Prepare release checklist for v2.3 (#690)

This commit is contained in:
Malte Poll 2022-12-01 10:46:04 +01:00 committed by GitHub
parent 61dec913ec
commit e67f65709f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 20 additions and 34 deletions

View File

@ -27,15 +27,14 @@ This checklist will prepare `v1.3.0` from `v1.2.0`. Adjust your version numbers
```sh ```sh
minor=$(echo $ver | cut -d '.' -f 1,2) minor=$(echo $ver | cut -d '.' -f 1,2)
gcpVer=$(echo $ver | tr "." "-")
echo $minor # should be 1.3 echo $minor # should be 1.3
echo $gcpVer # should be 1-3-0
``` ```
```sh ```sh
gh workflow run build-micro-service-manual.yml --ref release/v$minor -F microService=join-service -F imageTag=v$ver -F version=$ver --repo edgelesssys/constellation gh workflow run build-micro-service-manual.yml --ref release/v$minor -F microService=join-service -F imageTag=v$ver -F version=$ver --repo edgelesssys/constellation
gh workflow run build-micro-service-manual.yml --ref release/v$minor -F microService=kmsserver -F imageTag=v$ver -F version=$ver --repo edgelesssys/constellation gh workflow run build-micro-service-manual.yml --ref release/v$minor -F microService=kmsserver -F imageTag=v$ver -F version=$ver --repo edgelesssys/constellation
gh workflow run build-micro-service-manual.yml --ref release/v$minor -F microService=verification-service -F imageTag=v$ver -F version=$ver --repo edgelesssys/constellation gh workflow run build-micro-service-manual.yml --ref release/v$minor -F microService=verification-service -F imageTag=v$ver -F version=$ver --repo edgelesssys/constellation
gh workflow run build-micro-service-manual.yml --ref release/v$minor -F microService=qemu-metadata-api -F imageTag=v$ver -F version=$ver --repo edgelesssys/constellation
``` ```
3. Use [Build operator manual](https://github.com/edgelesssys/constellation/actions/workflows/build-operator-manual.yml) and run the pipeline once with the following parameters: 3. Use [Build operator manual](https://github.com/edgelesssys/constellation/actions/workflows/build-operator-manual.yml) and run the pipeline once with the following parameters:
@ -51,18 +50,19 @@ This checklist will prepare `v1.3.0` from `v1.2.0`. Adjust your version numbers
1. Rename the "Unreleased" heading to "[v1.3.0] - YYYY-MM-DD" and link the version to the upcoming release tag. 1. Rename the "Unreleased" heading to "[v1.3.0] - YYYY-MM-DD" and link the version to the upcoming release tag.
2. Create a new block for unreleased changes 2. Create a new block for unreleased changes
5. Update project version in [CMakeLists.txt](/CMakeLists.txt) to `1.3.0` (without v). 5. Update project version in [CMakeLists.txt](/CMakeLists.txt) to `1.3.0` (without v).
6. Update the `version` key in [constellation-services/Chart.yaml](/cli/internal/helm/charts/edgeless/constellation-services/Chart.yaml). Also update the `version` key for all subcharts, e.g. [Chart.yaml](/cli/internal/helm/charts/edgeless/constellation-services/charts/kms/Chart.yaml). Lastly, update the `dependencies.*.version` key for all dependencies in the main chart [constellation-services/Chart.yaml](/cli/internal/helm/charts/edgeless/constellation-services/Chart.yaml). 6. Update the `version` key in [constellation-services/Chart.yaml](/cli/internal/helm/charts/edgeless/constellation-services/Chart.yaml) and [operators/Chart.yaml](/cli/internal/helm/charts/edgeless/operators/Chart.yaml). Also update the `version` key for all subcharts, e.g. [Chart.yaml](/cli/internal/helm/charts/edgeless/constellation-services/charts/kms/Chart.yaml). Lastly, update the `dependencies.*.version` key for all dependencies in the main charts [constellation-services/Chart.yaml](/cli/internal/helm/charts/edgeless/constellation-services/Chart.yaml) and [operators/Chart.yaml](/cli/internal/helm/charts/edgeless/operators/Chart.yaml).
