[oslo][requirements] Bandit Strategy
Herve Beraud
hberaud at redhat.com
Fri May 17 13:55:14 UTC 2019
Le jeu. 16 mai 2019 à 17:30, Ben Nemec <openstack at nemebean.com> a écrit :
>
>
> On 5/16/19 4:29 AM, Herve Beraud wrote:
> > Hello,
> >
> > To help us to be more reactive on similar issues related to requirements
> > who drop python 2 (the sphinx use case)
> > I've submit a patch https://review.opendev.org/659289 to schedule
> > "check-requirements" daily.
> >
> > Normally with that if openstack/requirements add somes changes who risk
> > to break our CI we will be informed quickly by this periodical job.
> >
> > I guess we will facing a many similar issues in the next month due to
> > the python 2.7 final countdown and libs who will drop python 2.7 support.
> >
> > For the moment only submit my patch on oslo.log, but if it work, in a
> > second time, we can copy it to all the oslo projects.
> >
> > I'm not a zuul expert and I don't know if my patch is correct or not, so
> > please feel free to review it and to put comments to let me know how to
> > proceed with periodic jobs.
> >
> > Also oslo core could check daily the result of this job to know if
> > actions are needed and inform team via the ML or something like that in
> > fix the issue efficiently.
>
> This is generally the problem with periodic jobs. People don't pay
> attention to them so issues still don't get noticed until they start
> breaking live patches. As I said in IRC, if you're willing to commit to
> checking the periodic jobs daily I'm okay with adding them.
>
I'm ok to pay attention and to checking the periodic jobs, but sometimes I
think I'll be away (PTO, etc..) and others people will need to pay
attention during this period.
> I know when dims was PTL he had nightly jobs running on all of the Oslo
> repos, but I think that was in his own private infra so I don't know
> that we could reuse what he had.
>
> >
> > Thoughts?
> >
> > Yours Hervé.
> >
> >
> > Le jeu. 16 mai 2019 à 07:44, Tony Breeds <tony at bakeyournoodle.com
> > <mailto:tony at bakeyournoodle.com>> a écrit :
> >
> > On Tue, May 14, 2019 at 11:09:26AM -0400, Zane Bitter wrote:
> >
> > > It's breaking the whole world and I'm actually not sure there's a
> > good
> > > reason for it. Who cares if sphinx 2.0 doesn't run on Python 2.7
> > when we set
> > > and achieved a goal in Stein to only run docs jobs under Python
> > 3? It's
> > > unavoidable for stable/rocky and earlier but it seems like the
> > pain on
> > > master is not necessary.
> >
> > While we support python2 *anywhere* we need to do this. The current
> > tools (both ours and the broader python ecosystem) need to have these
> > markers.
> >
> > I apologise that we managed to mess this up we're looking at how we
> can
> > avoid this in the future but we don't really get any kinda of signals
> > about $library dropping support for $python_version. The py2 things
> is
> > more visible than a py3 minor release but they're broadly the same
> thing
> >
> > Yours Tony.
> >
> >
> >
> > --
> > Hervé Beraud
> > Senior Software Engineer
> > Red Hat - Openstack Oslo
> > irc: hberaud
> > -----BEGIN PGP SIGNATURE-----
> >
> > wsFcBAABCAAQBQJb4AwCCRAHwXRBNkGNegAALSkQAHrotwCiL3VMwDR0vcja10Q+
> > Kf31yCutl5bAlS7tOKpPQ9XN4oC0ZSThyNNFVrg8ail0SczHXsC4rOrsPblgGRN+
> > RQLoCm2eO1AkB0ubCYLaq0XqSaO+Uk81QxAPkyPCEGT6SRxXr2lhADK0T86kBnMP
> > F8RvGolu3EFjlqCVgeOZaR51PqwUlEhZXZuuNKrWZXg/oRiY4811GmnvzmUhgK5G
> > 5+f8mUg74hfjDbR2VhjTeaLKp0PhskjOIKY3vqHXofLuaqFDD+WrAy/NgDGvN22g
> > glGfj472T3xyHnUzM8ILgAGSghfzZF5Skj2qEeci9cB6K3Hm3osj+PbvfsXE/7Kw
> > m/xtm+FjnaywZEv54uCmVIzQsRIm1qJscu20Qw6Q0UiPpDFqD7O6tWSRKdX11UTZ
> > hwVQTMh9AKQDBEh2W9nnFi9kzSSNu4OQ1dRMcYHWfd9BEkccezxHwUM4Xyov5Fe0
> > qnbfzTB1tYkjU78loMWFaLa00ftSxP/DtQ//iYVyfVNfcCwfDszXLOqlkvGmY1/Y
> > F1ON0ONekDZkGJsDoS6QdiUSn8RZ2mHArGEWMV00EV5DCIbCXRvywXV43ckx8Z+3
> > B8qUJhBqJ8RS2F+vTs3DTaXqcktgJ4UkhYC2c1gImcPRyGrK9VY0sCT+1iA+wp/O
> > v6rDpkeNksZ9fFSyoY2o
> > =ECSj
> > -----END PGP SIGNATURE-----
> >
>
>
--
Hervé Beraud
Senior Software Engineer
Red Hat - Openstack Oslo
irc: hberaud
-----BEGIN PGP SIGNATURE-----
wsFcBAABCAAQBQJb4AwCCRAHwXRBNkGNegAALSkQAHrotwCiL3VMwDR0vcja10Q+
Kf31yCutl5bAlS7tOKpPQ9XN4oC0ZSThyNNFVrg8ail0SczHXsC4rOrsPblgGRN+
RQLoCm2eO1AkB0ubCYLaq0XqSaO+Uk81QxAPkyPCEGT6SRxXr2lhADK0T86kBnMP
F8RvGolu3EFjlqCVgeOZaR51PqwUlEhZXZuuNKrWZXg/oRiY4811GmnvzmUhgK5G
5+f8mUg74hfjDbR2VhjTeaLKp0PhskjOIKY3vqHXofLuaqFDD+WrAy/NgDGvN22g
glGfj472T3xyHnUzM8ILgAGSghfzZF5Skj2qEeci9cB6K3Hm3osj+PbvfsXE/7Kw
m/xtm+FjnaywZEv54uCmVIzQsRIm1qJscu20Qw6Q0UiPpDFqD7O6tWSRKdX11UTZ
hwVQTMh9AKQDBEh2W9nnFi9kzSSNu4OQ1dRMcYHWfd9BEkccezxHwUM4Xyov5Fe0
qnbfzTB1tYkjU78loMWFaLa00ftSxP/DtQ//iYVyfVNfcCwfDszXLOqlkvGmY1/Y
F1ON0ONekDZkGJsDoS6QdiUSn8RZ2mHArGEWMV00EV5DCIbCXRvywXV43ckx8Z+3
B8qUJhBqJ8RS2F+vTs3DTaXqcktgJ4UkhYC2c1gImcPRyGrK9VY0sCT+1iA+wp/O
v6rDpkeNksZ9fFSyoY2o
=ECSj
-----END PGP SIGNATURE-----
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20190517/51355098/attachment-0001.html>
More information about the openstack-discuss
mailing list