This directory contain the files and scripts to run a cosign release.
- Release notes: Create a PR to update and review release notes in CHANGELOG.md.
- Check merged pull requests since the last release and make sure enhancements, bug fixes, and authors are reflected in the notes.
You can get a list of pull requests since the last release by substituting in the date of the last release and running:
git log --pretty="* %s" --after="YYYY-MM-DD"
and a list of authors by running:
git log --pretty="* %an" --after="YYYY-MM-DD" | sort -u
- Tag the repository
$ export RELEASE_TAG=<release version, eg "v1.4.0">
$ git tag -s ${RELEASE_TAG} -m "${RELEASE_TAG}"
$ git push origin ${RELEASE_TAG}- Submit the cloudbuild Job using the following command:
$ gcloud builds submit --config <PATH_TO_CLOUDBUILD> \
--substitutions _GIT_TAG=${RELEASE_TAG},_TOOL_ORG=sigstore,_TOOL_REPO=cosign,_STORAGE_LOCATION=cosign-releases,_KEY_RING=<KEY_RING>,_KEY_NAME=<KEY_NAME>,_GITHUB_USER=<GITHUB_USER> \
--project <GCP_PROJECT>Where:
PATH_TO_CLOUDBUILDis the path where the cloudbuild.yaml can be found.GCP_PROJECTis the GCP project where we will run the job._GIT_TAGis the release version we are publishing._TOOL_ORGis the GitHub Org we will use. Defaultsigstore._TOOL_REPOis the repository we will use to clone. Defaultcosign._STORAGE_LOCATIONwhere to push the built artifacts. Defaultcosign-releases._KEY_RINGkey ring name of your cosign key._KEY_NAMEkey name of your cosign key._KEY_VERSIONversion of the key stored in KMS. Default1._KEY_LOCATIONlocation in GCP where the key is stored. Defaultglobal._GITHUB_USERGitHub user to authenticate for pushing to GHCR.
-
When the job finish, without issues, you should be able to see in GitHub a draft release. You now can review the release, make any changes if needed and then publish to make it an official release.
-
Send an announcement email to
[email protected]mailing list -
Tweet about the new release with a fun new trigonometry pun!
-
Honk!
- Add a pending new section in CHANGELOG.md to set up for the next release