7. Update [default image versions in enterprise config](/internal/config/images_enterprise.go) 7. Update [default image versions in enterprise config](/internal/config/images_enterprise.go)
8. Increase version number of QEMU image `ConstellationQEMUImageURL` in [versions.go](../../internal/versions/versions.go#L64) 8. Increase version number of QEMU image `ConstellationQEMUImageURL` in [versions.go](../../internal/versions/versions.go#L64)
9. When the microservice builds are finished update versions in [versions.go](../../internal/versions/versions.go#L33-L39) to `v1.3.0`, **add the container hashes** and **push your changes**. 9. When the microservice builds are finished update versions in [versions.go](../../internal/versions/versions.go#L33-L39) to `v1.3.0`, **add the container hashes** and **push your changes**.
```sh ```sh
# crane: https://github.com/google/go-containerregistry/blob/main/cmd/crane/doc/crane.md # crane: https://github.com/google/go-containerregistry/blob/main/cmd/crane/doc/crane.md
crane digest ghcr.io/edgelesssys/constellation/node-operator-catalog:v$ver crane digest ghcr.io/edgelesssys/constellation/node-operator:v$ver
crane digest ghcr.io/edgelesssys/constellation/join-service:v$ver crane digest ghcr.io/edgelesssys/constellation/join-service:v$ver
crane digest ghcr.io/edgelesssys/constellation/access-manager:v$ver crane digest ghcr.io/edgelesssys/constellation/access-manager:v$ver
crane digest ghcr.io/edgelesssys/constellation/kmsserver:v$ver crane digest ghcr.io/edgelesssys/constellation/kmsserver:v$ver
crane digest ghcr.io/edgelesssys/constellation/verification-service:v$ver crane digest ghcr.io/edgelesssys/constellation/verification-service:v$ver
crane digest ghcr.io/edgelesssys/constellation/qemu-metadata-api:v$ver
``` ```
10. Create a [production OS image](/.github/workflows/build-os-image.yml) 10. Create a [production OS image](/.github/workflows/build-os-image.yml)
@ -71,13 +71,6 @@ This checklist will prepare `v1.3.0` from `v1.2.0`. Adjust your version numbers
gh workflow run build-os-image.yml --ref release/v$minor -F debug=false -F imageVersion=v$ver gh workflow run build-os-image.yml --ref release/v$minor -F debug=false -F imageVersion=v$ver
``` ```
* Once the pipeline has finished, download the artifact `image-qemu`.
* Unzip the downloaded artifact, rename it to `constellation.raw`.
* Go to the [S3 bucket for QEMU images](https://s3.console.aws.amazon.com/s3/buckets/cdn-constellation-backend?region=eu-central-1&prefix=constellation/images/mini-constellation/&showversions=false)
* Create a new folder for the given version, and upload `constellation.raw` into it.
* Replace AWS AMIs for this version and next in docs in `first-steps.md`.
11. Run manual E2E tests using [Linux](/.github/workflows/e2e-test-manual.yml) and [macOS](/.github/workflows/e2e-test-manual-macos.yml) to confirm functionality and stability. 11. Run manual E2E tests using [Linux](/.github/workflows/e2e-test-manual.yml) and [macOS](/.github/workflows/e2e-test-manual-macos.yml) to confirm functionality and stability.
```sh ```sh
@ -110,7 +103,14 @@ This checklist will prepare `v1.3.0` from `v1.2.0`. Adjust your version numbers
* The previous step will create a draft release. Check build output for link to draft release. Review & approve. * The previous step will create a draft release. Check build output for link to draft release. Review & approve.
6. Export, download and make image available in S3 for trusted launch users. To achieve this: 6. Check if the Constellation OS image is available via the versions API.
```sh
curl -s "https://cdn.confidential.cloud/constellation/v1/versions/stream/stable/minor/v${minor}/image.json"
# list of versions should contain the new version
```
7. Export, download and make image available in S3 for trusted launch users. To achieve this:
```sh ```sh
TARGET_DISK=export-${ver} TARGET_DISK=export-${ver}
@ -126,21 +126,20 @@ This checklist will prepare `v1.3.0` from `v1.2.0`. Adjust your version numbers
* Upload both image and state into the newly created folder. * Upload both image and state into the newly created folder.
