[openstack-dev] [openstack-announce] End of life for managed stable/icehouse branches

Jeremy Stanley fungi at yuggoth.org
Tue Jul 14 01:55:30 UTC 2015


On 2015-07-14 00:33:52 +0200 (+0200), Thomas Goirand wrote:
[...]
> I believe I asked you about 10 times to keep these branches alive, so
> that distributions could work together on a longer support, even without
> a CI behind it.

And the project consensus has seemed to disagree with this after
careful discussion, each time it's brought up. Distributions
collaborating upstream on stable branch support would entail helping
keep those branches tested upstream. As a project we've consistently
stated that publishing updates to stable branches without sufficient
testing is an affront to our quality assurance stance. The final
state of the upstream stable/icehouse branch, as with each previous
stable branch all the way back to stable/diablo, is tagged in the
repository so that you can construct your own continuation of
stable/icehouse from the same point as needed.

> I have also asked for a private gerrit for maintaining the Icehouse
> patches after EOL.
[...]

I do apologize for not setting up a separate private Gerrit instance
for embargoed security fix code reviewing. It would be a help to me
and the rest of the VMT to have it, I simply haven't had the
available time I'd hoped to be able to work out remaining
implementation details for deploying and maintaining it. That said,
its priority has decreased as the VMT is trying to get a little more
cautious about only embargoing vulnerability reports that actually
benefit enough from a brief advance notice to downstream
stakeholders to offset the significant cost in efficiency of the
embargo process (only a small amount of which is due to the tools we
end up using for private code review).

However, as I explained to you at the Liberty Design Summit after
discussion with members of the infrastructure team, we're also not
comfortable maintaining stable branches of projects in a private
Gerrit instance any longer than we do in the normal public one, and
would want to remove inactive branches from it at the same time
their public counterparts reach end of life.

Since I feel like I'm starting to repeat myself at this point, I'll
leave it to others to continue the thread this time. If you're
interested in overhauling the stable branch EOL process (I didn't
design and plan it, I merely pull the levers and push the buttons),
that discussion should involve the stable branch release managers
and the rest of the release team along with the quality assurance
team.
-- 
Jeremy Stanley
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 949 bytes
Desc: Digital signature
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150714/06f9db2c/attachment.pgp>


More information about the OpenStack-dev mailing list