[release][core] gerrit breach and auditing all releases deliverables [1] since Oct 01
Herve Beraud
hberaud at redhat.com
Wed Oct 21 09:42:47 UTC 2020
Hello,
As every team we are also concerned by the gerrit breach and we must take a
look at our changes during this time frame on all our deliverables [1].
The majority of our changes during this period are changes related to
releasing new deliverables, that mean changes on yaml files.
Due to the criticality of the problem I propose the following action plan:
- first, focus us on changes against our scripts and executable files;
- second, inspect yaml files if teams identify possible issues in their
code base. I don't think we need to inspect our `deliverable/*/*.yaml`
files for now, it could be done later;
- third, inspect documentation changes. They could be easily ignored for
now and analyzed later too.
I wrote a script [2][3] to help us to extract relevant changes (*.py,
*.sh), all the rest ((deliverable|data)*.yaml, *.rst) have been ignored for
now.
I ran this script against the repos that we own, here is the result:
- openstack/release-test
- No changes merged since more than 3 months
- openstack/releases
-
https://review.opendev.org/#/q/9e527f9e0e0cac29699171813b45c65b487010dc
-
https://review.opendev.org/#/q/9c4f3c43039fa686cee6d03fb6d9894de05c89a6
-
https://review.opendev.org/#/q/a8ab91eebc7a0b9d0be863772ea286627e6b57d9
- openstack/reno
- No changes merged since more than 2 months
- openstack/specs-cookiecutter
- No changes merged since more than 4 months
Example of script usage against our openstack/releases repos:
```
$ cd releases
$ curl
https://gist.githubusercontent.com/4383/511359cc2080e06295944c5f40bd1033/raw/c0e21b41570abed076c72d11dcc102dd9d43a067/check.sh
| sh
```
I'll take a look at the identified commits but double checking would be
greatly appreciated.
Please ensure to double check your account activity [4] and make sure
nothing is off.
Special congrats to Julia Kreger and for her excellent job [5].
Thank you in advance for your help,
[1]
https://governance.openstack.org/tc/reference/projects/release-management.html
[2] https://gist.github.com/4383/511359cc2080e06295944c5f40bd1033
[3]
https://gist.githubusercontent.com/4383/511359cc2080e06295944c5f40bd1033/raw/c0e21b41570abed076c72d11dcc102dd9d43a067/check.sh
[4]
http://lists.opendev.org/pipermail/service-announce/2020-October/000011.html
[5]
http://lists.openstack.org/pipermail/openstack-discuss/2020-October/018148.html
--
Hervé Beraud
Senior Software Engineer
Red Hat - Openstack Oslo
irc: hberaud
-----BEGIN PGP SIGNATURE-----
wsFcBAABCAAQBQJb4AwCCRAHwXRBNkGNegAALSkQAHrotwCiL3VMwDR0vcja10Q+
Kf31yCutl5bAlS7tOKpPQ9XN4oC0ZSThyNNFVrg8ail0SczHXsC4rOrsPblgGRN+
RQLoCm2eO1AkB0ubCYLaq0XqSaO+Uk81QxAPkyPCEGT6SRxXr2lhADK0T86kBnMP
F8RvGolu3EFjlqCVgeOZaR51PqwUlEhZXZuuNKrWZXg/oRiY4811GmnvzmUhgK5G
5+f8mUg74hfjDbR2VhjTeaLKp0PhskjOIKY3vqHXofLuaqFDD+WrAy/NgDGvN22g
glGfj472T3xyHnUzM8ILgAGSghfzZF5Skj2qEeci9cB6K3Hm3osj+PbvfsXE/7Kw
m/xtm+FjnaywZEv54uCmVIzQsRIm1qJscu20Qw6Q0UiPpDFqD7O6tWSRKdX11UTZ
hwVQTMh9AKQDBEh2W9nnFi9kzSSNu4OQ1dRMcYHWfd9BEkccezxHwUM4Xyov5Fe0
qnbfzTB1tYkjU78loMWFaLa00ftSxP/DtQ//iYVyfVNfcCwfDszXLOqlkvGmY1/Y
F1ON0ONekDZkGJsDoS6QdiUSn8RZ2mHArGEWMV00EV5DCIbCXRvywXV43ckx8Z+3
B8qUJhBqJ8RS2F+vTs3DTaXqcktgJ4UkhYC2c1gImcPRyGrK9VY0sCT+1iA+wp/O
v6rDpkeNksZ9fFSyoY2o
=ECSj
-----END PGP SIGNATURE-----
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20201021/80890d43/attachment.html>
More information about the openstack-discuss
mailing list