Skip to main content

Create a release (release window)

Tip

To perform this action, you must have a user role that contains the Request release window permission.

  1. In the Software Trust menu, go to Releases > Releases.

  2. Select Create release.

  3. Complete the following fields:

    Field

    Description

    Release name

    Enter a name to uniquely identify this release.

    • Spaces aren't allowed in release names.

    • Letters, numbers, and the following characters are allowed: ., _, -.

    Release version (optional)

    Enter a version number for the release (optional).

    Team

    Note

    This field appears when teams are enabled.

    Select a team responsible for this release.

    Release purpose

    Note

    This field appears when Threat detection is enabled in Account settings.

    This option may be preselected based on your selection in Account settings. However, if you have checked all three of the following options in Account settings, then select one of the following:

    • Sign

    • Detect threats

    • Detect threats and sign

      • If you select this option, then the Block signing if the CI/CD status for threat detection fails (optional) option will display, where you can select to block signing if the threat detection scan status fails.

      • This option is editable when Specify when creating a release is selected in Account settings.

    Project

    Note

    This field appears when the Release purpose is Sign.

    If the purpose of the release includes Threat detection, then you must connect the release with a Project.

    Release window

    Set the timeframe of the release by selecting one of the following options:

    • Select the start date and time, as well as the duration of the release window.

    • Select the date and time range for the release window.

    Release notes (optional)

    Enter a note to give additional details about the release (optional).

  4. Select Next.

  5. Select Add a keypair.

    Note

    If Teams are enabled in Account settings, you can assign multiple keypairs to the release. However, if teams are disabled, you can assign one keypair to the release.

  6. Specify the following parameters to narrow down the keypairs available for selection on the next page.

    Field

    Description

    Keypair type

    Select GPG keypairs or Standard keypairs.

    Keypair status

    Select one of the following keypair types:

    • Online keypairs

      Users with access can use online keypairs at any time.

    • Offline keypairs

      Users can use offline keypairs during a release window.

    • Test keypairs

      Users with access can use test keypairs at any time.

    Only show keypairs with default certificates (optional)

    Select this option to filter the keypair list and to select from keypairs that have default certificates.

  7. Select Next.

  8. Select one or more keypairs to be used this release.

  9. Select Add.

  10. Select the desired Users or Groups (optional) responsible for signing with this keypair during the release.

  11. For Maximum signatures allowed (optional), select a limit for how many signatures can be used during this release.

  12. For Release baseline (optional), select a release baseline to compare your current release to (optional).

    Note

    If a signature doesn't match the baseline, the release will pause so that you can address the issue.

  13. In the Resources for threat detection section, select the users or groups responsible for threat detection.

    Note

    This option appears if Threat detection is enabled in Account settings.

  14. Select Create.