Add security impact email notifications.

Fixes bug #1070577 Make the notify_impact script generic so that it can handle different types of notifications. Then add a SecurityImpact notification. Change-Id: Id4bbf7db29e36dde783328e31685079e79d0b1e9 Reviewed-on: https://review.openstack.org/14856 Reviewed-by: James E. Blair <corvus@inaugust.com> Reviewed-by: Jeremy Stanley <fungi@yuggoth.org> Approved: Jeremy Stanley <fungi@yuggoth.org> Tested-by: Jenkins
2012-10-25 14:55:32 -07:00 · 2012-10-25 14:55:32 -07:00 · 65e61f5fb8
commit 65e61f5fb8
parent dd9f2c041b
2 changed files with 18 additions and 15 deletions
--- a/modules/gerrit/files/scripts/notify_doc_impact.py
+++ b/modules/gerrit/files/scripts/notify_doc_impact.py
@ -27,31 +27,30 @@ from email.mime.text import MIMEText
 BASE_DIR = '/home/gerrit2/review_site'
 EMAIL_TEMPLATE = """
 Hi, I'd like you to take a look at this patch for potential
-documentation impact.
+%s.
 %s

 Log:
 %s
 """
-DEST_ADDRESS = 'openstack-docs@lists.openstack.org'

 def process_impact(git_log, args):
-    """Notify doc team of doc impact"""
-    email_content = EMAIL_TEMPLATE % (args.change_url, git_log)
+    """Notify mail list of impact"""
+    email_content = EMAIL_TEMPLATE % (args.impact, args.change_url, git_log)
    msg = MIMEText(email_content)
-    msg['Subject'] = '[%s] DocImpact review request change %s' % \
-        (args.project, args.change)
+    msg['Subject'] = '[%s] %s review request change %s' % \
+        (args.project, args.impact, args.change)
    msg['From'] = 'gerrit2@review.openstack.org'
-    msg['To'] = DEST_ADDRESS
+    msg['To'] = args.dest_address

    s = smtplib.SMTP('localhost')
-    s.sendmail('gerrit2@review.openstack.org', DEST_ADDRESS, msg.as_string())
+    s.sendmail('gerrit2@review.openstack.org',
+               args.dest_address, msg.as_string())
    s.quit()

-def docs_impacted(git_log):
-    """Determine if a changes log indicates there is a doc impact"""
-    impact_regexp = r'DocImpact'
-    return re.search(impact_regexp, git_log, re.IGNORECASE)
+def impacted(git_log, impact_string):
+    """Determine if a changes log indicates there is an impact"""
+    return re.search(impact_string, git_log, re.IGNORECASE)

 def extract_git_log(args):
    """Extract git log of all merged commits"""
@ -75,14 +74,17 @@ def main():
    #patchset-created
    parser.add_argument('--uploader', default=None)
    parser.add_argument('--patchset', default=None)
+    # Not passed by gerrit:
+    parser.add_argument('--impact', default=None)
+    parser.add_argument('--dest-address', default=None)

    args = parser.parse_args()

    # Get git log
    git_log = extract_git_log(args)

-    # Process doc_impacts found in git log
-    if docs_impacted(git_log):
+    # Process impacts found in git log
+    if impacted(git_log, args.impact):
        process_impact(git_log, args)


--- a/modules/openstack_project/templates/gerrit_patchset-created.erb
+++ b/modules/openstack_project/templates/gerrit_patchset-created.erb
@ -3,7 +3,8 @@
 # Use timeout to kill any process running longer than 10 minutes.
 timeout -k 2m 10m python /usr/local/gerrit/scripts/update_blueprint.py patchset-created "$@"
 timeout -k 2m 10m python /usr/local/gerrit/scripts/update_bug.py patchset-created "$@"
-timeout -k 2m 10m python /usr/local/gerrit/scripts/notify_doc_impact.py patchset-created "$@"
+timeout -k 2m 10m python /usr/local/gerrit/scripts/notify_impact.py patchset-created "$@" --impact DocImpact --dest-address 'openstack-docs@lists.openstack.org'
+timeout -k 2m 10m python /usr/local/gerrit/scripts/notify_impact.py patchset-created "$@" --impact SecurityImpact --dest-address 'openstack-ossg@lists.launchpad.net'
 timeout -k 2m 10m python /usr/local/gerrit/scripts/trivial_rebase.py \
    patchset-created \
    --whitespace \