[build] cmd/relui: add metadata-based security comm fetching for minor releases
0 views
Skip to first unread message
Gopher Robot (Gerrit)
Apr 29, 2026, 5:23:25 PM (19 hours ago) Apr 29
to Dmitri Shuralyov, goph...@pubsubhelper.golang.org, golang-...@googlegroups.com, golang...@luci-project-accounts.iam.gserviceaccount.com, Dmitri Shuralyov, Michael Pratt, Neal Patel, golang-co...@googlegroups.com
Gopher Robot submitted the change with unreviewed changes![]( "Open in Gerrit")
Unreviewed changes
1 is the latest approved patch-set.
The change was submitted with unreviewed changes in the following files:
```
The name of the file: internal/task/announce_test.go
Insertions: 2, Deletions: 2.
@@ -715,7 +715,7 @@
const milestoneYAML = `id: 99915010
security_patches:
- id: 20024001
- package: image/png
+ package: encoding/pem
track: PUBLIC
changelists:
- https://go.dev/cl/123456
@@ -731,7 +731,7 @@
- go1.3.1
- go1.4.1
- id: 40027190
- package: runtime
+ package: cmd/go
track: PRIVATE
changelists:
- https://go-internal-review.git.corp.google.com/c/security-metadata/+/1234
```
```
The name of the file: internal/task/security_release_coalesce.go
Insertions: 4, Deletions: 2.
@@ -27,8 +27,10 @@
SecurityMilestoneParameter = wf.ParamDef[string]{
Name: "Release Milestone",
ParamType: wf.BasicString,
- Doc: `Release milestone for the security patch(es) being included in a Go release.`,
- Example: "123456",
+ Doc: `Release Milestone is the security-metadata milestone for the security patch(es) being included in a Go release.
+
+You can check with the security release coordinator for this release to confirm this input.`,
+ Example: "123456",
Check: func(num string) error {
if !numOnlyRE.MatchString(num) {
return errors.New("milestone number must contain only numbers")
```
```
The name of the file: internal/task/announce.go
Insertions: 2, Deletions: 2.
@@ -923,8 +923,8 @@
return SentMail{m.Subject, sentMailKeywords}, nil
}
-// SecurityCommunicationTasks contains tasks related to the communication regarding
-// releases containing security fixes.
+// SecurityCommunicationTasks contains communication tasks
+// relevant to Go releases containing security fixes.
type SecurityCommunicationTasks struct {
PrivateGerrit GerritClient
}
```
Change information
Commit message:
cmd/relui: add metadata-based security comm fetching for minor releases
Start with the "two minor releases" relui workflow, the most common one.
For now, the secuity comms are fetched at the start of the workflow,
which is very similar to what happened when these were manually-entered
inputs needed to start the workflow. Later on we can defer fetching the
security comms until they're needed, after the 'Wait to Announce' step.
Or better yet, we'll fetch them at the workflow start (to confirm that
they're available) and again right when they're needed, so that typo
fixes can be applied to security-metadata without needing to restart
the relui release workflow. (This is similar to how release-blocking
issues are checked at the start and later on re-checked again.)
For golang/go#79037.
Change-Id: I91645fef7b10deff5ca72888c13958c398f0c9f8
Reviewed-on: https://go-review.googlesource.com/c/build/+/772300
Reviewed-by: Michael Pratt <mpr...@google.com>
Reviewed-by: Dmitri Shuralyov <dmit...@google.com>
Auto-Submit: Dmitri Shuralyov <dmit...@golang.org>
LUCI-TryBot-Result: golang...@luci-project-accounts.iam.gserviceaccount.com <golang...@luci-project-accounts.iam.gserviceaccount.com>
Files:
- M cmd/relui/main.go
- M internal/relui/workflows.go
- M internal/task/announce.go
- M internal/task/announce_test.go
- M internal/task/privx.go
- M internal/task/security_release_coalesce.go
- M internal/task/security_release_coalesce_test.go
- M internal/task/task.go
Change size: M
Delta: 8 files changed, 171 insertions(+), 60 deletions(-)
Branch: refs/heads/master
Submit Requirements:
Code-Review: +2 by Michael Pratt, +1 by Dmitri Shuralyov
TryBots-Pass: LUCI-TryBot-Result+1 by golang...@luci-project-accounts.iam.gserviceaccount.com
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Reply all
Reply to author
Forward
0 new messages