Closed
Bug 1548610
Opened 6 years ago
Closed 5 years ago
lando-api: accept sanitized commit messages for secure revisions
Categories
(Conduit :: Lando, task, P2)
Conduit
Lando
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: mars, Assigned: mars)
References
(Blocks 1 open bug)
Details
(Keywords: conduit-triaged)
User Story
Lando accepts a sanitized commit message for sec-approval changes and writes a comment with the sanitized commit message back to Phabricator for approval. * Submit sanitized message to lando-api API * Phabricator Comment template * Machine parsable, difficult to spoof or tamper with * Helpful user text: where this came from (a bot), please don't touch this comment, link to process in the wiki. * API method to add comments to phabricator revisions * Synchronous call * single request to Phabricator will do * Need to handle and return HTTP 502 (downstream server not available) in the case of Phabricator errors * No extra UI needed, no JS needed
Attachments
(3 files)
As part of the sec-approval process migration we need to let users specify sanitized commit messages for their commits under the Security Bug Approval Process.
lando-api collaborates with lando-ui to drive and enforce the sec-approval workflow.
This bug keeps track of the work to make lando-api accept sanitized commit messages from lando-ui. lando-api then talks to phabricator and lando-ui to drive and enforce the sec-approval workflow.
|
Assignee | |
Comment 1•6 years ago
|
||
Assignee: nobody → mars
|
|
Assignee | |
Comment 2•6 years ago
|
||
|
|
Assignee | |
Comment 3•6 years ago
|
||
|
|
Assignee | |
Comment 4•5 years ago
|
||
This has been deployed to dev for testing.
|
|
Assignee | |
Updated•5 years ago
|
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•