Hello folks,
The software factory deployments we manage have been updated with zuul's
4.6 security release [1].
This security fix addresses a vulnerability that could potentially expose
secrets stored in Zuul, at job execution time.
It is strongly advised to rotate your secrets to circumvent potential leaks.
With this upgrade, the config playbooks/base/post.yaml should be adapted
for each zuul tenant by replacing:
-- hosts: "{{ site_sflogs.fqdn }}"
+- hosts: https://sf.hosted.upshift.rdu2.redhat.com/zuul/
Regards,
Matthieu, on behalf of the Software Factory Operation Team
[1] http://lists.zuul-ci.org/pipermail/zuul-announce/2021-June/000096.html
On Wed, Jun 23, 2021 at 4:37 PM <mh...@redhat.com> wrote:
> Hello folks,
>
> We plan to upgrade the software factory deployment on 2021-06-24 from
> 14:00 to 16:00 UTC to the next zuul 4.6 security release [1].
>
> Service interruption is expected, including:
> - Zuul CI not running jobs for gerrit, github or opendev.
>
> We expect that the interruption of services will be less than 2 hours.
>
> Regards,
> Matthieu, on behalf of the Software Factory Operation Team
>
> [1] http://lists.zuul-ci.org/pipermail/zuul-announce/2021-June/000094.html
>
--
Matthieu Huin
Senior Software Developer
Red Hat <https://www.redhat.com>
<https://red.ht/sig>
_______________________________________________
dev mailing list
dev@lists.rdoproject.org
http://lists.rdoproject.org/mailman/listinfo/dev
To unsubscribe: dev-unsubscr...@lists.rdoproject.org
