ethyca
empty commit to start release 2.63.0
Releases
Versioning
Fides uses semantic versioning. Due to the rapid development of the project, some minor versions may also contain minor breaking changes. The best practice is to always pin versions, and carefully test before bumping to a new version.
Patch versions will never cause breaking changes, and are only used to hotfix critical bugs.
Release schedule
Fides does not follow a set release schedule, and instead ships versions based on the addition of features and functionality. Each release, with the exception of hotfixes, contains at least one substantial new feature.
Branching
Fides uses continuous delivery with a single main branch. All code changes are merged into this branch.
When it comes times to prepare for a new release, a release branch is created for stability and thoroughly tested.
When releasing, a new tag is created on the release branch and the release process proceeds automatically.
In the case of patches, a branch is created from the relevant tag. Commits are then cherry-picked into this branch, and a new patch version tag is created.
Release Steps
We use GitHub’s release feature to tag releases that then get automatically deployed to DockerHub and PyPi via GitHub Actions. We also use a CHANGELOG.md to mitigate surprises to our users and help them plan updates accordingly. The release steps are as follows:
Release Checklist
The release checklist is a manual set of checks done before each release to ensure functionality of the most critical components of the application. Some of these steps are redundant with automated tests, while others are only tested here as part of this check.
This checklist should be copy/pasted into the final pre-release PR, and checked off as you complete each step.
Additionally, there is a robust Release Process page available in Confluence (internal only).
[!WARNING] THIS RELEASE BRANCH PULL REQUEST SHOULD NOT BE MERGED! IT IS FOR TRACEABILITY PURPOSES ONLY!
Pre-Release Steps
General
From the release branch, confirm the following:
- [ ] Quickstart works:
nox -s quickstart(verify you can complete the interactive prompts from the command-line) - [ ] Test environment works:
nox -s "fides_env(test)"(verify the admin UI on localhost:8080, privacy center on localhost:3001, CLI and webserver) - [ ] Have Roger run a QATouch automation run
Next, run the following checks via the test environment:
API
- [ ] Verify that the generated API docs are correct @ http://localhost:8080/docs
CLI
Run these from within the test environment shell:
- [ ]
git reset --hard- Note: This is required for thepullcommand to work - [ ]
fides user login - [ ]
fides push src/fides/data/sample_project/sample_resources/ - [ ]
fides pull src/fides/data/sample_project/sample_resources/ - [ ]
fides evaluate src/fides/data/sample_project/sample_resources/ - [ ]
fides generate dataset db --credentials-id app_postgres test.yml- Note: Because the filesystem isn't mounted, the new file will only show up within the container - [ ]
fides scan dataset db --credentials-id app_postgres
Privacy Center
- [ ] Every navigation button works
- [ ] DSR submission succeeds
- [ ] Consent request submission succeeds
Admin UI
- [ ] Every navigation button works
- [ ] DSR approval succeeds
- [ ] DSR execution succeeds
User Permissions
- [ ] Verify user creation
- [ ] Verify a Viewer can view all systems
- [ ] Verify a Data Steward can edit systems they are assigned
Documentation
- [ ] Verify that the CHANGELOG is formatted correctly and clean up verbiage where needed
- [ ] Verify that the CHANGELOG is representative of the actual changes
:warning: Note that any updates that need to be made to the CHANGELOG should not be commited directly to the release branch.
Instead, they should be committed on a branch off of main and then PR'd and merged into main, before being cherry-picked
over to the release branch. This ensures that the CHANGELOG stays consistent between the release branch and main.
Publishing the release
When publishing the release, be sure to include the following sections in the release description:
- [ ]
## Release Pull Requestsection that includes a link back to the release PR (i.e., this one!) for tracking purposes - [ ]
## QA Touch Test Runsection that includes a link to the QATouch test run (QA team should provide this)
Post-Release Steps
- [ ] Verify the ethyca-fides release is published to PyPi: https://pypi.org/project/ethyca-fides/#history
- [ ] Verify the fides release is published to DockerHub: https://hub.docker.com/r/ethyca/fides
- [ ] Verify the fides-privacy-center release is published to DockerHub: https://hub.docker.com/r/ethyca/fides-privacy-center
- [ ] Verify the fides-sample-app release is published to DockerHub: https://hub.docker.com/r/ethyca/fides-sample-app
- [ ] Smoke test the PyPi & DockerHub releases:
- [ ] Create a fresh venv with
python3 -m venv 2_12_0_venv - [ ] Activate the venv
source 2_12_0_venv/bin/activate - [ ]
pip install ethyca-fides - [ ]
fides deploy up
- [ ] Create a fresh venv with
- [ ] Announce the release!
The latest updates on your projects. Learn more about Vercel for Git ↗︎
2 Skipped Deployments
| Name | Status | Preview | Comments | Updated (UTC) |
|---|---|---|---|---|
| fides-plus-nightly | ⬜️ Ignored (Inspect) | Visit Preview | Jun 9, 2025 4:29pm | |
| fides-privacy-center | ⬜️ Ignored (Inspect) | Jun 9, 2025 4:29pm |
![vercel[bot] avatar](https://avatars.githubusercontent.com/in/8329?v=4 "Published by a pub.dev verified publisher"){kind=small}
fides
Run #12972
Run Properties:
Passed #12972
20e38def34: ENG-663: add `StagedResourceAncestors` table and remove `child_diff_statuses` (#...
Passed #12972 20e38def34: ENG-663: add `StagedResourceAncestors` table and remove `child_diff_statuses` (#...| Project |
fides
|
| Branch Review |
release-2.63.0
|
| Run status |
|
| Run duration | 00m 52s |
| Commit |
|
| Committer | Adam Sachs |
| View all properties for this run ↗︎ | |
| Test results | |
|---|---|
Failures
|
0
|
Flaky
|
0
|
Pending
|
0
|
Skipped
|
0
|
|
Passing
|
5
|
| View all changes introduced in this branch ↗︎ | |
![cypress[bot] avatar](https://avatars.githubusercontent.com/in/9078?v=4 "Published by a pub.dev verified publisher"){kind=small}
Codecov Report
:x: Patch coverage is 92.30769% with 4 lines in your changes missing coverage. Please review.
:white_check_mark: Project coverage is 87.11%. Comparing base (ddbde7b) to head (26ed475).
:warning: Report is 228 commits behind head on main.
| Files with missing lines | Patch % | Lines |
|---|---|---|
| ...des/api/service/privacy_request/request_service.py | 25.00% | 3 Missing :warning: |
| src/fides/api/util/lock.py | 95.45% | 0 Missing and 1 partial :warning: |
:x: Your patch status has failed because the patch coverage (92.30%) is below the target coverage (100.00%). You can increase the patch coverage or adjust the target coverage.
Additional details and impacted files
@@ Coverage Diff @@
## main #6197 +/- ##
==========================================
+ Coverage 87.07% 87.11% +0.03%
==========================================
Files 423 424 +1
Lines 26321 26387 +66
Branches 2870 2878 +8
==========================================
+ Hits 22919 22987 +68
+ Misses 2776 2773 -3
- Partials 626 627 +1
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
:rocket: New features to boost your workflow:
- :snowflake: Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
- :package: JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}