1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-15 17:51:01 +00:00
external-secrets/design/006-LTS-release.md
Moritz Johner e2bc666a74
feat: LTS release process (#2155)
* feat: auto-update dependencies

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* docs: add release docs

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: remove note about image tag

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: add variables to allow build from release branch

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* Update design/006-LTS-release.md

Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
Signed-off-by: Moritz Johner <moolen@users.noreply.github.com>

* Update design/006-LTS-release.md

Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
Signed-off-by: Moritz Johner <moolen@users.noreply.github.com>

* Update design/006-LTS-release.md

Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
Signed-off-by: Moritz Johner <moolen@users.noreply.github.com>

* Update design/006-LTS-release.md

Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
Signed-off-by: Moritz Johner <moolen@users.noreply.github.com>

* fix: github ref regex match release branch

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* feat: migrate to new issue template format

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

---------

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Signed-off-by: Moritz Johner <moolen@users.noreply.github.com>
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
2023-05-15 09:06:15 +02:00

2.6 KiB

Long Term Support Policy

WRT: https://github.com/external-secrets/external-secrets/issues/2044

We want to provide security patches and critical bug fixes in a timely manner to our users. To do so, we offer long-term support for our latest two (N, N-1) software releases. We aim for a 2-3 month minor release cycle, i.e. a given release is supported for about 4-6 months.

We want to cover the following cases:

  • weekly image rebuilds to update OS dependencies
  • weekly go dependency updates
  • backport bug fixes on demand

Note: features cut off on a minor release will not be backported to older releases.

Automatic Updates

We have set up a Github Action (GHA) which will automatically update the go.mod dependencies once per week or on request. The GHA will make the necessary code changes and opens a PR. Once approved and merged into main or release-x.y our build pipelines will build and push the artifact to ghcr.

Manual Updates

Bug Fixes will be merged onto each release branch individually. This is achieved by creating separate PRs from a corresponding branch of the release (e.g. bug fixes targetting release-1.0 should be created from release-1.0 branch). Once approved and merged into main or release-x.y, ou build pipeline will build and push the artifact to ghcr

Process

Branch Management

When a new minor release is cut and merged into main, we must branch off to release-{major}.{minor}. This is the long-lived release branch that will get dependency updates and bug fixes. In case we do a patch release we must also merge into the correct release-{major}.{minor} branch.

Release Issue Template

We'll have a release issue template that gives the release lead a task list to work through all the steps needed to create a release.

Release Preparation Tasks

  • ask in #external-secrets-dev if we're ready for a release cut-off or if something needs to get urgently in
  • docs: stability & support page is up to date
    • version table
    • Provider Stability and Support table
    • Provider Feature Support table
  • docs: update roadmap page
  • tidy up Project Board
    • move issues to next milestone
    • close milestone

Release Execution

After Release Tasks

  • Announce release on #external-secrets in Slack