[Openstack-security] OSSN repository is live!
Bhandaru, Malini K
malini.k.bhandaru at intel.com
Sat Mar 29 23:20:29 UTC 2014
Congratulations Nathan! Good work!
Glad you will be exploring automated formating as a gate job.
I know we plan to cover OSSNs in more detail in the security guide, but it would be good as a first pass for completeness to have an OSSN chapter in the OpenStack security guide that lists links to all published OSSNs
(just a fetch, format, and include in doc) each time the build happens.
Cheers
Malini
-----Original Message-----
From: Nathan Kinder [mailto:nkinder at redhat.com]
Sent: Friday, March 28, 2014 5:01 PM
To: openstack-security at lists.openstack.org
Subject: [Openstack-security] OSSN repository is live!
Hi,
I'm happy to announce that our new OSSN git repository is live! I have pre-populated it with all of the previously published Security Notes as well as templates to aid in the creation of new Security Notes. The repository is located here:
http://git.openstack.org/cgit/openstack/openstack-security-notes/
Now that we have this repository, we will use the normal Gerrit workflow [1] for reviewing OSSNs. Bryan Payne, Rob Clark, and myself have +2 review permission to start with. We can certainly discuss making changes to this, but it should be fine for now. It might be a good item for us to discuss in Atlanta at the Summit.
Publishing of OSSNs is still a manual process. I would like to add automatic publishing jobs, which is something that I will be looking into. We can also potentially add check and gate jobs for things such as formatting if desired.
I have updated the OSSN process wiki page [2] with details of the new review procedures.
Thanks,
-NGK
[1] https://wiki.openstack.org/wiki/Gerrit_Workflow
[2] https://wiki.openstack.org/wiki/Security/Security_Note_Process
_______________________________________________
Openstack-security mailing list
Openstack-security at lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security
More information about the Openstack-security
mailing list