[NEW RELEASE] Request to prepare & release 2.5.1

[james-certn]

Currently, version 2.5.0 is incompatible for a subset of users, and is easily fixed by the work done in #719.

As such, I propose a release to go out as soon as reasonably possible, to unblock those folks.

[jayaddison]

Hi @james-certn - this is slightly confusing; we have the same full name. I think I spoke to you once on an Elasticsearch IRC channel. Anyway, hello.

Could someone confirm whether this release process requires use of the release drafter GitHub Actions workflow?

The reason I ask: I have a concern that the release drafter workflow may have unnecessary permissions; in particular I don't think that it should need the contents: write permission.

That in itself is not a problem - something else would need to go wrong for it to write incorrect/unrelated content into the repo. But if someone could check, that could be worthwhile. I'll prepare a PR to drop that permission, although if the permission is indeed intended and required for some reason, then I will subsequently close it.

Edit: the permission does appear to be required, so I will not prepare a PR to reduce/drop the permission.

[jayaddison]

Ok, my apologies - reading the GitHub Actions contents workflow permissions documentation, it does seem that this permission is required to create a release artifact -- and that I suppose is something that the upload windows dists step is intended to do.

It does seem that the same token permission also provides the ability to create a commit within the repository -- something that I don't think we'd expect or want the job to do (it's fine to read the repository sources, and to create a redistributable object -- but it shouldn't need to write to version control).

However, I don't initially find documented configuration settings that would allow a release artifact to be published without granting the write permission that also allows writes to version control. I may be mistaken, and will continue to investigate, but I don't think that this should be considered a blocker. My apologies for the distraction if this turns out to be nothing.

[james-certn]

Hi @james-certn - this is slightly confusing; we have the same full name. I think I spoke to you once on an Elasticsearch IRC channel. Anyway, hello.

Well, hello again then. ;) James Addisons of the world, unite!

[saimedhi]

Hello @jayaddison,

The release process for the project utilizes the Release Drafter GitHub Actions workflow. And write permissions are required for this process.

[jayaddison]

Thank you @saimedhi for confirming that :+1:

Please consider my question resolved.

[saimedhi]

Hello @james-certn,

I plan to release opensearch-py version 2.6.0 after a few pending pull requests are merged. You can check the status of these PRs here.

Thank you for your patience!

[saimedhi]

+1 https://github.com/opensearch-project/opensearch-py/issues/628#issuecomment-2125757146

[skshetry]

@saimedhi, was this released? I don't see it tagged or in PyPI.

[dblock]

Looks like version was bumped but no release (yet).

[saimedhi]

I'm planning to release version 2.6.0 today. Thank you!

[saimedhi]

opensearch-py version 2.6.0 is now released!