Creating a new release

  1. Ensure that the controller CVE scan action is green.

  2. Ensure that the pre-release upgrade tests are passing.

  3. Go to the releases page and draft a new release.

  4. In the tag dropdown, type the name of the new tag you’d like to create (it should match the pattern of previous releases tags, for example: v2.0.0-beta.3). The release target should be main (the default).

  5. Use the GitHub “auto-generate release notes” button to generate a set of release notes to work with. You will need to clean this up quite a bit before actually publishing it.

  6. Write a “Release Notes” section. You can edit the autogenerated section as a start. You can also look through the commits between the last release and now:

    git log v2.4.0..main
  7. Publish the release. This will automatically trigger a GitHub action to build and publish an updated Docker image with the latest manager changes.

  8. Ensure that the action associated with your release finishes successfully.

  9. Update our documentation to move resources listed under “Next Release” to the heading “Released”.

  10. Update the ROADMAP to reflect the new release.

Catalog breaking changes

There may be breaking changes in a new release of ASO, either due to changes we made or changes made in the upstream service Swagger specifications. We must validate each breaking change so that we can notify customers about it.

  1. Download the CRD definitions for the prior release (in this example, v2.5.0):

  2. Download the CRD definitions for the new release (in this example, v2.6.0):


    This will only be available when the GitHub action trigged by publishing the release has finished.

  3. Produce a diff between these files and examine it.

    diff -u <old> <new> > comparison.diff


Perform a simple smoke test to make sure the new release is capable of starting up and creating some Azure resources.

  1. Create a kind cluster

    task controller:kind-create
  2. Install cert-manager

    task controller:install-cert-manager
  3. Create the namespace for the operator

    kubectl create namespace azureserviceoperator-system
  4. Ensure you have a Service Principal and export these environment variables:

  5. Create a secret in your cluster with the Service Principal credentials for ASO to use:

    task controller:make-sp-secret
  6. Download the operator from MCR.

  7. Configure crd-patterns to use with new release.

    sed -i 's_--crd-pattern=.**;*_g' azureserviceoperator_v2.3.0.yaml

    We use sed to replace the blank setting included in the release with the one we want to use, including both resource group and network CRDs.

  8. Install the operator into your cluster

    kubectl apply --server-side=true -f azureserviceoperator_v2.0.0-beta.3.yaml

    (We need to use server-side apply because the CRD for VirtualMachines is large enough that it can’t fit in the last-applied-configuration annotation client-side kubectl apply uses.)

  9. Watch while ASO starts

    kubectl get all -n azureserviceoperator-system
  10. Create a resource group and a vnet in it (the vnet is to check that conversion webhooks are working, since there aren’t any for RGs):

    kubectl apply -f v2/samples/resources/v1api/v1api20200601_resourcegroup.yaml
    kubectl apply -f v2/samples/network/v1api20201101/v1api20201101_virtualnetwork.yaml
  11. Make sure they deploy successfully - check in the portal as well.

Create and test the Helm chart

Note: A PR that does this should be automatically generated when a new release is published. These steps are documented here in case that process fails.

  1. Create a new branch from <NEW_RELEASE_TAG> HEAD
  2. Generate helm manifest for new release: task controller:gen-helm-manifest
  3. Check the version in /v2/charts/azure-service-operator/Chart.yaml if matches with the latest release tag.
  4. Install helm chart:
    helm install --set azureSubscriptionID=$AZURE_SUBSCRIPTION_ID \
    --set azureTenantID=$AZURE_TENANT_ID \
    --set azureClientSecret=$AZURE_CLIENT_SECRET \
    --set azureClientID=$AZURE_CLIENT_ID \
    asov2 -n azureserviceoperator-system --create-namespace ./v2/charts/azure-service-operator/.
  5. Wait for the chart installation.
  6. Wait for it to start: k get all -n azureserviceoperator-system
  7. Create a resource group and a vnet in it (the vnet is to check that conversion webhooks are working, since there aren’t any for RGs):
    k apply -f v2/samples/resources/v1beta/v1beta20200601_resourcegroup.yaml
    k apply -f v2/samples/network/v1beta/v1beta20201101_virtualnetwork.yaml
  8. Make sure they deploy successfully - check in the portal as well.
  9. If installed successfully, commit the files under v2/charts/azure-service-operator.
  10. Send a PR.

Update Resource Documentation

Any resources included in the new release will currently be listed under “Next Release” in the documentation, so we need to update the documentation to move them to the “Released” section.

  1. Create a new branch from main and check it out.
  2. Update the setting supportedResourcesReport.currentRelease to the new release in v2/azure-arm.yaml
  3. Run task controller:generate-types to update the documentation.
  4. Repeat the above steps by modifying hack/crossplane/azure-crossplane.yml and running task crossplane:generate-types.
  5. Commit the changes and send a PR.


Modify the file in the repo root.

  • Add the new release to the Prior Releases section, linking to the release in GitHub.
  • Remove the new release from the Release Cadence & Planning section and add a new future release to the end.
  • Check that future versions are linked to the relevant GitHub milestone where possible.

Then commit the changes and send a PR.

Fixing an incorrect release

If there was an issue publishing a new release, we may want to delete the existing release and try again. Only do this if you’ve just published the release and there is something wrong with it. We shouldn’t be deleting releases people are actually using.

  1. Delete the release in the releases page.
  2. Delete the tag: git push <origin> --delete <tag>, for example git push origin --delete v2.0.0-alpha.1.

At this point, you can safely publish a “new” release with the same name.