release icon indicating copy to clipboard operation
release copied to clipboard

Published 20 hours ago verified publisher icon kubernetes

Establish Kubernetes build/stage/release process on k8s-infra

Open justaugustus opened this issue 6 years ago • 14 comments

Build

  • [x] Enable Kubernetes build on k8s-infra via Prow
    • [x] (https://github.com/kubernetes/release/pull/900) Add support for running Kubernetes builds via Google Cloud Build
    • [x] (https://github.com/kubernetes/test-infra/pull/14747) Allow GCB builds from arbitrary build directories
    • [x] (https://github.com/kubernetes/test-infra/pull/14773) Add shadow kubernetes build jobs
    • [x] (https://github.com/kubernetes/test-infra/pull/14788) Configure kubernetes-build prototype jobs to use the GCB builder
    • [ ] Migrate ci-kubernetes-build* jobs to use k8s-infra once stage/release components are in place

Stage/Release - Phase 0 - Staging only

  • [x] Create feature branch (prototype) for initial stage/release prototype on k8s-infra
  • [x] (#909) Initial stage/release prototype on k8s-infra
  • [x] (https://github.com/kubernetes/k8s.io/pull/434) Create release-managers-admins@ to grant elevated privileges to GCP for SIG Release Chairs
  • [x] (https://github.com/kubernetes/k8s.io/pull/434) Grant GCP KMS access to SIG Release Chairs
  • [x] (https://github.com/kubernetes/k8s.io/pull/434) Enable KMS API for SIG Release GCP projects
  • [x] Configure KMS secret to store k8s-release-robot GitHub token
  • [x] (#909) Update build and release GCB configs to include GitHub token
  • [ ] Configure staging job on Prow against prototype branch
  • [x] Create Editor/Viewer roles for Patch Release, Branch Mgmt, and Release Manager Associates

Stage/Release - Phase 1 - Prod test

  • [x] (https://github.com/kubernetes/k8s.io/pull/641) Enable KMS API for release staging projects
  • [x] (https://github.com/kubernetes/release/pull/1163) Move KMS keys to k8s-releng-prod GCP project
  • [x] (https://github.com/kubernetes/k8s.io/pull/641) Configure staging service account with access to copy GCS objects into prod test account
  • [ ] (https://github.com/kubernetes/release/pull/957) Configure nomock stage/release jobs to write to prod test GCS buckets
  • [ ] Permissions audit and reconciliation between prod test and prod
  • [x] Deprecate k8s-staging-release-test and k8s-infra-sig-release-prototype GCP projects - #1161

Stage/Release - Phase 2

  • [x] VDF (Vanity Domain Flip) - k8s.gcr.io cutover: https://github.com/kubernetes/release/issues/270

Stage/Release - Phase 3

  • [ ] dl.k8s.io cutover: https://github.com/kubernetes/k8s.io/issues/1569

/assign /priority important-soon /milestone v1.19 /kind feature

justaugustus avatar Oct 28 '19 03:10 justaugustus

@dims, @thockin, @cblecker, @listx -- this is primarily a braindump/aggregation of the work I've done thus far. Can you give me a gut-check on the order of operations / missing steps from the k8s-infra side?

justaugustus avatar Oct 28 '19 12:10 justaugustus

FYI @kubernetes/release-engineering @kubernetes/k8s-infra-team

justaugustus avatar Oct 28 '19 12:10 justaugustus

cc: @dims @bartsmykla

justaugustus avatar Feb 24 '20 16:02 justaugustus

@justaugustus I'm gonna add this topic to this week's k8s-infra-wg call, because the process should be straight forward but I'm not sure which cluster we should use to whole buiold/stage/release process.

cc. @dims @thockin

bartsmykla avatar Mar 02 '20 15:03 bartsmykla

@bartsmykla -- I won't be available this week for discuss. Can you add it to the Release Engineering agenda for next week and few of you can come to our meeting instead?

Staging and releasing happens via GCB, so I'm not sure that we'll need a cluster for that, btw.

justaugustus avatar Mar 03 '20 19:03 justaugustus

@justaugustus sure, let's meet and discuss it during the Release Engineering meeting.

bartsmykla avatar Mar 04 '20 08:03 bartsmykla

@justaugustus do you want to discuss it at the next SIG Release meeting (I think it's the next week) or Release Engineering one (I think it's in the next two weeks)?

bartsmykla avatar Mar 04 '20 08:03 bartsmykla

@justaugustus ping

bartsmykla avatar Mar 06 '20 06:03 bartsmykla

@bartsmykla -- yep. Drop it on the agenda for next week's SIG Release meeting. :)

justaugustus avatar Mar 06 '20 06:03 justaugustus

Done

bartsmykla avatar Mar 06 '20 07:03 bartsmykla

Issues go stale after 90d of inactivity. Mark the issue as fresh with /remove-lifecycle stale. Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta. /lifecycle stale

fejta-bot avatar Jun 24 '20 06:06 fejta-bot

Stale issues rot after 30d of inactivity. Mark the issue as fresh with /remove-lifecycle rotten. Rotten issues close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta. /lifecycle rotten

fejta-bot avatar Jul 24 '20 07:07 fejta-bot

Rotten issues close after 30d of inactivity. Reopen the issue with /reopen. Mark the issue as fresh with /remove-lifecycle rotten.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta. /close

fejta-bot avatar Aug 23 '20 08:08 fejta-bot

@fejta-bot: Closing this issue.

In response to this:

Rotten issues close after 30d of inactivity. Reopen the issue with /reopen. Mark the issue as fresh with /remove-lifecycle rotten.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta. /close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

k8s-ci-robot avatar Aug 23 '20 08:08 k8s-ci-robot