istio-ecosystem · istio-testing · Jun 2, 2025 · May 29, 2025 · May 29, 2025
@@ -3,7 +3,6 @@ name: Nightly image build workflow
 on:
   schedule:
     - cron: "0 3 * * *" # everyday at 3AM UTC - main branch
-    - cron: "0 2 * * *" # everyday at 2AM UTC - release-1.0 branch
 
 run-name: nightly-images
 
@@ -28,11 +27,6 @@ jobs:
       with:
         ref: main
 
-    - uses: actions/checkout@v4
-      if: github.event.schedule == '0 2 * * *'
-      with:
-        ref: release-1.0
-
     - name: Build and push nightly operator image
       run: |
         make docker-buildx \

@@ -3,13 +3,6 @@ name: Release workflow
 on:
   workflow_dispatch:
     inputs:
-      release_version:
-        description: "Release version"
-        required: true
-      bundle_channels:
-        description: "Bundle channels"
-        required: true
-        default: stable,stable-1.26
       is_draft_release:
         description: "Draft release"
         type: boolean
@@ -26,7 +19,6 @@ run-name: Release ${{ inputs.release_version }}
 env:
   GIT_USER: ${{ secrets.GIT_USER }}
   GITHUB_TOKEN: ${{ secrets.GIT_TOKEN }}
-  VERSION: ${{ inputs.release_version }}
 
 jobs:
   release:
@@ -44,22 +36,17 @@ jobs:
 
     - name: Build and push operator image
       run: |
-        make docker-buildx \
-          -e TAG=$VERSION
+        make docker-buildx
 
     - name: Generate bundle metadata
       run: |
-        make bundle \
-         -e CHANNELS=$CHANNELS
-      env:
-        CHANNELS: ${{ inputs.bundle_channels }}
+        make bundle
 
     - name: Publish bundle in operatorhub.io
       run: |
         make bundle-publish \
           -e GIT_CONFIG_USER_NAME="$GIT_CONFIG_USER_NAME" \
           -e GIT_CONFIG_USER_EMAIL="$GIT_CONFIG_USER_EMAIL" \
-          -e OPERATOR_VERSION=$VERSION \
           -e OPERATOR_HUB=community-operators \
           -e OWNER=k8s-operatorhub \
           -e FORK=maistra
@@ -72,7 +59,6 @@ jobs:
         make bundle-publish \
           -e GIT_CONFIG_USER_NAME="$GIT_CONFIG_USER_NAME" \
           -e GIT_CONFIG_USER_EMAIL="$GIT_CONFIG_USER_EMAIL" \
-          -e OPERATOR_VERSION=$VERSION \
           -e OWNER=redhat-openshift-ecosystem \
           -e FORK=maistra
       env:
@@ -86,4 +72,4 @@ jobs:
           -e GH_RELEASE_DRAFT=$GH_RELEASE_DRAFT
       env:
         GH_PRE_RELEASE: ${{ github.event.inputs.is_pre_release == 'true' }}
-        GH_RELEASE_DRAFT: ${{ github.event.inputs.is_draft_release == 'true' }}
+        GH_RELEASE_DRAFT: ${{ github.event.inputs.is_draft_release == 'true' }}
@@ -22,6 +22,16 @@ OLD_VARS := $(.VARIABLES)
 VERSION ?= 1.26.0
 MINOR_VERSION := $(shell echo "${VERSION}" | cut -f1,2 -d'.')
 
+# This version will be used to generate the OLM upgrade graph in the FBC as a version to be replaced by the new operator version defined in $VERSION.
+# This applies for stable releases, for nightly releases we are getting previous version directly from the FBC.
+# Currently we are pushing the operator to two operator hubs https://github.com/k8s-operatorhub/community-operators and
+# https://github.com/redhat-openshift-ecosystem/community-operators-prod. Nightly builds go only to community-operators-prod which already
+# supports FBC. FBC yaml files and kept in community-operators-prod repo and we only generate a PR with changes using make targets from this Makefile.
+# There are also GH workflows defined to release nightly and stable operators.
+# There is no need to define `replaces` and `skipRange` fields in the CSV as those fields are defined in the FBC and CSV values are ignored.
+# FBC is source of truth for OLM upgrade graph.
+PREVIOUS_VERSION ?= 1.25.2
+
 OPERATOR_NAME ?= sailoperator
 VERSIONS_YAML_DIR ?= pkg/istioversion
 VERSIONS_YAML_FILE ?= versions.yaml
@@ -449,7 +459,7 @@ gen-charts: ## Pull charts from istio repository.
 gen: gen-all-except-bundle bundle ## Generate everything.
 
