Skip to content

CXX-3008 Add post-release instructions for Silk, Snyk, and patch release tags #1148

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Jun 18, 2024
Merged

CXX-3008 Add post-release instructions for Silk, Snyk, and patch release tags #1148

merged 5 commits into from
Jun 18, 2024

Conversation

eramongodb
Copy link
Contributor

Adds additional steps following creation of a new release branch releases/vX.Y to ensure Silk and Snyk are aware of, and continue analyzing, the release branch.

Silk commands defer to scripts in the C Driver introduced by mongodb/mongo-c-driver#1619 to minimize redundancy. The CXX Driver will ideally adopt and reuse the same scripts as those used by libmongocrypt and the C Driver.

Snyk commands use the changes proposed in mongodb/libmongocrypt#820 as reference. Note: Snyk does not appear to be able to detect the mnmlstc/core library despite --detection-depth, so a Snyk support ticket may be necessary.

Additionally, a new "merge back into master" branch is added to release instructions to ensure patch release tags are reachable from the latest commit in master. This enables support for accurate git describe --tags results as is used by Coverity nightly snapshot labels, abi-compliance-checker HTML compatibility reports, and eventually the calc_release_version.py script (significant simplifications incoming). This step is not expected to affect the current implementation of calc_release_version.py: it should continue to return the correct latest tag as intended.

@eramongodb eramongodb self-assigned this Jun 14, 2024
@eramongodb
Copy link
Contributor Author

Snyk support ticket for mnmlstc/core detection support has been submitted.

kevinAlbs
kevinAlbs reviewed Jun 17, 2024
View reviewed changes
@eramongodb eramongodb requested a review from kevinAlbs June 17, 2024 15:40
vector-of-bool
vector-of-bool approved these changes Jun 18, 2024
View reviewed changes
Copy link
Contributor

@vector-of-bool vector-of-bool left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@eramongodb eramongodb merged commit 308468b into mongodb:master Jun 18, 2024
69 of 78 checks passed
@eramongodb eramongodb deleted the cxx-ssdlc branch June 18, 2024 16:53
@eramongodb eramongodb mentioned this pull request Jun 18, 2024
Merged
eramongodb added a commit that referenced this pull request Jun 24, 2024
@eramongodb
CXX-3008 Add post-release instructions for Silk, Snyk, and patch rele…
1f9a7bc 
…ase tags (#1148)

* CXX-3008 Add instructions to create new Silk/Snyk target reference post-release

* Add new post-patch-release merge commit to release instructions

* Move Silk credentials to .secrets in instructions
@eramongodb eramongodb mentioned this pull request Jun 25, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kevinAlbs kevinAlbs kevinAlbs approved these changes

@vector-of-bool vector-of-bool vector-of-bool approved these changes

Assignees

@eramongodb eramongodb

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@eramongodb @kevinAlbs @vector-of-bool