Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

x/build/cmd/relui: improve security release automation #59717

Open
heschi opened this issue Apr 19, 2023 · 4 comments
Open

x/build/cmd/relui: improve security release automation #59717

heschi opened this issue Apr 19, 2023 · 4 comments
Assignees
@rolandshoemaker
Labels
Builders x/build issues (builders, bots, dashboards) NeedsFix The path to resolution is known, but the work has not been done.
Milestone
Unreleased

Comments

@heschi
Copy link
Contributor

heschi commented Apr 19, 2023

Doing a security release involves quite a bit of manual work from the release coordinator. For an initial cut, let's see if we can automate assembling the internal commits into a branch, and exporting the changes from that branch on release day.
@gopherbot gopherbot added the Builders x/build issues (builders, bots, dashboards) label Apr 19, 2023
@gopherbot gopherbot added this to the Unreleased milestone Apr 19, 2023
@gopherbot
Copy link

Change https://go.dev/cl/486515 mentions this issue: internal/task: create a basic Git wrapper, use it for the fake Gerrit

@gopherbot
Copy link

Change https://go.dev/cl/486575 mentions this issue: cmd/relui,internal/task: add workflow for re-syncing go-private master

@cagedmantis
Copy link
Contributor

We should consider automating the process where we replace the placeholder text for the GitHub issues with the actual security notice automatically.

gopherbot pushed a commit to golang/build that referenced this issue Jul 28, 2023
@heschi @gopherbot
internal/task: create a basic Git wrapper, use it for the fake Gerrit
1bc26f3 
For golang/go#59717

Change-Id: Ie0e01a82a5acebf279c1f770dee53f37fc4e7800
Reviewed-on: https://go-review.googlesource.com/c/build/+/486515
Run-TryBot: Heschi Kreinick <heschi@google.com>
Auto-Submit: Heschi Kreinick <heschi@google.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
@gopherbot
Copy link

Change https://go.dev/cl/515075 mentions this issue: internal/task: create a basic Git wrapper, use it for the fake Gerrit

@dmitshur dmitshur added the NeedsFix The path to resolution is known, but the work has not been done. label Aug 2, 2023
gopherbot pushed a commit to golang/build that referenced this issue Aug 2, 2023
@heschi @gopherbot
internal/task: create a basic Git wrapper, use it for the fake Gerrit
c449222 
This is a second attempt at CL 486515, which was rolled back in CL
514016. Now with configuration settings in tests!

For golang/go#59717

Change-Id: I71747e6395a260ba04292e04b1c18a209ff50b2e
Reviewed-on: https://go-review.googlesource.com/c/build/+/515075
Auto-Submit: Heschi Kreinick <heschi@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
Run-TryBot: Heschi Kreinick <heschi@google.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
gopherbot pushed a commit to golang/build that referenced this issue Sep 8, 2023
@rolandshoemaker
cmd/relui,internal/task: add workflow for re-syncing go-private master
b48717b 
This is currently a manual process that requires a high-priv grant, a
workflow significantly reduces the likelihood of getting this wrong. It
also lets us use a cron-like schedule to automate these updates.

Updates golang/go#59717

Change-Id: Iff7ce7c37f2ecd9dfee79ee8e80cfb98810011e6
Reviewed-on: https://go-review.googlesource.com/c/build/+/486575
Run-TryBot: Roland Shoemaker <roland@golang.org>
Reviewed-by: Heschi Kreinick <heschi@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
@heschi heschi removed their assignment Nov 22, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rolandshoemaker rolandshoemaker

Labels
Builders x/build issues (builders, bots, dashboards) NeedsFix The path to resolution is known, but the work has not been done.
Projects
Go Release
Status: Planned
Milestone
Unreleased
Development

No branches or pull requests
5 participants
@cagedmantis @dmitshur @rolandshoemaker @gopherbot @heschi