13.2 Configure upgrade
Upgrade manager: @alexand
Preamble
-
Set the title of the issue to X.XX Configure upgrade
checklist -
Set the milestone of the issue
helm-install-image
Used by GitLab
to install GitLab-managed apps and many ~"group::configure" projects downstream
-
Upgrade kubectl
minor/patch version --
Review v1.13 changelog for any potential breaking changes.
-
We upgrade kubectl
based on the oldest kubernetes version that we support. Due to the kubernetes version skew policy, we should always use one minor version above our oldest supported version.
-
Upgrade helm
binary-
Review helm releases for any potential breaking changes
-
auto-deploy-app
If there are signficant unreleased changes:
-
Bump the chart version in Chart.yaml
, and the version intemplate_test.go
-
Ask a maintainer to tag the commit for that version bump with the version. This will trigger a release job for the version
-
auto-build-image
Used by the Build stage of Auto DevOps
-
Update the pinned DOCKER_VERSION
in.gitlab-ci.yml
. This should be done in sync with the Auto DevOps updates
auto-deploy-image
Used by the Deploy stages of Auto DevOps
-
Upgrade to use latest version of helm-install-image
-
Upgrade glibc
- Check https://github.com/sgerrand/alpine-pkg-glibc
Auto DevOps
Each in an MR of its own:
-
Update the pinned version of the docker build images docker:X.Y.Z-dind
anddocker:X.Y.Z
(seedocker
on Dockerhub for the latest tags): -
Update Deploy sub-template to use latest version of auto-deploy-image
.
You'll be tempted to create a branch name with the auto-deploy
character sequence. Branches with this sequence are automatically set as protected branches, so if you're not maintainer, you're probably not going to be able to push this branch to the remote repository. So, just choose another branch name.
-
Update DAST-Default-Branch-Deploy template to use latest version of auto-deploy-image
Important: Please run QA pipelines on each MR.
GitLab
-
Update helm.rb
to use theHELM_VERSION
andKUBECTL_VERSION
from the latest version ofhelm-install-image
Ingress
If there have been >= 3 months since the chart was last updated in GitLab:
-
Review nginx-ingress history for any potential breaking changes. (NB: There is no changelog) -
Upgrade the VERSION
in https://gitlab.com/gitlab-org/gitlab/blob/master/app/models/clusters/applications/ingress.rb
Cert-Manager
If there have been >= 3 months since the chart was last updated in GitLab:
-
Read and understand the upgrade guide for the version - https://cert-manager.io/docs/installation/upgrading/ -
Bump the VERSION
in cert_manager.rb. For some versions, the cert manager CRDs may need to be updated as well. If there are changes to the CRDs, only append new CRDs to the post delete script. Do not remove CRDs from the post delete list as this will break uninstalls for older versions of cert-manager.
cluster-applications
Dockerfile
In one or more MRs (depending on the amount changes required per update):
-
Update helm-install-image
to matchhelm.rb
-
Update helmfile
. Be mindful of selecting a version compatible with the helm version -
Update helm-git
Ingress
-
Upgrade the version
in https://gitlab.com/gitlab-org/cluster-integration/cluster-applications/blob/master/src/default-data/ingress/helmfile.yaml. This should match theVERSION
in GitLab. Check that thevalues.yaml
matches GitLab'svalues.yaml
cert-manager
-
Bump the version
in https://gitlab.com/gitlab-org/cluster-integration/cluster-applications/blob/master/src/default-data/cert-manager/helmfile.yaml. This should match theVERSION
in GitLab. Also:- Check that the
values-default-issuer.yaml
matches GitLab'svalue.yaml
. - Check that the
ClusterIssuer
template matches GitLab'sClusterIssuer
template. - For some versions, the cert manager CRDs may need to be updated as well.
Update the CRDs inside https://gitlab.com/gitlab-org/cluster-integration/cluster-applications/tree/master/src/default-data/cert-manager-crds (This should be the same CRDs referred to in
CRD_VERSION
), taking care to preserve backwards compatibility.
- Check that the
Release a new version
-
Ask a maintainer to tag a new version of cluster-applications
-
Bump the image tag in https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Managed-Cluster-Applications.gitlab-ci.yml to the new version
Administration
-
Before, closing this issue, create next month's issue using template Configure upgrade checklist