Skip to content

Latest commit

 

History

History
123 lines (85 loc) · 7.22 KB

RELEASE.md

File metadata and controls

123 lines (85 loc) · 7.22 KB

Falco Release Process

Our release process is mostly automated, but we still need some manual steps to initiate and complete it.

Changes and new features are grouped in milestones, the milestone with the next version represents what is going to be released.

Falco releases are due to happen 3 times per year. Our current schedule sees a new release by the end of January, May, and September each year. Hotfix releases can happen whenever it's needed.

Moreover, we need to assign owners for each release (usually we pair a new person with an experienced one). Assignees and the due date are proposed during the weekly community call.

Finally, on the proposed due date the assignees for the upcoming release proceed with the processes described below.

Pre-Release Checklist

Before cutting a release we need to do some homework in the Falco repository. This should take 5 minutes using the GitHub UI.

1. Release notes

  • Find the previous release date (YYYY-MM-DD) by looking at the Falco releases
  • Check the release note block of every PR matching the is:pr is:merged closed:>YYYY-MM-DD filter
    • Ensure the release note block follows the commit convention, otherwise fix its content
    • If the PR has no milestone, assign it to the milestone currently undergoing release
  • Check issues without a milestone (using is:pr is:merged no:milestone closed:>YYYY-MM-DD filter ) and add them to the milestone currently undergoing release
  • Double-check that there are no more merged PRs without the target milestone assigned with the is:pr is:merged no:milestone closed:>YYYY-MM-DD filter, if any, update those missing

2. Milestones

3. Release PR

  • Double-check if any hard-coded version number is present in the code, it should be not present anywhere:
    • If any, manually correct it then open an issue to automate version number bumping later
    • Versions table in the README.md updates itself automatically
  • Generate the change log using rn2md:
    • Execute rn2md -o falcosecurity -m <version> -r falco
    • In case rn2md emits error try to generate an GitHub OAuth access token and provide it with the -t flag
  • Add the latest changes on top the previous CHANGELOG.md
  • Submit a PR with the above modifications
  • Await PR approval
  • Close the completed milestone as soon as the PR is merged

Release

Now assume x.y.z is the new version.

1. Create a tag

  • Once the release PR has got merged, and the CI has done its job on the master, git tag the new release

    git pull
    git checkout master
    git tag x.y.z
    git push origin x.y.z
    

N.B.: do NOT use an annotated tag. For reference https://git-scm.com/book/en/v2/Git-Basics-Tagging

  • Wait for the CI to complete

2. Update the GitHub release

  • Draft a new release

  • Use x.y.z both as tag version and release title

  • Use the following template to fill the release description:

    <!-- Substitute x.y.z with the current release version -->
    
    | Packages | Download                                                                                                                                               |
    | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------ |
    | rpm-x86_64      | [![rpm](https://img.shields.io/badge/Falco-x.y.z-%2300aec7?style=flat-square)](https://download.falco.org/packages/rpm/falco-x.y.z-x86_64.rpm)        |
    | deb-x86_64      | [![deb](https://img.shields.io/badge/Falco-x.y.z-%2300aec7?style=flat-square)](https://download.falco.org/packages/deb/stable/falco-x.y.z-x86_64.deb) |
    | tgz-x86_64      | [![tgz](https://img.shields.io/badge/Falco-x.y.z-%2300aec7?style=flat-square)](https://download.falco.org/packages/bin/x86_64/falco-x.y.z-x86_64.tar.gz) |
    | rpm-aarch64      | [![rpm](https://img.shields.io/badge/Falco-x.y.z-%2300aec7?style=flat-square)](https://download.falco.org/packages/rpm/falco-x.y.z-aarch64.rpm)        |
    | deb-aarch64      | [![deb](https://img.shields.io/badge/Falco-x.y.z-%2300aec7?style=flat-square)](https://download.falco.org/packages/deb/stable/falco-x.y.z-aarch64.deb) |
    | tgz-aarch64      | [![tgz](https://img.shields.io/badge/Falco-x.y.z-%2300aec7?style=flat-square)](https://download.falco.org/packages/bin/aarch64/falco-x.y.z-aarch64.tar.gz) |
    
    | Images                                                                      |
    | --------------------------------------------------------------------------- |
    | `docker pull docker.io/falcosecurity/falco:x.y.z`                           |
    | `docker pull public.ecr.aws/falcosecurity/falco:x.y.z`                      |
    | `docker pull docker.io/falcosecurity/falco-driver-loader:x.y.z`             |
    | `docker pull docker.io/falcosecurity/falco-no-driver:x.y.z`                 |
    
    <changelog>
    
    <!-- Substitute <changelog> with the one generated by [rn2md](https://github.com/leodido/rn2md) -->
    
    ### Statistics
    
    | Merged PRs      | Number |
    | --------------- | ------ |
    | Not user-facing | x      |
    | Release note    | x      |
    | Total           | x      |
    
    <!-- Calculate stats and fill the above table -->
    
    #### Release Manager <github handle>
    
    <!-- Substitute GitHub handle with the release manager's one -->
    
  • Finally, publish the release!

3. Update the meeting notes

For each release we archive the meeting notes in git for historical purposes.

  • The notes from the Falco meetings can be found here.
    • Note: There may be other notes from working groups that can optionally be added as well as needed.
  • Add the entire content of the document to a new file in github.com/falcosecurity/community/tree/master/meeting-notes as a new file labeled release-x.y.z.md
  • Open up a pull request with the new change.

Post-Release tasks

Announce the new release to the world!