- Checkout your fork and make sure it's up-to-date with the
upstream
$ git remote -v origin [email protected]:<your account>/tracee.git (fetch) origin [email protected]:<your account>/tracee.git (push) upstream [email protected]:aquasecurity/tracee.git (fetch) upstream [email protected]:aquasecurity/tracee.git (push)
git pull -r git fetch upstream git merge upstream/main git push
- Prepare release by creating the PR with the following changes
- Update the libbpfgo module
- Update the types module
- Update the container image tag in the following files example:
deploy/kubernetes/tracee-falcosidekick/falcosidekick.yaml
deploy/kubernetes/tracee-postee/tracee.yaml
- Update
home
,version
andappVersion
properties indeploy/helm/tracee/Chart.yaml
- example
- Run tests and checks
- Check that there are no verifier issues when choosing all events in tracee-ebpf (using
--trace e=*
) - Check both CO-RE and non CO-RE builds
- Run all unit, integration, and e2e tests
- Sanity checks for different special features
- capture artifacts (files, memory, net, etc...)
- table/json/gob printers output
- tracee-ebpf with various filters
- Check that docker images build correctly
- Check that there are no verifier issues when choosing all events in tracee-ebpf (using
- Run the above tests/checks for three different kernel versions include old kernels (4.18/4.19) and new ones (5.10+)
- Review and merge the PR (make sure all tests are passing)
- Update your fork again
git pull -r git fetch upstream git merge upstream/main git push
- Create an annotated git tag and push it to the
upstream
. This will trigger the.github/workflows/release.yaml
workflowgit tag -v0.8.1 -m 'Release v0.8.1' git push upstream v0.8.1
- Verify that the
release
workflow has built and published the following artifacts- Tracee binaries (tracee-ebpf, tracee-rules, rules) in the form of a tar archive
tracee.<VERSION>.tar.gz
- Source code zip and tar files
- Docker images pushed to the aquasec/tracee repository (
docker.io/aquasec/tracee:<VERSION>
anddocker.io/aquasec/tracee:full-<VERSION>
)
- Tracee binaries (tracee-ebpf, tracee-rules, rules) in the form of a tar archive
- Publish the Helm chart by manually triggering the
.github/workflows/publish-helm.yaml
workflow