
3. Close the milestone for the release
|
||||||
4. Move open issues and PRs from closed milestone to next milestone
|
4. Move open issues and PRs from closed milestone to next milestone
|
||||||
9. If the release is a minor version release, create an empty commit on main and tag it as the start of the next pre-release phase.
|
10. If the release is a minor version release, tag the latest commit on main as the start of the next pre-release phase.
|
||||||
|
|
||||||
```sh
|
```sh
|
||||||
nextMinorVer=$(echo $ver | awk -F. -v OFS=. '{$2 += 1 ; print}')
|
nextMinorVer=$(echo "${ver}" | awk -F. -v OFS=. '{$2 += 1 ; print}')
|
||||||
git checkout main
|
git checkout main
|
||||||
git pull
|
git pull{nextMinorVer}-pre"
|
||||||
git commit --allow-empty -m "Start v$nextMinorVer-pre"
|
git tag v${nextMinorVer}-pre
|
||||||
git tag v$nextMinorVer-pre
|
git push origin refs/tags/v${nextMinorVer}-pre
|
||||||
git push origin main v$nextMinorVer-pre
|
|
||||||
```
|
```
|
||||||
|
|
||||||
10. Test Constellation mini up
|
11. Test Constellation mini up
|
||||||
|
@ -201,16 +201,6 @@ If you don't have a cloud subscription, check out [MiniConstellation](first-step
|
|||||||
|
|
||||||
Learn more about [availability zones in AWS's documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-availability-zones).
|
Learn more about [availability zones in AWS's documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-availability-zones).
|
||||||
|
|
||||||
* **image**: The ID of the amazon machine image (AMI) the Constellation nodes will use:
|
|
||||||
|
|
||||||
Constellation OS images are available with the following IDs:
|
|
||||||
|
|
||||||
| AMI | Region |
|
|
||||||
| - | - |
|
|
||||||
| `ami-0e27ebcefc38f648b` | `eu-central-1` |
|
|
||||||
| `ami-098cd37f66523b7c3` | `us-east-2` |
|
|
||||||
| `ami-04a87d302e2509aad` | `ap-south-1` |
|
|
||||||
|
|
||||||
* **iamProfileControlPlane**: The name of an IAM instance profile attached to all control-plane nodes.
|
* **iamProfileControlPlane**: The name of an IAM instance profile attached to all control-plane nodes.
|
||||||
|
|
||||||
Use the [provided Terraform script](https://github.com/edgelesssys/constellation/tree/release/v2.2/hack/terraform/aws/iam) to generate the necessary profile. The profile name will be provided as Terraform output value: `control_plane_instance_profile`.
|
Use the [provided Terraform script](https://github.com/edgelesssys/constellation/tree/release/v2.2/hack/terraform/aws/iam) to generate the necessary profile. The profile name will be provided as Terraform output value: `control_plane_instance_profile`.
|
||||||
|
@ -73,9 +73,6 @@ const (
|
|||||||
// LibvirtImage image that provides libvirt.
|
// LibvirtImage image that provides libvirt.
|
||||||
LibvirtImage = "ghcr.io/edgelesssys/constellation/libvirt:v2.2.0@sha256:81ddc30cd679a95379e94e2f154861d9112bcabfffa96330c09a4917693f7cce" // renovate:container
|
LibvirtImage = "ghcr.io/edgelesssys/constellation/libvirt:v2.2.0@sha256:81ddc30cd679a95379e94e2f154861d9112bcabfffa96330c09a4917693f7cce" // renovate:container
|
||||||
|
|
||||||
// ConstellationQEMUImageURL is the artifact URL for QEMU qcow2 images.
|
|
||||||
ConstellationQEMUImageURL = "https://cdn.confidential.cloud/constellation/images/mini-constellation/v2.2.2/constellation.raw"
|
|
||||||
|
|
||||||
// LogstashImage is the container image of logstash, used for log collection by debugd.
|
// LogstashImage is the container image of logstash, used for log collection by debugd.
|
||||||
LogstashImage = "ghcr.io/edgelesssys/constellation/logstash-debug:latest"
|
LogstashImage = "ghcr.io/edgelesssys/constellation/logstash-debug:latest"
|
||||||
// FilebeatImage is the container image of filebeat, used for log collection by debugd.
|
// FilebeatImage is the container image of filebeat, used for log collection by debugd.
|
||||||
|
Loading…
Reference in New Issue
Block a user