chore(release-pipeline): update references to oci bucket #9189
Conversation
tekton-robot
added
kind/misc
tekton-robot
added
the
size/M
|
Need this to be on hold until the PRs in plumbing repos related to this PR are merged. Will update the details here shortly |
Could you include a link to said PRs please? |
@afrittoli Please review - tektoncd/plumbing#2948 |
anithapriyanatarajan
force-pushed
the
update-release-pipeline
branch
from
fdf522d to
2d5417a
Compare
|
The plumbing PR is now merged 👼🏼 |
tekton-robot
added
size/L
Signed-off-by: Anitha Natarajan <[email protected]>
anithapriyanatarajan
force-pushed
the
update-release-pipeline
branch
from
02126d7 to
9eb642f
Compare
anithapriyanatarajan
changed the title
tekton-robot
removed
the
do-not-merge/work-in-progress
|
@vdemeester @afrittoli - Thankyou. Updated release pipeline and cheatsheet with the prcheck task and upload tasks poiting the latest plumbing and catalog versions. Please review |
github-project-automation
bot
moved this from Done
to In Progress
in Tekton Community Roadmap
github-project-automation
bot
moved this from In Progress
to Done
in Tekton Community Roadmap
github-project-automation
bot
moved this from Done
to In Progress
in Tekton Community Roadmap
|
/retest |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: afrittoli The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
tekton-robot
added
the
approved
| ``` | ||
| Sample secret template for reference: | ||
| ``` |
| kubectl apply -f tekton/account.yaml | ||
| kubectl patch serviceaccount $ACCOUNT \ | ||
| -p "{\"secrets\": [{\"name\": \"$GENERIC_SECRET\"}]}" | ||
| 1. When executing release pipelines, some tasks require `oci cli` commands. The CLI requires credentials which should be created as a Kubernetes secret and mounted to the respective task's workspace. For example refer the precheck definition. |
There was a problem hiding this comment.
NIT: It's ok to explain this, as it may be handy for troubleshooting.
The cheat-sheet should be an operational guide to what needs to be done step by step to make a release. The secret is deployed to the cluster via terraform, so the release manager should not need to create the secret.
| TEKTON_OLD_VERSION= # Example: v0.68.0 | ||
| TEKTON_RELEASE_NAME="Oriental Longhair Omnibot" # Name of the release | ||
| TEKTON_PACKAGE=tektoncd/pipeline | ||
| TEKTON_REPO_NAME=pipeline |
There was a problem hiding this comment.
NIT: Why do we need this here? The repo name is already set to the valid default in the pipeline.
There was a problem hiding this comment.
This is a needed for release-draft-oci pipeline that is called from plumbing repo.
|
/lgtm |
github-project-automation
bot
moved this from In Progress
to Done
in Tekton Community Roadmap
| --param releaseBucket=gs://tekton-releases/pipeline \ | ||
| --param releaseBucket=tekton-releases \ | ||
| --param koExtraArgs="" \ | ||
| --workspace name=release-secret,secret=release-secret \ |
There was a problem hiding this comment.
This should be oci-release-secret
| ```bash | ||
| RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/${TEKTON_VERSION}/release.yaml | ||
| CONTROLLER_IMAGE_SHA=$(curl $RELEASE_FILE | egrep 'ghcr.io.*controller' | cut -d'@' -f2) | ||
| RELEASE_FILE=https://infra.tekton.dev/tekton-releases/triggers/previous/${VERSION_TAG}/release.yaml |
There was a problem hiding this comment.
VERSION_TAG is not defined, it should be TEKTON_VERSION as it was before
There was a problem hiding this comment.
The project is not triggers, it should be pipeline as it was
| Create a pod template file: | ||
|
|
||
| ```shell | ||
| cat <<EOF > tekton/pod-template.yaml |
There was a problem hiding this comment.
This writes the file to tekton/pod-template.yaml and right after tries to get the file as pod-template.yaml (without the folder). Could you change this to pod-template instead?
We could add this file and the workspace one to .gitignore or we could do something like:
POD_TEMPLATE=$(mktemp)
cat <<EOF > $POD_TEMPLATE
(...)
--pod-template "${POD_TEMPLATE}" \for both files
| Optional: Add a photo of this release's "purr programmer" (someone's cat). | ||
|
|
||
| 1. Update [the catalog repo](https://github.com/tektoncd/catalog) test infrastructure | ||
| to use the new release by updating the `RELEASE_YAML` link in [e2e-tests.sh](https://github.com/tektoncd/catalog/blob/main/test/e2e-tests.sh). |
There was a problem hiding this comment.
I forgot to update this in the past, perhaps you could update it as well?
1. Update [the catalog repo](https://github.com/tektoncd/catalog) test infrastructure
to use the new release by updating the test matrix in the `[ci.yaml](https://github.com/tektoncd/catalog/blob/main/.github/workflows/ci.yaml)`.
4 participants
Changes
This pull request updates the Tekton release cheat sheet and release pipeline to reflect new infrastructure and workflow changes, primarily switching from Google Cloud (GCP) to Oracle Cloud Infrastructure (OCI) and updating release URLs. The changes standardize release parameters, update secret and bucket references, and revise instructions for interacting with clusters and release files.
Infrastructure and URL updates:
storage.googleapis.comtoinfra.tekton.dev, ensuring consistency with the new hosting location.gcloud(GCP) to OCI CLI commands, reflecting the migration to Oracle Cloud.Parameter and secret updates:
serviceaccount,serviceAccountPath), addingrepoName, and updating secret references fromrelease-secrettooci-release-secretwhere appropriate.Release workflow improvements:
Submitter Checklist
As the author of this PR, please check off the items in this checklist:
/kind <type>. Valid types are bug, cleanup, design, documentation, feature, flake, misc, question, tepRelease Notes
/kind misc