...
Besu currently does branch based release strategy, using a proprietary tool developed by ConsenSys. Regardless of the branch being released from, a new release branch is created and pushed to origin. This triggers an additional (arguably unnecessary) build PR for the merge back to the “releasing branch” (master, release-<calver>, etc). It also forces a “quiet period” where we do not / cannot merge to the branch-to-release. The branch based flow also submits an additional post-release PR to merge the next project version property (so that build artifacts are <next-calver>-SNAPSHOT).
Lastly, this This process requires at least 2 contributors to complete the release process because 2 rounds of PR approvals are necessary to proceed. The requirement for more than one person to participate is an important feature of this process which we want to preserve.
Overall, the branch flow requires 3 CI builds and 2 PR approvals to complete a release. It seems that this flow was built to support quarterly releases, but was generalized for regular releases also.
While there does exist a proprietary tool by ConsenSys that can be used to facilitate the release, it is not necessary. The simplest possible release process under the current status quo would look like:
- Preparing release source:
- For a point release from a release branch (21.10.7 is the example used below):
- Make a source branch containing all the commits to be released, rooted on previous release commit.
- Open a PR into the previous release, causing it to be tested by CI. This can and should happen in advance of the release for team review. Hopefully this is the hardest part of the process.
- Add a final commit, that changes the version to the next one being released, usually just removing SNAPSHOT.
- release from mainline
- Make a release branch which points to the commit on main to be released.
- Add a final commit, that changes the version to the next one being released.
- For a point release from a release branch (21.10.7 is the example used below):
- PR opened from the source into either a release or main branch, when merged, that is the signal to deploy the artifacts. The release/main branch is run through the CI process. Example https://github.com/hyperledger/besu/pull/3278
- Let that build, and the branch name will allow the
publish
job to run. Artifacts should be pushed to the following places: - During the
dockerPublish
job, the docker image is built and tagged with this release number. - Theoretically, the release is done, and the versioned artifacts have been released and are all publicly available. For instance, any docker stacks running something like Watchtower, will detect a new latest build and deploy it.
- Releaser publicizes the release by drafting a release on the github project page.
- Release is named after the version number.
- The Changelog from the Changelog file in source control is pasted into the description.
- Direct links to the .tar and .zip are included, as well as the corresponding SHA-256 hashes for each binary.
- PROBLEM: if the releaser doesn't download the artifacts from the right section of artifactory (which is https://hyperledger.jfrog.io/artifactory/besu-binaries/besu/), but instead used the /ui/native/... URLs from artifactory, curl will return the intermediate hash pages and your hashes will be all wrong.
- This will trigger even more reactions from interested automation. For instance, beaconchain watches for these releases, and sends out notifications to users who want to be updated.
- Documentation is released - this is already tag based!
- https://lf-hyperledger.atlassian.net/wiki/display/BESU/Documentation+release+process
- https://github.com/hyperledger/besu-docs/releases/tag/21.10.7
- creating the release in github, creates the tag, which triggers the release and deployment of docs to readthedocs.org
- Homebrew release
- releaser updates besu.rb in https://github.com/hyperledger/homebrew-besu to the latest calver of the artifact, and corresponding hash.
- PR is opened into main.
- Once approved and merged, the tap is considered updated, and homebrew users will now get the configured version on update.
Perfect Scenario
Any 2 authorized individuals (TBD) can inspect a proposed release candidate, and upon approval the binary goes unchanged into the GitHub release page, and any other supported artifact distribution systems.
...