zuul/notes at 3.6.1 - zuul - OpenDev: Free Software Needs Free Tools

Tobias Henkel 5ae25f004a Prevent local code execution via the raw module The raw module had not been restricted to remote nodes so jobs could run arbitrary code on the executor. Change-Id: I1b37eac65ef59ca749f55117a678c38969e86ead	2019-03-11 17:49:38 +01:00
..
add-artifacts-0718af34ca6165aa.yaml	Add artifact table	2018-11-28 07:53:41 -08:00
allowed-connections-244fb22569090fb2.yaml	Add allowed-triggers and allowed-reporters tenant settings	2018-11-13 16:34:54 +00:00
allowed-labels-d3ca17f3c7e167c8.yaml	Add allowed-labels tenant setting	2018-11-27 06:00:54 +00:00
allowed-projects-8f6f0cb42ffd0a88.yaml	Set allowed-projects on untrusted jobs with secrets	2019-01-22 14:01:10 -08:00
artifact-format-2de4b9c038e28115.yaml	Switch artifact return back to list	2019-02-19 11:20:25 -08:00
branch-protection-f79d97c4e6c0b05f.yaml	Status branch protection checking for github	2018-06-04 15:47:01 +02:00
broken-config-f41fda98f01a3f4e.yaml	Make Zuul able to start with a broken config	2018-06-05 17:03:30 +00:00
cgroups-governor-430a565cae0ef104.yaml	Add cgroup support to ram sensor	2018-12-18 22:25:27 +01:00
client-check-tenant-config-4b86bfd5bf3572cb.yaml	Add tenant yaml validation option to zuul client	2018-07-23 17:00:57 +02:00
config-memory-e849097ee171a534.yaml	Add release note about config memory improvements	2018-04-30 14:34:46 -07:00
driver-mqtt-28f62e8510863b40.yaml	Add ansible 2.5 release note	2018-06-15 17:19:53 -07:00
encrypt-file-pubkey-a4830c3573dee7f0.yaml	encrypt_secret: Allow file scheme for public key	2018-08-09 15:31:55 -05:00
executor-zones-54318b8ea2f7e195.yaml	Add support for zones in executors	2018-11-29 13:05:20 -05:00
fix-ssh-add-args-5819aedbaa127c15.yaml	Fix missing safe_args for add_host	2019-01-17 08:58:48 -05:00
full-reconfigure-6694d1120fa5c225.yaml	Add command socket handler for full reconfiguration	2018-08-09 20:36:11 +00:00
gerrit-http-d134f509d6b49f7a.yaml	Report to gerrit over HTTP	2018-07-26 16:43:07 -07:00
gerrit-line-comments-db364516af7030b1.yaml	Support line comments in Gerrit	2018-07-27 18:51:59 -07:00
git-baseurl-hang-fe1ffbf696940a2b.yaml	Use os.path.join for git driver getGitUrl	2019-01-15 11:52:04 +00:00
git-remote-refs-71bd2fc2bb05155d.yaml	Allow using remote refs to find commits for change	2018-04-09 11:16:21 +02:00
github-regex-status-26ddf3e3c91d182f.yaml	Add release note about re2	2018-04-27 10:27:45 -07:00
host-id-inventory-e1cba009bb5a536d.yaml	Add nodepool.host_id variable to inventory file	2018-12-07 09:07:06 -05:00
inventory-zuul-child-jobs-0e7cf28f0cab83b8.yaml	Add zuul.child_jobs in ansible inventory file	2018-06-28 16:09:12 -04:00
job-extra-vars-9948be1ac2f99497.yaml	Add support for Ansible extra-vars flag	2018-07-26 10:56:04 -04:00
job-pause-868192a2ee4cf7a9.yaml	Support job pause	2018-08-09 10:07:34 +02:00
job-run-list-7036fbac9c146098.yaml	Allow run to be list of playbooks	2019-02-05 14:52:29 -05:00
localhost-raw-d841413f8743f8b8.yaml	Prevent local code execution via the raw module	2019-03-11 17:49:38 +01:00
nodepool-statsd-3eb500893833cdc4.yaml	Update docs since zuul-web requires zookeeper	2019-01-11 13:11:05 -05:00
override-file-matchers-128731229d551d81.yaml	Add a CVE-2018-12557 release note	2018-06-19 15:36:27 +00:00
pass-to-parent-24d40e7ebcff6d9e.yaml	Add pass-to-parent option for secrets	2019-01-18 08:38:26 -08:00
postgres-ae4f8594d0f4b256.yaml	Add postgresql release note	2018-04-11 07:33:03 +02:00
project-config-e906138042e386f7.yaml	Late bind projects	2018-04-27 09:04:35 -07:00
project-regex-cb782f699eb10865.yaml	Add regex support to project stanzas	2018-04-27 21:35:07 +02:00
