468161cbce
Provide some explanatory prose about handling of OpenPGP signatures for Git tags and similar release artifacts. Also provide a copy of the corresponding public keys, for improved provenance. New keys should be added each cycle as they're rotated into use. Change-Id: I083bc8acf8d95e938afb5446d786eedf4fc43751
4.4 KiB
OpenStack Releases
Release Series
OpenStack is developed and released around 6-month cycles. After the initial release, additional stable point releases will be released in each release series. You can find the detail of the various release series here:
| Series | Status | Initial Release Date | EOL Date |
|---|---|---|---|
queens/index |
Future | TBD | TBD |
pike/index |
Future | TBD | TBD |
ocata/index |
Under Development <ocata/schedule> |
2017-02-22 (planned) | TBD |
newton/index |
Current stable release, security-supported | 2016-10-06 | TBD |
mitaka/index |
Security-supported | 2016-04-07 | 2017-04-10 |
liberty/index |
Security-supported | 2015-10-15 | 2016-11-17 |
kilo/index |
EOL | 2015-04-30 | 2016-05-02 |
juno/index |
EOL | 2014-10-16 | 2015-12-07 |
icehouse/index |
EOL | 2014-04-17 | 2015-07-02 |
havana/index |
EOL | 2013-10-17 | 2014-09-30 |
grizzly/index |
EOL | 2013-04-04 | 2014-03-29 |
folsom/index |
EOL | 2012-09-27 | 2013-11-19 |
essex/index |
EOL | 2012-04-05 | 2013-05-06 |
diablo/index |
EOL | 2011-09-22 | 2013-05-06 |
cactus/index |
Deprecated | 2011-04-15 | |
bexar/index |
Deprecated | 2011-02-03 | |
austin/index |
Deprecated | 2010-10-21 |
queens/index pike/index ocata/index newton/index mitaka/index liberty/index kilo/index juno/index icehouse/index havana/index grizzly/index folsom/index essex/index diablo/index cactus/index bexar/index austin/index releases/*
Series-Independent Releases
Some projects are released independently from the OpenStack release series. You can find their releases listed here:
independent
Teams
Deliverables organized by the team that produces them.
teams/*
Cryptographic Signatures
Git tags created through our release automation are signed by centrally-managed OpenPGP keys maintained by the OpenStack Infrastructure team. Detached signatures of many separate release artifacts are also provided using the same keys. A new key is created corresponding to each development cycle and rotated relatively early in the cycle. (Implementation completed late in the Newton cycle, so many early Newton artifacts have no corresponding signatures.)
OpenStack Infrastructure root sysadmins and Release Managers publish their own signatures of these keys into the global keyserver network. Copies of the public keys can be found below along with the date ranges during which each key was in general use.
- 2016-08-03..2016-11-22 (Newton Cycle key): key 0x80fcce3dc49bd7836fc2464664dbb05acc5e7c28 (details)
- 2016-11-22..present (Ocata Cycle key): key 0xd47bab1b7dc2e262a4f6171e8b1b03fd54e2ac07 (details)
References
reference/*