Looping in security committee for their guidance. Thanks, Gildas ONAP Release Manager 1 415 238 6287
From: [email protected] [mailto:[email protected]] On Behalf Of DRAGOSH, PAMELA L (PAM) Sent: Tuesday, January 23, 2018 10:32 AM To: Jessica Wagantall <[email protected]>; [email protected] Subject: Re: [onap-discuss] Triggering CLM jobs Jessica, Thanks. I have a question on resolving security issues. Sometimes it is an easy fix to upgrade to a newer version of a dependency. However, other times there was no fix but a work around was in place. Or, it doesn’t apply because the method actually isn’t being used by our project. How do we resolve the CLM security issue? Do PTL’s have the right to do this (similar to sonar)? Thanks, Pam From: <[email protected]<mailto:[email protected]>> on behalf of Jessica Wagantall <[email protected]<mailto:[email protected]>> Date: Monday, January 22, 2018 at 5:58 PM To: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Subject: [onap-discuss] Triggering CLM jobs Dear ONAP team, Just to let you know, the CLM jobs can now be triggered on demand after posting the comment "run-clm" in your Gerrit change. The CLM jobs are still scheduled to run every Saturday but I hope this feature can be useful for debugging on demand. Just as a reminder, commenting "run-clm" in a gerrit that is not merged, will not trigger the CLM job based on that revision but will trigger the job based on the tip of the branch. This job is designed to always run on the latest tip of the branch to avoid inconsistencies on the reports. Please let me know for any questions Thanks a ton! Jess.
_______________________________________________ onap-discuss mailing list [email protected] https://lists.onap.org/mailman/listinfo/onap-discuss
