kernel-sru-workflow

Differences between revisions 1 and 42 (spanning 41 versions)
Revision 1 as of 2011-03-10 11:09:32
Size: 2335
Editor: eth0
Comment:
Revision 42 as of 2011-03-11 11:10:21
Size: 8944
Editor: eth0
Comment:
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
## page was renamed from Kernel/kernel-sru-workflow.html
Line 3: Line 4:
=== Kernel SRU Workflow === == Kernel SRU Workflow (proposed) ==
Line 5: Line 6:
The kernel release tracking bug is going to be changed to facilitate better
communication between the responsible parties and clearer handoffs as the
release progresses.		 The kernel release tracking bug is going to be changed to facilitate better communication between the
responsible parties and clearer handoffs as the release progresses.
Line 9: Line 9:
We are taking advantage of existing Launchpad capabilities, though using them
in ways they were not intended.		 We are taking advantage of existing Launchpad capabilities. We will be using project series to represent
individual workflow tasks. The meaning of status is overloaded to indicate the state of the task.
Line 12: Line 12:
When a kernel release tracking bug is created, it is created against the relevant
kernel source package and nominated for the related Ubuntu series. The new process
will target the bug against an additional project, the "Kernel SRU Workflow"
project and nominate it for all the series that are defined for that project.		 When a kernel release tracking bug is created, it is created against the relevant kernel source package
and nominated for the related Ubuntu series. The new process will target the bug against an additional
project, the "Kernel SRU Workflow" project and nominate it for all the series that are defined for that
project.
Line 17: Line 17:
The "Kernel SRU Workflow" project has a number of custom "series" created for
it that represent the different stages of the kernel cadence. The different
series will be assigned to the team/person responsible for that stage. The
assignee will set the status of the "series" they are working.		 The kernel release tracking bug can be identified on the kernel SRU report page at:
http://kernel.ubuntu.com/~kernel-ppa/reports/sru-report.html
Line 22: Line 20:
||'''Series''' || '''Owner''' || '''Description'''
||Upload-to-ppa || Kernel Team || The kernel team has uploaded the source package for the release to the kernel team's ppa.
||Promote-to-proposed || Archive Admin Team || The package in the kernel team's ppa is copied to the '''proposed''' pocket in the archive.
||Verification-testing || Kernel Team || The bugs related to the release are being verified as having been fixed by the appropriate community member.
||Certification-testing || HW Certification Team || The kernel in '''proposed''' is tested via the certification tests.
||Regression-testing || QA Team || The kernel in '''proposed''' is tested for regressions.
||Promote-to-updates || Archive Admin Team || The package is copied from the '''proposed''' pocket to the '''updates''' pocket in the archive.
||Promote-to-security || Archive Admin Team || The package is copied from the '''proposed''' pocket to the '''security''' pocket in the archive.		 The "Kernel SRU Workflow" project has a number of custom "series" created for it that represent the
different stages of the kernel cadence. A "series" represents a task to be accomplished by a
team/person. The different tasks will be assigned to the team/person responsible for that stage. The
assignee will set the status of the tasks they are working.
Line 31: Line 25:
||'''Status''' || '''Description'''
||In Progress || The assigned team/person has begun the work associated with the given task.
||Invalid || The process state is not appropriate for the given kernel release.
||Fix Released || The assigned team/person has finished the task.		 An automated script will run periodicaly to monitor the current state of the
different tasks and change status when necessary. This script will be referred
to below as the '''Workflow Mgr.''' The kernel team will develop this bot.

=== The Workflow: ===
 1. The kernel team creates a tracking bug, all tasks will be set to their initial state (status: '''New''') and be assigned to the appropriate team.

 1. The kernel team sets the '''Prepare-package''' task to the in-progress state (status: '''In Progress'''). The task is reassigned to the individual working the task.

 1. The kernel team builds and uploads the source package to the kernel team ppa. Once the source package successfully builds and is ready to be copied to proposed the task state is changed to completed (status: '''Fix Released''').

