Re: Security issues when running gerrit patches on jenkins

From: "Ewoud Kohl van Wijngaarden" <ewoud+ovirt(a)kohlvanwijngaarden.nl&gt; To: infra(a)ovirt.org Sent: Wednesday, August 1, 2012 4:50:03 PM Subject: Re: Security issues when running gerrit patches on jenkins On Wed, Aug 01, 2012 at 09:35:39AM -0400, Robert Middleswarth wrote: > On 08/01/2012 09:31 AM, Eyal Edri wrote: > > Itamar Heim wrote: > >> wouldn't it be easier to maintain the whitelist via a git repo > >> on > >> gerrit? > > > > you mean instead of putting it on a wiki page? > > yes, make sense to maintain a .txt file per project with the > > whitelist in it. > > Actually makes a lot more since. That allows the projects the > ability to manage there own list. Can't we extract this from an authors file? Looking at vdsm/AUTHORS[1] it looks fairly easy. Another thing I can imagine is that someone is not whitelisted but his/her patch receives recieves a +1 from a whitelisted reviewer it can be built as well. It would be built anyway if it gets accepted and now jenkins can give -1 if it fails unit tests. Maybe at +2, but that leaves very little time to actually build it because often it will get merged straight away.

[1]: http://gerrit.ovirt.org/gitweb?p=vdsm.git;a=blob;f=AUTHORS;hb=HEAD _______________________________________________ Infra mailing list Infra(a)ovirt.org http://lists.ovirt.org/mailman/listinfo/infra