2.479.2 LTS release checklist #615
Labels
lts-checklist
This issue tracks the progress of an LTS release
Comments
krisstern
added
the
lts-checklist
|
changelog & upgrade guide for 2.479.2 jenkins-infra/jenkins.io#7675 |
|
Thanks @kmartens27 for the update! |
|
Changelog has been updated to include the script security fix entry. |
|
Awesome! Thanks for the quick action @kmartens27 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2.479.2 LTS release
More information about the release process is available on the release guide.
Release Lead
@krisstern
Prep work
LTS baseline discussed and selected in the Jenkins developers mailing list.
If the last release of the preceding LTS line is a security release, consider making the matching weekly release the new LTS baseline.
For example, 2.462.3 LTS and 2.479 were security releases and it is simpler to use 2.479 as baseline than 2.477.
Create or update release branch in jenkinsci/jenkins, e.g.
stable-2.387, use the init-lts-line script or carry out the equivalent steps therein.Create or update release branch in jenkins-infra/release, e.g.
stable-2.387. Strike out for initial release.RELEASE_GIT_BRANCHandJENKINS_VERSIONvalues in the environment file (profile.d/stable) to match the release.PACKAGING_GIT_BRANCHvalue in the packaging script (Jenkinsfile.d/core/package) to match the release.Create or update release branch in jenkinsci/packaging, e.g.stable-2.387. Strike out for new point release.Create a pull request to update bom to the weekly version that will be the base of the release line (and strike this out for new point release).Assure that the bom-weekly version number is already testing the base of the release line or a version newer than the base of the release line.
Review recent security advisories for fixes in Jenkins weeklies after the LTS baseline, and ensure there are Jira issues for their backport.
Review Jira and GitHub pull requests for additional LTS candidates, adding the
lts-candidatelabel, and ensure that all tickets are resolved in Jira.Send a backporting announcement email to the jenkinsci-dev mailing list, using the default template.
Remember to exchange the LTS version, release date and Jira URLs.
Update Jira labels for lts-candidate issues, either add
2.387.2-fixedand removelts-candidateor add2.387.2-rejected, and retainlts-candidate.Backport changes, run the list-issue-commits script to locate commits via Jira ID, some manual work is required to locate them if the issue ID wasn't present at merge time, backport with
git cherry-pick -x $commit.Open backporting PR with
into-ltslabel and summary of changes in description from lts-candidate-stats script and:Open a pull request towards the acceptance test harness and plugin compatibility test to confirm the incremental produced by the backporting PR doesn't contain regressions.
The documentation explains which profiles you have to modify in your PR.
Update the dependabot branch target in jenkinsci/jenkins to the new stable branch (strike this out for new point release).Prepare LTS changelog based on the style guide using the changelog generator - This is normally done by the docs team, ask in gitter.
Prepare LTS upgrade guide based on previous upgrade guides - This is normally done by the docs team, ask in gitter.
RC creation
Merge backporting PR in
jenkinci/jenkinsusing a merge commit (and do not squash).Retrieve the URL for the RC from the commit status (Jenkins Incrementals Publisher / Incrementals) of the last build on the stable branch (requires a passing build). Visit the
jenkins-warURL and copy the URL of the war file, which would be something like https://repo.jenkins-ci.org/incrementals/org/jenkins-ci/main/jenkins-war/2.387.1-rc32701.b_06d9cef554c/jenkins-war-2.387.1-rc32701.b_06d9cef554c.war. If the incrementals are broken you can deploy a build from your own machine withmvn -e clean deploy -DskipTests=true.Publish a pre-release Github release, e.g. sample currently we don't have a changelog for RCs.
Confirm the automatic announcement has been sent to the jenkinsci-dev mailing list and community forums. If the automatic announcement is not sent, compose and send the announcement yourself.
Check with security team that no security update is planned. If a security update is planned, revise the checklist after the public pre-announcement to the jenkinsci-advisories mailing list.
For a new LTS baseline's ".1" release, if there were [recent security advisories](https://www.jenkins.io/security/advisories/) for fixes in Jenkins weeklies after the LTS baseline that had to be backported:Update those advisories to mention the new 2.xxx.1 LTS release as an additional fix version (example)Update warnings metadata to exclude the ".1" release (example)Inform the Jenkins security team about the need to update CVE metadata to exclude the new LTS line from affected version ranges.LTS release
Publish changelog (one day prior to the release in case of a security update).
Announce the start of the LTS release process in the #jenkins-release:matrix.org channel.
Run job on release.ci.jenkins.io if no security release for Jenkins is planned.If this is the first release of a new LTS line, the packaging job will fail on its first run. Either run the packaging job once and cancel it before the primary release job is run or accept that the packaging job on the first release of a new LTS line will need to be run a second time after it fails the initial run.Check LTS changelog is visible on the downloads site.
Publish GitHub release pointing to LTS changelog, sample.
Confirm Datadog checks are passing.
Confirm the Debian installer acceptance test is passing.
For good measures, check the console log to confirm that the correct release package was used (e.g. search for
2.387).Confirm the Red Hat installer acceptance test is passing.
For good measures, check the console log to confirm that the correct release package was used (e.g. search for
2.387).Adjust state and
Released Asof Jira issues fixed in the release (see the changelog for issue links).Create pull request to update the
ltsMaven profile in ATH to the newly released versionCreate pull request to update thejenkins.versionin the most recent release profile in plugin BOM to the newly released version.Refer to first step before the release and second step after the release for examples.2release.Create a tag matching the LTS release you create in the docker repository and publish a GitHub release.
Confirm that the images are available at Docker hub.
Merge the PR generated by the
jenkins-dependency-updaterbot in the jenkinsci/helm-charts repository.Create a helpdesk ticket to update
ci.jenkins.io,trusted.ci,cert.ciandrelease.cito the new LTS release, example.Send email asking for the next release lead, example, dates for the next one can be found on the Jenkins calendar.
The text was updated successfully, but these errors were encountered: