We can do the opposite to avoid more and more ACLs: ALLOW push on some specific stable branches
[access "refs/heads/stable/kilo"] push = allow group ***-stable-maint [access "refs/heads/stable/juno"] push = allow group ***-stable-maint BLOCK push on others stable branches [access "refs/heads/stable/juno"] push = block group "Anonymous Users" Cedric/ZZelle@IRC On Thu, Jun 4, 2015 at 6:15 PM, Jeremy Stanley <fu...@yuggoth.org> wrote: > On 2015-06-04 16:23:12 +0200 (+0200), Ihar Hrachyshka wrote: > > Why do we even drop stable branches? If anything, it introduces > > unneeded problems to those who have their scripts/cookbooks set to > > chase those branches. They would need to switch to eol tag. Why not > > just leaving them sitting there, marked read only? > > > > It becomes especially important now that we say that stable HEAD *is* > > a stable release. > > It's doable, but we'll need ACL changes applied to every project > participating in this release model to reject new change submissions > and prevent anyone from approving them on every branch which reaches > its EOL date. These ACLs will also grow longer and longer over time > as we need to add new sections for each EOL branch. > > Also, it seems to me like a "feature" if downstream consumers have > to take notice and explicitly adjust their tooling to intentionally > continue deploying a release for which we no longer provide support > and security updates. > -- > Jeremy Stanley > > __________________________________________________________________________ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
