diff --git a/.github/workflows/lint-test-chart.yaml b/.github/workflows/lint-test-chart.yaml index 25699472c..9da85030e 100644 --- a/.github/workflows/lint-test-chart.yaml +++ b/.github/workflows/lint-test-chart.yaml @@ -2,9 +2,11 @@ name: Lint and Test Chart on: pull_request: + branches: + - master + - release-v* paths: - - .github/workflows/lint-test-chart.yaml - - "charts/metrics-server/**" + - charts/metrics-server/** permissions: contents: read @@ -23,6 +25,23 @@ jobs: with: fetch-depth: 0 + - name: Setup + id: setup + run: | + set -euo pipefail + + chart_version="$(yq eval '.version' ./charts/metrics-server/Chart.yaml)" + changed=false + + if [[ -n "$(ct list-changed --target-branch=${{ github.event.repository.default_branch }})" ]]; then + changed=true + fi + + { + echo "chart_version=${chart_version}" + echo "changed=${changed}" + } >> "${GITHUB_OUTPUT}" + - name: Set-up Python uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 with: @@ -36,33 +55,15 @@ jobs: - name: Set-up chart-testing uses: helm/chart-testing-action@0d28d3144d3a25ea2cc349d6e59901c4ff469b3b # v2.7.0 - - name: Check for changes - id: changes - run: | - changed="$(ct list-changed --target-branch ${{ github.event.repository.default_branch }})" - if [[ -n "${changed}" ]] - then - echo "changed=true" >> "${GITHUB_OUTPUT}" - else - echo "changed=false" >> "${GITHUB_OUTPUT}" - fi - - - name: Get chart version - id: chart_version - if: steps.changes.outputs.changed == 'true' - uses: mikefarah/yq@f03c9dc599c37bfcaf533427211d05e51e6fee64 # v4.47.1 - with: - cmd: yq eval '.version' './charts/metrics-server/Chart.yaml' - - name: Get changelog entry - if: steps.changes.outputs.changed == 'true' + if: steps.setup.outputs.changed == 'true' uses: mindsers/changelog-reader-action@32aa5b4c155d76c94e4ec883a223c947b2f02656 # v2.2.3 with: path: charts/metrics-server/CHANGELOG.md - version: ${{ steps.chart_version.outputs.result }} + version: ${{ steps.setup.outputs.chart_version }} - name: Set-up Artifact Hub CLI - if: steps.changes.outputs.changed == 'true' + if: steps.setup.outputs.changed == 'true' uses: action-stars/install-tool-from-github-release@f2e83e089fa618aa7e9fd3452fbcf4fe1598ede2 # v0.2.5 with: github_token: ${{ github.token }} @@ -73,21 +74,21 @@ jobs: version: latest - name: Run Artifact Hub lint - if: steps.changes.outputs.changed == 'true' + if: steps.setup.outputs.changed == 'true' run: ah lint --kind helm || exit 1 - name: Run chart-testing lint - if: steps.changes.outputs.changed == 'true' - run: ct lint --check-version-increment=false --target-branch ${{ github.event.repository.default_branch }} + if: steps.setup.outputs.changed == 'true' + run: ct lint --target-branch=${{ github.event.repository.default_branch }} --check-version-increment=false - name: Create Kind cluster - if: steps.changes.outputs.changed == 'true' + if: steps.setup.outputs.changed == 'true' uses: helm/kind-action@a1b0e391336a6ee6713a0583f8c6240d70863de3 # v1.12.0 with: wait: 120s - name: Install cert-manager dependency - if: steps.changes.outputs.changed == 'true' + if: steps.setup.outputs.changed == 'true' run: | helm repo add jetstack https://charts.jetstack.io helm install cert-manager jetstack/cert-manager \ @@ -98,7 +99,7 @@ jobs: --set extraArgs='{--enable-certificate-owner-ref}' - name: Prepare existing secret test scenario - if: steps.changes.outputs.changed == 'true' + if: steps.setup.outputs.changed == 'true' run: | openssl req -x509 -newkey rsa:2048 -sha256 -days 365 \ -nodes -keyout ${{ runner.temp }}/tls.key -out ${{ runner.temp }}/tls.crt \ @@ -119,5 +120,5 @@ jobs: rm ${{ runner.temp }}/tls.key ${{ runner.temp }}/tls.crt - name: Run chart-testing install - if: steps.changes.outputs.changed == 'true' - run: ct install --target-branch ${{ github.event.repository.default_branch }} --namespace kube-system + if: steps.setup.outputs.changed == 'true' + run: ct install --target-branch=${{ github.event.repository.default_branch }} --namespace kube-system diff --git a/.github/workflows/release-chart.yaml b/.github/workflows/release-chart.yaml index 94e2bd8b0..7c044bbb5 100644 --- a/.github/workflows/release-chart.yaml +++ b/.github/workflows/release-chart.yaml @@ -3,6 +3,7 @@ name: Release Chart on: push: branches: + - master - release-* paths: - charts/metrics-server/Chart.yaml @@ -26,59 +27,51 @@ jobs: with: fetch-depth: 0 - - name: Configure Git - run: | - git config user.name "$GITHUB_ACTOR" - git config user.email "$GITHUB_ACTOR@users.noreply.github.com" - - - name: Get chart version - id: chart_version - uses: mikefarah/yq@f03c9dc599c37bfcaf533427211d05e51e6fee64 # v4.47.1 - with: - cmd: yq eval '.version' './charts/metrics-server/Chart.yaml' - - - name: Get chart app version - id: chart_app_version - uses: mikefarah/yq@f03c9dc599c37bfcaf533427211d05e51e6fee64 # v4.47.1 - with: - cmd: yq eval '.appVersion' './charts/metrics-server/Chart.yaml' - - - name: Check can release - id: check_can_release + - name: Setup + id: setup run: | set -euo pipefail - branch_name="${GITHUB_REF##*/}" - app_version_prefix="${branch_name##*-}" + chart_file="./charts/metrics-server/Chart.yaml" - app_version_regex="^${app_version_prefix//./\.