Image based updates:

Updating what we've deployed is a Good Idea. https://etherpad.openstack.org/tripleo-image-updates





====================================================
Stable branch for tripleo:

TripleO is currently focused on Continuous Delivery from master branches, we may also have a set of users who want to deploy using openstack's stable branches, I'd like to discuss if this something we would like to accommodate and how best can we could do it? 


Do We need stable branches ?

If not, how do we accomodate users who don't want to follow the master branches?

What would need a stable branches ?
   o tripleo-incubator
	   - This is meant to foster experimental tools until they are stable enough for things like backward compatibility. Things that need to be released should be moved out of the incubator at that time.
   o tripleo-image-elements
   o diskimage-builder
	   - I would argue this is a tool that must never make backward incompatible changes
   o tripleo-heat-templates
   o tuskar
   o os-*-config
   o more/less .... ? 

Providing Stable branches implies we are at the point where user can use tripleo to deploy a production cloud, should we do a security audit before branching, I'm thinking in particular about security updates that have gone into packaging that we may not have in our elements?
  * Not using HTTPS everywhere yet
  * Production/stable release work must follow or at least coordinate with HA work.

What gets backported ?

How long should we support stable branches for ?
 * We are OpenStack - https://wiki.openstack.org/wiki/Releases - So 6 months for general fixes, 1 year for security

CI requirements for stable branches?
   o devtest + tempest
   o Which distro(s)