Server WG Quick Vote: Firewall status API for rolekit
Adam Williamson
adamwill at fedoraproject.org
Wed Oct 22 17:15:27 UTC 2014
On Wed, 2014-10-22 at 08:30 -0400, Stephen Gallagher wrote:
> The Beta release criteria for rolekit were largely copied from the PRD
> and Technical Specification. One of these bits was this:
>
> "Release-blocking roles must be able to report their status in regard to
> the system firewall as described in the technical specification."
>
> The tech spec reads:
>
> "Roles will be required to support the following API: ... A query
> interface providing metadata information about the role (not all roles
> must implement all parts of this, bold lines are mandatory): ... A
> list of the ports that the role operates on, as well as data about
> whether those ports are currently firewalled."
>
> Unfortunately, rolekit does not currently have this capability. Thomas
> and I decided during development to defer that (because this information
> is available through the firewalld API and firewall-cmd as well), but we
> forgot to communicate it to the rest of the Server SIG.
>
> As a result, we (the Server WG) need to make a decision: Do we believe
> that this firewall status API is important enough to slip Beta. Because
> there's no chance we will be able to implement this in time for
> tonight's compose.
>
> Proposal: The requirement to be able to list the role's related firewall
> state is deferred to Fedora 22 and should be removed from the release
> criteria.
>
> I am +1. Please vote immediately, as we do not have much time.
I've adjusted the criteria and test case for this now. It'd be good to
avoid such criteria fudging in future. Someone may want to update the
tech spec if this is no longer a part of it.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net
http://www.happyassassin.net
More information about the server
mailing list