blocked-edges/4.2.23: Block all incoming edges on the service CA bug 1810036 #127
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
wking
force-pushed
the
expand-on-ca-rotation-blockage
branch
from
ff82608 to
b386abf
Compare
Closed
wking
force-pushed
the
expand-on-ca-rotation-blockage
branch
from
b386abf to
7609562
Compare
This was referenced Mar 18, 2020
Closed
Member
Author
|
/hold While I work in the OAuth series for rhbz#1801573. |
openshift-ci-robot
added
the
do-not-merge/hold
wking
force-pushed
the
expand-on-ca-rotation-blockage
branch
from
7609562 to
e669fcd
Compare
Member
Author
|
Updated to include references to the OAuth cert-reload series. /hold cancel |
openshift-ci-robot
removed
the
do-not-merge/hold
wking
force-pushed
the
expand-on-ca-rotation-blockage
branch
2 times, most recently
from
6a23da6 to
5d96970
Compare
Member
Author
|
Heh, publish preflight failed on a Quay flake: /retest |
Member
There was a problem hiding this comment.
I am still not convinced that we need this much information in the commit message 5d96970 If anyone else thinks this is necessary feel free to merge this
Member
I don't think it's necessary though I wouldn't block this PR on it. From discussing with the release admins a link to a BZ comment with a properly filled out impact assessment is sufficient to record the reasoning behind blocking of edges. This assumes that the impact assessment clearly defines the versions affected which should be populated by the BZ assginee not OTA team. |
Member
|
/lgtm |
Member
|
I will move the discussion about the commit message somewhere else. |
LalatenduMohanty
suggested changes
Mar 19, 2020
Member
|
/lgtm cancel |
Member
Author
|
I can move the affected-version information over to the respective bugs... |
…1810036 The bugs were introduced by the [1] series, and fixed by the combination of [2,3]. This commit also tombstones affected releases to avoid further channel promotion. Quick overview: * 4.4: both rc.0 and rc.1 affected, so block updates into rc.0 and tombstone rc.1. Fixes have landed, so next 4.4 RC should be clean. * 4.3: 4.3.5 introduced the breakage, no fix yet. Block edges into 4.3.5 and tombstone 4.3.7. * 4.2: 4.2.22 introduced the breakage, no fix yet. Block edges into 4.2.22 and 4.2.23 and tombstone 4.2.24 * 4.1: not impacted yet. Bugzilla series that was backporting the breaking change is still ASSIGNED Reasoning behind the overview's claims in [4]. [1]: https://bugzilla.redhat.com/show_bug.cgi?id=1774121 [2]: https://bugzilla.redhat.com/show_bug.cgi?id=1810036 [3]: https://bugzilla.redhat.com/show_bug.cgi?id=1801573 [4]: https://bugzilla.redhat.com/show_bug.cgi?id=1810036#c11
…table-4.3 The errata for 4.2.23 is live, and it's out on the product page [1]. So we're effectively stuck treating it as a supported release. Stick it in the fast/stable channels (we've already pulled edges leading into it) to reflect that support. [1]: https://access.redhat.com/downloads/content/290/ver=4.2/rhel---7/4.2.23/x86_64/product-software
wking
force-pushed
the
expand-on-ca-rotation-blockage
branch
from
0a35fcd to
7c0b935
Compare
Member
Author
|
I've pushed a commend to the bug with the workup for "who is impacted?", and pushed 0a35fcd -> 7c0b935 here to link that comment instead of inlining the workup in the commit message. |
wking
added a commit
to wking/cincinnati-graph-data
that referenced
this pull request
Mar 19, 2020
Blocking edges into it, as discussed in d544dde (blocked-edges/4.2.23: Block all incoming edges on the service CA bug 1810036, 2020-03-18, openshift#127). But adding the release itself into the channel for fresh installs, because blowing up after 13 months when the buggy CA rotation fires is unlikley to impact customers (who will probably not run an RC for that long). I was initially expecting us to just cut a fresh RC with the fix, but it turns out that cutting RCs is non-trivial and we only expect them weekly. The 13-month issue is not important enough to make folks wait a week for a new RC.
Member
Author
|
I've pushed 8e43ba7 dropping candidate-only blocked edges ( |
wking
commented
Mar 19, 2020
| # | ||
| # Reference: https://bugzilla.redhat.com/show_bug.cgi?id=1810036 https://bugzilla.redhat.com/show_bug.cgi?id=1801573 | ||
| to: 4.2.23 | ||
| from: .* |
Member
Author
There was a problem hiding this comment.
4.2.23 is in stable-4.2, etc., so we do want to block the edge on this.
