#10139 Please retire `master` modules
Opened a year ago by vondruch. Modified 5 months ago

  • Describe the issue
    It seems that pushes to master branches of modules were disabled recently as pointed out in #9976. Nevertheless, I don't think this was properly communicated, because this leaves the master modules in somewhat zombie state. E.g. it seems that security folks still reports [issues|https://bugzilla.redhat.com/show_bug.cgi?id=1960175] against the master module while maintainers cannot touch it. This should be properly addressed. All the master branches should be probably retired if they are not accessible

  • When do you need this? (YYYY/MM/DD)

  • When is this no longer needed or useful? (YYYY/MM/DD)

  • If we cannot complete your request, what is the impact?

We didn't retire master branch in module since it is associated to stream name. But this config disallows pushes to master branch.

@pingou Can you make that config not applicable to modules namespace?

Metadata Update from @mohanboddu:
- Issue tagged with: medium-gain, medium-trouble, ops

a year ago

On a somewhat related note, issue #8887 was opened about 20 months ago to retire obsolete f26, f27, and f28 stream branches. That issue remains open.

@pingou ping. To fix or close the above security issue ticket, I want to see the master branch will be retired, dropping the shipped modules.

Note that pingou is out on leave right now. :)

Metadata Update from @humaton:
- Issue assigned to humaton

a year ago

Moving refs/heads/master from BLACKLIST_RES to UNSPECIFIED_BLACKLIST_RES may just fix this.

In this list PDC is taken into account, so if PDC is active for that branch, pushing is allowed. If PDC is inactive/doesn't have this branch, then pushing is not allowed.

Worth double-checking in stg first though

I pushed the change to staging, lets try it out there and if everything is looking good, I will move it to prod.


Login to comment on this ticket.

Boards 1
Ops Status: Backlog