InterSystems Official
· Feb 16, 2023

Speeding up AND becoming more predictable - updates to our release cadence

InterSystems periodically updates our software release policies and practices to adjust to customer needs.

We're now changing our maintenance release cadence in order to be more predictable for customers and partners, and tweaking a few other areas.

This article summarizes the release cadence for our Data Platforms products and recent changes to it, and announces a few new updates.

Why change?

  • Our customers are taking our new releases more quickly.
  • Our customers are adopting new platforms versions (operating systems and orchestrators) more quickly.
  • Security issues are arising more frequently, especially in third-party libraries.
  • Our customers are asking for more predictable delivery dates.

What's the same? Reminder of our feature release cadence

InterSystems has been using a two-stream feature release cadence with InterSystems IRIS since 2018 (see the original announcement). We provide:

  • Continuous delivery (CD) releases—these releases provide access to new features quickly and are ideal for developing and deploying applications that are continuously being updated and can take immediate advantage of new features. Sometimes called the fast train.
  • Extended maintenance (EM) releases—these releases are less frequent than the continuous delivery releases but provide the increased stability of maintenance releases. They are ideal for large enterprise applications where the ease of getting fixes in maintenance releases is more important than getting early access to new features. Sometimes called the slow train.

EM releases are easy to identify because their version number is YYYY.1 (for example 2022.1 or 2023.1).   CD Releases will have a version number of the form YYYY.2, YYYY.3 etc.

A year ago, we evolved our cadence, adding kits for CD releases and adding HealthShare Health Connect into these release trains alongside InterSystems IRIS and InterSystems IRIS for Health. (See the February 2022 update.) A few restrictions on the fast train CD releases remain: there are no maintenance or security updates; there is no in-place conversion from Caché or Ensemble; and the upgrade path for a CD release is limited to the next CD release or the next EM version.

Feature releases (both EM and CD releases) go through a preview phase where customers can download and work with new releases, to help get ready for a new release.  Previews are a great time to provide feedback and test to be sure your application works well with the new release.  Starting with 2022.2 we began updating previews every 2 weeks, always on a Wednesday.

Feedback on the release cadence and these updates has been very positive, and we've been able to manage the two-stream release cadence while maintaining extremely high quality.

Platform updates

Customers are adopting new operating systems much faster, especially in the cloud. We have changed our cadence accordingly. In 2022, we began adding new operating systems support in maintenance releases. 2022.1.1 added Ubuntu 22.04 support; 2022.1.2 added RHEL 9 support. This approach means that customers can adopt new operating systems much earlier.

Security changes are coming more frequently, especially for common libraries packaged with those operating systems, such as OpenSSL.  With our 2022.1 release we began using the OpenSSL libraries from the operating system, so that customers can keep current on security updates via the OS.    This also means compiling and packaging separate kits for each major version of a Linux operating system.   We limit these to two major versions in each EM release. If we introduce new OS support in a maintenance release, we won't remove any earlier versions, so there may be three sets of kits;  this is trimmed down to two with the next EM release.   For example, 2022.1.2 has three sets of Red Hat kits (RHEL 7, RHEL 8, and RHEL 9); 2022.1.3 will have the same sets of kits, but 2023.1.0 will include only RHEL 8 and RHEL 9 kits.

Because platform changes are speeding up, we want to give customers visibility into what is coming up.  We've introduced a quarterly "platforms update" in a newsletter format; you can read the first issue on the developer community.  Please give us any feedback you may have on the format, the time horizon, etc.

Maintenance and security updates

We continue to provide maintenance updates on InterSystems IRIS for two years, as well as maintenance updates on Caché and Ensemble (see Minimum Supported Version). In addition to maintenance updates, we provide security corrections.

We refer to the sequence of releases that update an EM release, across all associated products and platforms, as a stream. For example, 2021.1.0, 2021.1.1, 2021.1.2 is a stream, and 2022.1.0, 2022.1.1, 2022.1.2 is a different stream. This means that we are providing maintenance releases for three streams (the most current EM and previous EM of InterSystems IRIS, InterSystems IRIS for Health, and Health Connect, as well as Caché and Ensemble, which is its own stream).

Starting in April 2023, InterSystems will provide security corrections for the current and the last three years of InterSystems IRIS releases, as well as the latest maintenance release of Caché.  This means that security corrections are provided for two additional streams beyond maintenance updates (a total of five streams). For example, in 2024, InterSystems will provide security fixes for InterSystems IRIS versions 2021.1.x, 2022.1.x, 2023.1.x, as well as the then-current version 2024.1.x; InterSystems will also provide security corrections for Caché 2018.1.x. 

We recently improved our security vulnerability handling policy to accommodate the higher volume of security issues we're seeing, most of which are low or medium severity (see Updated Security Vulnerability Handling Policy). We now include security updates in every release. Information about high and critical severity issues is embargoed (to prevent providing information that could be used to exploit security vulnerabilities) until these issues are addressed in all supported streams—at which point we issue a security alert with details of the vulnerabilities that have been addressed.

Predictable maintenance releases

Customers tell us that they appreciate getting regular software updates and want to be able to make plans based on when they can expect them. We are now formalizing our maintenance release schedule, as follows:

  • Most recent InterSystems IRIS stream: maintenance release every three months.
  • Previous InterSystems IRIS stream: maintenance release every six months.
  • Caché and Ensemble: maintenance release every twelve months.

We published a maintenance release for the InterSystems IRIS 2022.1 stream on January 18 (see 2022.1.2 release announcement). We plan to publish maintenance releases for the InterSystems IRIS 2021.1 stream and the Caché and Ensemble 2018.1 stream on February 28.

In 2023, we plan to have one EM release (2023.1) and two CD releases (2023.2 and 2023.3). Once 2023.1.0 is generally available (GA), it becomes the most recent InterSystems IRIS stream, and 2022.1 becomes the previous stream.

Removing previous releases from the WRC (but not the ICR)

Because our releases have become more frequent and we publish more kits (one per major Linux OS version), the number of available versions on the WRC software distribution site has grown significantly and has become confusing to some customers. We are adopting a new practice of regularly removing older versions in each stream from the distribution site.

  • Only the most recent CD version will be visible—because 2022.3 is now generally available, we'll be removing the 2022.2 images at the end of February.
  • Only the most recent maintenance version per stream will be visible—2022.1.1 was removed when 2022.1.2 was published. This prevents the problem of customers mistakenly installing software with known security issues.

Previous versions are available on request. We also suggest that customers who standardize on a single version for many sites keep their own copy of the kit for that version. To ensure integrity, all kits and containers are signed; checksum files and PGP signature files are downloadable from the WRC distribution site.

We work differently with containers published on the InterSystems Container Repository (ICR), because customers typically use specific versions in CI/CD pipelines. We won't prune old images from the ICR until they are two years old. We recommend that customers keep their CI/CD pipelines current, and the feedback we receive is that they do.

Committed to customer success

All of the changes described in this article have been made with the intent of helping customers succeed. We're listening to our customers' concerns about security issues, platform adoption, maintenance updates, and release cadence and changing things based on that feedback. Please don't hesitate to contact us with feedback and suggestions!

Discussion (0)2
Log in or sign up to continue