diff --git a/.github/workflows/nightly-images.yaml b/.github/workflows/nightly-images.yaml index fb001bef8..5817e12fd 100644 --- a/.github/workflows/nightly-images.yaml +++ b/.github/workflows/nightly-images.yaml @@ -3,7 +3,6 @@ name: Nightly image build workflow on: schedule: - cron: "0 3 * * *" # everyday at 3AM UTC - main branch - - cron: "0 2 * * *" # everyday at 2AM UTC - release-1.0 branch run-name: nightly-images @@ -28,11 +27,6 @@ jobs: with: ref: main - - uses: actions/checkout@v4 - if: github.event.schedule == '0 2 * * *' - with: - ref: release-1.0 - - name: Build and push nightly operator image run: | make docker-buildx \ diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index f98da605c..df161609e 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -3,13 +3,6 @@ name: Release workflow on: workflow_dispatch: inputs: - release_version: - description: "Release version" - required: true - bundle_channels: - description: "Bundle channels" - required: true - default: stable,stable-1.26 is_draft_release: description: "Draft release" type: boolean @@ -26,7 +19,6 @@ run-name: Release ${{ inputs.release_version }} env: GIT_USER: ${{ secrets.GIT_USER }} GITHUB_TOKEN: ${{ secrets.GIT_TOKEN }} - VERSION: ${{ inputs.release_version }} jobs: release: @@ -44,22 +36,17 @@ jobs: - name: Build and push operator image run: | - make docker-buildx \ - -e TAG=$VERSION + make docker-buildx - name: Generate bundle metadata run: | - make bundle \ - -e CHANNELS=$CHANNELS - env: - CHANNELS: ${{ inputs.bundle_channels }} + make bundle - name: Publish bundle in operatorhub.io run: | make bundle-publish \ -e GIT_CONFIG_USER_NAME="$GIT_CONFIG_USER_NAME" \ -e GIT_CONFIG_USER_EMAIL="$GIT_CONFIG_USER_EMAIL" \ - -e OPERATOR_VERSION=$VERSION \ -e OPERATOR_HUB=community-operators \ -e OWNER=k8s-operatorhub \ -e FORK=maistra @@ -72,7 +59,6 @@ jobs: make bundle-publish \ -e GIT_CONFIG_USER_NAME="$GIT_CONFIG_USER_NAME" \ -e GIT_CONFIG_USER_EMAIL="$GIT_CONFIG_USER_EMAIL" \ - -e OPERATOR_VERSION=$VERSION \ -e OWNER=redhat-openshift-ecosystem \ -e FORK=maistra env: @@ -86,4 +72,4 @@ jobs: -e GH_RELEASE_DRAFT=$GH_RELEASE_DRAFT env: GH_PRE_RELEASE: ${{ github.event.inputs.is_pre_release == 'true' }} - GH_RELEASE_DRAFT: ${{ github.event.inputs.is_draft_release == 'true' }} \ No newline at end of file + GH_RELEASE_DRAFT: ${{ github.event.inputs.is_draft_release == 'true' }} diff --git a/Makefile.core.mk b/Makefile.core.mk index 4c3961edd..de424cf64 100644 --- a/Makefile.core.mk +++ b/Makefile.core.mk @@ -22,6 +22,16 @@ OLD_VARS := $(.VARIABLES) VERSION ?