Skip to content

RELEASE.md

Latest commit

 

History

History
57 lines (43 loc) · 2.83 KB

RELEASE.md

File metadata and controls

57 lines (43 loc) · 2.83 KB

Releases

Schedule

The release schedule for this project is ad-hoc. Given the pre-1.0 status of the project we do not have a fixed release cadence. However, if a vulnerability is discovered we will respond in accordance with our security policy and this response may include a release.

Preparing for a Release

BEFORE doing a release, check if the other images in the csi-driver-spiffe Helm chart need to be updated. These images are copied to quay.io/jetstack as part of our release process.

These are:

  • registry.k8s.io/sig-storage/livenessprobe copied to quay.io/jetstack/livenessprobe
    • find the latest version using crane:
      crane ls --omit-digest-tags registry.k8s.io/sig-storage/livenessprobe | sort -V | tail -1
    • update livenessprobe_image_tag in make/00_mod.mk
  • registry.k8s.io/sig-storage/csi-node-driver-registrar copied to quay.io/jetstack/csi-node-driver-registrar
    • find the latest version using crane:
      crane ls --omit-digest-tags registry.k8s.io/sig-storage/csi-node-driver-registrar | sort -V | tail -1
    • update nodedriverregistrar_image_tag in make/00_mod.mk

Process

There is a semi-automated release process for this project. When you create a Git tag with a tag name that has a v prefix and push it to GitHub it will trigger the release workflow.

The release process for this repo is documented below:

  1. Create a tag for the new release: 
    export VERSION=v0.5.0-alpha.0
git tag --annotate --message="Release ${VERSION}" "${VERSION}"
git push origin "${VERSION}"
  2. A GitHub action will see the new tag and do the following:
    • Build and publish any container images
    • Build and publish the OCI Helm chart
    • Create a draft GitHub release
  3. Visit the releases page, edit the draft release, click "Generate release notes", then edit the notes to add the following to the top 
    cert-manager-csi-driver enables issuing secretless X.509 certificates for pods using cert-manager!
  4. Publish the release.

Artifacts

This repo will produce the following artifacts each release. For documentation on how those artifacts are produced see the "Process" section.

  • Container Images - Container images for the project are published to quay.io/jetstack.
  • Helm chart - An official Helm chart is maintained within this repo and published to quay.io/jetstack on each release.
    • The chart is also published to the legacy HTTP Helm repository at https://charts.jetstack.io (maintained by Venafi). Publishing to the legacy repo depends on a PR to be merged in a closed Venafi repo, and might be delayed.