diff --git a/.github/ISSUE_TEMPLATE/release_template_patch.md b/.github/ISSUE_TEMPLATE/release_template_patch.md index 9ac6fd8..4cb1ec7 100644 --- a/.github/ISSUE_TEMPLATE/release_template_patch.md +++ b/.github/ISSUE_TEMPLATE/release_template_patch.md @@ -1,5 +1,5 @@ --- -name: Release a new patch version of Cilium from a stable branch +name: NEW Release a new patch version of Cilium from a stable branch about: Create a checklist for an upcoming release title: 'vX.Y.Z release' labels: kind/release @@ -10,75 +10,79 @@ assignees: '' ## Setup preparation - [ ] Depending on your OS, make sure Docker is running -- [ ] Export a [`GITHUB_TOKEN`](https://github.com/settings/tokens/new?description=Cilium%20Release%20Script&scopes=write:org,public_repo) that has access to the repository. Only classic tokens are - [supported at the moment][GitHub PAT tracker], the needed scope is `public_repo`. -- [ ] Make sure a setup (GPG, SSH, S/MIME) is in place for [signing tags] with Git and install [Hub](https://github.com/github/hub). -- [ ] Make sure the `GOPATH` environment variable is set and pointing to the relevant path +- [ ] Export a [`GITHUB_TOKEN`](https://github.com/settings/tokens/new?description=Cilium%20Release%20Script&scopes=write:org,public_repo,project) that has access to the repository. Only classic tokens are + [supported at the moment][GitHub PAT tracker], the needed scopes are `write:org`, `public_repo` and `project`. +- [ ] Make sure a setup (GPG, SSH, S/MIME) is in place for [signing tags] + with Git and install [gh](https://cli.github.com). - [ ] Make sure the [Cilium helm charts][Cilium charts] and [release][Cilium release-notes tool] repositories are installed locally: - [ ] Run `git clone https://github.com/cilium/charts.git "$GOPATH/src/github.com/cilium/charts"` - [ ] Run `git clone https://github.com/cilium/release.git "$GOPATH/src/github.com/cilium/release"` - [ ] If you already have the repo checked out, make sure the `release` binary is up to date: git checkout master && git pull && make +- [ ] Read the documentation of `release start --help` tool to understand what + each automated step does. -## Pre-release +## Pre-check (run ~1 week before release date) - [ ] When you create a GitHub issue using this issue template, GitHub Slack app posts a message in #launchpad Slack channel. Create a thread for that message and ping the current backporter to merge the outstanding [backport PRs] and stop merging any new backport PRs until the GitHub issue is closed (to avoid generating incomplete release notes). -- [ ] Check that there are no [release blockers] for the targeted release version. -- [ ] Ensure that outstanding [backport PRs] are merged (these may be skipped on - case by case basis in coordination with the backporter). -- [ ] Check with @cilium/security team if there are any security fixes to include - in the release. -- [ ] Push a PR to cilium/cilium including the changes necessary for the new release: - - [ ] Change directory to the local copy of cilium/cilium repository and pull latest - changes from the branch being released - - [ ] Run `../release/internal/start-release.sh X.Y.Z`. You can ignore - warnings about commits with no related PR found. - Note that this script produces some files at the root of the Cilium - repository, and that these files are required at a later step for - tagging the release. Do not commit them. - - [ ] Commit all changed files with title `Prepare for release vX.Y.Z`. New - generated files, such as release-state.json and vX.Y.Z-changes.txt - should not be committed. Tip: use `git add -p` to review the changes and - compare them with the previous release PR. - - [ ] Submit PR (`../release/internal/submit-release.sh`). Note that only the smoke tests - need to succeed in order to merge this PR. Full e2e test runs are not required. +- [ ] Run `./release start --steps 1-pre-check --target-version vX.Y.Z` + - [ ] Check that there are no [release blockers] for the targeted release + version. + - [ ] Ensure that outstanding [backport PRs] are merged (these may be + skipped on case by case basis in coordination with the backporter). + - [ ] Check with @cilium/security team in case there are any CVEs found in the + docker image. + - [ ] Check with @cilium/security team if there are any security fixes to + include in the release. + +## Preparation