project-vars-0d57992a7192a62d.yaml	Add variables to project	2018-07-26 17:46:26 -04:00
project_key-d9bd1f25b7d39384.yaml	Serve project SSH keys and document	2018-09-04 15:42:43 -07:00
provides_requires-4c6b54ede999e86c.yaml	Add provides/requires support	2019-01-30 14:07:42 -08:00
rate-limit-logging-cedd9bb7fb5553d9.yaml	Make GitHub rate limit logging configurable	2018-07-05 09:17:19 +02:00
react-zuul-a593c7627ca22b37.yaml	Revert "Revert "web: rewrite interface in react""	2018-10-06 10:42:31 -05:00
relative_priority-dee014da5977da36.yaml	Set relative priority of node requests	2018-11-30 12:50:34 +01:00
relax-add-host-6eeccd37bfa414ce.yaml	Remove restriction on add_host	2018-09-06 03:33:19 +07:00
relax-ssh-known-hosts-d71a57e77436110b.yaml	Allow known_hosts to be run in untrusted context	2019-01-17 08:59:54 -05:00
reporters-always-report-27702c27369176da.yaml	Report to all reporters even if one fails	2018-04-02 09:53:28 -07:00
require-merged-70784e1e45cac08e.yaml	Support merged as requirement in github driver	2018-05-16 07:43:50 +02:00
restrict-add-host-f82bff723568a025.yaml	executor: harden add_host usage	2018-11-28 08:27:11 +01:00
role-checkouts-89632d2ff5eb8b78.yaml	Check out more appropriate branches of role and playbook repos	2018-04-05 10:41:51 -07:00
role-in-json-4bc0d862066a4390.yaml	Add ansible 2.5 release note	2018-06-15 17:19:53 -07:00
semaphore-resources-295dceaf7ddbab0d.yaml	Improve resource usage with semaphores	2018-11-20 15:20:59 +01:00
service-worker-default-b6f6d5c277657ced.yaml	Disable service workers by default	2019-02-05 17:23:24 +00:00
soft-dependencies-08b02bf3133a6c57.yaml	Allow soft job dependencies	2019-03-07 13:21:22 -08:00
starting-builds-timer-7f05fd11d5da3358.yaml	Add timer for starting_builds	2018-12-20 07:58:40 +01:00
store-build-time-in-utc-4d7425cff5399602.yaml	Store build start/end time in UTC	2018-04-19 15:26:23 +02:00
supercedent-manager-af86f18e8d03ee4b.yaml	Add supercedent pipeline manager	2018-06-14 16:32:03 -07:00
template-branch-matchers-2259b585d239b6fe.yaml	Don't add implied branch matchers to project-pipeline variants	2018-06-27 10:43:56 -07:00
tenant-from-script-e28d736001db5365.yaml	Reformat tenant_config_script release note	2018-04-10 14:57:51 -07:00
timer-optimization-a6babecaf1c7dab8.yaml	timer: skip projects not using the pipeline	2018-07-11 06:13:12 +00:00
unreachable-60ce0305416a5e8c.yaml	Fix unreachable nodes detection	2018-09-29 13:13:00 +02:00
version-table-prefix-c6a5e84851268f4d.yaml	Also prefix the alembic_version table	2018-04-11 07:30:40 +02:00
web-page-build-93eeb53418f8a3f0.yaml	web: add build page	2018-10-11 02:57:52 +00:00
web-page-config-errors-f2f00d6d1eed9103.yaml	web: add config-errors notifications drawer	2018-10-11 03:02:30 +00:00
web-page-job-77fa7ffb2a1c09de.yaml	web: add job page	2018-10-11 02:58:06 +00:00
whitelist-zuul-return-bd78bf3e598e85f6.yaml	Allow zuul_return in untrusted jobs	2018-06-13 15:48:23 -07:00
winrm-af968bf3269c25d9.yaml	Add winrm certificate handling	2018-04-03 17:22:15 +02:00
zuul-changes-fix-6d1be83959d451ce.yaml	zuul-changes: update for the new api url	2018-04-12 03:20:48 +00:00
zuul-cli-dequeue-command-4536a4ec1bb21d48.yaml	Add a dequeue command to zuul client	2018-07-27 04:21:07 +00:00
zuul-message-a36f1a6adc7da31c.yaml	Encode zuul.message with base64	2019-02-28 18:09:22 +01:00
zuul-return-action-plugin-152443e9183852a9.yaml	Convert zuul_return into action plugin	2019-01-14 14:10:44 -05:00
zuul-return-skip-child-jobs-772988c87c495cb2.yaml	Support zuul.child_jobs via zuul_return	2018-07-05 10:53:58 -04:00

