Attention is currently required from: laforge, lynxis lazus.

View Change

2 comments:

• Commit Message:

  • Patch Set #1, Line 13: The jenkins nodes needs to access the gerrit via ssh

    We could execute this script from the review job, save the json in the workspace and execute the upl […]

    I don't think the complexity of the extra job is worth it (and to do it right, if we do allow untrusted input for the review json, it would be a good idea to do a sanity check on the json file too before passing it to the gerrit review command...).

    Therefore I suggest to continue as follows:

    • gerrit-lint.yml: replace " - shell: '{obj:cmd}'" with " - shell: '~/osmo-ci/lint/lint_diff.sh HEAD~1'", then remove the "cmd" variable in that file so it cannot be overridden
    • create a gerrit user that has permission only to provide review
    • configure jenkins to have permissions to that gerrit/ssh user

• File lint/checkpatch/checkpatch_json.py:

  • Patch Set #1, Line 3: # from coreboot rev 9cae17d028d4bd3b278fc89ada8e06287917e213

    I'd note the exact commit in the commit message, but not in the file. Otherwise we might update/change the file later on and forget to update the revision string here.

To view, visit change 26393. To unsubscribe, or for help writing mail filters, visit settings.