* Delete the disk in Azure! * Delete the disk in Azure!
7. To bring updated version numbers and other changes (if any) to main, create a new branch `feat/release` from `release/v1.3`, rebase it onto main, and create a PR to main 8. To bring updated version numbers and other changes (if any) to main, create a new branch `feat/release` from `release/v1.3`, rebase it onto main, and create a PR to main
8. Milestones management 9. Milestones management
1. Create a new milestone for the next release 1. Create a new milestone for the next release
2. Add the next release manager and an approximate release date to the milestone description 2. Add the next release manager and an approximate release date to the milestone description
3. Close the milestone for the release 3. Close the milestone for the release
4. Move open issues and PRs from closed milestone to next milestone 4. Move open issues and PRs from closed milestone to next milestone
9. If the release is a minor version release, create an empty commit on main and tag it as the start of the next pre-release phase. 10. If the release is a minor version release, tag the latest commit on main as the start of the next pre-release phase.
```sh ```sh
nextMinorVer=$(echo $ver | awk -F. -v OFS=. '{$2 += 1 ; print}') nextMinorVer=$(echo "${ver}" | awk -F. -v OFS=. '{$2 += 1 ; print}')
git checkout main git checkout main
git pull git pull{nextMinorVer}-pre"
git commit --allow-empty -m "Start v$nextMinorVer-pre" git tag v${nextMinorVer}-pre
git tag v$nextMinorVer-pre git push origin refs/tags/v${nextMinorVer}-pre
git push origin main v$nextMinorVer-pre
``` ```
10. Test Constellation mini up 11. Test Constellation mini up

View File

@ -201,16 +201,6 @@ If you don't have a cloud subscription, check out [MiniConstellation](first-step
Learn more about [availability zones in AWS's documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-availability-zones). Learn more about [availability zones in AWS's documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-availability-zones).
* **image**: The ID of the amazon machine image (AMI) the Constellation nodes will use:
Constellation OS images are available with the following IDs:
| AMI | Region |
| - | - |
| `ami-0e27ebcefc38f648b` | `eu-central-1` |
| `ami-098cd37f66523b7c3` | `us-east-2` |
| `ami-04a87d302e2509aad` | `ap-south-1` |
* **iamProfileControlPlane**: The name of an IAM instance profile attached to all control-plane nodes. * **iamProfileControlPlane**: The name of an IAM instance profile attached to all control-plane nodes.
Use the [provided Terraform script](https://github.com/edgelesssys/constellation/tree/release/v2.2/hack/terraform/aws/iam) to generate the necessary profile. The profile name will be provided as Terraform output value: `control_plane_instance_profile`. Use the [provided Terraform script](https://github.com/edgelesssys/constellation/tree/release/v2.2/hack/terraform/aws/iam) to generate the necessary profile. The profile name will be provided as Terraform output value: `control_plane_instance_profile`.

View File

@ -73,9 +73,6 @@ const (
// LibvirtImage image that provides libvirt. // LibvirtImage image that provides libvirt.
LibvirtImage = "ghcr.io/edgelesssys/constellation/libvirt:v2.2.0@sha256:81ddc30cd679a95379e94e2f154861d9112bcabfffa96330c09a4917693f7cce" // renovate:container LibvirtImage = "ghcr.io/edgelesssys/constellation/libvirt:v2.2.0@sha256:81ddc30cd679a95379e94e2f154861d9112bcabfffa96330c09a4917693f7cce" // renovate:container
// ConstellationQEMUImageURL is the artifact URL for QEMU qcow2 images.
ConstellationQEMUImageURL = "https://cdn.confidential.cloud/constellation/images/mini-constellation/v2.2.2/constellation.raw"
// LogstashImage is the container image of logstash, used for log collection by debugd. // LogstashImage is the container image of logstash, used for log collection by debugd.
LogstashImage = "ghcr.io/edgelesssys/constellation/logstash-debug:latest" LogstashImage = "ghcr.io/edgelesssys/constellation/logstash-debug:latest"
// FilebeatImage is the container image of filebeat, used for log collection by debugd. // FilebeatImage is the container image of filebeat, used for log collection by debugd.