MW security releases are difficult, and Chad wants to automate/streamline the process. This task is to document the current required tasks, identify the pain points, and then fix them.
I think the general steps for a security release are something like...:
- Decide upon a date and send out the pre-release announcement email
- Give early access in Phab to some people
- Create a list of patches/tasks that should be backported with help from security team
- Create backports of all those patches for the supported branches
- Update release notes and version number
- Stage patches and git clones...somewhere.
- Run make-release
- Do some kind of testing???
- gpg sign tarballs and upload to releases.wm.o
- Send announcement to mailing lists
- Submit patches to Gerrit and wait for CI to merge them (or just force merge)
- Publish signed git tags.