 1. '''Workflow Mgr.''' detects that the state of the '''Prepare-package''' task has completed and changes the '''Promote-to-proposed''' task to its ready-to-start state (status: '''Confirmed''').

 1. An archive admin sets the '''Promote-to-proposed''' task to in-progress (status: '''In Progress''') and copies the package to the '''proposed''' pocket in the archive. The task is reassigned to the individual working the task.

 1. Once the package has been copied an stable release team member sets the '''Promote-to-proposed''' task to completed (status: '''Fix Released''').

 1. '''Workflow Mgr.''' detects that the state of the '''Promote-to-proposed''' task is now completed and changes the state of the '''Verification-testing''' task to the in-progress state (status: '''In Progress'''). (Affected bugs are marked for verification needed)

 1. Once all the bugs, requiring verification, listed in the changlog have been marked '''verification-done''', the '''Workflow Mgr.''' changes the state of the '''Certification-testing''', '''Regression-testing''' and '''Security-signoff''' tasks to the ready-to-start state (status: '''Confirmed''').

 1. When the HW Certification team detects that the '''Certification-testing''' task is in the ready-to-start state (status: '''Confirmed''') and they start testing, they change the tasks state to in-progress (status: '''In Progress'''). The task is reassigned to the individual working the task.

 1. When the QA team detects that the '''Regression-testing''' task is in the ready-to-start state (status: '''Confirmed''') and they start testing, they change the tasks state to in-progress (status: '''In Progress'''). The task is reassigned to the individual working the task.

 1. When the security team detects that the '''Security-signoff''' task is in the ready-to-start state (status: '''Confirmed'''), they change the tasks state to in-progress (status: '''In Progress'''). The task is reassigned to the individual working the task. They take care of any tasks they deem necessary prior to having an archive admin copy the release to the '''security''' pocket. If there are no CVEs, the security team sets the '''Promote-to-security''' task to the not-needed state (status: '''Invalid'''). If there are CVEs in the release and the security team has signed-off on the release being promoted to the security pocket (once all testing passes successfully) they change the status of the '''Security-signoff''' task to completed (status: '''Fix Released''').

 1. Once certification testing completes, the HW certification team changes the state of the '''Certification-testing''' task to completed (status: '''Fix Released'''). If the testing was successfull the certification team adds a '''certification-testing-passed''' tag otherwise they add a '''certification-testing-failed''' tag.
 1. Once regression testing completes, the QA test changes the state of the '''Regression-testing''' task to completed (status:'''Fix Released'''). If the testing was successfull the QA team adds a '''qa-testing-passed''' tag, otherwise they add a '''qa-testing-failed''' tag.

 1. When both the '''Certification-testing''' and '''Regression-testing''' tasks have been set to completed states (status: '''Fix Released''') and both the '''certification-testing-passed''' and '''qa-testing-passed''' tags have been added by the appropriate team, the '''Workflow Mgr.''' changes the state of the '''Promote-to-updates''' task to the ready-to-start state (status:'''Confirmed''').

 1. A stable release team member copies the package from '''proposed''' to the '''updates''' pocket in the archive and sets the '''Promote-to-updates''' task to completed (status: '''Fix Released'''). The task is reassigned to the individual working the task.

 1. If the '''Promote-to-security''' task is set to the ready-to-start state(status: '''Confirmed'''), an archive admin copies the package to the '''security''' pocket and sets the state of the '''Promote-to-security''' task to completed (status: '''Fix Released''').

'''Note:''' Some tasks can move from '''Confirmed''' straight to '''Fix Released''' depending on the amount of time/effort involved in the task.

