Release Notes and Assets
Release notes are available on GitHub at https://github.com/kyverno/kyverno/releases
This section provides guidelines on release timelines and release branch maintenance.
Kyverno uses the Semantic Versioning scheme. Kyverno v1.0.0 was released in December 2019. This project follows a given version number MAJOR.MINOR.PATCH.
Major releases contain large features, design and architectural changes, and may include incompatible API changes. Major releases are low frequency and created as required e.g. once a year.
Minor releases contain features, enhancements, and fixes that are introduced in a backwards-compatible manner. Since Kyverno is a fast growing project, but is a critical component of the Kubernetes control plane, having a major release approximately every few months helps balance speed and stability. Vulnerabilities scored as either medium or low will be included in minor releases unless they coincide with an existing patch release.
- Roughly every 3 months
Patch releases are for backwards-compatible bug fixes, very minor enhancements which do not impact stability or compatibility, or critical or high security vulnerabilities. Typically only critical fixes are selected for patch releases.
- When critical fixes are required, or roughly each month
Kyverno uses GitHub tags to manage versions. New releases and release candidates are published using the wildcard tag
The dev images are pushed with tag
<major>.<minor>.dev-N-<git hash>, where “N” is a two-digit number beginning at one for the major-minor combination and incremented by one on each subsequent tagged image. See more examples. You can find published dev images for a specific commit via the GitHub workflow named image. For example, this job pushed images with tag
1.6-dev-7-gff99d92f for PR #2856.
To test with the latest images for different release branches, the images are pushed with
Non-critical issues and features are always added to the next minor release milestone, by default.
Critical issues, with no workarounds, are added to the next patch release.
Branches and PRs
Release branches and PRs are managed as follows:
- All changes are always first committed to
- Branches are created for each major or minor release.
- The branch name will contain the version, for example
- Patch releases are created from a release branch.
- For critical fixes that need to be included in a patch release, PRs should always be first merged to main and then cherry-picked to the release branch. The milestone label (for example
milestone-1.5) must be added to PRs that are to be merged to a release branch, along with the
cherry-pick-requiredlabel. When the PR is cherry picked (or merged), the
cherry-pick-completedlabel is added.
- For complex changes, or when branches diverge significantly, separate PRs may be required for
mainand release branches.
- During PR review, the Assignee selection is used to indicate the reviewer.
A minor release will contain a mix of features, enhancements, and bug fixes.
Major features follow the Kyverno Design Proposal (KDP) process.
During the start of a release, there may be many issues assigned to the release milestone. The priorities for the release are discussed in the weekly contributor’s meetings. As the release progresses several issues may be moved to the next milestone. Hence, if an issue is important it is important to advocate its priority early in the release cycle.