diff options
| author | Brandon Philips <brandon.philips@coreos.com> | 2017-04-01 10:22:05 +0200 |
|---|---|---|
| committer | Brandon Philips <brandon.philips@coreos.com> | 2017-04-01 10:22:05 +0200 |
| commit | 92536ab7f939b4613c7f9735e9bb2d7509abea0e (patch) | |
| tree | 86c555e5d57060e20e5a466f45f73bfee3db1844 | |
| parent | 4052513581bb98037309abed3151475965fcddb8 (diff) | |
devel: add recommended time to release process
I am simply copying Golang which has selected a reasonable time: https://groups.google.com/forum/#!topic/golang-announce/YOqTqcJtiJI
| -rw-r--r-- | contributors/devel/security-release-process.md | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/contributors/devel/security-release-process.md b/contributors/devel/security-release-process.md index d78c7671..8c01f14e 100644 --- a/contributors/devel/security-release-process.md +++ b/contributors/devel/security-release-process.md @@ -88,7 +88,7 @@ The communication to users should be actionable. They should know when to block - The Fix Lead will cherry-pick the patches onto the master branch and all relevant release branches. The Fix Team will LGTM and merge. - The Release Managers will merge these PRs as quickly as possible. Changes shouldn't be made to the commits even for a typo in the CHANGELOG as this will change the git sha of the already built and commits leading to confusion and potentially conflicts as the fix is cherry-picked around branches. - The Fix Lead will request a CVE from [DWF](https://github.com/distributedweaknessfiling/DWF-Documentation) and include the CVSS and release details. -- The Fix Lead will email kubernetes-{dev,users,announce,security-announce}@googlegroups.com now that everything is public announcing the new releases, the CVE number, the location of the binaries, and the relevant merged PRs to get wide distribution and user action. As much as possible this email should be actionable and include links how to apply the fix to users environments; this can include links to external distributor documentation. +- The Fix Lead will email kubernetes-{dev,users,announce,security-announce}@googlegroups.com now that everything is public announcing the new releases, the CVE number, the location of the binaries, and the relevant merged PRs to get wide distribution and user action. As much as possible this email should be actionable and include links how to apply the fix to users environments; this can include links to external distributor documentation. The recommended target time is 4pm UTC on a non-Friday weekday. This means the announcement will be seen morning Pacific, early evening Europe, and late evening Asia. - The Fix Lead will remove the Fix Team from the private security repo. ### Retrospective |