=== An Example Tracking Bug ===
https://bugs.launchpad.net/kernel-sru-workflow/+bug/677021

=== Tasks ===
||'''Series''' || '''Owner''' || '''Description''' ||
||Prepare-package || [[https://launchpad.net/~canonical-kernel-team|Kernel Team]] || The kernel team has uploaded the source package for the release to the kernel team's ppa. ||
||Promote-to-proposed || [[https://launchpad.net/~ubuntu-sru|SRU Team]] || The package in the kernel team's ppa is copied to the '''proposed''' pocket in the archive. ||
||Verification-testing || [[https://launchpad.net/~canonical-kernel-team|Kernel Team]] || The bugs related to the release are being verified as having been fixed by the appropriate community member. ||
||Certification-testing || [[https://launchpad.net/~hardware-certification|HW Certification Team]] || The kernel in '''proposed''' is tested via the certification tests. ||
||Regression-testing || [[https://launchpad.net/~canonical-qa|QA Team]] || The kernel in '''proposed''' is tested for regressions. ||
||Promote-to-updates || [[https://launchpad.net/~ubuntu-sru|SRU Team]] || The package is copied from the '''proposed''' pocket to the '''updates''' pocket in the archive. ||
||Promote-to-security || [[https://launchpad.net/~ubuntu-sru|SRU Team]] || The package is copied from the '''proposed''' pocket to the '''security''' pocket in the archive. ||
||Security-signoff || [[https://launchpad.net/~canonical-security|Security Team]] || The security team does any validation they deem necessary and writes USN ||

=== Status ===
||'''Status''' || '''Description''' ||
||New || The initial state of the task. This is not ready for the assigned team/person to begin working on that task. ||
||Confirmed || This indicates that the prerequisites for the task to begin have been met and the task is ready to be started. ||
||In Progress || The assigned team/person has begun the work associated with the given task. ||
||Invalid || The process state is not appropriate for the given kernel release. The individual that changed the state to Invalid should reassign the task to themself. Examples of where this would be used are: When there are no CVEs fixed in the release and it is not necessary to copy the release.||
||Fix Released || The assigned team/person has finished the task. ||

Kernel SRU Workflow (proposed)

The kernel release tracking bug is going to be changed to facilitate better communication between the responsible parties and clearer handoffs as the release progresses.

We are taking advantage of existing Launchpad capabilities. We will be using project series to represent individual workflow tasks. The meaning of status is overloaded to indicate the state of the task.

When a kernel release tracking bug is created, it is created against the relevant kernel source package and nominated for the related Ubuntu series. The new process will target the bug against an additional project, the "Kernel SRU Workflow" project and nominate it for all the series that are defined for that project.

The kernel release tracking bug can be identified on the kernel SRU report page at: http://kernel.ubuntu.com/~kernel-ppa/reports/sru-report.html

The "Kernel SRU Workflow" project has a number of custom "series" created for it that represent the different stages of the kernel cadence. A "series" represents a task to be accomplished by a team/person. The different tasks will be assigned to the team/person responsible for that stage. The assignee will set the status of the tasks they are working.

An automated script will run periodicaly to monitor the current state of the different tasks and change status when necessary. This script will be referred to below as the Workflow Mgr. The kernel team will develop this bot.

The Workflow:

  1. The kernel team creates a tracking bug, all tasks will be set to their initial state (status: New) and be assigned to the appropriate team.

  2. The kernel team sets the Prepare-package task to the in-progress state (status: In Progress). The task is reassigned to the individual working the task.

  3. The kernel team builds and uploads the source package to the kernel team ppa. Once the source package successfully builds and is ready to be copied to proposed the task state is changed to completed (status: Fix Released).

  4. Workflow Mgr. detects that the state of the Prepare-package task has completed and changes the Promote-to-proposed task to its ready-to-start state (status: Confirmed).

  5. An archive admin sets the Promote-to-proposed task to in-progress (status: In Progress) and copies the package to the proposed pocket in the archive. The task is reassigned to the individual working the task.

  6. Once the package has been copied an stable release team member sets the Promote-to-proposed task to completed (status: Fix Released).

