Gerrit should support private reviews for security bugs
Bug #902052 reported by
Thierry Carrez
This bug report is a duplicate of:
Bug #1083101: Set up private gerrit for security reviews.
Edit
Remove
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Core Infrastructure |
Triaged
|
Wishlist
|
Unassigned |
Bug Description
For embargoed security issues, the patch needs to be discussed in private so that we can release it with a minimal public window. Currently we use preapprovals in launchpad bugs with attached patches, then we fast-track the preapproved patches in Gerrit when the bug is public.
It would be verrrry nice to have private reviews in Gerrit to support that workflow.
tags: | added: gerrit |
Changed in openstack-ci: | |
status: | New → Triaged |
Changed in openstack-ci: | |
milestone: | none → folsom |
Changed in openstack-ci: | |
milestone: | folsom → grizzly |
To post a comment you must log in.
Is this something that can be accomplished using the Gerrit drafts feature? When code is pushed to Gerrit using `git review -D` Gerrit will treat that push as a draft. Initially only the draft submitter can see the change in Gerrit, but other reviewers can be explicitly added. When you are ready to vote you can publish the draft (which does make it public) but by then you should be ready to fast track that voting.
http:// wiki.openstack. org/GerritWorkf low#Drafts