Open irbekrm opened 3 years ago
That is a great idea.
Which bucket should that be?
It would have to be set to public, but I think cert-manager-release is not publically available:
# gsutil acl get gs://cert-manager-release
[
{
"entity": "project-editors-1021342095237",
"projectTeam": {
"projectNumber": "1021342095237",
"team": "editors"
},
"role": "OWNER"
},
{
"entity": "project-owners-1021342095237",
"projectTeam": {
"projectNumber": "1021342095237",
"team": "owners"
},
"role": "OWNER"
},
{
"entity": "project-viewers-1021342095237",
"projectTeam": {
"projectNumber": "1021342095237",
"team": "viewers"
},
"role": "READER"
}
]
To try it out, I created a bucket:
gsutil mb -p cert-manager-release gs://cert-manager-rel
gsutil web set gs://cert-manager-rel
gsutil iam ch allUsers:objectViewer gs://cert-manager-rel
echo 1.5.3 >latest
gsutil cp latest gs://cert-manager-rel
That would give:
$ curl https://storage.googleapis.com/cert-manager-rel/latest
1.5.3
Thanks for investigating @maelvls 🙏🏼
Which bucket should that be?
It could have been nice if it was the same release bucket as that way we wouldn't need to make another bucket name configurable via params/would minimize the risk that someone accidentally overwrites the stable release name when testing publishing.
Perhaps we can make public just a single file in the release bucket publicly accessible?
Else I guess it'd have to be another bucket in the same project and we'd have to ensure that cmrel
allows parameterizing that bucket name as well.
You are correct, it is possible to set the public-read
role to a single object, meaning that we can reuse the existing cert-manager-release bucket:
echo 1.5.3 >latest
gsutil cp latest gs://cert-manager-release
gsutil acl set public-read gs://cert-manager-release/latest
And then:
$ curl https://storage.googleapis.com/cert-manager-release/latest
1.5.3
See https://github.com/cert-manager/website/pull/690#issuecomment-905434505 for context.
It would be good if, as part of cutting a new release that is meant to be the latest final (non-alpha/beta release) we could also publish somewhere (probably a txt file in a bucket) the latest release version (i.e
v.1.5.3
) so we can then use that in our installation instructions (see i.e kubectl install instructions where version number is read from https://dl.k8s.io/release/stable.txt).