PR (run ~1 day before release date. It can be re-run multiple times.) + +- [ ] Go to [release workflow] and Run the workflow from "Branch: main", for + step "2-prepare-release" and version for vX.Y.Z + - [ ] Check if the workflow was successful and check the PR opened by the + Release bot. - [ ] Merge PR + +## Tagging + - [ ] Ask a maintainer if there are any known issues that should hold up the release - [ ] FYI, do not wait too much time between a tag is created and the helm charts are published. Once the tags are published the documentation will be pointing to them. Until we release the helm chart, users will face issues while trying out our documentation. -- [ ] Create and push *both* tags to GitHub (`vX.Y.Z`, `X.Y.Z`) - - [ ] Pull latest `upstream/vX.Y` branch locally - - [ ] Run `../release/internal/tag-release.sh`. +- [ ] Run `./release start --steps 3-tag --target-version vX.Y.Z` - [ ] Ask a maintainer to approve the build in the following link (keep the URL of the GitHub run to be used later): [Cilium Image Release builds](https://github.com/cilium/cilium/actions?query=workflow:%22Image+Release+Build%22) - - [ ] Check if all docker images are available before announcing the release: - `make -C install/kubernetes/ check-docker-images` -- [ ] Get the image digests from the build process and make a commit and PR with - these digests. - - [ ] Run `../release/internal/post-release.sh URL` to fetch the image - digests and submit a PR to update these, use the `URL` of the GitHub - run here - - [ ] Get someone to review the PR. Do not trigger the full CI suite, but - wait for the automatic checks to complete. Merge the PR. -- [ ] Update helm charts - - [ ] Create helm charts artifacts in [Cilium charts] repository using - [cilium helm release tool] for the `vX.Y.Z` release - and create a PR with these changes against the charts repository. - Note: If you handle several patch releases at once, - create one PR per release, to make sure that the corresponding workflow - action run for each commit. Wait for your PR to be merged before - creating the other ones for other patch releases, or they will - conflict. - - [ ] Have a maintainer review and merge your PR. - - [ ] Check the output of the [chart workflow] and see if the test was - successful. + +## Post Tagging (run after docker images are published) + +- [ ] Go to [release workflow] and Run the workflow from "Branch: main", for + step "4-post-release" and version for vX.Y.Z + - [ ] Check if the workflow was successful and check the PR opened by the + Release bot. +- [ ] Merge PR + +## Publish helm (run after docker images are published) + +- [ ] Update helm charts `./release start --steps 5-publish-helm --target-version vX.Y.Z` +- [ ] Open [Charts Workflow] and check if the workflow run is successful. + +## Publish docs (only for pre/rc releases) + +- [ ] Check [read the docs] configuration: + - [ ] Set a new build as active and hidden in [active versions]. + - [ ] Deactivate previous RCs. + - [ ] Update algolia configuration search in [docsearch-scraper-webhook]. + - Update the versions in `docsearch.config.json`, commit them and push a + trigger the workflow [here](https://github.com/cilium/docsearch-scraper-webhook/actions/workflows/update-algolia-index.yaml) + +## Post-release + - [ ] Check draft release from [releases] page - [ ] Update the text at the top with 2-3 highlights of the release - [ ] Check with @cilium/security if the release addresses any open security @@ -90,18 +94,54 @@ assignees: '' _latest_ release displayed on GitHub (e.g. 1.11.13 does not become the new latest release over 1.12.5, but version 1.12.6 will). - [ ] Publish the release -- [ ] Announce the release in #general on Slack (do not use [@]channel) +- [ ] Announce the release in #general on Slack (do not use [@]channel). + See below for templates. +- [ ] Prepare post-release changes to main branch using `../release/internal/bump-readme.sh`. -## Post-release +--- -- [ ] Prepare post-release changes to main branch using `../release/internal/bump-readme.sh`. +## Slack example text templates + +### Patch releases + +``` +:confetti_ball: :cilium-radiant: Release Announcement :cilium-radiant::confetti_ball: + +Cilium vX.Y.Z, vA.B.C, and vD.E.F have been released. Thanks all for your contributions! Please see the release notes below for details :cilium-gopher: + +vX.Y.Z: https://github.com/cilium/cilium/releases/tag/vX.Y.Z +vA.B.C: https://github.com/cilium/cilium/releases/tag/vA.B.C +vD.E.F: https://github.com/cilium/cilium/releases/tag/vD.E.F +``` + +### First pre-release + +``` +:cilium-new: *Cilium vX.Y.Z-rc.W has been released:* +https://github.com/cilium/cilium/releases/tag/vX.Y.Z-rc.W + +This is the first monthly snapshot for the vX.Y development cycle. There are [vX.Y.Z-rc.W OSS docs](https://docs.cilium.io/en/vX.Y.Z-rc.W) available if you want to pull this version & try it out. +``` + +### Subsequent pre-/rc- releases + +``` +*Announcement* :tada: :tada: + +:cilium-new: *Cilium vX.Y.Z-rc.W has been released:* +https://github.com/cilium/cilium/releases/tag/vX.Y.Z-rc.W + +Thank you for the testing and contributing to the previous pre-releases. There are [vX.Y.Z-rc.W OSS docs](https://docs.cilium.io/en/vX.Y.Z-rc.W) available if you want to pull this version & try it out. +``` +[release workflow]: https://github.com/cilium/cilium/actions/workflows/release.yaml [GitHub PAT tracker]: https://github.com/orgs/community/discussions/36441 [signing tags]: https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-tags [release blockers]: https://github.com/cilium/cilium/labels/release-blocker%2FX.Y [backport PRs]: https://github.com/cilium/cilium/pulls?q=is%3Aopen+is%3Apr+draft%3Afalse+label%3Abackport%2FX.Y [Cilium release-notes tool]: https://github.com/cilium/release [Cilium charts]: https://github.com/cilium/charts +[Charts Workflow]: https://github.com/cilium/charts/actions/workflows/validate-cilium-chart.yaml [releases]: https://github.com/cilium/cilium/releases [cilium helm release tool]: https://github.com/cilium/charts/blob/master/RELEASE.md [cilium-runtime images]: https://quay.io/repository/cilium/cilium-runtime diff --git a/.github/ISSUE_TEMPLATE/release_template_patch_new.md b/.github/ISSUE_TEMPLATE/release_template_pre_main.md similarity index 84% rename from .github/ISSUE_TEMPLATE/release_template_patch_new.md rename to .github/ISSUE_TEMPLATE/release_template_pre_main.md index 4cb1ec7..e281ab6 100644 --- a/.github/ISSUE_TEMPLATE/release_template_patch_new.md +++ b/.github/ISSUE_TEMPLATE/release_template_pre_main.md @@ -1,7 +1,7 @@ --- -name: NEW Release a new patch version of Cilium from a stable branch +name: Release a new pre-release version of Cilium from the main branch about: Create a checklist for an upcoming release -title: 'vX.Y.Z release' +title: 'vX.Y.Z-pre.W release' labels: kind/release assignees: '' @@ -30,7 +30,7 @@ assignees: '' current backporter to merge the outstanding [backport PRs] and stop merging any new backport PRs until the GitHub issue is closed (to avoid generating incomplete release notes). -- [ ] Run `./release start --steps 1-pre-check --target-version vX.Y.Z` +- [ ] Run `./release start --steps 1-pre-check --target-version vX.Y.Z-pre.W` - [ ] Check that there are no [release blockers] for the targeted release version. - [ ] Ensure that outstanding [backport PRs] are merged (these may be @@ -43,7 +43,7 @@ assignees: '' ## Preparation PR (run ~1 day before release date. It can be re-run multiple times.) - [ ] Go to [release workflow] and Run the workflow from "Branch: main", for - step "2-prepare-release" and version for vX.Y.Z + step "2-prepare-release" and version for vX.Y.Z-pre.W - [ ] Check if the workflow was successful and check the PR opened by the Release bot. - [ ] Merge PR @@ -54,22 +54,14 @@ assignees: '' - [ ] FYI, do not wait too much time between a tag is created and the helm charts are published. Once the tags are published the documentation will be pointing to them. Until we release the helm chart, users will face issues while trying out our documentation. -- [ ] Run `./release start --steps 3-tag --target-version vX.Y.Z` +- [ ] Run `./release start --steps 3-tag --target-version vX.Y.Z-pre.W` - [ ] Ask a maintainer to approve the build in the following link (keep the URL of the GitHub run to be used later): [Cilium Image Release builds](https://github.com/cilium/cilium/actions?query=workflow:%22Image+Release+Build%22) -## Post Tagging (run after docker images are published) - -- [ ] Go to [release workflow] and Run the workflow from "Branch: main", for - step "4-post-release" and version for vX.Y.Z - - [ ] Check if the workflow was successful and check the PR opened