Skip to content

Commit c5bd20c

Browse files
SgtCoDFishSgtCoDFish
committed
Remove jetstack-agent chart + docs
I think most of the jetstack-agent stuff has been removed and is no longer relevant to what we do day-to-day. This is a first step towards cleaning up the code base so we can refactor further. There are several references in README to Jetstack secure, to the old chart, and to stuff that's no longer relevant, so I've cleaned it up a lot. I also moved the release guide to RELEASE.md to match what we do in other projects, and cleaned up the release info to be a bit more readable and focus on details that are important to us. To preserve the old Jetstack Secure functionality in the event we require it, I've already created + pushed a tag called "before-jetstack-secure-removal". If we need to do something Jetstack Secure related (such as an agent change or a chart tweak) we can create a branch from that tag and maintain that separately. Signed-off-by: Ashley Davis <[email protected]>
1 parent 076f734 commit c5bd20c

19 files changed

+118
-1734
lines changed

README.md

Lines changed: 14 additions & 184 deletions
Large diffs are not rendered by default.

RELEASE.md

Lines changed: 104 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,104 @@
1+
# Release Process
2+
3+
> [!NOTE]
4+
> Before starting, let Michael McLoughlin know that a release is about to be created so that documentation can be prepared in advance.
5+
6+
The release process is semi-automated.
7+
8+
### Step 1: Git Tag and GitHub Release
9+
10+
> [!NOTE]
11+
>
12+
> Upon pushing the tag, a GitHub Action will do the following:
13+
> - Build and publish the container image at `quay.io/jetstack/venafi-agent`,
14+
> - Build and publish the Helm chart at `oci://quay.io/jetstack/charts/venafi-kubernetes-agent`,
15+
> - Create a draft GitHub release,
16+
> - Upload the Helm chart tarball to the GitHub release.
17+
18+
1. Open the [tests GitHub Actions workflow][tests-workflow]
19+
and verify that it succeeds on the master branch.
20+
21+
2. Run govulncheck:
22+
```bash
23+
go install golang.org/x/vuln/cmd/govulncheck@latest
24+
govulncheck -v ./...
25+
```
26+
27+
3. Create a tag for the new release:
28+
```sh
29+
export VERSION=v1.1.0
30+
git tag --annotate --message="Release ${VERSION}" "${VERSION}"
31+
git push origin "${VERSION}"
32+
```
33+
34+
4. Wait until the GitHub Actions finishes.
35+
36+
5. Navigate to the GitHub Releases page and select the draft release to edit.
37+
1. Click on “Generate release notes” to automatically compile the changelog.
38+
2. Review and refine the generated notes to ensure they’re clear and useful
39+
for end users.
40+
3. Remove any irrelevant entries, such as “update deps,” “update CI,” “update
41+
docs,” or similar internal changes that do not impact user functionality.
42+
43+
6. Publish the release.
44+
45+
7. Inform the `#venctl` channel that a new version of Venafi Kubernetes Agent has been
46+
released. Make sure to share any breaking change that may affect `venctl connect`
47+
or `venctl generate`.
48+
49+
8. Inform Michael McLoughlin of the new release so he can update the
50+
documentation at <https://docs.venafi.cloud/>.
51+
52+
[tests-workflow]: https://github.com/jetstack/jetstack-secure/actions/workflows/tests.yaml?query=branch%3Amaster
53+
54+
## Release Artifact Information
55+
56+
For context, the new tag will create the following images:
57+
58+
| Image | Automation |
59+
| --------------------------------------------------------- | -------------------------------------------------------------------------------------------- |
60+
| `quay.io/jetstack/venafi-agent` | Automatically built by the [release action](.github/workflows/release.yml) on Git tag pushes |
