#10139 Please retire `master` modules
Opened 2 months ago by vondruch. Modified a month ago

  • Describe the issue
    It seems that pushes to master branches of modules were disabled recently as pointed out in #9976. Nevertheless, I don't think this was properly communicated, because this leaves the master modules in somewhat zombie state. E.g. it seems that security folks still reports [issues|https://bugzilla.redhat.com/show_bug.cgi?id=1960175] against the master module while maintainers cannot touch it. This should be properly addressed. All the master branches should be probably retired if they are not accessible

  • When do you need this? (YYYY/MM/DD)

  • When is this no longer needed or useful? (YYYY/MM/DD)

  • If we cannot complete your request, what is the impact?


We didn't retire master branch in module since it is associated to stream name. But this config disallows pushes to master branch.

@pingou Can you make that config not applicable to modules namespace?

Metadata Update from @mohanboddu:
- Issue tagged with: medium-gain, medium-trouble, ops

2 months ago

On a somewhat related note, issue #8887 was opened about 20 months ago to retire obsolete f26, f27, and f28 stream branches. That issue remains open.

@pingou ping. To fix or close the above security issue ticket, I want to see the master branch will be retired, dropping the shipped modules.

Note that pingou is out on leave right now. :)

Metadata Update from @humaton:
- Issue assigned to humaton

a month ago

Moving refs/heads/master from BLACKLIST_RES to UNSPECIFIED_BLACKLIST_RES may just fix this.

In this list PDC is taken into account, so if PDC is active for that branch, pushing is allowed. If PDC is inactive/doesn't have this branch, then pushing is not allowed.

Worth double-checking in stg first though

Login to comment on this ticket.

Metadata
Boards 1
Ops Status: Backlog