diff --git a/.github/workflows/release-pr.yml b/.github/workflows/release-pr.yml index 304eb5120..856d8a743 100644 --- a/.github/workflows/release-pr.yml +++ b/.github/workflows/release-pr.yml @@ -1,31 +1,31 @@ -# Create a PR for a release when a commit is pushed on a release/v* branch - +## +# Create a PR for a release when a commit is pushed on a release/*-v* branch to support the releases of both the +# operator and cluster charts name: release-pr on: push: branches: - - release/*-v* + - release/*-v* + +permissions: + pull-requests: write jobs: - pull-request: - runs-on: ubuntu-22.04 + create-pull-request: + runs-on: ubuntu-latest steps: - - - name: Checkout + - name: Checkout uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - - name: Get tag + - name: Create Pull Request + id: create-pr + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - echo "TAG=${GITHUB_REF##*/}" >> $GITHUB_ENV - - - name: Pull Request - id: open-pr - uses: repo-sync/pull-request@7e79a9f5dc3ad0ce53138f01df2fad14a04831c5 # v2.12.1 - with: - destination_branch: "main" - github_token: ${{ secrets.GITHUB_TOKEN }} - pr_body: "Automated PR. Will trigger the ${{ env.TAG }} release when approved." - pr_label: release - pr_title: "Release ${{ env.TAG }}" - + TAG="${GITHUB_REF##*/}" + TITLE="Release ${TAG}" + BODY="Automated PR. Will trigger the ${TAG} release when approved." + LABEL=release + ASSIGNEE=${{ github.actor }} + gh pr create --title "${TITLE}" --body "${BODY}" --label "${LABEL}" --assignee "@${ASSIGNEE}" || + gh pr edit --title "${TITLE}" --body "${BODY}" --add-label "${LABEL}" diff --git a/.github/workflows/release-publish.yml b/.github/workflows/release-publish.yml index 5527f8212..891d78207 100644 --- a/.github/workflows/release-publish.yml +++ b/.github/workflows/release-publish.yml @@ -2,21 +2,67 @@ name: release-publish on: push: - tags: - - '*-v*' + branches: + - main + +permissions: + contents: write # Required for pushing the Helm charts to the gh-pages branch + packages: write # Required for GHCR access + id-token: write # Required for signing jobs: release: - runs-on: ubuntu-22.04 + runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: - fetch-depth: 0 + fetch-depth: 0 # important for fetching all history to run comparison against + + - name: Fetch history + run: git fetch --prune - - name: Publish Helm charts - uses: stefanprodan/helm-gh-pages@0ad2bb377311d61ac04ad9eb6f252fb68e207260 # v1.7.0 + - name: Configure Git + run: | + git config user.name "$GITHUB_ACTOR" + git config user.email "$GITHUB_ACTOR@users.noreply.github.com" + + - name: Set up Helm + uses: azure/setup-helm@29960d0f5f19214b88e1d9ba750a9914ab0f1a2f # v4.0.0 with: - helm_version: 3.4.0 - token: "${{ secrets.REPO_GHA_PAT }}" + version: v3.14.1 + + - name: Run chart-releaser + uses: helm/chart-releaser-action@a917fd15b20e8b64b94d9158ad54cd6345335584 # v1.6.0 + env: + CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + CR_GENERATE_RELEASE_NOTES: true + + - name: Login to GitHub Container Registry + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0 + - name: Push charts to GHCR + env: + COSIGN_EXPERIMENTAL: 1 + # when filling gaps with previously released charts, cr would create + # nothing in .cr-release-packages/, and the original globbing character + # would be preserved, causing a non-zero exit. Set nullglob to fix this + run: | + shopt -s nullglob + for pkg in .cr-release-packages/*; do + if [ -z "${pkg:-}" ]; then + break + fi + helm push "${pkg}" oci://ghcr.io/"${GITHUB_REPOSITORY_OWNER}"/charts + file=${pkg##*/} + name=${file%-*} + version=${file%.