61+
| `registry.venafi.cloud/venafi-agent/venafi-agent` | Automatically mirrored by Harbor Replication rule |
62+
| `private-registry.venafi.cloud/venafi-agent/venafi-agent` | Automatically mirrored by Harbor Replication rule |
63+
| `private-registry.venafi.eu/venafi-agent/venafi-agent` | Automatically mirrored by Harbor Replication rule |
64+
65+
and the following OCI Helm charts:
66+
67+
| Helm Chart | Automation |
68+
| -------------------------------------------------------------------- | -------------------------------------------------------------------------------------------- |
69+
| `oci://quay.io/jetstack/charts/venafi-kubernetes-agent` | Automatically built by the [release action](.github/workflows/release.yml) on Git tag pushes |
70+
| `oci://registry.venafi.cloud/charts/venafi-kubernetes-agent` | Automatically mirrored by Harbor Replication rule |
71+
| `oci://private-registry.venafi.cloud/charts/venafi-kubernetes-agent` | Automatically mirrored by Harbor Replication rule |
72+
| `oci://private-registry.venafi.eu/charts/venafi-kubernetes-agent` | Automatically mirrored by Harbor Replication rule |
73+
74+
Here is replication flow for OCI Helm charts:
75+
76+
```text
77+
v1.1.0 (Git tag in the jetstack-secure repo)
78+
└── oci://quay.io/jetstack/charts/venafi-kubernetes-agent --version 1.1.0 (GitHub Actions in the jetstack-secure repo)
79+
├── oci://us.gcr.io/jetstack-secure-enterprise/charts/venafi-kubernetes-agent (Enterprise Builds's GitHub Actions)
80+
└── oci://eu.gcr.io/jetstack-secure-enterprise/charts/venafi-kubernetes-agent (Enterprise Builds's GitHub Actions)
81+
├── oci://registry.venafi.cloud/charts/venafi-kubernetes-agent --version 1.1.0 (Harbor Replication)
82+
└── oci://private-registry.venafi.cloud/charts/venafi-kubernetes-agent --version 1.1.0 (Harbor Replication)
83+
└── oci://private-registry.venafi.eu/charts/venafi-kubernetes-agent --version 1.1.0 (Harbor Replication)
84+
```
85+
86+
And the replication flow for Docker images:
87+
88+
```text
89+
v1.1.0 (Git tag in the jetstack-secure repo)
90+
└── quay.io/jetstack/venafi-agent:v1.1.0 (GitHub Actions in the jetstack-secure repo)
91+
├── us.gcr.io/jetstack-secure-enterprise/venafi-agent:v1.1.0 (Enterprise Builds's GitHub Actions)
92+
└── eu.gcr.io/jetstack-secure-enterprise/venafi-agent:v1.1.0 (Enterprise Builds's GitHub Actions)
93+
├── registry.venafi.cloud/venafi-agent/venafi-agent:v1.1.0 (Harbor Replication)
94+
├── private-registry.venafi.cloud/venafi-agent/venafi-agent:v1.1.0 (Harbor Replication)
95+
└── private-registry.venafi.eu/venafi-agent/venafi-agent:v1.1.0 (Harbor Replication)
96+
```
97+
98+
[public-img-and-chart-replication.tf]: https://gitlab.com/venafi/vaas/delivery/harbor/-/blob/3d114f54092eb44a1deb0edc7c4e8a2d4f855aa2/public-registry/module/subsystems/tlspk/replication.tf
99+
[private-img-and-chart-replication.tf]: https://gitlab.com/venafi/vaas/delivery/harbor/-/blob/3d114f54092eb44a1deb0edc7c4e8a2d4f855aa2/private-registry/module/subsystems/tlspk/replication.tf
100+
[release_enterprise_builds.yaml]: https://github.com/jetstack/enterprise-builds/actions/workflows/release_enterprise_builds.yaml
101+
102+
### Step 2: Test the Helm chart "venafi-kubernetes-agent" with venctl connect
103+
104+
NOTE(mael): TBD

deploy/charts/jetstack-agent/.helmignore

Lines changed: 0 additions & 1 deletion
This file was deleted.

deploy/charts/jetstack-agent/Chart.yaml

Lines changed: 0 additions & 13 deletions
This file was deleted.

deploy/charts/jetstack-agent/README.md

Lines changed: 0 additions & 180 deletions
This file was deleted.

0 commit comments

Comments
 (0)