constellation/.github/docs/release.md

Release Checklist

This checklist will prepare v1.3.0 from v1.2.0. Adjust your version numbers accordingly.

1. Merge ready PRs

2. Create docs release (new major or minor release)

   cd docs
   npm run docusaurus docs:version 1.3
   # push upstream via PR
   

3. On the CoreOS config repo, create two new branches release/v1.3, stream/v1.3 (new minor version) or use the existing ones (new patch version). The release branch contains the squashed changeset and is branched from main while the stream branch contains the rebased changesets on top of the latest upstream changes. Consult this guide on rebasing forks (INTERNAL) for guidance.

4. Create a new branch release/v1.3 (new minor version) or use the existing one (new patch version)

5. On this branch, prepare the following things:

   1. (new patch version) cherry-pick (only) the required commits from main

   2. Use Build micro-service manual and run the pipeline once for each micro-service with the following parameters:

      • branch: release/v1.3
      • Container image tag: v1.3.0
      • Version of the image to build: 1.3.0

      # Alternative from CLI
      gh workflow run build-micro-service-manual.yml --ref release/v1.3 -F microService=access-manager -F imageTag=v1.3.0 -F version=1.3.0
      gh workflow run build-micro-service-manual.yml --ref release/v1.3 -F microService=join-service -F imageTag=v1.3.0 -F version=1.3.0
      gh workflow run build-micro-service-manual.yml --ref release/v1.3 -F microService=kmsserver -F imageTag=v1.3.0 -F version=1.3.0
      gh workflow run build-micro-service-manual.yml --ref release/v1.3 -F microService=verification-service -F imageTag=v1.3.0 -F version=1.3.0
      

   3. Use Build operator manual and run the pipeline once with the following parameters:

      • branch: release/v1.3
      • Container image tag: v1.3.0

      # Alternative from CLI
      gh workflow run build-operator-manual.yml --ref release/v1.3 -F imageTag=v1.3.0
      

   4. Review and update changelog with all changes since last release. GitHub's diff view helps a lot!

      1. Rename the "Unreleased" heading to "[v1.3.0] - YYYY-MM-DD" and link the version to the upcoming release tag.
      2. Create a new block for unreleased changes

   5. Update project version in CMakeLists.txt to 1.3.0 (without v).

   6. Update versions versions.go to v1.3.0 and push your changes.

   7. Create a production coreOS image

      gh workflow run build-coreos.yml --ref release/v1.3 -F debug=false -F coreOSConfigBranch=release/v1.3 -F imageVersion=v1.3.0
      

   8. Update default images in config

   9. Run manual E2E tests using Linux and macOS to confirm functionality and stability.

      gh workflow run e2e-test-manual.yml --ref release/v1.3 -F workerNodesCount=2 -F controlNodesCount=1 -F cloudProvider=azure -F machineType=Standard_DC4as_v5 -F sonobuoyTestSuiteCmd="--mode quick" -F kubernetesVersion=1.23 -F coreosImage=/CommunityGalleries/ConstellationCVM-b3782fa0-0df7-4f2f-963e-fc7fc42663df/Images/constellation/Versions/1.3.0 -F isDebugImage=false
      gh workflow run e2e-test-manual-macos.yml --ref release/v1.3 -F workerNodesCount=2 -F controlNodesCount=1 -F cloudProvider=azure -F machineType=Standard_DC4as_v5 -F sonobuoyTestSuiteCmd="--mode quick" -F kubernetesVersion=1.23 -F coreosImage=/CommunityGalleries/ConstellationCVM-b3782fa0-0df7-4f2f-963e-fc7fc42663df/Images/constellation/Versions/1.3.0 -F isDebugImage=false
      gh workflow run e2e-test-manual.yml --ref release/v1.3 -F workerNodesCount=2 -F controlNodesCount=1 -F cloudProvider=gcp -F machineType=n2d-standard-4 -F sonobuoyTestSuiteCmd="--mode quick" -F kubernetesVersion=1.23 -F coreosImage=projects/constellation-images/global/images/constellation-v1-3-0 -F isDebugImage=false
      gh workflow run e2e-test-manual-macos.yml --ref release/v1.3 -F workerNodesCount=2 -F controlNodesCount=1 -F cloudProvider=gcp -F machineType=n2d-standard-4 -F sonobuoyTestSuiteCmd="--mode quick" -F kubernetesVersion=1.23 -F coreosImage=projects/constellation-images/global/images/constellation-v1-3-0 -F isDebugImage=false
      

   10. Generate measurements for the images on each CSP.

          gh workflow run generate-measurements.yml --ref release/v1.3 -F cloudProvider=azure -F coreosImage=/CommunityGalleries/ConstellationCVM-b3782fa0-0df7-4f2f-963e-fc7fc42663df/Images/constellation/Versions/1.3.0 -F isDebugImage=false
          gh workflow run generate-measurements.yml --ref release/v1.3 -F cloudProvider=gcp -F coreosImage=projects/constellation-images/global/images/constellation-v1-3-0 -F isDebugImage=false
       

   11. Create a new tag on this release branch

       • git tag v1.3.0
       • Run Release CLI action on the tag

       gh workflow run release-cli.yml --ref v1.3.0
       

       • The previous step will create a draft release. Check build output for link to draft release. Review & approve.

6. Follow export flow (INTERNAL) to make image available in S3 for trusted launch users.

7. To bring updated version numbers and other changes (if any) to main, create a new branch feat/release from release/v1.3, rebase it onto main, and create a PR to main

8. Milestones management

   1. Create a new milestone for the next release
   2. Add the next release manager and an approximate release date to the milestone description
   3. Close the milestone for the release
   4. Move open issues and PRs from closed milestone to next milestone

9. If the release is the new latest version, create an empty commit on main and tag it as the start of the next pre-release phase.

   git checkout main
   git pull
   git commit --allow-empty -m "Start v1.4.0-pre"
   git tag v1.4.0-pre
   git push origin main v1.4.0-pre