Closed Bug 594092 Opened 14 years ago Closed 14 years ago

Automatically virus scan after updates are ready

Categories

(Release Engineering :: General, defect, P3)

Product:
Release Engineering
Component:
General
Platform:
x86
macOS
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: armenzg, Assigned: rail)

References

Details

(Whiteboard: [automation][releases]) 

We can't push to mirrors before virus scanning and this can get in the middle of a release day if the scan takes too long (3.6.x line has partner repacks as well) or it gets started late by the human-releng.
Blocks: 594435
I'm not sold on this. We typically wait until just before we push to do the virus scan to avoid the possibility of something bad happening between the time the files were scanned and the time we push. If we start scanning a week before we push we leave a huge window of opportunity for bad things to happen.
Could we keep a list of hashes of the files that have been scanned, and then verify that the files haven't changed before pushing to mirrors?
Would/Could that file be more protected than the actual release files from modification?
Priority: -- → P3
Whiteboard: [automation][releases]
Assignee: nobody → rail
Fixed in bug 540598
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
Product: mozilla.org → Release Engineering
You need to log in before you can comment on or make changes to this bug.