[build] cmd/relui: add metadata-based security comm fetching for RC releases

0 views
Skip to first unread message

Dmitri Shuralyov (Gerrit)

unread,
Jun 30, 2026, 3:14:18 PM (9 hours ago) Jun 30
to Junyang Shao, goph...@pubsubhelper.golang.org, Neal Patel, Dmitri Shuralyov, golang-co...@googlegroups.com
Attention needed from Junyang Shao

Dmitri Shuralyov has uploaded the change for review

Dmitri Shuralyov would like Junyang Shao to review this change.

Commit message

cmd/relui: add metadata-based security comm fetching for RC releases

This has been working well for the "two minor releases" relui workflow.
Continue by making it available in "next RC" relui workflow next.

For golang/go#79037.
Change-Id: Idad7bfc19ab7dd94610842024933d64d80de2bf1

Change diff

diff --git a/internal/relui/workflows.go b/internal/relui/workflows.go
index 761e297..64160bd 100644
--- a/internal/relui/workflows.go
+++ b/internal/relui/workflows.go
@@ -406,19 +406,21 @@
return err
}
type release struct {
- major int
- kind task.ReleaseKind
- suffix string
+ major int
+ kind task.ReleaseKind
+ suffix string
+ useMetadata bool
}
releases := []release{
- {currentMajor + 1, task.KindMajor, "final"},
- {currentMajor + 1, task.KindRC, "next RC"},
- {currentMajor + 1, task.KindBeta, "next beta"},
- {currentMajor, task.KindMinor, "next minor"}, // Current minor only.
- {currentMajor - 1, task.KindMinor, "next minor"}, // Previous minor only.
+ {currentMajor + 1, task.KindMajor, "final", false},
+ {currentMajor + 1, task.KindRC, "next RC (manually input security comms)", false},
+ {currentMajor + 1, task.KindRC, "next RC (metadata-based security comms)", true},
+ {currentMajor + 1, task.KindBeta, "next beta", false},
+ {currentMajor, task.KindMinor, "next minor", false}, // Current minor only.
+ {currentMajor - 1, task.KindMinor, "next minor", false}, // Previous minor only.
}
if time.Since(majorReleaseTime) < 7*24*time.Hour {
- releases = append(releases, release{currentMajor, task.KindMajor, "final"})
+ releases = append(releases, release{currentMajor, task.KindMajor, "final", false})
}
for _, r := range releases {
wd := wf.New(wf.ACL{Groups: []string{groups.ReleaseTeam}})
@@ -430,8 +432,14 @@
securitySummary := wf.Const("")
securityFixes := wf.Slice[string]()
if r.kind == task.KindMinor || r.kind == task.KindRC {
- securitySummary = wf.Param(wd, securitySummaryParameter)
- securityFixes = wf.Param(wd, securityFixesParameter)
+ if r.useMetadata {
+ milestoneNum := wf.Param(wd, task.SecurityMilestoneParameter)
+ securitySummary = wf.Task1(wd, "Get short security content summary from metadata", comm.GetSecuritySummary, milestoneNum)
+ securityFixes = wf.Task1(wd, "Get security release notes from metadata", comm.GetSecurityReleaseNotes, milestoneNum)
+ } else {
+ securitySummary = wf.Param(wd, securitySummaryParameter)
+ securityFixes = wf.Param(wd, securityFixesParameter)
+ }
}
addCommTasks(wd, build, comm, r.kind, wf.Slice(published), securitySummary, securityFixes, coordinators)
if r.major >= currentMajor {

Change information

Files:
  • M internal/relui/workflows.go
Change size: S
Delta: 1 file changed, 19 insertions(+), 11 deletions(-)
Open in Gerrit