LalatenduMohanty
approved these changes
Mar 19, 2020
| # | ||
| # Reference: https://bugzilla.redhat.com/show_bug.cgi?id=1810036 https://bugzilla.redhat.com/show_bug.cgi?id=1801573 | ||
| to: 4.2.23 | ||
| from: .* |
Member
|
/lgtm |
Blocking edges into it, as discussed in d544dde (blocked-edges/4.2.23: Block all incoming edges on the service CA bug 1810036, 2020-03-18, openshift#127). But adding the release itself into the channel for fresh installs, because blowing up after 13 months when the buggy CA rotation fires is unlikley to impact customers (who will probably not run an RC for that long). I was initially expecting us to just cut a fresh RC with the fix, but it turns out that cutting RCs is non-trivial and we only expect them weekly. The 13-month issue is not important enough to make folks wait a week for a new RC.
We don't care about gating update edges in candidate channels, because the idea is to allow folks to experiment. Remove all blocked edges that only impact candidate channels.
wking
force-pushed
the
expand-on-ca-rotation-blockage
branch
from
8e43ba7 to
fe0dfa3
Compare
Member
|
/lgtm |
Member
|
/approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: jwforres, LalatenduMohanty, sdodson, wking The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci-robot
added
the
approved
Member
Author
Probably the CI-cluster outage. /retest |
This was referenced Mar 19, 2020
sdodson
pushed a commit
to sdodson/cincinnati-graph-data
that referenced
this pull request
Apr 16, 2020
Blocking edges into it, as discussed in d544dde (blocked-edges/4.2.23: Block all incoming edges on the service CA bug 1810036, 2020-03-18, openshift#127). But adding the release itself into the channel for fresh installs, because blowing up after 13 months when the buggy CA rotation fires is unlikley to impact customers (who will probably not run an RC for that long). I was initially expecting us to just cut a fresh RC with the fix, but it turns out that cutting RCs is non-trivial and we only expect them weekly. The 13-month issue is not important enough to make folks wait a week for a new RC.
sdodson
pushed a commit
to sdodson/cincinnati-graph-data
that referenced
this pull request
Jul 14, 2020
Blocking edges into it, as discussed in d544dde (blocked-edges/4.2.23: Block all incoming edges on the service CA bug 1810036, 2020-03-18, openshift#127). But adding the release itself into the channel for fresh installs, because blowing up after 13 months when the buggy CA rotation fires is unlikley to impact customers (who will probably not run an RC for that long). I was initially expecting us to just cut a fresh RC with the fix, but it turns out that cutting RCs is non-trivial and we only expect them weekly. The 13-month issue is not important enough to make folks wait a week for a new RC.
sdodson
pushed a commit
to sdodson/cincinnati-graph-data
that referenced
this pull request
Jul 29, 2020
Blocking edges into it, as discussed in d544dde (blocked-edges/4.2.23: Block all incoming edges on the service CA bug 1810036, 2020-03-18, openshift#127). But adding the release itself into the channel for fresh installs, because blowing up after 13 months when the buggy CA rotation fires is unlikley to impact customers (who will probably not run an RC for that long). I was initially expecting us to just cut a fresh RC with the fix, but it turns out that cutting RCs is non-trivial and we only expect them weekly. The 13-month issue is not important enough to make folks wait a week for a new RC.
sdodson
pushed a commit
to sdodson/cincinnati-graph-data
that referenced
this pull request
Aug 24, 2020
Blocking edges into it, as discussed in d544dde (blocked-edges/4.2.23: Block all incoming edges on the service CA bug 1810036, 2020-03-18, openshift#127). But adding the release itself into the channel for fresh installs, because blowing up after 13 months when the buggy CA rotation fires is unlikley to impact customers (who will probably not run an RC for that long). I was initially expecting us to just cut a fresh RC with the fix, but it turns out that cutting RCs is non-trivial and we only expect them weekly. The 13-month issue is not important enough to make folks wait a week for a new RC.
sdodson
pushed a commit
to sdodson/cincinnati-graph-data
that referenced
this pull request
Dec 3, 2020
Blocking edges into it, as discussed in d544dde (blocked-edges/4.2.23: Block all incoming edges on the service CA bug 1810036, 2020-03-18, openshift#127). But adding the release itself into the channel for fresh installs, because blowing up after 13 months when the buggy CA rotation fires is unlikley to impact customers (who will probably not run an RC for that long). I was initially expecting us to just cut a fresh RC with the fix, but it turns out that cutting RCs is non-trivial and we only expect them weekly. The 13-month issue is not important enough to make folks wait a week for a new RC.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Also tombstone affected releases to avoid further channel promotion for affected releases for #125. Details in the commit message.