Open Stack

Congratulations Nathan! Good work!
Glad you will be exploring automated formating as a gate job.
I know we plan to cover OSSNs in more detail in the security guide, but it would be good as a first pass for completeness to have an OSSN chapter in the OpenStack security guide that lists links to all published OSSNs
(just a fetch, format, and include in doc) each time the build happens.

Cheers
Malini

-----Original Message-----
From: Nathan Kinder [mailto:nkinder at redhat.com] 
Sent: Friday, March 28, 2014 5:01 PM
To: openstack-security at lists.openstack.org
Subject: [Openstack-security] OSSN repository is live!

Hi,

I'm happy to announce that our new OSSN git repository is live!  I have pre-populated it with all of the previously published Security Notes as well as templates to aid in the creation of new Security Notes.  The repository is located here:

    http://git.openstack.org/cgit/openstack/openstack-security-notes/

Now that we have this repository, we will use the normal Gerrit workflow [1] for reviewing OSSNs.  Bryan Payne, Rob Clark, and myself have +2 review permission to start with.  We can certainly discuss making changes to this, but it should be fine for now.  It might be a good item for us to discuss in Atlanta at the Summit.

Publishing of OSSNs is still a manual process.  I would like to add automatic publishing jobs, which is something that I will be looking into.  We can also potentially add check and gate jobs for things such as formatting if desired.

I have updated the OSSN process wiki page [2] with details of the new review procedures.

Thanks,
-NGK

[1] https://wiki.openstack.org/wiki/Gerrit_Workflow
[2] https://wiki.openstack.org/wiki/Security/Security_Note_Process

_______________________________________________
Openstack-security mailing list
Openstack-security at lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security