= 1.26.0 MINOR_VERSION := $(shell echo "${VERSION}" | cut -f1,2 -d'.') +# This version will be used to generate the OLM upgrade graph in the FBC as a version to be replaced by the new operator version defined in $VERSION. +# This applies for stable releases, for nightly releases we are getting previous version directly from the FBC. +# Currently we are pushing the operator to two operator hubs https://github.com/k8s-operatorhub/community-operators and +# https://github.com/redhat-openshift-ecosystem/community-operators-prod. Nightly builds go only to community-operators-prod which already +# supports FBC. FBC yaml files and kept in community-operators-prod repo and we only generate a PR with changes using make targets from this Makefile. +# There are also GH workflows defined to release nightly and stable operators. +# There is no need to define `replaces` and `skipRange` fields in the CSV as those fields are defined in the FBC and CSV values are ignored. +# FBC is source of truth for OLM upgrade graph. +PREVIOUS_VERSION ?= 1.25.2 + OPERATOR_NAME ?= sailoperator VERSIONS_YAML_DIR ?= pkg/istioversion VERSIONS_YAML_FILE ?= versions.yaml @@ -449,7 +459,7 @@ gen-charts: ## Pull charts from istio repository. gen: gen-all-except-bundle bundle ## Generate everything. .PHONY: gen-all-except-bundle -gen-all-except-bundle: operator-name operator-chart controller-gen gen-api gen-charts gen-manifests gen-code gen-api-docs github-workflow update-docs-examples mirror-licenses +gen-all-except-bundle: operator-name operator-chart controller-gen gen-api gen-charts gen-manifests gen-code gen-api-docs update-docs-examples mirror-licenses .PHONY: gen-check gen-check: gen restore-manifest-dates check-clean-repo ## Verify that changes in generated resources have been checked in. @@ -494,9 +504,6 @@ operator-chart: sed -i -e "s|^\(image: \).*$$|\1${IMAGE}|g" \ -e "s/^\( version: \).*$$/\1${VERSION}/g" chart/values.yaml -github-workflow: - sed -i -e '1,/default:/ s/^\(.*default:\).*$$/\1 ${CHANNELS}/' .github/workflows/release.yaml - .PHONY: update-istio update-istio: ## Update the Istio commit hash in the 'latest' entry in versions.yaml to the latest commit in the branch. @hack/update-istio.sh @@ -649,19 +656,24 @@ bundle-push: ## Push the bundle image. bundle-publish: ## Create a PR for publishing in OperatorHub. @export GIT_USER=$(GITHUB_USER); \ export GITHUB_TOKEN=$(GITHUB_TOKEN); \ - export OPERATOR_VERSION=$(OPERATOR_VERSION); \ + export OPERATOR_VERSION=$(VERSION); \ export OPERATOR_NAME=$(OPERATOR_NAME); \ + export CHANNELS=$(CHANNELS); \ + export PREVIOUS_VERSION=$(PREVIOUS_VERSION); \ ./hack/operatorhub/publish-bundle.sh +## Generate nightly bundle. .PHONY: bundle-nightly -bundle-nightly: VERSION:=$(VERSION)-nightly-$(TODAY) ## Generate nightly bundle. +bundle-nightly: VERSION:=$(VERSION)-nightly-$(TODAY) bundle-nightly: CHANNELS:=$(MINOR_VERSION)-nightly bundle-nightly: TAG=$(MINOR_VERSION)-nightly-$(TODAY) bundle-nightly: bundle +## Publish nightly bundle. .PHONY: bundle-publish-nightly -bundle-publish-nightly: OPERATOR_VERSION=$(VERSION)-nightly-$(TODAY) ## Publish nightly bundle. +bundle-publish-nightly: VERSION:=$(VERSION)-nightly-$(TODAY) bundle-publish-nightly: TAG=$(MINOR_VERSION)-nightly-$(TODAY) +bundle-publish-nightly: CHANNELS:=$(MINOR_VERSION)-nightly bundle-publish-nightly: bundle-nightly bundle-publish .PHONY: helm-artifacts-publish @@ -734,7 +746,7 @@ git-hook: gitleaks ## Installs gitleaks as a git pre-commit hook. chmod +x .git/hooks/pre-commit; \ fi -.SILENT: helm $(HELM) $(LOCALBIN) deploy-yaml gen-api operator-name operator-chart github-workflow +.SILENT: helm $(HELM) $(LOCALBIN) deploy-yaml gen-api operator-name operator-chart COMMON_IMPORTS ?