Creating a new release

  1. Ensure that the controller CVE scan action is green.

  2. Ensure that the pre-release upgrade tests are passing.

  3. Go to the releases page and draft a new release.

  4. In the tag dropdown, type the name of the new tag you’d like to create (it should match the pattern of previous releases tags, for example: v2.0.0-beta.3). The release target should be main (the default).

  5. Use the GitHub “auto-generate release notes” button to generate a set of release notes to work with. You will need to clean this up quite a bit before actually publishing it.

  6. Write a “Release Notes” section. You can edit the autogenerated section as a start. You can also look through the commits between the last release and now:

    git log v2.4.0..main
    
  7. Publish the release. This will automatically trigger a GitHub action to build and publish an updated Docker image with the latest manager changes.

  8. Ensure that the action associated with your release finishes successfully.

  9. Update our documentation to move resources listed under “Next Release” to the heading “Released”.

  10. Update the ROADMAP to reflect the new release.

Catalog breaking changes

There may be breaking changes in a new release of ASO, either due to changes we made or changes made in the upstream service Swagger specifications. We must validate each breaking change so that we can notify customers about it.

  1. Download the CRD definitions for the prior release (in this example, v2.5.0):

    wget https://github.com/Azure/azure-service-operator/releases/download/v2.6.0/azureserviceoperator_customresourcedefinitions_v2.6.0.yaml
    
  2. Download the CRD definitions for the new release (in this example, v2.6.0):

    wget https://github.com/Azure/azure-service-operator/releases/download/v2.7.0/azureserviceoperator_customresourcedefinitions_v2.7.0.yaml
    

    This will only be available when the GitHub action triggered by publishing the release has finished.

  3. Produce a diff between these files and examine it.

    diff -u <old> <new> > comparison.diff
    

Testing

Perform a simple smoke test to make sure the new release is capable of starting up and creating some Azure resources.

  1. Ensure you have the following environment variables exported:

    • AZURE_SUBSCRIPTION_ID
    • AZURE_TENANT_ID
  2. Create a kind cluster

    task controller:kind-create-wi
    
  3. Enable workload identity on that cluster:

    task: controller:create-mi-for-workload-identity
    
  4. Install cert-manager

    task controller:install-cert-manager
    
  5. Create the namespace for the operator

    kubectl create namespace azureserviceoperator-system
    
  6. Create a secret in your cluster with the Workload Identity credentials for ASO to use:

    task controller:make-workload-identity-secret
    
  7. Download asoctl

    curl -L https://github.com/Azure/azure-service-operator/releases/latest/download/asoctl-linux-amd64.gz -o asoctl.gz
    gunzip asoctl.gz
    chmod +x asoctl
    
  8. Use asoctl to install the new release

    ./asoctl export template --version v2.7.0 --crd-pattern "resources.azure.com/*;network.azure.com/*" | kubectl apply -f -
    
  9. Watch while ASO starts

    kubectl get all -n azureserviceoperator-system
    
  10. Create a resource group and a vnet in it (the vnet is to check that conversion webhooks are working, since there aren’t any for RGs):

    kubectl apply -f v2/samples/resources/v1api/v1api20200601_resourcegroup.yaml
    kubectl apply -f v2/samples/network/v1api20201101/v1api20201101_virtualnetwork.yaml
    
  11. Make sure they deploy successfully - check in the portal as well.

Create and test the Helm chart

  1. Create a new branch from <NEW_RELEASE_TAG> HEAD
  2. Generate helm manifest for new release: task controller:gen-helm-manifest
  3. Check the version in /v2/charts/azure-service-operator/Chart.yaml if matches with the latest release tag.
  4. Create a kind cluster
    task controller:kind-create-wi
    
  5. Enable workload identity on that cluster:
    task: controller:create-mi-for-workload-identity
    
  6. Install cert-manager
    task controller:install-cert-manager
    
  7. Install helm chart:
    helm install --set azureSubscriptionID=$AZURE_SUBSCRIPTION_ID \
    --set azureTenantID=$AZURE_TENANT_ID \
    --set azureClientID=$AZURE_CLIENT_ID \
    --set useWorkloadIdentityAuth=true \
    asov2 -n azureserviceoperator-system --create-namespace ./v2/charts/azure-service-operator/.
    
  8. Wait for the chart installation.
  9. Wait for it to start: k get all -n azureserviceoperator-system
  10. Create a resource group and a vnet in it (the vnet is to check that conversion webhooks are working, since there aren’t any for RGs):
    k apply -f v2/samples/resources/v1beta/v1beta20200601_resourcegroup.yaml
    k apply -f v2/samples/network/v1beta/v1beta20201101_virtualnetwork.yaml
    
  11. Make sure they deploy successfully - check in the portal as well.
  12. If installed successfully, commit the files under v2/charts/azure-service-operator.
  13. Send a PR.

Update Resource Documentation

Any resources included in the new release will currently be listed under “Next Release” in the documentation, so we need to update the documentation to move them to the “Released” section.

  1. Create a new branch from main and check it out.
  2. Update the setting supportedResourcesReport.currentRelease to the new release in v2/azure-arm.yaml
  3. Run task controller:generate-types to update the documentation.
  4. Repeat the above steps by modifying hack/crossplane/azure-crossplane.yml and running task crossplane:generate-types.
  5. Commit the changes and send a PR.

Update ROADMAP

Modify the ROADMAP.md file in the repo root.

  • Add the new release to the Prior Releases section, linking to the release in GitHub.
  • Remove the new release from the Release Cadence & Planning section and add a new future release to the end.
  • Check that future versions are linked to the relevant GitHub milestone where possible.

Then commit the changes and send a PR.

Fixing an incorrect release

If there was an issue publishing a new release, we may want to delete the existing release and try again. Only do this if you’ve just published the release and there is something wrong with it. We shouldn’t be deleting releases people are actually using.

  1. Delete the release in the releases page.
  2. Delete the tag: git push <origin> --delete <tag>, for example git push origin --delete v2.0.0-alpha.1.

At this point, you can safely publish a “new” release with the same name.