Skip to content

Add GCB configuration file for building cert-manager on tag push #5940

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Apr 13, 2023
Merged

Add GCB configuration file for building cert-manager on tag push #5940

merged 1 commit into from
Apr 13, 2023

Conversation

SgtCoDFish
Copy link
Member

@SgtCoDFish SgtCoDFish commented Apr 12, 2023
edited
Loading

This PR, along with a GCB trigger to be configured later, should enable the automatic build of cert-manager releases by simply pushing tags. This should in turn remove a step from the release process, enabling easier maintenance (and hopefully, easier LTS support)

Kind

/kind feature

Release Note

NONE

@jetstack-bot jetstack-bot added dco-signoff: yes Indicates that all commits in the pull request have the valid DCO sign-off message. kind/feature Categorizes issue or PR as related to a new feature. do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. release-note Denotes a PR that will be considered when it comes time to generate release notes. labels Apr 12, 2023
@jetstack-bot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: SgtCoDFish

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@jetstack-bot jetstack-bot added approved Indicates a PR has been approved by an approver from all required OWNERS files. size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Apr 12, 2023
@SgtCoDFish SgtCoDFish force-pushed the cloudbuild branch 3 times, most recently from c658a08 to 0daeb87 Compare April 12, 2023 13:15
@jetstack-bot jetstack-bot added size/M Denotes a PR that changes 30-99 lines, ignoring generated files. and removed size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Apr 12, 2023
@jetstack-bot jetstack-bot added size/S Denotes a PR that changes 10-29 lines, ignoring generated files. and removed size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Apr 12, 2023
@SgtCoDFish
Copy link
Member Author

/unhold

I configured a GCB trigger against my cert-manager fork and testing creating a release, which worked successfully.

I've deleted the release that was created since it was just for testing.

@jetstack-bot jetstack-bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Apr 12, 2023
@SgtCoDFish SgtCoDFish changed the title Add gcb configuration file for building cert-manager when tag pushed Add GCB configuration file for building cert-manager on tag push Apr 12, 2023
@SgtCoDFish
Add gcb configuration file for building cert-manager when tag pushed
d5e8489 
After a GCB trigger is configured, this configuration file will enable
cert-manager releases to automatically be built when a new tag is
pushed.

This has been tested on a fork and confirmed to work.

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
@jetstack-bot jetstack-bot added size/M Denotes a PR that changes 30-99 lines, ignoring generated files. and removed size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Apr 12, 2023
@SgtCoDFish
Copy link
Member Author

Open question on this: Do we want to backport to all currently supported versions? The GCB job will trigger on any tag push, but will fail for any branch where gcb/build_cert_manager.yaml doesn't exist.

It seems harmless to backport (since this PR is entirely additive).

@SgtCoDFish SgtCoDFish mentioned this pull request Apr 12, 2023
Merged
@inteon

This comment was marked as off-topic.

Sign in to view
@SgtCoDFish
Copy link
Member Author

why do we implement this using GH actions instead of a Prow job?

I'm guessing you mean GCB instead of GH actions (because this isn't using GH actions)

The reasons are:

  1. (By far the biggest reason) We already use GCB for doing this in cmrel (because we already used it thanks to historical choices). Using GCB here means fewer things to change.
  2. GCB works really well currently for building giving limited reasons to want to change it
  3. GCB feels better than prow in terms of SLSA when it comes to building software

@SgtCoDFish SgtCoDFish closed this Apr 13, 2023
@maelvls
Copy link
Member

maelvls commented Apr 13, 2023
edited
Loading

During a conversation this morning, there was concerns over whether this change would really help us, some of us weren't sure whether focusing on the automation of triggering cmrel makestage is worth it.

I think it is worth it because it would be the first step towards automating the three cmrel steps. I propose that we test this improvement for 1.12.

nit: do we really need a release note on this one? It seems like a change that won't affect users

@maelvls maelvls reopened this Apr 13, 2023
@jetstack-bot jetstack-bot added the release-note-none Denotes a PR that doesn't merit a release note. label Apr 13, 2023
@jetstack-bot jetstack-bot removed the release-note Denotes a PR that will be considered when it comes time to generate release notes. label Apr 13, 2023
@SgtCoDFish
Copy link
Member Author

Removed the release note

@maelvls
Copy link
Member

maelvls commented Apr 13, 2023

/lgtm

@jetstack-bot jetstack-bot added the lgtm Indicates that a PR is ready to be merged. label Apr 13, 2023
@jetstack-bot jetstack-bot merged commit 4236b97 into cert-manager:master Apr 13, 2023
@jetstack-bot jetstack-bot added this to the v1.12 milestone Apr 13, 2023
@inteon inteon mentioned this pull request Apr 13, 2023
Merged
@SgtCoDFish SgtCoDFish deleted the cloudbuild branch April 13, 2023 11:21
This was referenced Apr 13, 2023
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@maelvls maelvls

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. dco-signoff: yes Indicates that all commits in the pull request have the valid DCO sign-off message. kind/feature Categorizes issue or PR as related to a new feature. lgtm Indicates that a PR is ready to be merged. release-note-none Denotes a PR that doesn't merit a release note. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@SgtCoDFish @jetstack-bot @inteon @maelvls