- Make changes as per issue
b. Make changes to appropriate files in images directory
- Make changes in /images
-
Open a Pull Request for your changes considering the following steps to fire cloudbuild of a new image for the Ingress-Nginx-Controller:
-
In case of rare CVE fix or other reason to rebuild the nginx-base-image itself, look at the /images directory NGINX Base Image.
-
Example NGINX_VERSION, SHA256.
-
If you are updating any component in build.sh please also update the SHA256 checksum of that component as well, the cloud build will fail with an exit 10 if not.
-
- Merging will fire cloudbuild, which will result in images being promoted to the staging container registry.
-
Wait for cloud build. If you don't have access to cloudbuild, you can also have a look at this, to see the progress of the build.
-
Proceed only after cloud-build is successful in building a new Ingress-Nginx-Controller image.
- If applicable, then build a new image of any other related component, ONLY IF APPLICABLE TO THE RELEASE
- Change code as per issue
b. Make changes to appropriate files in images directory
-
Sometimes, you may also be needing to rebuild, images for one or multiple other related components of the Ingress-Nginx-Controller ecosystem. Make changes to the required files in the /images directory, if/as applicable, in the context of the release you are attempting. :
-
-
Update references to e2e-test-runner image [If applicable] :
-
-
- Open pull request(s) accordingly, to fire cloudbuild for rebuilding the component's image (if applicable).
- Merging will fire cloudbuild, which will result in images being promoted to the staging container registry.
-
Wait for cloud build. If you don't have access to cloudbuild, you can also have a look at this, to see the progress of the build.
-
Proceed only after cloud-build is successful in building a new Ingress-Nginx-Controller image.
Promoting the images basically means that images, that were pushed to staging container registry in the steps above, now are also pushed to the public container registry. Thus are publicly available. Follow these steps to promote images:
-
Get the sha of the new image(s) of the controller, (and any other component image IF APPLICABLE to release), from the cloudbuild, from steps above
-
The sha is available in output from cloud build
-
The sha is also visible here https://console.cloud.google.com/gcr/images/k8s-staging-ingress-nginx/global/controller
-
The sha is also visible here, after cloud build is finished. Click on the respective job, go to
Artifacts
section in the UI, then againartifacts
in the directory browser. In thebuild.log
at the very bottom you see something like this:
... pushing manifest for gcr.io/k8s-staging-ingress-nginx/controller:v1.0.2@sha256:e15fac6e8474d77e1f017edc33d804ce72a184e3c0a30963b2a0d7f0b89f6b16 ...
-
b. Add the new image to k8s.io
-
The sha(s) from the step before (and the tag(s) for the new image(s) have to be added, as a new line, in a file, of the k8s.io project of Kubernetes organization.
-
Fork that other project (if you don't have a fork already).
-
Other project to fork Github repo kubernetes/k8s.io
-
Fetch --all and rebase to upstream if already forked.
-
Create a branch in your fork, named as the issue number for this release
-
In the related branch, of your fork, edit the file /k8s.gcr.io/images/k8s-staging-ingress-nginx/images.yaml.
-
For making it easier, you can edit your branch directly in the browser. But be careful about making any mistake.
-
Insert the sha(s) & the tag(s), in a new line, in this file Project kubernetes/k8s.io Ingress-Nginx-Controller Images Look at this example PR and the diff to see how it was done before
-
Save and commit
- Open pull request to promote the new controller image.
-
Merge success is required for next step
-
Proceed only after cloud-build is successful in building a new Ingress-Nginx-Controller image.
-
Make sure to get the tag and sha of the promoted image from the step before, either from cloudbuild or from here.
-
This involves editing of several different files. So carefully follow the steps below and double check all changes with diff/grep etc., repeatedly. Mistakes here impact endusers.
