AW: Flaw in our process for dealing with trivial changes
levitte at openssl.org
Fri Dec 13 00:39:49 UTC 2019
On Thu, 12 Dec 2019 12:15:30 +0100,
Dr. Matthias St. Pierre wrote:
> As for a possible semi-automated solution:
> The problem is more fundamental: currently both the GitHub bot and
> the git commit hook only watch out for the 'CLA: trivial' marker.
Correct re the clacheck hook (that's the Github hook we're talking
about), but re the update hook on our git server, it does a little
more than that, as already shown.
> One possible solution to this problem could be the following procedure:
> Add three mutually exclusive [cla: *] labels:
> [cla: ok] (green)
> [cla: trivial] (green)
> [cla: missing] (red)
> The CLA bot *always* sets the [cla: ok] label if it finds a CLA on
> file. Otherwise, it sets the [cla: missing] label, unless the [cla:
> trivial] label is already set.
I'm not sure why the [cla: ok] or [cla: missing] labels are needed.
We already have a [hold: cla required] label that comes up when
there's a lack of CLA and of "CLA: trivial" marker, so [cla: ok]
and [cla: missing] seem redundant.
However, contrary to you, I would have the [cla: trivial] label added
automatically!... whenever clacheck finds a "CLA: trivial" line in
any of the commits.
> The [cla: trivial] label can only be set manually by a committer,
> and only after the consent between contributor and both reviewers
> has been reached.
Sounds superfluous, considering there's already a need for two
approvals, as well as the [approved: done] label set. Yet another
manual label will make zero difference, as long as all reviewers can
clearly see that there's a "CLA: trivial" commit (i.e. that the [cla:
trivial] label has been set by clacheck).
After all, the problem we have hit is that "CLA: trivial" can go
undetected, so let's make sure it doesn't, without adding a lot of
other redundant mechanisms that only make our lives harder, yeah?
Richard Levitte levitte at openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
More information about the openssl-project