Bug 825360 - Application template quickstarts should pull from a controlled, non-master branch
Application template quickstarts should pull from a controlled, non-master br...
Status: CLOSED NEXTRELEASE
Product: OpenShift Origin
Classification: Red Hat
Component: Website (Show other bugs)
2.x
Unspecified Unspecified
high Severity low
: ---
: ---
Assigned To: Fotios Lindiakos
libra bugs
: Triaged
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-05-25 15:22 EDT by Clayton Coleman
Modified: 2015-05-14 21:10 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-06-07 15:25:04 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Clayton Coleman 2012-05-25 15:22:37 EDT
Starting this sprint application templates will be available to our users through the UI that allows them to create a full featured application with a single click.  The Git source for each app will be the quickstart.

For security reasons we want to ensure that the branch of quickstart code that is used by the template is very highly reviewed.  These will be public repositories and are part of our opensource strategy, but we need to ensure that we don't open an attack vector (malicious user injects vuln. into quickstart, user clones quick start, attacker attacks their app).  We also want to allow test to verify certain branches.

So, for each application template we create based on a public quickstart I recommend we create an application_template branch that a) is the source Git URL for the template) and b) only pushed to by the owner of the repo.  If we need additional security, we may want an official fork but that adds additional process.  I do not think we need a staging branch for these.

The test team will need to validate quickstart code that makes it into the template AND test it against the staging/production systems when it is updated.

The initial templates are:
  https://github.com/openshift/drupal-example
  https://github.com/openshift/wordpress-example
  https://github.com/openshift/rails-example
  https://github.com/openshift/kitchensink-example

Each of these will need a branch created and the templates updated to point to the branch as the Git source.

Required to enable templates in production.
Comment 1 Fotios Lindiakos 2012-06-07 15:25:04 EDT
Created User Story to capture this.
https://rally1.rallydev.com/#/4670516379d/detail/userstory/6650619807
Comment 2 Clayton Coleman 2013-07-08 17:14:06 EDT
This was finally implemented this sprint in https://trello.com/c/VIrKJHSF

Note You need to log in before you can comment on or make changes to this bug.