Related details

Attention is currently required from:
  • Junyang Shao
Submit Requirements:
  • requirement is not satisfiedCode-Review
  • requirement satisfiedNo-Unresolved-Comments
  • requirement is not satisfiedReview-Enforcement
  • requirement is not satisfiedTryBots-Pass
Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
Gerrit-MessageType: newchange
Gerrit-Project: build
Gerrit-Branch: master
Gerrit-Change-Id: Idad7bfc19ab7dd94610842024933d64d80de2bf1
Gerrit-Change-Number: 795800
Gerrit-PatchSet: 1
Gerrit-Owner: Dmitri Shuralyov <dmit...@golang.org>
Gerrit-Reviewer: Dmitri Shuralyov <dmit...@golang.org>
Gerrit-Reviewer: Junyang Shao <shaoj...@google.com>
Gerrit-CC: Neal Patel <neal...@google.com>
Gerrit-Attention: Junyang Shao <shaoj...@google.com>
unsatisfied_requirement
satisfied_requirement
open
diffy

Dmitri Shuralyov (Gerrit)

unread,
Jun 30, 2026, 3:19:18 PM (9 hours ago) Jun 30
to Dmitri Shuralyov, goph...@pubsubhelper.golang.org, golang...@luci-project-accounts.iam.gserviceaccount.com, Junyang Shao, Neal Patel, golang-co...@googlegroups.com
Attention needed from Junyang Shao

Dmitri Shuralyov voted Code-Review+1

Code-Review+1
Open in Gerrit

Related details

Attention is currently required from:
  • Junyang Shao
Submit Requirements:
  • requirement is not satisfiedCode-Review
  • requirement satisfiedNo-Unresolved-Comments
  • requirement is not satisfiedReview-Enforcement
  • requirement is not satisfiedTryBots-Pass
Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
Gerrit-MessageType: comment
Gerrit-Project: build
Gerrit-Branch: master
Gerrit-Change-Id: Idad7bfc19ab7dd94610842024933d64d80de2bf1
Gerrit-Change-Number: 795800
Gerrit-PatchSet: 1
Gerrit-Owner: Dmitri Shuralyov <dmit...@golang.org>
Gerrit-Reviewer: Dmitri Shuralyov <dmit...@golang.org>
Gerrit-Reviewer: Dmitri Shuralyov <dmit...@google.com>
Gerrit-Reviewer: Junyang Shao <shaoj...@google.com>
Gerrit-CC: Neal Patel <neal...@google.com>
Gerrit-Attention: Junyang Shao <shaoj...@google.com>
Gerrit-Comment-Date: Tue, 30 Jun 2026 19:19:15 +0000
Gerrit-HasComments: No
Gerrit-Has-Labels: Yes
unsatisfied_requirement
satisfied_requirement
open
diffy

Junyang Shao (Gerrit)

unread,
Jun 30, 2026, 3:23:09 PM (9 hours ago) Jun 30
to Dmitri Shuralyov, goph...@pubsubhelper.golang.org, Dmitri Shuralyov, golang...@luci-project-accounts.iam.gserviceaccount.com, Neal Patel, golang-co...@googlegroups.com
Attention needed from Dmitri Shuralyov

Junyang Shao voted and added 1 comment

Votes added by Junyang Shao

Code-Review+2

1 comment

Patchset-level comments
File-level comment, Patchset 1 (Latest):
Junyang Shao . resolved

Lovely!

Open in Gerrit

Related details

Attention is currently required from:
  • Dmitri Shuralyov
Submit Requirements:
  • requirement satisfiedCode-Review
  • requirement satisfiedNo-Unresolved-Comments
  • requirement satisfiedReview-Enforcement
  • requirement is not satisfiedTryBots-Pass
Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
Gerrit-MessageType: comment
Gerrit-Project: build
Gerrit-Branch: master
Gerrit-Change-Id: Idad7bfc19ab7dd94610842024933d64d80de2bf1
Gerrit-Change-Number: 795800
Gerrit-PatchSet: 1
Gerrit-Owner: Dmitri Shuralyov <dmit...@golang.org>
Gerrit-Reviewer: Dmitri Shuralyov <dmit...@golang.org>
Gerrit-Reviewer: Dmitri Shuralyov <dmit...@google.com>
Gerrit-Reviewer: Junyang Shao <shaoj...@google.com>
Gerrit-CC: Neal Patel <neal...@google.com>
Gerrit-Attention: Dmitri Shuralyov <dmit...@golang.org>
Gerrit-Comment-Date: Tue, 30 Jun 2026 19:23:07 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: Yes
satisfied_requirement
unsatisfied_requirement
open
diffy