  7. Workflow Mgr. detects that the state of the Promote-to-proposed task is now completed and changes the state of the Verification-testing task to the in-progress state (status: In Progress). (Affected bugs are marked for verification needed)

  8. Once all the bugs, requiring verification, listed in the changlog have been marked verification-done, the Workflow Mgr. changes the state of the Certification-testing, Regression-testing and Security-signoff tasks to the ready-to-start state (status: Confirmed).

  9. When the HW Certification team detects that the Certification-testing task is in the ready-to-start state (status: Confirmed) and they start testing, they change the tasks state to in-progress (status: In Progress). The task is reassigned to the individual working the task.

  10. When the QA team detects that the Regression-testing task is in the ready-to-start state (status: Confirmed) and they start testing, they change the tasks state to in-progress (status: In Progress). The task is reassigned to the individual working the task.

  11. When the security team detects that the Security-signoff task is in the ready-to-start state (status: Confirmed), they change the tasks state to in-progress (status: In Progress). The task is reassigned to the individual working the task. They take care of any tasks they deem necessary prior to having an archive admin copy the release to the security pocket. If there are no CVEs, the security team sets the Promote-to-security task to the not-needed state (status: Invalid). If there are CVEs in the release and the security team has signed-off on the release being promoted to the security pocket (once all testing passes successfully) they change the status of the Security-signoff task to completed (status: Fix Released).

  12. Once certification testing completes, the HW certification team changes the state of the Certification-testing task to completed (status: Fix Released). If the testing was successfull the certification team adds a certification-testing-passed tag otherwise they add a certification-testing-failed tag.

  13. Once regression testing completes, the QA test changes the state of the Regression-testing task to completed (status:Fix Released). If the testing was successfull the QA team adds a qa-testing-passed tag, otherwise they add a qa-testing-failed tag.

  14. When both the Certification-testing and Regression-testing tasks have been set to completed states (status: Fix Released) and both the certification-testing-passed and qa-testing-passed tags have been added by the appropriate team, the Workflow Mgr. changes the state of the Promote-to-updates task to the ready-to-start state (status:Confirmed).

  15. A stable release team member copies the package from proposed to the updates pocket in the archive and sets the Promote-to-updates task to completed (status: Fix Released). The task is reassigned to the individual working the task.

  16. If the Promote-to-security task is set to the ready-to-start state(status: Confirmed), an archive admin copies the package to the security pocket and sets the state of the Promote-to-security task to completed (status: Fix Released).

Note: Some tasks can move from Confirmed straight to Fix Released depending on the amount of time/effort involved in the task.

An Example Tracking Bug

https://bugs.launchpad.net/kernel-sru-workflow/+bug/677021

Tasks

Series

Owner

Description

Prepare-package

Kernel Team

The kernel team has uploaded the source package for the release to the kernel team's ppa.

Promote-to-proposed

SRU Team

The package in the kernel team's ppa is copied to the proposed pocket in the archive.

Verification-testing

Kernel Team

The bugs related to the release are being verified as having been fixed by the appropriate community member.

Certification-testing

HW Certification Team

The kernel in proposed is tested via the certification tests.

Regression-testing

QA Team

The kernel in proposed is tested for regressions.

Promote-to-updates

SRU Team

The package is copied from the proposed pocket to the updates pocket in the archive.

Promote-to-security

SRU Team

The package is copied from the proposed pocket to the security pocket in the archive.

Security-signoff

Security Team

The security team does any validation they deem necessary and writes USN

Status

Status

Description

New

The initial state of the task. This is not ready for the assigned team/person to begin working on that task.

Confirmed

This indicates that the prerequisites for the task to begin have been met and the task is ready to be started.

In Progress

The assigned team/person has begun the work associated with the given task.

Invalid

The process state is not appropriate for the given kernel release. The individual that changed the state to Invalid should reassign the task to themself. Examples of where this would be used are: When there are no CVEs fixed in the release and it is not necessary to copy the release.

Fix Released

The assigned team/person has finished the task.

Kernel/kernel-sru-workflow (last edited 2023-12-06 20:01:36 by setuid)