Security issues when running gerrit patches on jenkins
Eyal Edri
eedri at redhat.com
Wed Aug 1 13:55:42 UTC 2012
----- Original Message -----
> From: "Ewoud Kohl van Wijngaarden" <ewoud+ovirt at kohlvanwijngaarden.nl>
> To: infra at ovirt.org
> Sent: Wednesday, August 1, 2012 4:50:03 PM
> Subject: Re: Security issues when running gerrit patches on jenkins
>
> On Wed, Aug 01, 2012 at 09:35:39AM -0400, Robert Middleswarth wrote:
> > On 08/01/2012 09:31 AM, Eyal Edri wrote:
> > > Itamar Heim wrote:
> > >> wouldn't it be easier to maintain the whitelist via a git repo
> > >> on
> > >> gerrit?
> > >
> > > you mean instead of putting it on a wiki page?
> > > yes, make sense to maintain a .txt file per project with the
> > > whitelist in it.
> >
> > Actually makes a lot more since. That allows the projects the
> > ability to manage there own list.
>
> Can't we extract this from an authors file? Looking at
> vdsm/AUTHORS[1]
> it looks fairly easy.
>
> Another thing I can imagine is that someone is not whitelisted but
> his/her patch receives recieves a +1 from a whitelisted reviewer it
> can
> be built as well. It would be built anyway if it gets accepted and
> now
> jenkins can give -1 if it fails unit tests. Maybe at +2, but that
> leaves
> very little time to actually build it because often it will get
> merged
> straight away.
usually jenkins give -1 if a job fails or 'verify' if it works.
>
> [1]:
> http://gerrit.ovirt.org/gitweb?p=vdsm.git;a=blob;f=AUTHORS;hb=HEAD
> _______________________________________________
> Infra mailing list
> Infra at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/infra
>
More information about the Infra
mailing list