-
Get your git workspace ready
-
If not using a pre-existing fork, then Fork the repo kubernetes/ingress-nginx
-
Clone (to laptop or wherever)
-
Add upstream
-
Set upstream url to no_push
-
Checkout & switch to branch, named as per related new-release-issue-number
-
If already forked, and upstream already added, then
git fetch --all
andgit rebase upstream/main
(not origin) -
Checkout a branch in your fork's clone
-
Perform any other diligence as needed
-
-
Prefer to edit only and only in your branch, in your Fork
- Change the below mentioned Fields in Chart.yaml
- version
- appVersion
- kubeVersion (ONLY if applicable)
- annotations
- artifacthub.io/prerelease: "true"
- artifacthub.io/changes: |
- Add the titles of the PRs merged after previous release here. I used the github-cli to get that list like so
gh pr list -s merged -L 38 -B main | cut -f1,2
- Add the titles of the PRs merged after previous release here. I used the github-cli to get that list like so
-
- tag
- digest
-
helm-docs is a tool that generates the README.md for a helm-chart automatically. In the CI pipeline workflow of github actions (/.github/workflows/ci.yaml), you can see how helm-docs is used. But the CI pipeline is not designed to make commits back into the project. So we need to run helm-docs manually, and check in the resulting autogenerated README.md at the path /charts/ingress-nginx/README.md
GOBIN=$PWD GO111MODULE=on go install github.com/norwoodj/helm-docs/cmd/[email protected] ./helm-docs --chart-search-root=${GITHUB_WORKSPACE}/charts git diff --exit-code rm -f ./helm-docs
Watchout for mistakes like leaving the helm-docs executable in your clone workspace or not not checking the new README.md manually etc.
-
Prepare to use a script to update the edit the static manifests and set the "image", "digest", "version" etc. fields to the desired value.
-
This script depends on python and a specific python package
pip3 install ruamel.yaml
-
Execute the script to update static manifests using that script generate-deploy-scripts.sh
-
Open some of the manifests and check if the script worked properly
-
Use grep -ir to search for any misses by the script or undesired changes
-
The script should properly set the image and the digest fields to the desired tag and semver
-
Manually fix one problem that the script can not take care of.
-
This problem is wrong formatting of a snippet in the file deploy-tls-termination.yaml
-
In the configMap section, for the configMap named ingress-nginx-controller, the "configMap.data" spec has a snippet
-
This snippet becomes a single line, formatted with the newline character "\n"
-
That single line formatted with "\n" needs to be changed as it does not meet yaml requirements
-
At the time of writing this doc, the 'configMap.data' spec is at line number 39.
-
So editing begins at line 40 (at the time of writing this doc)
-
Make that snippet look like this ;
data: http-snippet:| server{ listen 2443; return 308 https://$host$request_uri; }
-
- Add the PRs merged after previous release
- If you use the github cli https://cli.github.com/, then that is one useful command to get this list of PRs
- One way of using gh cli and getting the list of PRs for changelog is described below
-
Install and configure github cli as per the docs of gh-cli
-
Change dir to your clone, of your fork, of the ingress-nginx project
-
Run the below command and save the output to a txt file
gh pr list -s merged -L 38 -B main | cut -f1,2 > ~/tmp/prlist.txt
- The -L 38 was used for 2 reasons.
- Default number of results is 30 and there were more than 30 PRs merged while releasing v1.1.1.
- The other reason to use -L 38 was to ommit the 39th, the 40th and the 41st line in the resulting list. These were non-relevant PRs.
- The -L 38 was used for 2 reasons.
-
Then use some easy automation in bash/python/whathaveyou to get the PR-List that can be used in the changelog
-
I save output of above command to a file called prlist.txt. It looks somewhat like this ;
% cat ~/Downloads/prlist.txt 8129 fix syntax in docs for multi-tls example 8120 Update go in runner and release v1.1.1 8119 Update to go v1.17.6 8118 Remove deprecated libraries, update other libs 8117 Fix codegen errors 8115 chart/ghaction: set the correct permission to have access to push a release ....
-
Then I use the bash scripty way seen below to convert those PR numbers into links. If I saved the below content in a script called prlist_to_changelog.sh, then I run the command
prlist_to_changelog.sh prlist.txt
#!/usr/bin/bash file="$1" while read -r line; do pr_num=`echo "$line" | cut -f1` pr_title=`echo "$line" | cut -f2` echo "[$pr_num](https://github.com/kubernetes/ingress-nginx/pull/$pr_num) $pr_title" done <$file
-
- Update the version in docs/deploy/index.md
- Update Supported versions in the Support Versions table in the README.md
- Edit the stable.txt file(if applicable), in the root of the repo, to reflect the release to be created
- Criteria is a release that has been GA for a while but reported issues are not bugs but mostly /kind support or feature
- Update the table in README.md in the root of the projet to reflect the support matrix. Add the new release version and details in there.
- Open PR for releasing the new version of the Ingress-Nginx-Controller ;
- Look at this PR for how it was done before example PR
- Create a PR
- Merge should produce manifests as well as chart
- Check
helm repo update
helm search repo ingress-nginx
-
Release to github
-
Edit the ghpages file as needed