HowTo release Authorino Operator

RELEASE.md

@@ -0,0 +1,90 @@
+# How to release Authorino Operator
+
+## Process
+
+To release a version _“v0.W.Z”_ of Authorino Operator in GitHub and Quay.io, follow these steps:
+
+1. Pick a stable (released) version _“v0.X.Y”_ of the operand known to be compatible with operator’s image for _“v0.W.Z_”;
+if needed, [make a release of the operand first](https://github.com/Kuadrant/authorino/blob/main/RELEASE.md).
+
+2. Run the GHA [Release operator](https://github.com/Kuadrant/authorino-operator/actions/workflows/release.yaml); make
+sure to fill all the fields:
+
+   * Branch containing the release workflow file – default: `main`
+   * Commit SHA or branch name of the operator to release – usually: `main`
+   * Operator version to release (without prefix) – i.e. `0.W.Z`
+   * Authorino version the operator enables installations of (without prefix) – i.e. `0.X.Y`
+   * If the release is a prerelease
+   * Bundle and catalog channels (comma-separated) – usually: `stable`
+
+3. Run the GHA [Build and push images](https://github.com/Kuadrant/authorino-operator/actions/workflows/build-images.yaml)
+for the _“v0.W.Z”_ tag, specifying ‘Authorino version’ equals to _“0.X.Y”_ (without the leading “v”). This will cause the
+new images (bundle and catalog included) to be built and pushed to the corresponding repos in
+[quay.io/kuadrant](https://quay.io/organization/kuadrant).
+
+
+### Publishing the Operator in OpenShift Community Operators
+Open a PR in the [OpenShift Community Operators repo](http://github.com/redhat-openshift-ecosystem/community-operators-prod)
+([example](https://github.com/redhat-openshift-ecosystem/community-operators-prod/pull/1595) |
+[docs](https://redhat-openshift-ecosystem.github.io/community-operators-prod/operator-release-process/)).
+
+The usual steps are:
+
+1. Start a new branch named `authorino-operator-v0.W.Z`
+
+2. Create a new directory `operators/authorino-operator/0.W.Z` containing:
+
+   * Copy the bundle files from `github.com/kuadrant/authorino-operator/tree/v0.W.Z/bundle`
+   * Copy `github.com/kuadrant/authorino-operator/tree/v0.W.Z/bundle.Dockerfile` with the proper fix to the COPY commands
+   (i.e. remove /bundle from the paths)
+
+### Publishing the Operator in Kubernetes Community Operators (OperatorHub.io)
+
+1. Open a PR in the [Kubernetes Community Operators repo](https://github.com/k8s-operatorhub/community-operators)
+([example](https://github.com/k8s-operatorhub/community-operators/pull/1655) | [docs](https://operatorhub.io/contribute)).
+
+2. The usual steps are the same as for the
+[OpenShift Community Operators](https://docs.google.com/document/d/1tLveyv8Zwe0wKyfUTWOlEnFeMB5aVGqIVDUjVYWax0U/edit#heading=h.b5tapxn4sbk5)
+hub.
+
+
+## Notes on Authorino Operator’s automated builds and references to the Authorino manifests and default version
+
+* PRs merged to the main branch of Authorino Operator cause a new image to be built (GH Action) and pushed automatically
+to `quay.io/kuadrant/authorino-operator:<git-ref>` – the `quay.io/kuadrant/authorino-operator:latest` tag is also moved
+to match the latest <git-ref>.
+
+* Authorino Operator owns the manifests generated by the operator itself (i.e. Authorino CRD, RBAC), and stores a copy
+  of the operand’s manifests (AuthConfig CRD, RBAC):
+
+  * All resources are added to the bundle manifests (`./bundle`) – for installations managed with
+  [Operator Lifecycle Manager (OLM)](https://olm.operatorframework.io/)
+  * A single file manifest is generated at `./config/deploy/manifests.yaml`, gathering the resources to install and deploy
+  the Operator without OLM
+    * Allows installing (CRDs, RBAC) and deploying (Deployment, Services) an instance of the operator from a single
+    `kubectl apply` command
+    * Tons of Authorino docs and examples rely on this
+  * The `manifests` make target is used to generate the compiled version of all manifests (operator’s and operand’s).
+  It accepts as parameters:
+
+    * `VERSION`: sets the version of the manifests of the operator generated by the operator-sdk command and image tag of
+    the deployment added to `config/deploy/manifests.yaml` (default: latest)
+    * `AUTHORINO_VERSION`: sets the operand’s branch that sources the manifests (CRD, role definitions) that are appended
+    to `config/deploy/manifests.yaml` (default: latest)
+
+  * Changes in the operand’s CRD/role definitions out date the `config/deploy/manifests.yaml` file, thus requiring a PR to
+  the operator repo ([example](https://github.com/Kuadrant/authorino-operator/pull/68))
+
+  * The `verify-manifests` make target is used to verify consistency of the manifests
+    * Triggered in the CI tests
+    * Causes all PRs in the Operator repo to break whenever there’s a change in the operand’s API committed to the main
+    branch → requires immediate update of the copy of operand’s manifests in the main branch of the operator and rebase
+    of all PRs
+
+* Apart from the operand’s manifests pinned to a specific or latest version in the copy committed to
+`config/deploy/manifests.yaml`, the Operator’s code contains hard-coded references to the default version of the operand
+to install:
+  * Set at compilation time ([`controllers.DefaultAuthorinoImage`](https://github.com/Kuadrant/authorino-operator/blob/03b42633627337bc7d908e36e579340a0d8e12fb/controllers/constants.go#L95))
+  * Configured in the `build.yaml` file ([example](https://github.com/Kuadrant/authorino-operator/blob/release-v0.10.0/build.yaml))
+  * It can be overwritten in the Authorino CR → good for dev/test/staging workflows
+  * Set to "latest" in the main branch