diff options
author | Luca Milanesio <luca.milanesio@gmail.com> | 2020-11-28 00:31:16 +0000 |
---|---|---|
committer | Marco Miller <marco.miller@ericsson.com> | 2021-05-12 14:18:20 -0400 |
commit | 9df1667be989ce969fd6c3f9ea124d1e376b22f2 (patch) | |
tree | 10a780859b1ef6dcfecb159e42faf1cabde94153 | |
parent | 1256501790eb943342a2bf5dde039a8ab88ab06b (diff) |
Clarify the CI validation process for security fixes
Add more details on how the security fixes are supposed to
be validated by the Gerrit-CI.
Change-Id: Ie67512df229110cc2b88d9f3192f86efabb5f09a
-rw-r--r-- | Documentation/dev-processes.txt | 26 |
1 files changed, 22 insertions, 4 deletions
diff --git a/Documentation/dev-processes.txt b/Documentation/dev-processes.txt index 5828cef308..50498317e3 100644 --- a/Documentation/dev-processes.txt +++ b/Documentation/dev-processes.txt @@ -278,14 +278,32 @@ The change that fixes the security vulnerability should contain an integration test that verifies that the security vulnerability is no longer present. + Review and approval of the security fixes must be done by the Gerrit -maintainers. Verifications must be done manually since the Gerrit CI doesn't -build and test changes of the `gerrit-security-fixes` repository (and it -shouldn't because everything on the CI server is public which would break -the embargo). +maintainers. + Once a security fix is ready and submitted, it should be cherry-picked to all branches that should be fixed. +. CI validation of the security fix: ++ +The validation of the security fixes does not happen on the regular Gerrit CI, +because it would compromise the confidentiality of the fix and therefore break +the embargo. ++ +The release manager maintains a private branch on the +link:https://gerrit-review.googlesource.com/admin/repos/gerrit-ci-scripts[gerrit-ci-scripts,role=external,window=_blank] repository +which contains a special build pipeline with special visibility restrictions. ++ +The validation process provides feedback, in terms of Code-Style, Verification +and Checks, to the incoming security changes. The links associated +with the build logs are exposed over the Internet but their access limited +to only those who are actively participating in the development and review of +the security fix. ++ +The maintainers that are willing to access the links to the CI logs need +to request a time-limited (maximum 30 days) nominal X.509 certificate from a +CI maintainer, which allows to access the build logs and analyze failures. +The release manager may help obtaining that certificate from CI maintainers. + . Creation of fixed releases and announcement of the security vulnerability: + A release manager should create new bug fix releases for all fixed branches. |