[DOCS] CONTRIBUTING/RELEASE: publishing security releases
This commit is contained in:
parent
2568a62153
commit
d4b23333ac
|
@ -50,6 +50,16 @@ When Forgejo is released, artefacts (packages, binaries, etc.) are first publish
|
||||||
|
|
||||||
### Publication
|
### Publication
|
||||||
|
|
||||||
|
#### Security releases
|
||||||
|
|
||||||
|
This is done at least 48h in advance so people who asked to be members of this organization are given a chance to update and reduce the exposure of the Forgejo instance they run. Some steps are not documented to reduce the chances of exploiting the publicly documented process.
|
||||||
|
|
||||||
|
* Push the vX.Y.Z-N tag to https://codeberg.org/forgejo-security/forgejo
|
||||||
|
* Binaries are downloaded from https://codeberg.org/forgejo-integration, signed and copied to https://codeberg.org/forgejo-security
|
||||||
|
* Container images are copied from https://codeberg.org/forgejo-integration to https://codeberg.org/forgejo-security
|
||||||
|
|
||||||
|
#### Releases without security patches
|
||||||
|
|
||||||
* Push the vX.Y.Z-N tag to https://codeberg.org/forgejo/release
|
* Push the vX.Y.Z-N tag to https://codeberg.org/forgejo/release
|
||||||
* Binaries are downloaded from https://codeberg.org/forgejo-integration, signed and copied to https://codeberg.org/forgejo
|
* Binaries are downloaded from https://codeberg.org/forgejo-integration, signed and copied to https://codeberg.org/forgejo
|
||||||
* Container images are copied from https://codeberg.org/forgejo-integration to https://codeberg.org/forgejo
|
* Container images are copied from https://codeberg.org/forgejo-integration to https://codeberg.org/forgejo
|
||||||
|
|
Reference in New Issue