 .PHONY: gen-all-except-bundle
-gen-all-except-bundle: operator-name operator-chart controller-gen gen-api gen-charts gen-manifests gen-code gen-api-docs github-workflow update-docs-examples mirror-licenses
+gen-all-except-bundle: operator-name operator-chart controller-gen gen-api gen-charts gen-manifests gen-code gen-api-docs update-docs-examples mirror-licenses
 
 .PHONY: gen-check
 gen-check: gen restore-manifest-dates check-clean-repo ## Verify that changes in generated resources have been checked in.
@@ -494,9 +504,6 @@ operator-chart:
 	sed -i -e "s|^\(image: \).*$$|\1${IMAGE}|g" \
 	       -e "s/^\(  version: \).*$$/\1${VERSION}/g" chart/values.yaml
 
-github-workflow:
-	sed -i -e '1,/default:/ s/^\(.*default:\).*$$/\1 ${CHANNELS}/' .github/workflows/release.yaml
-
 .PHONY: update-istio
 update-istio: ## Update the Istio commit hash in the 'latest' entry in versions.yaml to the latest commit in the branch.
 	@hack/update-istio.sh
@@ -649,19 +656,24 @@ bundle-push: ## Push the bundle image.
 bundle-publish: ## Create a PR for publishing in OperatorHub.
 	@export GIT_USER=$(GITHUB_USER); \
 	export GITHUB_TOKEN=$(GITHUB_TOKEN); \
-	export OPERATOR_VERSION=$(OPERATOR_VERSION); \
+	export OPERATOR_VERSION=$(VERSION); \
 	export OPERATOR_NAME=$(OPERATOR_NAME); \
+	export CHANNELS=$(CHANNELS); \
+	export PREVIOUS_VERSION=$(PREVIOUS_VERSION); \
 	./hack/operatorhub/publish-bundle.sh
 
+## Generate nightly bundle.
 .PHONY: bundle-nightly
-bundle-nightly: VERSION:=$(VERSION)-nightly-$(TODAY)  ## Generate nightly bundle.
+bundle-nightly: VERSION:=$(VERSION)-nightly-$(TODAY)
 bundle-nightly: CHANNELS:=$(MINOR_VERSION)-nightly
 bundle-nightly: TAG=$(MINOR_VERSION)-nightly-$(TODAY)
 bundle-nightly: bundle
 
+## Publish nightly bundle.
 .PHONY: bundle-publish-nightly
-bundle-publish-nightly: OPERATOR_VERSION=$(VERSION)-nightly-$(TODAY)  ## Publish nightly bundle.
+bundle-publish-nightly: VERSION:=$(VERSION)-nightly-$(TODAY)
 bundle-publish-nightly: TAG=$(MINOR_VERSION)-nightly-$(TODAY)
+bundle-publish-nightly: CHANNELS:=$(MINOR_VERSION)-nightly
 bundle-publish-nightly: bundle-nightly bundle-publish
 
 .PHONY: helm-artifacts-publish
@@ -734,7 +746,7 @@ git-hook: gitleaks ## Installs gitleaks as a git pre-commit hook.
 		chmod +x .git/hooks/pre-commit; \
 	fi
 
-.SILENT: helm $(HELM) $(LOCALBIN) deploy-yaml gen-api operator-name operator-chart github-workflow
+.SILENT: helm $(HELM) $(LOCALBIN) deploy-yaml gen-api operator-name operator-chart
 
 COMMON_IMPORTS ?= mirror-licenses dump-licenses lint-all lint-licenses lint-scripts lint-copyright-banner lint-go lint-yaml lint-helm format-go tidy-go check-clean-repo update-common
 .PHONY: $(COMMON_IMPORTS)

