The stable-maint team manages the stable branch for OpenStack core projects with the support of the core developers of those projects and the release team.
The stable branch is intended to be a safe source of fixes for high impact bugs and security issues which have been fixed on master since a given release.
Official point releases for each project are published from the branch roughly every 8 weeks, assuming enough fixes have accumulated to make the release worthwhile.
Note, that the Swift project is not included in this process because its regular releases are intended to be stable updates.
The Folsom branch (named stable/folsom) is currently actively maintained. The stable-maint team monitors the master branch for suitable fixes and backports them. The team also reviews and approves backports proposed by other developers.
The Essex branch (named stable/essex) is currently passively maintained. Fixes proposed to the branch will be approved by the essex-maint team.
The Diablo branch (named stable/diablo) is currently passively maintained. Fixes proposed to the branch will be approved by diablo-maint if the issue is particularly serious. Security fixes are a good example of the kind of fixes which are appropriate for the Diablo branch at this point. The Diablo branch is expected to reach End Of Life shortly.
OpenStack's stable branch policy borrows much from prior art. There are many projects which maintain such a branch and it's possible to build a picture of a rough consensus across these projects on how a stable branch should operate. One example of another project's policy is the Linux kernel's stable_kernel_rules.txt.
Only a limited class of changes are appropriate for inclusion on the stable branch.
A number of factors must be weighed when considering a change:
- The risk of regression - even the tiniest changes carry some risk of breaking something and we really want to avoid regressions on the stable branch
- The user visible benefit - are we fixing something that users might actually notice and, if so, how important is it?
- How self-contained the fix is - if it fixes a significant issue but also refactors a lot of code, it's probably worth thinking about what a less risky fix might look like
- Whether the fix is already on master - a change must be a backport of a change already merged onto master, unless the change simply does not make sense on master
The stable-maint team need to balance the risk of any given patch with the value that it will provide to users of the stable branch. A large, risky patch for a major data corruption issue might make sense. As might a trivial fix for a fairly obscure error handling case.
Some types of changes are completely forbidden:
- New features
- Changes to the external HTTP APIs
- Changes to Nova's internal AMQP API
- Changes to the notification definitions
- DB schema changes
- Incompatible config file changes
Each backported commit proposed to gerrit should be reviewed and +2ed by two stable-maint members before it is approved. Where a stable-maint member has backported a fix, a single other +2 is sufficient for approval.
If unsure about a given fix, stable-maint members should consult with the appropriate core developers for a more detailed technical review.
Existing core developers are greatly encouraged to join the stable-maint team in order to help with reviewing backports, judging their appropriateness for the stable branch and approving them.
Fixes for embargoed security issues receive special treatment. These should be reviewed in advance of disclosure by core developers and stable-maint. At the time of coordinated public disclosure, the fix is proposed simultaneously to master and the stable branches and immediately approved.
The stable-maint and release teams work together to publish point releases from the stable branch. See StableBranchRelease for details about how these releases are prepared.
Joining the Team
We're really keen to add more folks to the stable-maint team to help out with reviews.
All you really need is some time and the ability to apply the "safe source of high impact fixes" and "must be fixed on master first" policies. It mostly comes down to having a good sense of the risk vs benefit of applying a backport to the branch.
If you'd like to join the team, you can start by simply [+-]1ing stable branch reviews. It's best if you can add some brief thoughts to your review on why you think the fix is suitable for stable so that we know how you're applying the policy.
After doing reviews over a few weeks, post to the openstack-stable-maint list and ask to be added.
Anyone can propose a cherry-pick to the stable-maint team.
One way is that if a bug in launchpad looks like a good candidate for backporting - e.g. if it's a significant bug with the previous release - then just nominating the bug for the folsom series will bring it to the attention of the maintainers e.g. for nova.
If you don't have the appropriate permissions to nominate the bug, then tagging it with folsom-backport-potential is also sufficient e.g. for nova.
If the patch you're proposing will not cherry-pick cleanly, you can help by resolving the conflicts yourself and proposing the resulting patch. You can use git-review to propose a change to the stable branch with:
$> git cherry-pick -x $master_commit_d $> git review stable/folsom
Failing all that, just ping one of the team and mention that you think the bug/commit is a good candidate.
If you want to be notified of these patches you can create a watch on this screen: https://review.openstack.org/#settings,projects with the settings:
Project Name: All-Projects Only If: branch:stable/folsom
Then check the "Email Notifications - New Changes" checkbox. That will cause gerrit to send an email whenever a matching change is proposed, and better yet, the change shows up in your 'watched changes' list in gerrit.
When cherry-picking a commit, keep the original
Change-Id and gerrit will show a separate review for the stable branch while still allowing you to use the
Change-Id to see all the reviews associated with it. See this change as an example.
Bugs tagged with folsom-backport-potential are bugs which apply to the stable release and may be suitable for backporting once fixed. Once the backport has been proposed, the tag should be removed.
Gerrit tags bugs with in-stable-folsom when they are merged into the stable branch. The release manager later removes the tag when the bug is targeted to the appropriate series.