[
https://issues.apache.org/jira/browse/BEAM-5339?focusedWorklogId=150866&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-150866
]
ASF GitHub Bot logged work on BEAM-5339:
----------------------------------------
Author: ASF GitHub Bot
Created on: 03/Oct/18 17:29
Start Date: 03/Oct/18 17:29
Worklog Time Spent: 10m
Work Description: asfgit closed pull request #554: [BEAM-5339] update the
beam dependency guide
URL: https://github.com/apache/beam-site/pull/554
This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:
As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):
diff --git a/.gradle/4.8/fileChanges/last-build.bin
b/.gradle/4.8/fileChanges/last-build.bin
new file mode 100644
index 0000000000..f76dd238ad
Binary files /dev/null and b/.gradle/4.8/fileChanges/last-build.bin differ
diff --git a/.gradle/4.8/fileHashes/fileHashes.bin
b/.gradle/4.8/fileHashes/fileHashes.bin
new file mode 100644
index 0000000000..63c4dc2023
Binary files /dev/null and b/.gradle/4.8/fileHashes/fileHashes.bin differ
diff --git a/.gradle/4.8/fileHashes/fileHashes.lock
b/.gradle/4.8/fileHashes/fileHashes.lock
new file mode 100644
index 0000000000..7db49b076d
Binary files /dev/null and b/.gradle/4.8/fileHashes/fileHashes.lock differ
diff --git a/.gradle/vcsWorkingDirs/gc.properties
b/.gradle/vcsWorkingDirs/gc.properties
new file mode 100644
index 0000000000..e69de29bb2
diff --git a/src/contribute/dependencies.md b/src/contribute/dependencies.md
index 99ec6e690a..3626f2ed26 100644
--- a/src/contribute/dependencies.md
+++ b/src/contribute/dependencies.md
@@ -52,16 +52,17 @@ In addition to this, Beam community members might identify
other critical depend
These kind of urgently required upgrades might not get automatically picked up
by the Jenkins job for few months. So Beam community has to act to identify
such issues and perform upgrades early.
-## JIRA Automation
+## JIRA Issue Automation
In order to track the dependency upgrade process, JIRA tickets will be created
per significant outdated dependency based on the report. A bot named *Beam Jira
Bot* was created for managing JIRA issues. Beam community agrees on the
following policies that creates and updates issues.
-* Issues will be named as "Beam Dependency Update Request: <dep_name>
<dep_newest_version>".
-* Issues will be created under the component *"dependencies"*
-* Issues will be assigned to the primary owner of the dependencies, who are
mentioned in the dependency ownership files. ([Java Dependency
Owners](https://github.com/apache/beam/blob/master/ownership/JAVA_DEPENDENCY_OWNERS.yaml)
and [Python Dependency
Owners](https://github.com/apache/beam/blob/master/ownership/PYTHON_DEPENDENCY_OWNERS.yaml))
-* If more than one owners found for a dependency, the first owner will be
picked as the primary owner, the others will be pinged in the issue's
description.
-* If no owners found, leave the assignee empty. The component lead is
responsible for triaging the issue.
-* Avoid creating duplicate issues. Updating the descriptions of the open
issues created by the previous dependency check.
-* The dependency sometimes is not able to be upgraded, the issue should be
closed as *"won't fix"*. And, the bot should avoid recreating issues with
"won't fix".
+* Title (summary) of the issues will be in the format "Beam Dependency Update
Request: <dep_name>" where <dep_name> is the dependency artifact name.
+* Issues will be created under the component *"dependencies"*.
+* Owners of dependencies will be notified by tagging the corresponding JIRA
IDs mentioned in the ownership files in the issue description. See [Java
Dependency
Owners](https://github.com/apache/beam/blob/master/ownership/JAVA_DEPENDENCY_OWNERS.yaml)
and [Python Dependency
Owners](https://github.com/apache/beam/blob/master/ownership/PYTHON_DEPENDENCY_OWNERS.yaml)
for current owners for Java SDK and Python SDK dependencies respectively.
+* Automated tool will not create duplicate issues for the same dependency.
Instead the tool will look for an existing JIRA when one has to be created for
a given dependency and description of the JIRA will be updated with latest
information, for example, current version of the dependency.
+* If a Beam community member determines that a given dependency should not be
upgraded the corresponding JIRA issue can be closed with a fix version
specified.
+* Automated tool will reopen a JIRA for a given dependency when one of
following conditions is met:
+ * Next SDK release is for a fix version mentioned in the JIRA.
+ * Six months __and__ three or more minor releases have passed since the JIRA
was closed.
## Upgrading identified outdated dependencies
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
Issue Time Tracking
-------------------
Worklog Id: (was: 150866)
Time Spent: 7h 20m (was: 7h 10m)
> Implement new policy on Beam dependency tooling
> -----------------------------------------------
>
> Key: BEAM-5339
> URL: https://issues.apache.org/jira/browse/BEAM-5339
> Project: Beam
> Issue Type: Bug
> Components: testing
> Reporter: yifan zou
> Assignee: yifan zou
> Priority: Major
> Fix For: 2.8.0
>
> Time Spent: 7h 20m
> Remaining Estimate: 0h
>
> (1) Instead of a dependency "owners" list we will be maintaining an
> "interested parties" list. When we create a JIRA for a dependency we will not
> assign it to an owner but rather we will CC all the folks that mentioned that
> they will be interested in receiving updates related to that dependency. Hope
> is that some of the interested parties will also put forward the effort to
> upgrade dependencies they are interested in but the responsibility of
> upgrading dependencies lie with the community as a whole.
> (2) We will be creating JIRAs for upgrading individual dependencies, not for
> upgrading to specific versions of those dependencies. For example, if a given
> dependency X is three minor versions or an year behind we will create a JIRA
> for upgrading that. But the specific version to upgrade to has to be
> determined by the Beam community. Beam community might choose to close a JIRA
> if there are known issues with available recent releases. Tool may reopen
> such a closed JIRA in the future if new information becomes available (for
> example, 3 new versions have been released since JIRA was closed)
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
