This repository has been archived on 2022-08-17. You can view files and clone it, but cannot push or open issues or pull requests.
dex/Documentation/dev-releases.md

103 lines
2.8 KiB
Markdown

# Releases
Making a dex release involves:
* Tagging a git commit and pushing the tag to GitHub.
* Building and pushing a Docker image.
* Building, signing, and hosting an ACI.
This requires the following tools.
* rkt
* Docker
* [docker2aci](https://github.com/appc/docker2aci)
* [acbuild](https://github.com/containers/build) (must be in your sudo user's PATH)
And the following permissions.
* Push access to the github.com/coreos/dex git repo.
* Push access to the quay.io/coreos/dex Docker repo.
* Access to the CoreOS application signing key.
## Tagging the release
Make sure you've [uploaded your GPG key](https://github.com/settings/keys) and
configured git to [use that signing key](
https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work) either globally or
for the Dex repo. Note that the email the key is issued for must be the email
you use for git.
```
git config [--global] user.signingkey "{{ GPG key ID }}"
git config [--global] user.email "{{ Email associated with key }}"
```
Create a signed tag at the commit you wish to release. This action will prompt
you to enter a tag message, which can just be the release version.
```
git tag -s v2.0.0 ea4c04fde83bd6c48f4d43862c406deb4ea9dba2
```
Push that tag to the CoreOS repo.
```
git push git@github.com:coreos/dex.git v2.0.0
```
Draft releases on GitHub and summarize the changes since the last release. See
previous releases for the expected format.
https://github.com/coreos/dex/releases
## Minor releases - create a branch
If the release is a minor release (2.1.0, 2.2.0, etc.) create a branch for future patch releases.
```bash
git checkout -b v2.1.x tags/v2.1.0
git push git@github.com:coreos/dex.git v2.1.x
```
## Patch releases - cherry pick required commits
If the release is a patch release (2.0.1, 2.0.2, etc.) checkout the desired release branch and cherry pick specific commits. A patch release is only meant for urgent bug or security fixes.
```bash
RELEASE_BRANCH="v2.0.x"
git checkout $RELEASE_BRANCH
git checkout -b "cherry-picked-change"
git cherry-pick (SHA of change)
git push origin "cherry-picked-change"
```
Open a PR onto $RELEASE_BRANCH to get the changes approved.
## Building the Docker image
Build the Docker image and push to Quay.
```bash
# checkout the tag
git checkout tags/v2.1.0
# rkt doesn't play nice with SELinux, see https://github.com/coreos/rkt/issues/1727
sudo setenforce Permissive
# will prompt for sudo password
make docker-image
sudo docker push quay.io/coreos/dex:v2.1.0
```
## Building the ACI
```bash
# checkout the tag
git checkout tags/v2.1.0
# rkt doesn't play nice with SELinux, see https://github.com/coreos/rkt/issues/1727
sudo setenforce Permissive
# will prompt for sudo password
make aci
# aci will be built at _output/image/dex.aci
```
Sign the ACI using the CoreOS application signing key. Upload the ACI and
signature to the GitHub release.