}" + chart_version="$(yq eval '.version' "${chart_file}")" + app_version="$(yq eval '.appVersion' "${chart_file}")" + release=false - chart_version_match="$(echo "${{ steps.chart_version.outputs.result }}" | grep -Po "^\d+\.\d+\.\d+$" || true)" - app_version_match="$(echo "${{ steps.chart_app_version.outputs.result }}" | grep -Po "^${app_version_prefix//./\.}" || true)" - - if [[ -z "${chart_version_match}" ]] || [[ -z "${app_version_match}" ]] - then - echo "continue=false" >> $GITHUB_OUTPUT - else - echo "continue=true" >> $GITHUB_OUTPUT + if [[ -z "$(gh release view --repo kubernetes-sigs/metrics-server "metrics-server-helm-chart-${chart_version}" --json id || true)" ]]; then + branch_name='${{ github.ref_name }}' + if [[ "${branch_name}" == "${{ github.event.repository.default_branch }}" ]]; then + release=true + elif [[ -n "$(grep -Eo 'release-[0-9]+\.[0-9]+$' <<<"${branch_name}" || true)" ]]; then + version_prefix="$(grep -Eo '[0-9]+\.[0-9]+$' <<<"${branch_name}")" + if [[ -n "$(grep -o "${version_prefix}" <<<"${app_version}" || true)" ]]; then + release=true + fi + fi fi + { + echo "chart_version=${chart_version}" + echo "app_version=${app_version}" + echo "release=${release}" + } >> "${GITHUB_OUTPUT}" + - name: Set-up Helm - if: steps.check_can_release.outputs.continue == 'true' + if: steps.setup.outputs.release == 'true' uses: azure/setup-helm@b9e51907a09c216f16ebe8536097933489208112 # v4.3.0 with: version: latest - name: Get CHANGELOG entry id: changelog_reader - if: steps.check_can_release.outputs.continue == 'true' + if: steps.setup.outputs.release == 'true' uses: mindsers/changelog-reader-action@32aa5b4c155d76c94e4ec883a223c947b2f02656 # v2.2.3 with: path: charts/metrics-server/CHANGELOG.md - version: ${{ steps.chart_version.outputs.result }} + version: ${{ steps.setup.outputs.chart_version }} - name: Create release notes - if: steps.check_can_release.outputs.continue == 'true' + if: steps.setup.outputs.release == 'true' run: | set -euo pipefail cat <<"EOF" > charts/metrics-server/RELEASE.md @@ -86,7 +79,7 @@ jobs: EOF - name: Run chart-releaser - if: steps.check_can_release.outputs.continue == 'true' + if: steps.setup.outputs.release == 'true' uses: helm/chart-releaser-action@cae68fefc6b5f367a0275617c9f83181ba54714f # v1.7.0 env: CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/RELEASE.md b/RELEASE.md index a942eb926..22d9dd4eb 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -2,7 +2,7 @@ The Metrics Server is released on an as-needed basis. The process is as follows: -1. An issue is proposing a new release with a changelog since the last release https://github.com/kubernetes-sigs/metrics-server/compare +1. An issue is proposing a new release with a changelog since the last release 1. At least one [OWNER](OWNERS) must LGTM this release 1. A PR that bumps version hardcoded in code is created and merged 1. An OWNER creates a draft GitHub release @@ -15,9 +15,18 @@ The Metrics Server is released on an as-needed basis. The process is as follows: ## Chart Release Process -The chart needs to be released in response to a Metrics Server release or on an as-needed basis. The process is as follows: +A new chart should be released whenever a new version of Metrics Server is +released, but releases can also be done on an as-needed basis. Most chart +releases for the latest Metrics Server version can take place on the `master` +branch. However, if a release is a backport or the chart on `master` is no longer +compatible, the PR should target the release branch. + +The chart release process is as follows: 1. An issue is proposing a new chart release -1. A PR is opened to update _Chart.yaml_ with the `appVersion`, `version` (based on the release changes) and `annotations` +1. The issue is used to document the release process +1. A PR is opened to update _Chart.yaml_ with the `appVersion`, `version` 1. The PR triggers the chart linting and testing GitHub action to validate the chart 1. The PR is merged and a GitHub action releases the chart + +If the release has happened on a release branch the issue will need manually closing.