@@ -34,7 +34,7 @@ metadata:
     capabilities: Seamless Upgrades
     categories: OpenShift Optional, Integration & Delivery, Networking, Security
     containerImage: quay.io/sail-dev/sail-operator:1.26.0
-    createdAt: "2025-05-22T05:50:10Z"
+    createdAt: "2025-05-29T17:30:50Z"
     description: The Sail Operator manages the lifecycle of your Istio control plane.
       It provides custom resources for you to deploy and manage your control plane
       components.
@@ -48,7 +48,6 @@ metadata:
     features.operators.openshift.io/token-auth-aws: "false"
     features.operators.openshift.io/token-auth-azure: "false"
     features.operators.openshift.io/token-auth-gcp: "false"
-    olm.skipRange: '>=1.0.0 <1.26.0'
     operators.operatorframework.io/builder: operator-sdk-v1.39.2
     operators.operatorframework.io/internal-objects: '["wasmplugins.extensions.istio.io","destinationrules.networking.istio.io","envoyfilters.networking.istio.io","gateways.networking.istio.io","proxyconfigs.networking.istio.io","serviceentries.networking.istio.io","sidecars.networking.istio.io","virtualservices.networking.istio.io","workloadentries.networking.istio.io","workloadgroups.networking.istio.io","authorizationpolicies.security.istio.io","peerauthentications.security.istio.io","requestauthentications.security.istio.io","telemetries.telemetry.istio.io"]'
     operators.operatorframework.io/project_layout: go.kubebuilder.io/v4
@@ -939,5 +938,4 @@ spec:
     name: v1_26_0.proxy
   - image: gcr.io/istio-release/ztunnel:1.26.0
     name: v1_26_0.ztunnel
-  replaces: sailoperator.v1.25.2
   version: 1.26.0
@@ -17,7 +17,6 @@ metadata:
     description: {{ .Values.csv.description }}
     operators.operatorframework.io/internal-objects: '["wasmplugins.extensions.istio.io","destinationrules.networking.istio.io","envoyfilters.networking.istio.io","gateways.networking.istio.io","proxyconfigs.networking.istio.io","serviceentries.networking.istio.io","sidecars.networking.istio.io","virtualservices.networking.istio.io","workloadentries.networking.istio.io","workloadgroups.networking.istio.io","authorizationpolicies.security.istio.io","peerauthentications.security.istio.io","requestauthentications.security.istio.io","telemetries.telemetry.istio.io"]'
     repository: https://github.com/istio-ecosystem/sail-operator
-    olm.skipRange: ">=1.0.0 <{{ .Values.csv.version }}"
     support: {{ .Values.csv.support }}
 {{- if .Values.csv.annotations }}
 {{- range $key, $val := .Values.csv.annotations }}
@@ -60,6 +59,5 @@ spec:
   maturity: alpha
   provider:
     name: Red Hat, Inc.
-  replaces: {{ .Values.name }}.v{{ .Values.csv.replacesVersion }}
   version: {{ .Values.csv.version }}
 {{ end }}
@@ -36,7 +36,6 @@ csv:
     [See this page](https://github.com/istio-ecosystem/sail-operator/blob/main/bundle/README.md) for instructions on how to use it.
   support: Community based
   version: 1.26.0
-  replacesVersion: 1.25.2
   icon:
     base64data: iVBORw0KGgoAAAANSUhEUgAAAIAAAACACAYAAADDPmHLAAAACXBIWXMAAAFiAAABYgFfJ9BTAAAHL0lEQVR4nO2du24bRxSGz5LL+01kaMuX2HShnmlSi2VUBM4bKG/gdGFnl+rsBwggvUHUsTT9AIGdnoWCIIWNIJZNWKLM5Uww1K4sC6JEQrP7z8yeDyDYCHuG3F/nNmeWnpSSTMXvD3tE9Ey9gp3e0NiFWkzGgqVvEtFLvz/c8/vDNQPW4xQ2CCBim4gO/P7wFzOW4wY2CUDRIKLnfn/4xu8PvzNgPdZjmwAiukT02u8Pn5mxHHuxVQART9kb3AzbBUDsDW6GFgEMRuNHwM8QobzBkCuF1dDlAfYGo/GeAULYDCuFHngd1qAzBKgy7c1gNEa74kbYN+CQsAS6cwD15T8djMZKCOj/QhUS9jkkXE1cSaBKzF4ORuMXg9EYeQMeE9GQq4TFxF0FPAnDAtIbdEMRcF5wCUmUgZ3QGyBjcpQX/Axcg5Ek2QeIcgNkpbDLyeHXJN0I6oYh4aeE7Z5HJYd7QPtGgegEKnf8OzgkbLMITkG2glVI2AdWCXMRpL1MRO8FzMs0pAjCCiG1IjBhM0jlBQeD0RhVq3fTLAJTdgMboSeAigBkG4pJ28FKBK8HozGqVu+mMTE0cR5gFyiC1FUHpg6EsAgSwuSJoN3t7+//ALK9nZbpY6NHwh7drf8qG+VjkPnnadg7MFoA+bxPYn2tBBTBrutbyVYMhc5FUMihzDs9T2DNVLB42D4GiUCVp862jO0ZC/e8knjYnlAGsmTVKHKyMrDrXIDnFWedW/+BRPDYxVkC+w6G5LItca/5L8i6miVAzjJox8qTQbJcaIt2/QPIvMoHTDgIowVrj4bJVrUhq8UjgGmVFO4D7MaC1WcDxd2mR7kswrTaOHqBMKwbuw+Hel5p9m0blRQ+cWHU3P7TwSopvFVHJYXWnzxy4Xg4yUa5DcwHrO4POCEAOs0HMsD+gLWloTMCUE0i8eAbVCiwtlXsjgBUKCjk2rJZnQBMWxsKnBKAQrRrAlQaWhkKnBMAeV5Z3GtxKFgS9wQQhQLMEIkKBVY1iJwUgELcbnigqmDbpgaRswKYVwV31t6CrFvjBdwVgAoF1eK6LBcQpru2TBU7LQCFuLOGSgif2ZAQOi8A8rOcEF6B+wLAJ4RGTxSnQgDzhLBVRU0QGe0F0iEAlRA2KzlQh3DT5LIwNQKYdwhvNbgsvEB6BBCWhcARMiPPGaZKAAqgFzDyTEHqBAD0Ah0TvUDqBEDsBb4ilQJgL/CFVAqA2AuckVoBsBc4JbUCUIhGBdUdNMYLpFoAslnJg/YIOqbMD6ZaAOpomawVUc8fMmJeIN0CmE8R1z+DTBuxR5B6AVA2o46Zo6zDk0EWwOmzBv4Gmd5GP2yCBaAEUMw/AJWEhPYCLIAQYEkITQZZACFyrSxAphvIxhALICKTaaYxGWQBnEM2yqhkcBM1PMoCOIesFB+AOoOEygVYABcAdgYhrWEWwAVEq4YSACQZZAFcJJdtAXsCiXsBFsAlyFrpPcj046Q7gyyASxBrlRnQfKJegAVwGX62nZbWMAtgAcAw0E2yJ8ACWIColxFPHo1IzAuwABaR9+8Dm0KJ5QEsgCsANoU6SYUBFsAVyGoR9XgZSioMsACuQP00DdB8ImGABXAVamoY94OViYQBFsA1yHoJdYRMEfvUMAvgGmSlGADNx54HsACuA1sOduPeG2ABLIEs55HmYw0DLIAlkNXiP0DzsVYDLIAlkKU8Mg9gDwAn53eAS2jEeYaQBbAkoKeOR7AA0MhKAdkPiC0PYAEsSymPOkZOYTkYy6PnWQBLon6HCLyEWMIAC2BZPK8EHBMjFoABADeGiAVgALJc+Au4iljyABbAKhRz6O9LuxdgAayAzPtV8BK0zwewAFYhk2mCV8AeAA24I7ip+4IsgFXJZVGTwnN0j4mxAFZEFnLvwEtgAUBxrBJgAayIzGZQTxOLYA8Axc/eAa+gq/Nivs6LOUMwe0tCBt7RSUBSFr1PJ+vqo3lHJ+oNWgZQmAgGO703Wq6l4yLWoW6wlBPv+LMf3ugOCUneZEok5h5+3fCPpMIAC2AhQrynmfjofQ4yNJ0J72R6m6azkjcNiKbzh3+YfoOvQ9uouJ0CkPKYgtk7byYyNJkKL5jVaTJt0kyQdzJVf9EMX66irRIwWQCv3n+ctLzDT/WzOPzlBpfU2Tn8EmE44QH+JKLDMJadvW9t1IbRH/z42x+9DNFL4BpNRZv44xSA2js/OPc6u9FbG7XDGO2mAjUqHuz0hjf9rLoEsBe+5jd8a6N2oOm6zGK0DIdoEcDWRm1Px3WYlVCl4P5NvzLuBNqLFg/AArAXLXsC3Ao2m0srJfUe7PS0JNIsACwXK6WzV7DTSySRZgHEy4fL/nuTvMHXwQK4Oa/CKwzP32hdu3VxwwK4notxeN580dGEMQEWwJc4HFuiZTJpEEAUh2GJlsm4IIBFiZY1cRiJLQI4n2iRa3EYBhH9D18eNW58bi76AAAAAElFTkSuQmCC
     mediatype: image/png

