Skip to content

v0.1.0-alpha.1 Release Gate Checklist

This checklist defines the evidence required before releasing v0.1.0-alpha.1. The alpha release cutline is declared in release/floe-release.yaml.

Current status: Evidence gate blocked on release tooling, live infrastructure validation, and Customer 360 observability proof. The release-candidate validation record for 2026-05-13 is linked below. Do not run the real prepare-release.yml workflow until the missing make test-contract target is resolved or waived, and the DevPod+Hetzner plus AWS S3+Glue live lanes pass with accurate failure taxonomy in the release evidence bundle. Do not tag or publish a GitHub Release until the Customer 360 observability proof records fresh logs, traces, metrics, and lineage for the same product run ID.

Release-candidate commit validated on this branch: d3a30c43b78e4778b85e69d0989810b0358c0fc5.

Latest branch head after evidence and release-safety fixes: 4dd1461ffd0633375fe5bf3d8a1c21daa36e8f12.

Release milestone: v0.1.0-alpha.1

Execution plan: v0.1.0-alpha.1 Execution Plan

Release gates:

IssueStatusNotes
#263 Decouple Dagster Iceberg export from floe-iceberg internalsPost-alpha / non-blockingLabeled post-alpha. Alpha scope requires Iceberg-backed Customer 360; Dagster without floe-iceberg remains post-alpha architecture debt.
#278 Release gate: assess contract-layer hard reset before alpha tagClosedContract-layer worktree assessed; valuable ideas deferred to post-alpha.
#284 Release gate: triage open tech-debt backlog for alpha cutlineClosedTech-debt issues classified; non-blocking items labeled post-alpha.
#285 Release gate: run final DevPod + Hetzner validation laneClosedEarlier full DevPod E2E evidence exists; the manifest-driven release gate still requires current-main evidence or explicit accepted evidence in the release bundle.
#288 Release gate: validate docs and demo walkthroughClosedPersona walkthrough evidence recorded.
#289 Release gate: prepare release notes, tag, and rollback postureThis checklistFinal gate. Close after the manifest-driven evidence bundle is complete.

Release rule: do not run prepare-release.yml with dry_run=false while any alpha-blocker issue remains open. Do not create the tag manually. Do not create or publish a GitHub Release before every required gate below passes or is explicitly waived in the release evidence bundle.

release/floe-release.yaml declares 15 alpha Python packages in the publish set. These packages have not been published by this checklist task:

  • floe-core
  • floe-iceberg
  • floe-orchestrator-dagster
  • floe-catalog-polaris
  • floe-storage-minio
  • floe-compute-duckdb
  • floe-dbt-core
  • floe-ingestion-dlt
  • floe-telemetry-jaeger
  • floe-rbac-k8s
  • floe-network-security-k8s
  • floe-lineage-marquez
  • floe-quality-gx
  • floe-storage-aws-s3
  • floe-catalog-glue

The manifest excludes 11 packages from the alpha publish set:

  • floe-alert-slack
  • floe-alert-email
  • floe-alert-alertmanager
  • floe-alert-webhook
  • floe-identity-keycloak
  • floe-secrets-infisical
  • floe-secrets-k8s
  • floe-semantic-cube
  • floe-dbt-fusion
  • floe-telemetry-console
  • floe-quality-dbt

Excluded packages must not be included in the alpha PyPI token-based publish set until their composition path is proven.

Helm alpha policy: helm.alpha_policy: publish, with helm.charts set to charts/floe-platform and charts/floe-jobs. This records manifest policy only; no Helm chart publication was performed by this checklist task.