*} + version=${version#*-} + cosign sign ghcr.io/"${GITHUB_REPOSITORY_OWNER}"/charts/"${name}":"${version}" + done diff --git a/.github/workflows/release-tag.yml b/.github/workflows/release-tag.yml deleted file mode 100644 index 19dd3c12a..000000000 --- a/.github/workflows/release-tag.yml +++ /dev/null @@ -1,43 +0,0 @@ -# Create a tag when a PR on a release/v* branch is merged - -name: release-tag - -on: - pull_request: - types: - - closed - branches: - - main - -jobs: - tag: - runs-on: ubuntu-22.04 - steps: - - - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - - name: Temporarily disable "include administrators" branch protection - if: ${{ always() && github.ref == 'refs/heads/main' }} - id: disable_include_admins - uses: benjefferies/branch-protection-bot@af281f37de86139d1c7a27b91176b5dc1c2c827c # v1.1.2 - with: - access_token: ${{ secrets.REPO_GHA_PAT }} - branch: main - enforce_admins: false - - - name: Create tag - if: github.event.pull_request.merged == true && startsWith(${{ github.head_ref }}, "release/") - uses: christophebedard/tag-version-commit@57ffb155fc61c8ab098fcfa273469b532c1d4ce7 # v1.7.0 - with: - token: ${{ secrets.REPO_GHA_PAT }} - version_regex: '^Release ([a-z-]+-v[0-9]+\.[0-9]+\.[0-9]+)' - dry_run: false - - - name: Enable "include administrators" branch protection - uses: benjefferies/branch-protection-bot@af281f37de86139d1c7a27b91176b5dc1c2c827c # v1.1.2 - if: ${{ always() && github.ref == 'refs/heads/main' }} - with: - access_token: ${{ secrets.REPO_GHA_PAT }} - branch: main - enforce_admins: ${{ steps.disable_include_admins.outputs.initial_status }} diff --git a/RELEASE.md b/RELEASE.md index 79a3c69e9..18111f24f 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -1,7 +1,8 @@ -# How To Release +Release Process +=============== This repo contains two helm charts: [cloudnative-pg](./charts/cloudnative-pg) -and [cnpg-sandbox](./charts/cnpg-sandbox). Both the charts are available +and [cluster](./charts/cluster). Both the charts are available through a single [repository](https://cloudnative-pg.github.io/charts), but should be released separately as their versioning might be unlinked, and the latter depends on the former. @@ -11,59 +12,125 @@ release of the CloudNativePG operator. I.e. even if we have several release branches in CNPG, we will only target the most advanced point release (e.g. 1.17.1) -## How to release cloudnative-pg +## How to release the `cloudnative-pg` chart -In order to create a new release of the `cloudnative-pg` chart, -follow these steps: +In order to create a new release of the `cloudnative-pg` chart, follow these steps: -1. take note of the current value of the release: see `.version` - in `charts/cloudnative-pg/Chart.yaml` -1. decide which version to create, depending on the kind of jump of the - CloudNativePG release, following semver semantics. - For this document, let's call it `X.Y.Z` -1. create a branch named `release/cloudnative-pg-vX.Y.Z` and switch to it -1. update the `.version` in the [Chart.yaml](./charts/cloudnative-pg/Chart.yaml) file to `"X.Y.Z"` -1. update everything else as required, e.g. if releasing due to a new - cloudnative-pg version being released, you might want to update the - following: - 1. `.appVersion` in the [Chart.yaml](./charts/cloudnative-pg/Chart.yaml) file - 1. [crds.yaml](./charts/cloudnative-pg/templates/crds/crds.yaml), whose - content can be built using [kustomize](https://kustomize.io/) from the - cloudnative-pg repo using kustomize - [remoteBuild](https://github.com/kubernetes-sigs/kustomize/blob/master/examples/remoteBuild.md) - running: `kustomize build - https://github.com/cloudnative-pg/cloudnative-pg/tree/release-1.16/config/helm/\?ref=v1.16.0`, - **take care to set the correct release branch and version as ref** - (v1.15.1 in the example - command). \ - It might be easier to run `kustomize build config/helm` from the - `cloudnative-pg` repo, with the desired release branch checked out, and - copy the result to `./charts/cloudnative-pg/templates/crds/crds.yaml`. - 1. NOTE: please keep the guards for `.Values.crds.create`, i.e. - `{{- if .Values.crds.create }}` and `{{- end }}` after you copy the CRD - into `templates/crds/crds.yaml`. - 1. to update the files in the - [templates](./charts/cloudnative-pg/templates) directory, you can diff - the previous CNPG release yaml against the new one, to find what - should be updated (e.g. `vimdiff - https://raw.githubusercontent.com/cloudnative-pg/cloudnative-pg/main/releases/cnpg-1.15.0.yaml - https://raw.githubusercontent.com/cloudnative-pg/cloudnative-pg/main/releases/cnpg-1.15.1.yaml`) \ - Or, from the `cloudnative-pg` repo, with the desired release branch checked out, - `vimdiff releases/cnpg-1.15.0.yaml releases/cnpg-1.15.1.yaml` - 1. update [values.yaml](./charts/cloudnative-pg/values.yaml) if needed - 1. NOTE: updating `values.yaml` just for the CNPG verision may not be - necessary, as the value should default to the `appVersion` in `Chart.yaml` -1. run `make docs schema` to regenerate the docs and the values schema in case it is needed -1. `git commit -S -s -m "Release cloudnative-pg-vX.Y.Z" --edit` and add all - the informations you wish below the commit message. -1. `git push --set-upstream origin release/cloudnative-pg-vX.Y.Z` -1. a PR named `Release cloudnative-pg-vX.Y.Z` will be automatically created -1. wait for all the checks to pass -1. two approvals are required in order to merge the PR, if you are a - maintainer approve the PR yourself and ask for another approval, otherwise - ask for two approvals directly. -1. merge the pr squashing all commits and **taking care to keep the commit - message to be `Release cloudnative-pg-vX.Y.Z`** -1. a tag `cloudnative-pg-vX.Y.Z` will be automatically created by an action, - which will ten trigger the release action, check they both are successful. -1. once done you should be able to run helm repo `helm repo add cnpg https://cloudnative-pg.github.io/charts; helm repo update; helm search repo cnpg` and be able to see the new version `vX.Y.Z` as `CHART VERSION` for `cloudnative-pg` +1. Take note of the current value of the release: see `.version` in `charts/cloudnative-pg/Chart.yaml` +2. Decide which version to create, depending on the kind of jump of the CloudNativePG release, following semver + semantics. For this document, let's call it `X.Y.Z` + ```bash + NEW_VERSION="X.Y.Z" + ``` +3. Create a branch named `release/cloudnative-pg-X.Y.Z` and switch to it: + ```bash + git checkout -b release/cluster-$NEW_VERSION + ``` +4. Update the `.version` in the [Chart.yaml](./charts/cloudnative-pg/Chart.yaml) file to `"X.Y.Z"` + ```bash + sed -i -E "s/^version: ([0-9]+.?)+/version: $APP_VERSION/" charts/cloudnative-pg/Chart.yaml + ``` +5. Update everything else as required, e.g. if releasing due to a new `cloudnative-pg` version being released, you might + want to update the following: + 1. `.appVersion` in the [Chart.yaml](./charts/cloudnative-pg/Chart.yaml) file + 2. [crds.yaml](./charts/cloudnative-pg/templates/crds/crds.yaml), which can be built using + [kustomize](https://kustomize.io/) from the `cloudnative-pg` repo using kustomize + [remoteBuild](https://github.com/kubernetes-sigs/kustomize/blob/master/examples/remoteBuild.md) + running: + ```bash + VERSION=v1.16.0 + kustomize build https://github.com/cloudnative-pg/cloudnative-pg/tree/release-1.16/config/helm/\?ref=v1.16.0 + ``` + It might be easier to run `kustomize build config/helm` from the `cloudnative-pg` repo, with the desired release + branch checked out, and copy the result to `./charts/cloudnative-pg/templates/crds/crds.yaml`. + 3. NOTE: please keep the guards for `.Values.crds.create`, i.e. + `{{- if .Values.crds.create }}` and `{{- end }}` after you copy the CRD into `templates/crds/crds.yaml`. + 4. To update the files in the [templates](./charts/cloudnative-pg/templates) directory, you can diff the previous + CNPG release yaml against the new one, to find what should be updated (e.g. + ```bash + OLD_VERSION=1.15.0 + NEW_VERSION=1.15.1 + vimdiff \ + "https://raw.githubusercontent.com/cloudnative-pg/cloudnative-pg/main/releases/cnpg-${OLD_VERSION}.yaml" \ + "https://raw.githubusercontent.com/cloudnative-pg/cloudnative-pg/main/releases/cnpg-${NEW_VERSION}.yaml" + ``` + Or from the `cloudnative-pg` repo, with the desired release branch checked out: + ```bash + vimdiff releases/cnpg-1.15.0.yaml releases/cnpg-1.15.1.yaml + ``` + 5. Update [values.yaml](./charts/cloudnative-pg/values.yaml) if needed + 6. NOTE: updating `values.yaml` just for the CNPG version may not be necessary, as the value should default to the + `appVersion` in `Chart.yaml` +6. Run `make docs schema` to regenerate the docs and the values schema in case it is needed + ```bash + make docs schema + ``` +7. Commit and add the relevant information you wish in the commit message. + ```bash + git commit -S -s -m "Release cloudnative-pg-v$NEW_VERSION" --edit + ``` +8. Push the new branch + ```bash + git push --set-upstream origin release/cloudnative-pg-v$NEW_VERSION + ``` +9. A PR named `Release cloudnative-pg-X.Y.Z` should be automatically created +10. Wait for all the checks to pass +11. Two approvals are required in order to merge the PR, if you are a maintainer approve the PR yourself and ask for + another approval, otherwise ask for two approvals directly. +12. Merge the PR squashing all commits and **taking care to keep the commit message to be `Release cloudnative-pg-X.Y.Z`** +13. A release `cloudnative-pg-X.Y.Z` should be automatically created by an action, which will then trigger the release + action. Verify they both are successful. +14. Once done you should be able to run: + ```bash + helm repo add cnpg https://cloudnative-pg.github.io/charts + helm repo update + helm search repo cnpg + ``` + and be able to see the new version `X.Y.Z` as `CHART VERSION` for `cloudnative-pg` + +## How to release the `cluster` chart + +In order to create a new release of the `cluster` chart, follow these steps: + +1. Take note of the current value of the release: see `.version` in `charts/cluster/Chart.yaml` +2. Decide which version to create, depending on the kind of changes and backwards compatibility, following semver + semantics. For this document, let's call it `X.Y.Z` + ```bash + NEW_VERSION="X.Y.Z" + ``` +3. Create a branch: named `release/cluster-X.Y.Z` and switch to it + ```bash + git checkout -b release/cluster-$NEW_VERSION + ``` +4. Update the `.version` in the [Chart.yaml](./charts/cluster/Chart.yaml) file to `"X.Y.Z"` + ```bash + sed -i -E "s/^version: ([0-9]+.?)+/version: $APP_VERSION/" charts/cluster/Chart.yaml + ``` +5. Run `make docs schema` to regenerate the docs and the values schema in case it is needed + ```bash + make docs schema + ``` +6. Commit and add the relevant information you wish in the commit message. + ```bash + git commit -S -s -m "Release cluster-v$NEW_VERSION" --edit + ``` +7. Push the new branch + ```bash + git push --set-upstream origin release/cloudnative-pg-v$NEW_VERSION + ``` +8. A PR should be automatically created +9. Wait for all the checks to pass +10. Two approvals are required in order to merge the PR, if you are a + maintainer approve the PR yourself and ask for another approval, otherwise + ask for two approvals directly. +11. Merge the PR squashing all commits and **taking care to keep the commit + message to be `Release cluster-X.Y.Z`** +12. A release `cluster-X.Y.Z` should be automatically created by an action, which will ten trigger the release action. + Verify they both are successful. +13. Once done you should be able to run: + ```bash + helm repo add cnpg https://cloudnative-pg.github.io/charts + helm repo update + helm search repo cnpg + ``` + and be able to see the new version `X.Y.Z` as `CHART VERSION` for `cluster` diff --git a/dashboard.png b/dashboard.png deleted file mode 100644 index 2fd7e5c32..000000000 Binary files a/dashboard.png and /dev/null differ