The Kubebuilder Project is released on an as-needed basis. The process is as follows:
Note: Releases are done from the release-MAJOR.MINOR
branches. For PATCH releases it is not required
to create a new branch. Instead, you will just need to ensure that all major fixes are cherry-picked into the respective
release-MAJOR.MINOR
branch. To know more about versioning check https://semver.org/.
Note: Before 3.5.*
release this project was released based on MAJOR
. A change to the
the process was done to ensure that we have an aligned process under the org (similar to controller-runtime
and
controller-tools
) and to make it easier to produce patch releases.
- Create a new branch
git checkout -b release-<MAJOR.MINOR>
from master - Push the new branch to the remote repository
- Create the changelog from the new branch
release-<MAJOR.MINOR>
(git checkout release-<MAJOR.MINOR>
). You will need to use the kubebuilder-release-tools to generate release notes. See here
Note
- You will need to have checkout locally from the remote repository the previous branch
- Also, ensure that you fetch all tags from the remote
git fetch --all --tags
- Create a new tag with the correct version from the new
release-<MAJOR.MINOR>
branch - Add the changelog on it and publish. Now, the code source is released !
- Publish the new release on the Slack channel, i.e:
:announce: Kubebuilder v3.5.0 has been released!
This release includes a Kubernetes dependency bump to v1.24.
For more info, see the release page: https://github.com/kubernetes-sigs/kubebuilder/releases/tag/v3.5.0
:tada: Thanks to all our contributors!
- An announcement email is sent to
[email protected]
with the subject[ANNOUNCE] Kubebuilder $VERSION is released
The binaries releases for HEAD are available here:
- kubebuilder-release-master-head-darwin-amd64.tar.gz
- kubebuilder-release-master-head-linux-amd64.tar.gz
The releases occur in an account in the Google Cloud (See here) using Cloud Build.
A trigger build-kb-release
is configured to call build/cloudbuild.yaml.
This trigger will be executed when any new tag be published.
The tags must be built from the release branch (Currently, release-3
).
Also, we have a trigger to generate snapshots builds from the master branch. This trigger will call build/cloudbuild_snapshot.yaml when any change needs to be performed on master.
Kubebuilder projects requires artifacts which are used to do test with ENV TEST (when we call make test
target)
These artifacts can be checked in the service page: https://storage.googleapis.com/kubebuilder-tools
The build is made from the branch tools-releases and the trigger will call the build/cloudbuild_tools.yaml
passing
as argument the architecture and the SO that should be used, e.g:
For further information see the README.
These images are built from the project brancz/kube-rbac-proxy.
The projects built with Kubebuilder creates a side container with kube-rbac-proxy
to protect the Manager.
These images are can be checked in the consolse, see here.
The project kube-rbac-proxy
is in the process to be donated to the k8s org. However, it is going on for a long time and then,
we have no ETA for that to occur. When that occurs we can automate this process. But until there we need to generate these images
by bumping the versions/tags released by kube-rbac-proxy
on the branch
kube-rbac-proxy-releases
then the build/cloudbuild_kube-rbac-proxy.yaml
will generate the images.
To check an example, see the pull request #2578.
Note: we cannot use the images produced by the project kube-rbac-proxy
because we need to ensure
to Kubebuilder users that these images will be available.
These images are used to verify the PR title and description. They are built from kubernetes-sigs/kubebuilder-release-tools. In Kubebuilder, we have been using this project via the GitHub action .github/workflows/verify.yml and not the image, see:
verify:
name: Verify PR contents
runs-on: ubuntu-latest
steps:
- name: Verifier action
id: verifier
uses: kubernetes-sigs/[email protected]
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
However, the image should still be built and maintained since other projects under the org might be using them.