@@ -29,6 +29,8 @@ GIT_CONFIG_USER_EMAIL="${GIT_CONFIG_USER_EMAIL:-}"
 # The OPERATOR_NAME is defined in Makefile
 : "${OPERATOR_NAME:?"Missing OPERATOR_NAME variable"}"
 : "${OPERATOR_VERSION:?"Missing OPERATOR_VERSION variable"}"
+: "${CHANNELS:?"Missing CHANNELS variable"}"
+: "${PREVIOUS_VERSION:?"Missing PREVIOUS_VERSION variable"}"
 
 show_help() {
   echo "publish-bundle - raises PR to Operator Hub"
@@ -99,6 +101,37 @@ BUNDLE_DIR="${CUR_DIR}"/../../bundle
 mkdir -p "${OPERATORS_DIR}"
 cp -a "${BUNDLE_DIR}"/. "${OPERATORS_DIR}"
 
+# Generate release-config.yaml which is required to update FBC. FBC is only available in community-operators-prod atm
+if [ "${OPERATOR_HUB}" = "community-operators-prod" ]
+then
+  # when publishing a nightly build, we want to get previous build version automatically
+  if [[ ${OPERATOR_VERSION} == *"nightly"* ]]
+  then
+    # expecting there is only one channel in $CHANNELS when pushing nightly builds
+    LATEST_VERSION=$(yq '.entries[] | select(.schema == "olm.channel" and .name == '\""${CHANNELS}"\"').entries[-1].name' "${OPERATORS_DIR}../catalog-templates/basic.yaml")
+    # there is no entry in the given channel, probably a new channel and first version to be pushed there. Let's use previous nightly channel.
+    if [ -z "${LATEST_VERSION}" ]
+    then
+      PREVIOUS_MINOR=$(echo "${PREVIOUS_VERSION}" | cut -f1,2 -d'.')
+      LATEST_VERSION=$(yq '.entries[] | select(.schema == "olm.channel" and .name == '\""${PREVIOUS_MINOR}-nightly"\"').entries[-1].name' "${OPERATORS_DIR}../catalog-templates/basic.yaml")
+      if [ -z "${LATEST_VERSION}" ]
+      then
+        echo "Unable to find previous nightly version. Exiting."
+        exit 1
+      fi
+    fi
+  else
+    LATEST_VERSION="${OPERATOR_NAME}.v${PREVIOUS_VERSION}"
+  fi
+  cat <<EOF > "${OPERATORS_DIR}/release-config.yaml"
+catalog_templates:
+  - template_name: basic.yaml
+    channels: [${CHANNELS}]
+    replaces: ${LATEST_VERSION}
+    skipRange: '>=1.0.0 <${OPERATOR_VERSION}'
+EOF
+fi
+
 if ! git config --global user.name; then
   skipInDryRun git config --global user.name "${GIT_CONFIG_USER_NAME}"
 fi