add-artifacts-0718af34ca6165aa.yaml

Add artifact table

2018-11-28 07:53:41 -08:00

allowed-connections-244fb22569090fb2.yaml

Add allowed-triggers and allowed-reporters tenant settings

2018-11-13 16:34:54 +00:00

allowed-labels-d3ca17f3c7e167c8.yaml

Add allowed-labels tenant setting

2018-11-27 06:00:54 +00:00

allowed-projects-8f6f0cb42ffd0a88.yaml

Set allowed-projects on untrusted jobs with secrets

2019-01-22 14:01:10 -08:00

artifact-format-2de4b9c038e28115.yaml

Switch artifact return back to list

2019-02-19 11:20:25 -08:00

branch-protection-f79d97c4e6c0b05f.yaml

Status branch protection checking for github

2018-06-04 15:47:01 +02:00

broken-config-f41fda98f01a3f4e.yaml

Make Zuul able to start with a broken config

2018-06-05 17:03:30 +00:00

cgroups-governor-430a565cae0ef104.yaml

Add cgroup support to ram sensor

2018-12-18 22:25:27 +01:00

client-check-tenant-config-4b86bfd5bf3572cb.yaml

Add tenant yaml validation option to zuul client

2018-07-23 17:00:57 +02:00

config-memory-e849097ee171a534.yaml

Add release note about config memory improvements

2018-04-30 14:34:46 -07:00

driver-mqtt-28f62e8510863b40.yaml

Add ansible 2.5 release note

2018-06-15 17:19:53 -07:00

encrypt-file-pubkey-a4830c3573dee7f0.yaml

encrypt_secret: Allow file scheme for public key

2018-08-09 15:31:55 -05:00

executor-zones-54318b8ea2f7e195.yaml

Add support for zones in executors

2018-11-29 13:05:20 -05:00

fix-ssh-add-args-5819aedbaa127c15.yaml

Fix missing safe_args for add_host

2019-01-17 08:58:48 -05:00

full-reconfigure-6694d1120fa5c225.yaml

Add command socket handler for full reconfiguration

2018-08-09 20:36:11 +00:00

gerrit-http-d134f509d6b49f7a.yaml

Report to gerrit over HTTP

2018-07-26 16:43:07 -07:00

gerrit-line-comments-db364516af7030b1.yaml

Support line comments in Gerrit

2018-07-27 18:51:59 -07:00

git-baseurl-hang-fe1ffbf696940a2b.yaml

Use os.path.join for git driver getGitUrl

2019-01-15 11:52:04 +00:00

git-remote-refs-71bd2fc2bb05155d.yaml

Allow using remote refs to find commits for change

2018-04-09 11:16:21 +02:00

github-regex-status-26ddf3e3c91d182f.yaml

Add release note about re2

2018-04-27 10:27:45 -07:00

host-id-inventory-e1cba009bb5a536d.yaml

Add nodepool.host_id variable to inventory file

2018-12-07 09:07:06 -05:00

inventory-zuul-child-jobs-0e7cf28f0cab83b8.yaml

Add zuul.child_jobs in ansible inventory file

2018-06-28 16:09:12 -04:00

job-extra-vars-9948be1ac2f99497.yaml

Add support for Ansible extra-vars flag

2018-07-26 10:56:04 -04:00

job-pause-868192a2ee4cf7a9.yaml

Support job pause

2018-08-09 10:07:34 +02:00

job-run-list-7036fbac9c146098.yaml

Allow run to be list of playbooks

2019-02-05 14:52:29 -05:00

localhost-raw-d841413f8743f8b8.yaml

Prevent local code execution via the raw module

2019-03-11 17:49:38 +01:00

nodepool-statsd-3eb500893833cdc4.yaml

Update docs since zuul-web requires zookeeper

2019-01-11 13:11:05 -05:00

override-file-matchers-128731229d551d81.yaml

Add a CVE-2018-12557 release note

2018-06-19 15:36:27 +00:00

pass-to-parent-24d40e7ebcff6d9e.yaml

Add pass-to-parent option for secrets

2019-01-18 08:38:26 -08:00

postgres-ae4f8594d0f4b256.yaml

Add postgresql release note

2018-04-11 07:33:03 +02:00

project-config-e906138042e386f7.yaml

Late bind projects

2018-04-27 09:04:35 -07:00

project-regex-cb782f699eb10865.yaml

Add regex support to project stanzas

2018-04-27 21:35:07 +02:00

project-vars-0d57992a7192a62d.yaml

Add variables to project

2018-07-26 17:46:26 -04:00

project_key-d9bd1f25b7d39384.yaml

Serve project SSH keys and document

2018-09-04 15:42:43 -07:00

provides_requires-4c6b54ede999e86c.yaml

Add provides/requires support

2019-01-30 14:07:42 -08:00

rate-limit-logging-cedd9bb7fb5553d9.yaml

Make GitHub rate limit logging configurable

2018-07-05 09:17:19 +02:00

react-zuul-a593c7627ca22b37.yaml

Revert "Revert "web: rewrite interface in react""