by the - Release bot. -- [ ] Merge PR - ## Publish helm (run after docker images are published) -- [ ] Update helm charts `./release start --steps 5-publish-helm --target-version vX.Y.Z` +- [ ] Update helm charts `./release start --steps 5-publish-helm --target-version vX.Y.Z-pre.W` - [ ] Open [Charts Workflow] and check if the workflow run is successful. ## Publish docs (only for pre/rc releases) @@ -107,9 +99,9 @@ assignees: '' ``` :confetti_ball: :cilium-radiant: Release Announcement :cilium-radiant::confetti_ball: -Cilium vX.Y.Z, vA.B.C, and vD.E.F have been released. Thanks all for your contributions! Please see the release notes below for details :cilium-gopher: +Cilium vX.Y.Z-pre.W, vA.B.C, and vD.E.F have been released. Thanks all for your contributions! Please see the release notes below for details :cilium-gopher: -vX.Y.Z: https://github.com/cilium/cilium/releases/tag/vX.Y.Z +vX.Y.Z-pre.W: https://github.com/cilium/cilium/releases/tag/vX.Y.Z-pre.W vA.B.C: https://github.com/cilium/cilium/releases/tag/vA.B.C vD.E.F: https://github.com/cilium/cilium/releases/tag/vD.E.F ``` @@ -117,10 +109,10 @@ vD.E.F: https://github.com/cilium/cilium/releases/tag/vD.E.F ### First pre-release ``` -:cilium-new: *Cilium vX.Y.Z-rc.W has been released:* -https://github.com/cilium/cilium/releases/tag/vX.Y.Z-rc.W +:cilium-new: *Cilium vX.Y.Z-pre.W has been released:* +https://github.com/cilium/cilium/releases/tag/vX.Y.Z-pre.W -This is the first monthly snapshot for the vX.Y development cycle. There are [vX.Y.Z-rc.W OSS docs](https://docs.cilium.io/en/vX.Y.Z-rc.W) available if you want to pull this version & try it out. +This is the first monthly snapshot for the vX.Y development cycle. There are [vX.Y.Z-pre.W OSS docs](https://docs.cilium.io/en/vX.Y.Z-pre.W) available if you want to pull this version & try it out. ``` ### Subsequent pre-/rc- releases @@ -128,10 +120,10 @@ This is the first monthly snapshot for the vX.Y development cycle. There are [vX ``` *Announcement* :tada: :tada: -:cilium-new: *Cilium vX.Y.Z-rc.W has been released:* -https://github.com/cilium/cilium/releases/tag/vX.Y.Z-rc.W +:cilium-new: *Cilium vX.Y.Z-pre.W has been released:* +https://github.com/cilium/cilium/releases/tag/vX.Y.Z-pre.W -Thank you for the testing and contributing to the previous pre-releases. There are [vX.Y.Z-rc.W OSS docs](https://docs.cilium.io/en/vX.Y.Z-rc.W) available if you want to pull this version & try it out. +Thank you for the testing and contributing to the previous pre-releases. There are [vX.Y.Z-pre.W OSS docs](https://docs.cilium.io/en/vX.Y.Z-pre.W) available if you want to pull this version & try it out. ``` [release workflow]: https://github.com/cilium/cilium/actions/workflows/release.yaml diff --git a/.github/ISSUE_TEMPLATE/release_template_rc_master.md b/.github/ISSUE_TEMPLATE/release_template_rc_master.md deleted file mode 100644 index 737abed..0000000 --- a/.github/ISSUE_TEMPLATE/release_template_rc_master.md +++ /dev/null @@ -1,103 +0,0 @@ ---- -name: Release a new RC version of Cilium from main branch -about: Create a checklist for an upcoming release -title: 'vX.Y.Z-rc.W release' -labels: kind/release -assignees: '' - ---- - -## Setup preparation - -- [ ] Depending on your OS, make sure Docker is running -- [ ] Export a [`GITHUB_TOKEN`](https://github.com/settings/tokens/new?description=Cilium%20Release%20Script&scopes=write:org,public_repo) that has access to the repository -- [ ] Make sure a setup (GPG, SSH, S/MIME) is in place for [signing tags] with Git -- [ ] Make sure the `GOPATH` environment variable is set and pointing to the relevant path -- [ ] Make sure the [Cilium helm charts][Cilium charts] repository is installed locally: - - [ ] Run `git clone https://github.com/cilium/charts.git "$GOPATH/src/github.com/cilium/charts"` - -## Pre-release - -- [ ] Announce in Cilium slack channel #launchpad: `Starting vX.Y.Z-rc.W release process :ship:` -- [ ] Create a thread for that message and ping current top-hat to not merge any - PRs until the release process is complete. -- [ ] Change directory to the local copy of Cilium repository. -- [ ] Check that there are no [release blockers] for the targeted release version -- [ ] Push a PR including the changes necessary for the new release: - - [ ] Run `../release/internal/start-release.sh vX.Y.Z-rc.W` - Note that this script produces