PolicyBot: Design and implement release checklists #14891
Labels
lifecycle/automatically-closed
Indicates a PR or issue that has been closed automatically.
Milestone
We have several multi-step processes we need to follow and repeat for every major release, every patch release, and every CVE. We should provide a lightweight infrastructure to track these to-do lists and make sure we do everything we should be doing.
Imagine a UI where the user selects one of:
Track New Major Release
Track New Minor Release
Track CVE
Clicking on one of these creates a new record that keeps track of the individual steps for each processes. You could list all existing records, add and remove records.
Within a record's page, the user would be presented with a set of todo items with checkboxes and text boxes. For example, for a release you might have:
Create release notes
Post announcement to Slack
Post announcement to Twitter
Post announcement to discuss.istio.io
The "Create release notes" item would have a checkbox and a text field. The text field lets the user enter the URL to the release note page.
Clicking a checkbox for an item marks the item complete and records the GitHub ID of the user having checked the box.
Once all items in a record are completed, the record can be archived at which point it becomes read-only.
It's also possible to mark individual checklist entries as "n/a", indicating they don't apply for this record.
Tracking the CVE process in this mechanism requires some privacy. CVE records, once created, need to have constrained visibility until they are archived (indicating the CVE is addressed)
@fpesce @duderino FYI
The text was updated successfully, but these errors were encountered: