[openstack-dev] [Fuel] Packaging CI for Fuel
Jeremy Stanley
fungi at yuggoth.org
Tue Mar 22 16:29:07 UTC 2016
On 2016-03-22 15:20:22 +0000 (+0000), Tristan Cacqueray wrote:
[...]
> With only my VMT hat on, this makes me wonder why the packaging needs
> special care. Is there a reason why stable branch aren't built continuously?
[...]
My concern was more over handling packaging-specific security
vulnerabilities (loose file permissions, risky default
configuration, that sort of thing) which is what I think
"vulnerability management" of packages would entail.
But also all generated packages published from the same suite would
need consistent support coverage not just for the packaging itself
but also for all the software being packaged--sysadmins consuming
our packages aren't going to take the time to figure out which of
packages installed from there are "supported" by us and which
aren't.
--
Jeremy Stanley
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 949 bytes
Desc: Digital signature
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20160322/0cfc0505/attachment.pgp>
More information about the OpenStack-dev
mailing list