[openstack-dev] [openstack-ansible][security] Next steps: openstack-ansible-security

Jesse Pretorius jesse.pretorius at gmail.com
Mon Nov 16 13:47:34 UTC 2015


On 9 November 2015 at 19:38, Major Hayden <major at mhtx.net> wrote:

>
> What would you propose as the final steps to get the blueprint marked as
> completed?  Should documentation be added into openstack-ansible about
> integrating openstack-ansible-security or should a script be provided for
> quicker integration?
>

Based on the spec's proposed change section [1] I would say that items 4 &
5 are the next steps. Those steps, however, are kind-of waiting for the
gate split work. Perhaps the best way to get this done that doesn't have
the dependency is to implement an additional option for gate-check-commit
option to turn on using the security role, but leave it off by default. The
current job will then continue to run and we can add an additional gate
check to run it with the security bits on as a comparison.

[1]
http://specs.openstack.org/openstack/openstack-ansible-specs/specs/mitaka/security-hardening.html#proposed-change
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20151116/5167b776/attachment.html>


More information about the OpenStack-dev mailing list