2018-10-06 10:42:31 -05:00

relative_priority-dee014da5977da36.yaml

Set relative priority of node requests

2018-11-30 12:50:34 +01:00

relax-add-host-6eeccd37bfa414ce.yaml

Remove restriction on add_host

2018-09-06 03:33:19 +07:00

relax-ssh-known-hosts-d71a57e77436110b.yaml

Allow known_hosts to be run in untrusted context

2019-01-17 08:59:54 -05:00

reporters-always-report-27702c27369176da.yaml

Report to all reporters even if one fails

2018-04-02 09:53:28 -07:00

require-merged-70784e1e45cac08e.yaml

Support merged as requirement in github driver

2018-05-16 07:43:50 +02:00

restrict-add-host-f82bff723568a025.yaml

executor: harden add_host usage

2018-11-28 08:27:11 +01:00

role-checkouts-89632d2ff5eb8b78.yaml

Check out more appropriate branches of role and playbook repos

2018-04-05 10:41:51 -07:00

role-in-json-4bc0d862066a4390.yaml

Add ansible 2.5 release note

2018-06-15 17:19:53 -07:00

semaphore-resources-295dceaf7ddbab0d.yaml

Improve resource usage with semaphores

2018-11-20 15:20:59 +01:00

service-worker-default-b6f6d5c277657ced.yaml

Disable service workers by default

2019-02-05 17:23:24 +00:00

soft-dependencies-08b02bf3133a6c57.yaml

Allow soft job dependencies

2019-03-07 13:21:22 -08:00

starting-builds-timer-7f05fd11d5da3358.yaml

Add timer for starting_builds

2018-12-20 07:58:40 +01:00

store-build-time-in-utc-4d7425cff5399602.yaml

Store build start/end time in UTC

2018-04-19 15:26:23 +02:00

supercedent-manager-af86f18e8d03ee4b.yaml

Add supercedent pipeline manager

2018-06-14 16:32:03 -07:00

template-branch-matchers-2259b585d239b6fe.yaml

Don't add implied branch matchers to project-pipeline variants

2018-06-27 10:43:56 -07:00

tenant-from-script-e28d736001db5365.yaml

Reformat tenant_config_script release note

2018-04-10 14:57:51 -07:00

timer-optimization-a6babecaf1c7dab8.yaml

timer: skip projects not using the pipeline

2018-07-11 06:13:12 +00:00

unreachable-60ce0305416a5e8c.yaml

Fix unreachable nodes detection

2018-09-29 13:13:00 +02:00

version-table-prefix-c6a5e84851268f4d.yaml

Also prefix the alembic_version table

2018-04-11 07:30:40 +02:00

web-page-build-93eeb53418f8a3f0.yaml

web: add build page

2018-10-11 02:57:52 +00:00

web-page-config-errors-f2f00d6d1eed9103.yaml

web: add config-errors notifications drawer

2018-10-11 03:02:30 +00:00

web-page-job-77fa7ffb2a1c09de.yaml

web: add job page

2018-10-11 02:58:06 +00:00

whitelist-zuul-return-bd78bf3e598e85f6.yaml

Allow zuul_return in untrusted jobs

2018-06-13 15:48:23 -07:00

winrm-af968bf3269c25d9.yaml

Add winrm certificate handling

2018-04-03 17:22:15 +02:00

zuul-changes-fix-6d1be83959d451ce.yaml

zuul-changes: update for the new api url

2018-04-12 03:20:48 +00:00

zuul-cli-dequeue-command-4536a4ec1bb21d48.yaml

Add a dequeue command to zuul client

2018-07-27 04:21:07 +00:00

zuul-message-a36f1a6adc7da31c.yaml

Encode zuul.message with base64

2019-02-28 18:09:22 +01:00

zuul-return-action-plugin-152443e9183852a9.yaml

Convert zuul_return into action plugin

2019-01-14 14:10:44 -05:00

zuul-return-skip-child-jobs-772988c87c495cb2.yaml

Support zuul.child_jobs via zuul_return

2018-07-05 10:53:58 -04:00