Add CLA signature enforcement to gerrit
Bug #902950 reported by
Monty Taylor
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Core Infrastructure |
Fix Released
|
Medium
|
James E. Blair |
Bug Description
Gerrit supports knowing who has signed a CLA, and also preventing people who have not done from submitting code. We should take advantage of this, as it reduces the burden on the reviewers (they currently are technically supposed to check to ensure that the submitter has, in fact, signed the CLA. Computers do that sort of check better)
Changed in openstack-ci: | |
status: | New → Triaged |
importance: | Undecided → Medium |
assignee: | nobody → James E. Blair (corvus) |
tags: | added: gerrit |
Changed in openstack-ci: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
Gerrit has full support for signing CLAs, and recording personal
information about that. But rather than trying to revamp the whole
legal process right now, let's take an approach where we can relieve
core reviewers of the burden of verifying signatures. Here's how
we can do that easily with existing gerrit and launchpad tools:
Set up a CLA in gerrit that essentially just says "Don't agree to
this, instead, follow these instructions...". People will still be able
to "agree" to that, but we'll turn off auto-verify and we'll just never
verify those. The instructions will tell people to do echosign and
apply to a group in launchpad. That group will be configured to have
agreed to the agreement, so once they are members, they will be able to
upload code.
This has the advantage of having a useful error message that directs
people to the agreement page. However it is weird that the agreement
page doesn't have any "real" agreements, just a fake one, that if you
select it, it tells you how to get set up. The error message:
======= ======= ======= ======= ======= ======= ======= ======= ======= =======
fatal: A Contributor Agreement must be completed before uploading:
https:/ /review- dev.openstack. org/#settings, agreements
fatal: The remote end hung up unexpectedly ======= ======= ======= ======= ======= ======= ======= ======= =======
=======