Dmitri Shuralyov (Gerrit)

unread,
Jun 30, 2026, 4:13:56 PM (8 hours ago) Jun 30
to Dmitri Shuralyov, goph...@pubsubhelper.golang.org, golang...@luci-project-accounts.iam.gserviceaccount.com, Junyang Shao, Dmitri Shuralyov, Neal Patel, golang-co...@googlegroups.com

Dmitri Shuralyov voted and added 1 comment

Votes added by Dmitri Shuralyov

Auto-Submit+1

1 comment

Patchset-level comments
Dmitri Shuralyov . resolved

Thanks.

Open in Gerrit

Related details

Attention set is empty
Submit Requirements:
    • requirement satisfiedCode-Review
    • requirement satisfiedNo-Unresolved-Comments
    • requirement satisfiedReview-Enforcement
    • requirement satisfiedTryBots-Pass
    Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
    Gerrit-MessageType: comment
    Gerrit-Project: build
    Gerrit-Branch: master
    Gerrit-Change-Id: Idad7bfc19ab7dd94610842024933d64d80de2bf1
    Gerrit-Change-Number: 795800
    Gerrit-PatchSet: 1
    Gerrit-Owner: Dmitri Shuralyov <dmit...@golang.org>
    Gerrit-Reviewer: Dmitri Shuralyov <dmit...@golang.org>
    Gerrit-Reviewer: Dmitri Shuralyov <dmit...@google.com>
    Gerrit-Reviewer: Junyang Shao <shaoj...@google.com>
    Gerrit-CC: Neal Patel <neal...@google.com>
    Gerrit-Comment-Date: Tue, 30 Jun 2026 20:13:52 +0000
    Gerrit-HasComments: Yes
    Gerrit-Has-Labels: Yes
    satisfied_requirement
    open
    diffy

    Gopher Robot (Gerrit)

    unread,
    Jun 30, 2026, 4:15:31 PM (8 hours ago) Jun 30
    to Dmitri Shuralyov, goph...@pubsubhelper.golang.org, golang-...@googlegroups.com, golang...@luci-project-accounts.iam.gserviceaccount.com, Junyang Shao, Dmitri Shuralyov, Neal Patel, golang-co...@googlegroups.com

    Gopher Robot submitted the change

    Change information

    Commit message:
    cmd/relui: add metadata-based security comm fetching for RC releases

    This has been working well for the "two minor releases" relui workflow.
    Continue by making it available in "next RC" relui workflow next.

    For golang/go#79037.
    Change-Id: Idad7bfc19ab7dd94610842024933d64d80de2bf1
    Files:
    • M internal/relui/workflows.go
    Change size: S
    Delta: 1 file changed, 19 insertions(+), 11 deletions(-)
    Branch: refs/heads/master
    Submit Requirements:
    Open in Gerrit
    Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
    Gerrit-MessageType: merged
    Gerrit-Project: build
    Gerrit-Branch: master
    Gerrit-Change-Id: Idad7bfc19ab7dd94610842024933d64d80de2bf1
    Gerrit-Change-Number: 795800
    Gerrit-PatchSet: 2
    Gerrit-Owner: Dmitri Shuralyov <dmit...@golang.org>
    Gerrit-Reviewer: Dmitri Shuralyov <dmit...@golang.org>
    Gerrit-Reviewer: Dmitri Shuralyov <dmit...@google.com>
    Gerrit-Reviewer: Gopher Robot <go...@golang.org>
    open
    diffy
    satisfied_requirement
    Reply all
    Reply to author
    Forward
    0 new messages