= mirror-licenses dump-licenses lint-all lint-licenses lint-scripts lint-copyright-banner lint-go lint-yaml lint-helm format-go tidy-go check-clean-repo update-common .PHONY: $(COMMON_IMPORTS) diff --git a/bundle/manifests/sailoperator.clusterserviceversion.yaml b/bundle/manifests/sailoperator.clusterserviceversion.yaml index 13612ae16..7de7f1e9c 100644 --- a/bundle/manifests/sailoperator.clusterserviceversion.yaml +++ b/bundle/manifests/sailoperator.clusterserviceversion.yaml @@ -34,7 +34,7 @@ metadata: capabilities: Seamless Upgrades categories: OpenShift Optional, Integration & Delivery, Networking, Security containerImage: quay.io/sail-dev/sail-operator:1.26.0 - createdAt: "2025-05-22T05:50:10Z" + createdAt: "2025-05-29T17:30:50Z" description: The Sail Operator manages the lifecycle of your Istio control plane. It provides custom resources for you to deploy and manage your control plane components. @@ -48,7 +48,6 @@ metadata: features.operators.openshift.io/token-auth-aws: "false" features.operators.openshift.io/token-auth-azure: "false" features.operators.openshift.io/token-auth-gcp: "false" - olm.skipRange: '>=1.0.0 <1.26.0' operators.operatorframework.io/builder: operator-sdk-v1.39.2 operators.operatorframework.io/internal-objects: '["wasmplugins.extensions.istio.io","destinationrules.networking.istio.io","envoyfilters.networking.istio.io","gateways.networking.istio.io","proxyconfigs.networking.istio.io","serviceentries.networking.istio.io","sidecars.networking.istio.io","virtualservices.networking.istio.io","workloadentries.networking.istio.io","workloadgroups.networking.istio.io","authorizationpolicies.security.istio.io","peerauthentications.security.istio.io","requestauthentications.security.istio.io","telemetries.telemetry.istio.io"]' operators.operatorframework.io/project_layout: go.kubebuilder.io/v4 @@ -939,5 +938,4 @@ spec: name: v1_26_0.proxy - image: gcr.io/istio-release/ztunnel:1.26.0 name: v1_26_0.ztunnel - replaces: sailoperator.v1.25.2 version: 1.26.0 diff --git a/chart/templates/olm/clusterserviceversion.yaml b/chart/templates/olm/clusterserviceversion.yaml index d9ba85c44..261392aa1 100644 --- a/chart/templates/olm/clusterserviceversion.yaml +++ b/chart/templates/olm/clusterserviceversion.yaml @@ -17,7 +17,6 @@ metadata: description: {{ .Values.csv.description }} operators.operatorframework.io/internal-objects: '["wasmplugins.extensions.istio.io","destinationrules.networking.istio.io","envoyfilters.networking.istio.io","gateways.networking.istio.io","proxyconfigs.networking.istio.io","serviceentries.networking.istio.io","sidecars.networking.istio.io","virtualservices.networking.istio.io","workloadentries.networking.istio.io","workloadgroups.networking.istio.io","authorizationpolicies.security.istio.io","peerauthentications.security.istio.io","requestauthentications.security.istio.io","telemetries.telemetry.istio.io"]' repository: https://github.com/istio-ecosystem/sail-operator - olm.skipRange: ">=1.0.0 <{{ .Values.csv.version }}" support: {{ .Values.csv.support }} {{- if .Values.csv.annotations }} {{- range $key, $val := .Values.csv.annotations }} @@ -60,6 +59,5 @@ spec: maturity: alpha provider: name: Red Hat, Inc. - replaces: {{ .Values.name }}.v{{ .Values.csv.replacesVersion }} version: {{ .Values.csv.version }} {{ end }} diff --git a/chart/values.yaml b/chart/values.yaml index 869ee22d2..ac6d7df0d 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -36,7 +36,6 @@ csv: [See this page](https://github.com/istio-ecosystem/sail-operator/blob/main/bundle/README.md) for instructions on how to use it. support: Community based version: 1.26.0 - replacesVersion: 1.25.2 icon: base64data: iVBORw0KGgoAAAANSUhEUgAAAIAAAACACAYAAADDPmHLAAAACXBIWXMAAAFiAAABYgFfJ9BTAAAHL0lEQVR4nO2du24bRxSGz5LL+01kaMuX2HShnmlSi2VUBM4bKG/gdGFnl+rsBwggvUHUsTT9AIGdnoWCIIWNIJZNWKLM5Uww1K4sC6JEQrP7z8yeDyDYCHuG3F/nNmeWnpSSTMXvD3tE9Ey9gp3e0NiFWkzGgqVvEtFLvz/c8/vDNQPW4xQ2CCBim4gO/P7wFzOW4wY2CUDRIKLnfn/4xu8PvzNgPdZjmwAiukT02u8Pn5mxHHuxVQART9kb3AzbBUDsDW6GFgEMRuNHwM8QobzBkCuF1dDlAfYGo/GeAULYDCuFHngd1qAzBKgy7c1gNEa74kbYN+CQsAS6cwD15T8djMZKCOj/QhUS9jkkXE1cSaBKzF4ORuMXg9EYeQMeE9GQq4TFxF0FPAnDAtIbdEMRcF5wCUmUgZ3QGyBjcpQX/Axcg5Ek2QeIcgNkpbDLyeHXJN0I6oYh4aeE7Z5HJYd7QPtGgegEKnf8OzgkbLMITkG2glVI2AdWCXMRpL1MRO8FzMs0pAjCCiG1IjBhM0jlBQeD0RhVq3fTLAJTdgMboSeAigBkG4pJ28FKBK8HozGqVu+mMTE0cR5gFyiC1FUHpg6EsAgSwuSJoN3t7+//ALK9nZbpY6NHwh7drf8qG+VjkPnnadg7MFoA+bxPYn2tBBTBrutbyVYMhc5FUMihzDs9T2DNVLB42D4GiUCVp862jO0ZC/e8knjYnlAGsmTVKHKyMrDrXIDnFWedW/+BRPDYxVkC+w6G5LItca/5L8i6miVAzjJox8qTQbJcaIt2/QPIvMoHTDgIowVrj4bJVrUhq8UjgGmVFO4D7MaC1WcDxd2mR7kswrTaOHqBMKwbuw+Hel5p9m0blRQ+cWHU3P7TwSopvFVHJYXWnzxy4Xg4yUa5DcwHrO4POCEAOs0HMsD+gLWloTMCUE0i8eAbVCiwtlXsjgBUKCjk2rJZnQBMWxsKnBKAQrRrAlQaWhkKnBMAeV5Z3GtxKFgS9wQQhQLMEIkKBVY1iJwUgELcbnigqmDbpgaRswKYVwV31t6CrFvjBdwVgAoF1eK6LBcQpru2TBU7LQCFuLOGSgif2ZAQOi8A8rOcEF6B+wLAJ4RGTxSnQgDzhLBVRU0QGe0F0iEAlRA2KzlQh3DT5LIwNQKYdwhvNbgsvEB6BBCWhcARMiPPGaZKAAqgFzDyTEHqBAD0Ah0TvUDqBEDsBb4ilQJgL/CFVAqA2AuckVoBsBc4JbUCUIhGBdUdNMYLpFoAslnJg/YIOqbMD6ZaAOpomawVUc8fMmJeIN0CmE8R1z+DTBuxR5B6AVA2o46Zo6zDk0EWwOmzBv4Gmd5GP2yCBaAEUMw/AJWEhPYCLIAQYEkITQZZACFyrSxAphvIxhALICKTaaYxGWQBnEM2yqhkcBM1PMoCOIesFB+AOoOEygVYABcAdgYhrWEWwAVEq4YSACQZZAFcJJdtAXsCiXsBFsAlyFrpPcj046Q7gyyASxBrlRnQfKJegAVwGX62nZbWMAtgAcAw0E2yJ8ACWIColxFPHo1IzAuwABaR9+8Dm0KJ5QEsgCsANoU6SYUBFsAVyGoR9XgZSioMsACuQP00DdB8ImGABXAVamoY94OViYQBFsA1yHoJdYRMEfvUMAvgGmSlGADNx54HsACuA1sOduPeG2ABLIEs55HmYw0DLIAlkNXiP0DzsVYDLIAlkKU8Mg9gDwAn53eAS2jEeYaQBbAkoKeOR7AA0MhKAdkPiC0PYAEsSymPOkZOYTkYy6PnWQBLon6HCLyEWMIAC2BZPK8EHBMjFoABADeGiAVgALJc+Au4iljyABbAKhRz6O9LuxdgAayAzPtV8BK0zwewAFYhk2mCV8AeAA24I7ip+4IsgFXJZVGTwnN0j4mxAFZEFnLvwEtgAUBxrBJgAayIzGZQTxOLYA8Axc/eAa+gq/Nivs6LOUMwe0tCBt7RSUBSFr1PJ+vqo3lHJ+oNWgZQmAgGO703Wq6l4yLWoW6wlBPv+LMf3ugOCUneZEok5h5+3fCPpMIAC2AhQrynmfjofQ4yNJ0J72R6m6azkjcNiKbzh3+YfoOvQ9uouJ0CkPKYgtk7byYyNJkKL5jVaTJt0kyQdzJVf9EMX66irRIwWQCv3n+ctLzDT/WzOPzlBpfU2Tn8EmE44QH+JKLDMJadvW9t1IbRH/z42x+9DNFL4BpNRZv44xSA2js/OPc6u9FbG7XDGO2mAjUqHuz0hjf9rLoEsBe+5jd8a6N2oOm6zGK0DIdoEcDWRm1Px3WYlVCl4P5NvzLuBNqLFg/AArAXLXsC3Ao2m0srJfUe7PS0JNIsACwXK6WzV7DTSySRZgHEy4fL/nuTvMHXwQK4Oa/CKwzP32hdu3VxwwK4notxeN580dGEMQEWwJc4HFuiZTJpEEAUh2GJlsm4IIBFiZY1cRiJLQI4n2iRa3EYBhH9D18eNW58bi76AAAAAElFTkSuQmCC mediatype: image/png diff --git a/hack/operatorhub/publish-bundle.sh b/hack/operatorhub/publish-bundle.sh index e72e12858..6507be460 100755 --- a/hack/operatorhub/publish-bundle.sh +++ b/hack/operatorhub/publish-bundle.sh @@ -29,6 +29,8 @@ GIT_CONFIG_USER_EMAIL="${GIT_CONFIG_USER_EMAIL:-}" # The OPERATOR_NAME is defined in Makefile : "${OPERATOR_NAME:?"Missing OPERATOR_NAME variable"}" : "${OPERATOR_VERSION:?"Missing OPERATOR_VERSION variable"}" +: "${CHANNELS:?"Missing CHANNELS variable"}" +: "${PREVIOUS_VERSION:?"Missing PREVIOUS_VERSION variable"}" show_help() { echo "publish-bundle - raises PR to Operator Hub" @@ -99,6 +101,37 @@ BUNDLE_DIR="${CUR_DIR}"/../../bundle mkdir -p "${OPERATORS_DIR}" cp -a "${BUNDLE_DIR}"/. "${OPERATORS_DIR}" +# Generate release-config.yaml which is required to update FBC. FBC is only available in community-operators-prod atm +if [ "${OPERATOR_HUB}" = "community-operators-prod" ] +then + # when publishing a nightly build, we want to get previous build version automatically + if [[ ${OPERATOR_VERSION} == *"nightly"* ]] + then + # expecting there is only one channel in $CHANNELS when pushing nightly builds + LATEST_VERSION=$(yq '.entries[] | select(.schema == "olm.channel" and .name == '\""${CHANNELS}"\"').entries[-1].name' "${OPERATORS_DIR}../catalog-templates/basic.yaml") + # there is no entry in the given channel, probably a new channel and first version to be pushed there. Let's use previous nightly channel. + if [ -z "${LATEST_VERSION}" ] + then + PREVIOUS_MINOR=$(echo "${PREVIOUS_VERSION}" | cut -f1,2 -d'.') + LATEST_VERSION=$(yq '.entries[] | select(.schema == "olm.channel" and .name == '\""${PREVIOUS_MINOR}-nightly"\"').entries[-1].name' "${OPERATORS_DIR}../catalog-templates/basic.yaml") + if [ -z "${LATEST_VERSION}" ] + then + echo "Unable to find previous nightly version. Exiting." + exit 1 + fi + fi + else + LATEST_VERSION="${OPERATOR_NAME}.v${PREVIOUS_VERSION}" + fi + cat < "${OPERATORS_DIR}/release-config.yaml" +catalog_templates: + - template_name: basic.yaml + channels: [${CHANNELS}] + replaces: ${LATEST_VERSION} + skipRange: '>=1.0.0 <${OPERATOR_VERSION}' +EOF +fi + if ! git config --global user.name; then skipInDryRun git config --global user.name "${GIT_CONFIG_USER_NAME}" fi