release-tools/publish-releases.sh: New script, to publish staged releases

[levitte]

This replaces the old do_release.pl, and works with the .dat files that
stage-release.sh produces to get all the information necessary.

By design, this script only handles one type of staged releases per run;
'public', 'premium' and 'security' are staged release types, and they affect
the staging repository that's used. Upload locations / repositories are
determined from the version number of each staged release, unless given on
the command line.

Any set of release files that don't fit the chosen staged release type will
simply be ignored.

The following updates are performed:

• the source repository is updated with release commits and tag
• a github release is created in the appropriate repository
• the release files are copied to the appropriate file service directory
• omc/data is updated with added lines in newsflash.txt

The extra work surrounding security advisories is not performed by this
script at this stage. That's left for later development.

This also updates release-tools/stage-release.sh to add version information
to the metadata file that release-tools/publish-release.sh can depend on.

[levitte]

release-tools/publish-release.sh is untested, but should still be
readable enough for commentary. Please have a look and share your
thoughts!

[levitte]

I've realized that release-tools/publish-releases.sh must have a reviewer option, and must use addrev to add a reviewer record... and this actually answers the question of peer reviewing when we have this automation.

[levitte]

In all my tests, publish-releases.sh now works properly.

However, we haven't really answered how this will fit with the policy
of peer review, or if we should change that policy. For the moment,
publish-releases.sh doesn't actually offer any review possibility for
actual review, albeit it does run addrev, assuming that review has
been done.

[t8m]

The e-mail announcement for premium releases needs to be changed to something like this:

   OpenSSL version 1.0.2zh released
   ================================

   OpenSSL - The Open Source toolkit for SSL/TLS
   https://www.openssl.org/

   The OpenSSL project team is pleased to announce the release of
   version 1.0.2zh of our open source toolkit for SSL/TLS.

   OpenSSL 1.0.2zh is available for download via HTTPS from the following
   location on our support system:

   https://github.openssl.org/openssl/extended-releases/releases/tag/OpenSSL_1_0_2zh

   If you have not yet established access to our support system server,
   please contact us on osf-contact@openssl.org to arrange your set up.

   The distribution file name is:

    o openssl-1.0.2zh.tar.gz
      Size: xxxxxxx
      SHA1 checksum:  xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
      SHA256 checksum:  xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

   The checksums were calculated using the following commands:

    openssl sha1 openssl-1.0.2zh.tar.gz
    openssl sha256 openssl-1.0.2zh.tar.gz

   Yours,

   The OpenSSL Project Team.

[levitte]

The e-mail announcement for premium releases needs to be changed to something like this:

That's a change that's associated with the stage-release script, as that's the one that creates these announcement texts. Raise a separate issue for it, as it doesn't belong in this PR.

[t8m]

The e-mail announcement for premium releases needs to be changed to something like this:

That's a change that's associated with the stage-release script, as that's the one that creates these announcement texts. Raise a separate issue for it, as it doesn't belong in this PR.

OK #157

[levitte]

Unfortunately, this isn't ready yet. Some of the logic isn't quite right...
So, I'm deferring this, as I'm now going inactive for quite a bit of time.

[levitte]

I had hoped to finish this today. Unfortunately, I stumbled on
unforeseen nastiness, and will continue Sunday night or Monday
morning.

[levitte]

This is now ready for review. I haven't tested everything yet, and am
reviewing the details in the manual, but am now confident enough that
this is sane enough.

[levitte]

Of course, it's at this time that I'm realising some options aren't
quite right. Please stay tuned.

[levitte]

Change made, and this looks more sane to me

[arapov]

Looks like not needed. Candidate to be dropped.

[levitte]

I'm happy to drop it.

Something I realised on last release is that producing the draft release on github should probably be part of staging a release, leaving only pushing "Publish Release" to actual publication...

[arapov]

Became irrelevant.