[Openstack-security] OSSN repository is live!

Nathan Kinder nkinder at redhat.com
Sat Mar 29 23:36:53 UTC 2014 

On 03/29/2014 04:20 PM, Bhandaru, Malini K wrote:
> Congratulations Nathan! Good work!
> Glad you will be exploring automated formating as a gate job.
> I know we plan to cover OSSNs in more detail in the security guide, but it would be good as a first pass for completeness to have an OSSN chapter in the OpenStack security guide that lists links to all published OSSNs
> (just a fetch, format, and include in doc) each time the build happens.

This is definitely a goal.  Anne and I were discussing having an
appendix to the Security Guide that would list published OSSNs
associated with that particular OpenStack release.  We might as well
include the content, not just links.

-NGK
> 
> Cheers
> Malini
> 
> -----Original Message-----
> From: Nathan Kinder [mailto:nkinder at redhat.com] 
> Sent: Friday, March 28, 2014 5:01 PM
> To: openstack-security at lists.openstack.org
> Subject: [Openstack-security] OSSN repository is live!
> 
> Hi,
> 
> I'm happy to announce that our new OSSN git repository is live!  I have pre-populated it with all of the previously published Security Notes as well as templates to aid in the creation of new Security Notes.  The repository is located here:
> 
>     http://git.openstack.org/cgit/openstack/openstack-security-notes/
> 
> Now that we have this repository, we will use the normal Gerrit workflow [1] for reviewing OSSNs.  Bryan Payne, Rob Clark, and myself have +2 review permission to start with.  We can certainly discuss making changes to this, but it should be fine for now.  It might be a good item for us to discuss in Atlanta at the Summit.
> 
> Publishing of OSSNs is still a manual process.  I would like to add automatic publishing jobs, which is something that I will be looking into.  We can also potentially add check and gate jobs for things such as formatting if desired.
> 
> I have updated the OSSN process wiki page [2] with details of the new review procedures.
> 
> Thanks,
> -NGK
> 
> [1] https://wiki.openstack.org/wiki/Gerrit_Workflow
> [2] https://wiki.openstack.org/wiki/Security/Security_Note_Process
> 
> _______________________________________________
> Openstack-security mailing list
> Openstack-security at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security
>

More information about the Openstack-security mailing list