some files at the root of the Cilium - repository, and that these files are required at a later step for - tagging the release. - - [ ] Fix any duplicate `AUTHORS` entries and verify if it is possible to - get the real names instead of GitHub usernames. - - [ ] Commit the `AUTHORS` as well as the documentation files changed by the - previous step with title `update AUTHORS and Documentation`. - - [ ] Add the generated `CHANGELOG.md` file and commit all remaining changes - with the title `Prepare for release vX.Y.Z-rc.W` - - [ ] Submit PR (`../release/internal/submit-release.sh`) - - [ ] Allow the CI to sanity-check the PR (GitHub actions are enough) and get - review. - Note that it's likely that the "helm-charts" will fail since the GH - action regenerates the helm values file without understanding that - it's a release. - - [ ] Revert the release commit and re-push -- [ ] Merge PR -- [ ] Ping current top-hat that PRs can be merged again. -- [ ] Create and push *both* tags to GitHub (`vX.Y.Z-rc.W`, `X.Y.Z-rc.W`) - - Pull latest branch locally. - - Check out the commit before the revert and run `../release/internal/tag-release.sh` - against that commit. -- [ ] Ask a maintainer to approve the build in the following link: - [Cilium Image Release builds] - - [ ] Check if all docker images are available before announcing the release: - `make -C install/kubernetes/ RELEASE=yes CILIUM_BRANCH=main check-docker-images` - - [ ] Run `../release/internal/post-release.sh URL` to fetch the image - digests and submit draft release to the [releases] page. Use the `URL` - of the GitHub run here. -- [ ] Update helm charts - - [ ] Create helm charts artifacts in [Cilium charts] repository using - [cilium helm release tool] for the `vX.Y.Z-rc.W` release and push - these changes into the helm repository. - - [ ] Check the output of the [chart workflow] and see if the test was - successful. -- [ ] Check [read the docs] configuration: - - [ ] Set a new build as active and hidden in [active versions]. - - [ ] Deactivate previous RCs. - - [ ] Update algolia configuration search in [docsearch-scraper-webhook]. - - Update the versions in `docsearch.config.json`, commit them and push a trigger the workflow [here](https://github.com/cilium/docsearch-scraper-webhook/actions/workflows/update-algolia-index.yaml) -- [ ] Check draft release from [releases] page - - [ ] Update the text at the top with 2-3 highlights of the release - - [ ] Mark the checkbox of "This is a pre-release" - - [ ] Publish the release -- [ ] Announce the release in #general on Slack. -Text template for the first RC: -``` -*Announcement* :tada: :tada: - -:cilium-new: *Cilium release candidate vX.Y.Z-rc.W has been released:* -https://github.com/cilium/cilium/releases/tag/vX.Y.Z-rc.W - -This is the first monthly snapshot for the vX.Y development cycle. There are [vX.Y.Z-rc.W OSS docs](https://docs.cilium.io/en/vX.Y.Z-rc.W) available if you want to pull this version & try it out. -``` -Text template for the next RCs: -``` -*Announcement* :tada: :tada: - -:cilium-new: *Cilium release candidate vX.Y.Z-rc.W has been released:* -https://github.com/cilium/cilium/releases/tag/vX.Y.Z-rc.W - -Thank you for the testing and contributing to the previous pre-releases. There are [vX.Y.Z-rc.W OSS docs](https://docs.cilium.io/en/vX.Y.Z-rc.W) available if you want to pull this version & try it out. -``` -- [ ] Prepare post-release changes to main branch using `../release/internal/bump-readme.sh`. - -[signing tags]: https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-tags -[release blockers]: https://github.com/cilium/cilium/labels/release-blocker%2FX.Y -[Cilium charts]: https://github.com/cilium/charts -[Cilium Image Release builds]: https://github.com/cilium/cilium/actions?query=workflow:%22Image+Release+Build%22 -[releases]: https://github.com/cilium/cilium/releases -[cilium helm release tool]: https://github.com/cilium/charts/blob/master/RELEASE.md -[cilium-runtime images]: https://quay.io/repository/cilium/cilium-runtime -[read the docs]: https://readthedocs.org/projects/cilium/ -[active versions]: https://readthedocs.org/projects/cilium/versions/?version_filter=vX.Y.Z-rc.W -[docsearch-scraper-webhook]: https://github.com/cilium/docsearch-scraper-webhook -[chart workflow]: https://github.com/cilium/charts/actions/workflows/validate-cilium-chart.yaml