[openstack-dev] [openstack-ansible][security] Security hardening backport to Liberty desirable?

Jesse Pretorius jesse.pretorius at gmail.com
Sat Mar 5 12:40:53 UTC 2016


On 4 March 2016 at 16:50, Major Hayden <major at mhtx.net> wrote:

> Hey folks,
>
> I have proposed a review[1] which adds the openstack-ansible-security[2]
> role to OpenStack-Ansible's Liberty release.  I would really appreciate
> some feedback from deployers on whether this change is desirable in Liberty.
>
> The role applies cleanly to Liberty on Ubuntu 14.04 and the role already
> has some fairly basic gating.
>
> The two main questions are:
>
>   1) Does it make sense to backport the openstack-ansible-security
>      role/playbook to Liberty?
>   2) Should it be applied by default on AIO/gate builds as it is
>      in Mitaka (master)?
>
> Thanks!
>
> [1] https://review.openstack.org/#/c/273257/
> [2] http://docs.openstack.org/developer/openstack-ansible-security/


Hi Major,

Liberty is a stable branch and the Mitaka release is just around the
corner. I think it's a bit late in the game to add it. Consider, also, that
deployers can easily consume the role with their own playbook to execute it
if they would like to.

*If* a backport is supported by the consuming community and core team, I
would only support an opt-in model to allow deployers to make use of the
role, but only if they choose to.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20160305/fdbd0248/attachment.html>


More information about the OpenStack-dev mailing list