This document contains the SIG Release Roadmap for 2024 and beyond. More detailed information can be found on the corresponding project boards.
Provide a more robust, fast and flexible release pipeline for Kubernetes.
- Robust: The process of creating release metadata should be consistent across consecutive runs as well as resilient to infrastructure failures.
- Fast: The creation time of Kubernetes releases should be minimized.
- Flexible: Future enhancements to the process will be taken into consideration from the beginning on, for example when thinking about extending the release metadata.
The following deliverables are necessary to achieve the overall goal. Within the following listing, all deliverables are sorted by their priority and their state.
-
Make artifact validation more robust
Outcome: Provide a fast and error-resistant workflow for artifact promotion compliant with SLSA.
Enhancement: was kubernetes/enhancements#3027
Project board: https://github.com/orgs/kubernetes/projects/171
-
Making deb and rpm package builds more robust
Outcome: Provide a fast and error-resistant workflow for building and publishing packages to the community-owned infrastructure.
Enhancement: kubernetes/enhancements#1731
Project board: https://github.com/orgs/kubernetes/projects/137
-
Enable other Kubernetes subprojects to use our packages infrastructure
Outcome: Building a CLI, library and documentation for Kubernetes related projects to use the existing packaging infrastructure.
Enhancement: none
Project board: https://github.com/orgs/kubernetes/projects/137
-
Migrate away from GCS bucket: gs://kubernetes-release
Outcome: Ensure we migrate away from gs://kubernetes-release, use a community-owned Object Storage bucket for binaries releases, serve the binaries published through a CDN service.
Enhancement: none
-
Modernize and Extend Release Metadata
Outcome: Providing release metadata compliant to the latest industry standards.
Enhancement: none (was kubernetes/enhancements#3027)
Project board: https://github.com/orgs/kubernetes/projects/138
-
Make Kubernetes releases more flexible
Outcome: Provide more possibilities for Kubernetes releases to be created in custom infrastructure environments.
Enhancement: none
-
We rely on different SIGs for our work
We have a need to discuss our enhancements with different SIGs to get all required information and drive the change. This can lead into helpful, but maybe not expected input and delay the deliverable.
-
Some topics require initial research
We're not completely aware of all technical aspects for the changes. This means that there is a risk of delaying because of investing more time in pre-research.
-
SIG K8s Infra
For general infrastructure support we rely on.
-
SIG Architecture
For the formalization of the released platforms and input about the overall supply chain.
-
SIG Security
For content which should be part of the release metadata.
-
Moving deb/rpm package builds to community infrastructure (Consumable)
Outcome: Automated builds of signed
deb
andrpm
Kubernetes packages within community infrastructure.Enhancement: kubernetes/enhancements#1731
Project board: https://github.com/orgs/kubernetes/projects/137
-
Signing of release artifacts (Secure)
Outcome: Being able to ship signed release artifacts, which includes container images in the first iteration as well as all artifacts following on.
Enhancement: kubernetes/enhancements#3031
-
Formalize supported release platforms (Introspectable)
Outcome: Definition of the life cycle for currently supported Kubernetes artifacts and a guideline for the community about how to add new platforms.
-
Implement a Bill of Materials (BOM) for release artifacts (Introspectable / Secure)
Outcome: An automated formal verification of produced release artifacts for every future release.
-
Create releases landing page (Consumable)
Outcome: A releases page that is up to date and acts as canonical place for release related information, for example links to release notes and support timelines.
-
Define and implement the release cadence survey (Introspectable)
Outcome: A regular survey evaluating the user experience of the current release cadence.
-
Distribute the load of Kubernetes artifacts between vendors (Consumable)
Outcome: A policy and procedure for use by SIG Release to promote container images and release binaries to multiple registries and mirrors.
Enhancement: kubernetes/enhancements#3055
-
Simplify CVE process for release management (Secure)
kubernetes#896, kubernetes/release#1354
Outcome: A documented and simple process for handling CVE information within Kubernetes releases.
This section covers items from the past 2022 roadmap which have not been started or became stale.
-
Enhance Kubernetes binary artifact management (Consumable)
Enhancement: none
Outcome: Being able to promote files as artifacts and using this mechanism for Kubernetes releases.
-
Define and collect metrics about Kubernetes releases (Introspectable)
Enhancement: none
Outcome: Being able to measure and interpret a set of defined metrics about Kubernetes releases to associate actions with those.
-
Establish Cluster API as first-class signal for upstream releases (Consumable)
Enhancement: none
Outcome: Cluster API provides a CI signal for blocking release test jobs.
-
Enhance and simplify Kubernetes version markers (Consumable)
Enhancement: none
Outcome: Clear documentation about available version markers as well as their simplified automation.