readme: remember to edit the github release before publishing

[maelvls]

I've also re-structured the README so that everything that talks about tiers is its own section. It should be much clearer now to what images and helm charts each customer has access to.

[maelvls]

Can you review this @wallrj? I changed a bit the documentation you had written a year ago.

[maelvls]

Unrelated: I think we should also check the presence of the images after releasing. Just to double check. Do you think this check should be part as the release process @wallrj?

---

To check that the automation went through, check that the 3 public images are available:

docker run -it quay.io/jetstack/preflight:v0.1.49 version
docker run -it quay.io/jetstack/venafi-agent:v0.1.49 version
docker run -it registry.venafi.cloud/venafi-agent/venafi-agent:v0.1.49 version

Then, you will need to use venctl to check the two private registries:

1. curl -sSfL https://dl.venafi.cloud/venctl/latest/installer.sh | bash
   

2. Go to https://ven-tlspk.venafi.cloud/platform-settings/user-preferences?key=api-keys. Log in using the username admin0@tlspk.qa.venafi.io and the password here). Copy the API key for the next step (click "Generate" if the API key doesn't already exist).

3. Set the APIKEY env variable:

   APIKEY=...
   

4. Docker login to private-registry.venafi.cloud:

   venctl iam service-account registry create --name "$USER Temp" \
     --vcp-region US \
     --output dockerconfig \
     --output-file dockerconfig \
     --api-key $APIKEY
   docker login private-registry.venafi.cloud \
     | --username $(cat dockerconfig | jq '.. | select(.username?).username' -r) \
     | --password $(cat dockerconfig | jq '.. | select(.username?).auth            | @base64d' -r | cut -d: -f2) |

5. Go to https://ven-tlspk-eu.venafi.cloud/platform-settings/user-preferences?key=api-keys. Log in using the username admin0@tlspk.qa.venafi.io and the password here). Click "Generate" and copy the API key for the next step.

6. Set the APIKEY env variable:

   APIKEY=...
   

7. Docker login to private-registry.venafi.eu:

   venctl iam service-account registry create --name "$USER Temp" \
     --vcp-region EU \
     --output dockerconfig \
     --output-file dockerconfig \
     --api-key $APIKEY
   docker login private-registry.venafi.eu \
     | --username $(cat dockerconfig | jq '.. | select(.username?).username' -r) \
     | --password $(cat dockerconfig | jq '.. | select(.username?).auth            | @base64d' -r | cut -d: -f2) |

And now:

docker run -it private-registry.venafi.cloud/venafi-agent/venafi-agent:v0.1.49 version
docker run -it private-registry.venafi.eu/venafi-agent/venafi-agent:v0.1.49 version

[wallrj]

Thanks @maelvls, for bringing the release process docs up to date.

/lgtm

[wallrj]

Thanks for doing this and for linking to the docs.

[wallrj]

Thanks. When I wrote these notes originally I either overlooked the creation of a "Release" page (with release-notes) or else that wasn't a convention at the time.
My release at that time must only have resulted in a tag in GitHub which is not helpful for users.

I note that there will only be GitHub release pages for the venafi-kubernetes-agent chart not the jetstack-secure chart, but that's OK since jetstack-secure is considered EOL.

[wallrj]

This is a embarrassing. Remember to remove this when we eventually fix that problem.

• CI: "Generate provenance" fails #545

[wallrj]

Unrelated: I think we should also check the presence of the images after releasing. Just to double check. Do you think this check should be part as the release process @wallrj?

@maelvls I turned that into a followup issue.