Tenant Release Pipelines

The usual release process in Konflux involves two different teams: a Development team and a Managed environment team as described in Releasing an application. But, sometimes the Development team wants to release their software to some destination that is directly under their control, using their own secrets, without depending on a Managed environment team. In Konflux we call this model a tenant release pipeline. It’s a release pipeline that runs in the tenant namespace of the Development team, rather than in that of the Managed environment team.

The gist here is that you are going to follow the regular instructions to create a ReleasePlan, but you will omit the target and specify the pipeline directly on your ReleasePlan.

Prerequisites
If you write a good reusable release pipeline, please submit it to our catalog so others can use it.
Procedure
  1. Create a ReleasePlan.yaml object locally.

    Example ReleasePlan.yaml object

    apiVersion: appstudio.redhat.com/v1alpha1
    kind: ReleasePlan
    metadata:
     labels:
       release.appstudio.openshift.io/auto-release: 'true' (1)
       release.appstudio.openshift.io/standing-attribution: 'true'
     name: publish (2)
     namespace: dev-workspace (3)
    spec:
     application: <application-name> (4)
     data:
       mapping:
         components: (5)
           - name: demo-component-1
             repository: registry/destination-image-repository-1
             tags: [latest]
           - name: demo-component-2
             repository: registry/destination-image-repository-2
             tags: [latest]
     pipeline:
       pipelineRef: (6)
         resolver: git
         params:
           - name: url
             value: "https://github.com/konflux-ci/release-service-catalog.git"
           - name: revision
             value: production
           - name: pathInRepo
             value: "pipelines/push-to-external-registry/push-to-external-registry.yaml"
       serviceAccountName: appstudio-pipeline (7)
    1 Optional: Control if Releases should be created automatically for this ReleasePlan when tests pass. Defaults to true.
    2 The name of the release plan.
    3 The development team’s workspace.
    4 The name of the application that you want to release via a pipeline in the development workspace.
    5 A list containing the destination repository for each component
    6 Reference to the Pipeline to be executed in the development workspace.
    7 The name of the service account used to execute the tenant pipeline.
  2. In the Development workspace, apply the ReleasePlan.yaml file and add the resource to your cluster by running the following command:

    kubectl apply -f ReleasePlan.yaml -n dev
  3. Provision any secrets needed by the particular release pipeline you chose and upload them to the Development workspace.

Next steps
  • Create a release object: The development team creates a Release object to reference a specific Snapshot and ReleasePlan. It indicates the users' intent to release that Snapshot via the tenant release pipeline defined in the ReleasePlan.