Tenant Release Pipelines
The usual release process in Konflux involves two different teams: a Development team and a Managed environment team as described in Releasing an application. But, sometimes the Development team wants to release their software to some destination that is directly under their control, using their own secrets, without depending on a Managed environment team. In Konflux we call this model a tenant release pipeline. It’s a release pipeline that runs in the tenant namespace of the Development team, rather than in that of the Managed environment team.
The gist here is that you are going to follow the regular instructions to create a ReleasePlan, but you will omit the target
and specify the pipeline
directly on your ReleasePlan
.
-
You have an existing Development workspace.
-
You have completed the steps listed in the Getting started in the CLI page.
-
Either choose one of the konflux release pipelines, or write your own.
If you write a good reusable release pipeline, please submit it to our catalog so others can use it. |
-
Create a
ReleasePlan.yaml
object locally.Example
ReleasePlan.yaml
objectapiVersion: appstudio.redhat.com/v1alpha1 kind: ReleasePlan metadata: labels: release.appstudio.openshift.io/auto-release: 'true' (1) release.appstudio.openshift.io/standing-attribution: 'true' name: publish (2) namespace: dev-workspace (3) spec: application: <application-name> (4) data: mapping: components: (5) - name: demo-component-1 repository: registry/destination-image-repository-1 tags: [latest] - name: demo-component-2 repository: registry/destination-image-repository-2 tags: [latest] tenantPipeline: pipelineRef: (6) resolver: git params: - name: url value: "https://github.com/konflux-ci/release-service-catalog.git" - name: revision value: production - name: pathInRepo value: "pipelines/push-to-external-registry/push-to-external-registry.yaml" serviceAccountName: appstudio-pipeline (7)
1 Optional: Control if Releases should be created automatically for this ReleasePlan when tests pass. Defaults to true. 2 The name of the release plan. 3 The development team’s workspace. 4 The name of the application that you want to release via a pipeline in the development workspace. 5 A list containing the destination repository for each component 6 Reference to the Pipeline to be executed in the development workspace. 7 The name of the service account used to execute the tenant pipeline. -
In the Development workspace, apply the
ReleasePlan.yaml
file and add the resource to your cluster by running the following command:kubectl apply -f ReleasePlan.yaml -n dev
-
Provision any secrets needed by the particular release pipeline you chose and upload them to the Development workspace.
-
Create a
release
object: The development team creates a Release object to reference a specific Snapshot and ReleasePlan. It indicates the users' intent to release that Snapshot via the tenant release pipeline defined in the ReleasePlan.