Hi, we have currently a production-stable branch which is private; it is maintained with CP's and merges during a cycle and discarded every time we bring db-stable into play.
I'd like to suggest that we make a few changes here as RFWTAD progresses. Firstly, I think that security patches which have never been public are really very very rare: we can make the process for dealing with them a little more complex, and make the common case much simpler, for an overall net win. Once we have qastaging live, we're going to be switching deployments to edge that haven't been QA'd, off. QA will be moving to qastaging. At that point, if we want to, we can simply stop using production-devel and production-stable. Here's how it would work. We deploy stable rather than production-stable to servers. This would mean no more CP's - only cowboys and deploys. We shouldn't need CP's because we have the QA process Maris mailed out for moving things on stable into production. And at that point, if we have a security issue we have to deploy asap; we'd do the following: - cowboy it out there [and keep it as a cowboy on future deploys] - land a regular branch fixing it for good - remove the cowboy when the regular branch has been incorporated into the main deployed codebase. This would chop 4 hours off the time that things take to deploy, remove one buildbot queue and generally make the whole code->live story a bit simpler, at the cost of making the security-fix story more complex. Personally, I think that that is a net win. Seeking-your-thoughts, Rob _______________________________________________ Mailing list: https://launchpad.net/~launchpad-dev Post to : [email protected] Unsubscribe : https://launchpad.net/~launchpad-dev More help : https://help.launchpad.net/ListHelp