GateRequired evidenceStatus
Release SHACurrent main SHA recorded before tagBranch release-candidate SHA recorded: d3a30c43b78e4778b85e69d0989810b0358c0fc5; final main SHA still required before tag
Manifest validationuv run python -m testing.release.cli validate --manifest release/floe-release.yaml --tag v0.1.0-alpha.1Passed on 2026-05-13; 15 publish-set packages, 11 excluded packages
Package build dry-runManifest package build output for 15 wheels and 15 sdistsPassed on 2026-05-13; 15 wheels and 15 sdists built, .release-build/alpha-dist removed afterward
Current-main CIRequired release checks green on the release SHABlocked by release tooling gap: local make test-contract target is absent; make test-unit, make lint, and make typecheck passed
Security scansBandit, dependency audit, and detect-secrets release checksPending
DevPod+Hetzner full E2EFull remote E2E evidence from current main, including workspace name and cleanup proofInfrastructure failure on 2026-05-13 before tests ran; Hetzner server creation timed out for workspace floe-alpha-rc-20260513-123857; cleanup verified
Customer 360 observability proofmake demo-customer-360-run plus make demo-customer-360-validate evidence showing queryable logs, metrics, traces, and lineage for the same run IDPending current-main proof; release tag and GitHub Release are blocked until this passes
AWS S3+Glue live validationLive tests/integration/test_aws_provider_live.py result through DevPod+HetznerInfrastructure failure on 2026-05-13 before AWS test ran; Hetzner server creation timed out for workspace floe-provider-20260513-125105
AWS cleanupscripts/aws-provider-test-cleanup.sh output for the release runPassed for FLOE_PROVIDER_SPIKE_RUN=floe-provider-20260513T125105Z; S3 prefix and Glue database cleanup checks passed
Hetzner cleanupDevPod workspace deletion and direct Hetzner resource inventoryPassed after manual direct provider cleanup; no current-run floe-734a5, floe-alpha*, or floe-provi* resources remained
PyPI publish setPublished projects exactly match the 15 manifest packagesPending until after tag
Helm manifest policyHelm release behavior matches helm.alpha_policy and helm.chartsManifest policy recorded: publish; charts charts/floe-platform, charts/floe-jobs; no chart publication performed

These records are useful context, but they do not replace the manifest-driven release evidence bundle unless the release manifest or final evidence summary explicitly accepts them.

ChannelGateDetails
GitHub ReleaseEvidence bundle complete before tagprepare-release.yml creates the tag and GitHub Release only after all gates pass, including Customer 360 observability proof
PyPI packagesPYPI_API_TOKEN access for the 15 manifest packagespypi-publish.yml publishes only python_packages.publish from successful Prepare Release metadata
Helm chartsManifest policy checkhelm-release.yaml may release helm.charts when helm.alpha_policy allows
  • The alpha release requires Customer 360 validation with Iceberg enabled.
  • Dagster without floe-iceberg installed is not part of the alpha promise.
  • Customer 360’s alpha query proof is command-based business metric validation against generated Iceberg outputs.
  • Cube and alert/secret/identity packages are excluded from the alpha publish cutline until their composition paths are proven.
  • PyPI package publishing for this alpha uses secrets.PYPI_API_TOKEN in the pypi GitHub environment (see docs/guides/pypi-trusted-publishers.md).
  • No Windows or macOS-specific testing; alpha validation is Linux-based.

Do not run with dry_run=false until the dry run passes and PYPI_API_TOKEN publishing access is verified for the 15 manifest packages. Do not create the tag manually.

Terminal window
gh workflow run prepare-release.yml \
--repo Obsidian-Owl/floe \
-f version=v0.1.0-alpha.1 \
-f dry_run=true
gh workflow run prepare-release.yml \
--repo Obsidian-Owl/floe \
-f version=v0.1.0-alpha.1 \
-f dry_run=false

This triggers:

  1. prepare-release.yml - validates the manifest, runs all release gates, creates the tag, and creates the GitHub Release.
  2. pypi-publish.yml - builds and publishes the 15 manifest packages to PyPI from release metadata.

Helm chart release is governed separately by helm-release.yaml and the manifest Helm policy.

The release evidence bundle must include the Customer 360 run ID, Loki-compatible log query and count, Prometheus-compatible metric query and fresh samples, trace query and span inventory, Marquez product run plus model/table ParentRunFacet evidence, and product-vs-infra failure classification. Grafana screenshots or dashboard links are optional evidence when the target platform provisions Grafana.

Weekly failures and release-gate failures create or update GitHub issues with the failed gate, classification, cleanup status, and workflow run link. A failed release gate creates no tag, no GitHub Release, and no PyPI publication.

If the tag must be reverted after push:

Terminal window
# Delete the remote tag (stops any in-progress workflows)
git push origin :refs/tags/v0.1.0-alpha.1
# Delete the local tag
git tag -d v0.1.0-alpha.1
# Delete the GitHub Release (if created)
gh release delete v0.1.0-alpha.1 --repo Obsidian-Owl/floe --yes
# PyPI packages cannot be deleted, only yanked
# Yank published versions (prevents pip install, shows warning):
# pip install pypi-yank # or use the PyPI web UI per-package

PyPI caveat: yanked versions are still installable with ==exact_version but won’t appear in resolution. The same version number cannot be re-uploaded. If the release is bad, bump to v0.1.0-alpha.2 with the fix.