)]}'
{"zuul.d/pipelines.yaml":[{"author":{"_account_id":5263,"name":"Jeremy Stanley","display_name":"fungi","email":"fungi@yuggoth.org","username":"fungi","status":"missing, presumed fed"},"change_message_id":"d2ef4030aa08170d3147da0dcae3f358d03479c4","unresolved":false,"context_lines":[{"line_number":57,"context_line":"        comment: false"},{"line_number":58,"context_line":""},{"line_number":59,"context_line":"- pipeline:"},{"line_number":60,"context_line":"    name: check-post"},{"line_number":61,"context_line":"    description: |"},{"line_number":62,"context_line":"      Patches received initial review by project trusted members enter this"},{"line_number":63,"context_line":"      pipeline to receive -1 Verified vote if jobs fail. This pipeline can be"}],"source_content_type":"text/x-yaml","patch_set":1,"id":"5c2fa44c_40c40bc1","line":60,"updated":"2022-09-30 12:57:05.000000000","message":"By \"we\" I meant when the OpenDev Sysadmins discussed this possibile use case a few years years ago. At the time I think we assumed it would trigger based on existence of at least one Code-Review +2 vote, but what you\u0027re proposing would probably also suffice.","commit_id":"03a365cc373e330171d1d0092ea43023350ac7d3"},{"author":{"_account_id":5263,"name":"Jeremy Stanley","display_name":"fungi","email":"fungi@yuggoth.org","username":"fungi","status":"missing, presumed fed"},"change_message_id":"0527c06e35c74665b7468777c18a65b89e1145cb","unresolved":false,"context_lines":[{"line_number":57,"context_line":"        comment: false"},{"line_number":58,"context_line":""},{"line_number":59,"context_line":"- pipeline:"},{"line_number":60,"context_line":"    name: check-post"},{"line_number":61,"context_line":"    description: |"},{"line_number":62,"context_line":"      Patches received initial review by project trusted members enter this"},{"line_number":63,"context_line":"      pipeline to receive -1 Verified vote if jobs fail. This pipeline can be"}],"source_content_type":"text/x-yaml","patch_set":1,"id":"8d0683f6_6a07dfdf","line":60,"updated":"2022-09-30 12:21:20.000000000","message":"I think we previously discussed calling this post-review, just to make it clear from the name that it happens after reviewing and is taking advantage of Zuul\u0027s option of the same name.","commit_id":"03a365cc373e330171d1d0092ea43023350ac7d3"},{"author":{"_account_id":27900,"name":"Artem Goncharov","email":"artem.goncharov@gmail.com","username":"gtema"},"change_message_id":"0b981a7fb83c4bab7bb3b8361df982697374b374","unresolved":false,"context_lines":[{"line_number":57,"context_line":"        comment: false"},{"line_number":58,"context_line":""},{"line_number":59,"context_line":"- pipeline:"},{"line_number":60,"context_line":"    name: check-post"},{"line_number":61,"context_line":"    description: |"},{"line_number":62,"context_line":"      Patches received initial review by project trusted members enter this"},{"line_number":63,"context_line":"      pipeline to receive -1 Verified vote if jobs fail. This pipeline can be"}],"source_content_type":"text/x-yaml","patch_set":1,"id":"a7085de3_de37f294","line":60,"in_reply_to":"5c2fa44c_40c40bc1","updated":"2022-09-30 13:08:53.000000000","message":"done","commit_id":"03a365cc373e330171d1d0092ea43023350ac7d3"},{"author":{"_account_id":27900,"name":"Artem Goncharov","email":"artem.goncharov@gmail.com","username":"gtema"},"change_message_id":"eb9d06d89c41d60f8fdd73c80df8cf63e1d4161a","unresolved":false,"context_lines":[{"line_number":57,"context_line":"        comment: false"},{"line_number":58,"context_line":""},{"line_number":59,"context_line":"- pipeline:"},{"line_number":60,"context_line":"    name: check-post"},{"line_number":61,"context_line":"    description: |"},{"line_number":62,"context_line":"      Patches received initial review by project trusted members enter this"},{"line_number":63,"context_line":"      pipeline to receive -1 Verified vote if jobs fail. This pipeline can be"}],"source_content_type":"text/x-yaml","patch_set":1,"id":"51fc6f3b_dc95a985","line":60,"in_reply_to":"8d0683f6_6a07dfdf","updated":"2022-09-30 12:35:39.000000000","message":"I don\u0027t think you was discussing it with me, but no problem, will change it","commit_id":"03a365cc373e330171d1d0092ea43023350ac7d3"},{"author":{"_account_id":5263,"name":"Jeremy Stanley","display_name":"fungi","email":"fungi@yuggoth.org","username":"fungi","status":"missing, presumed fed"},"change_message_id":"d2ef4030aa08170d3147da0dcae3f358d03479c4","unresolved":false,"context_lines":[{"line_number":74,"context_line":"        open: True"},{"line_number":75,"context_line":"        current-patchset: True"},{"line_number":76,"context_line":"        approval:"},{"line_number":77,"context_line":"          - Post-Check: [1]"},{"line_number":78,"context_line":"    trigger:"},{"line_number":79,"context_line":"      gerrit:"},{"line_number":80,"context_line":"        - event: comment-added"}],"source_content_type":"text/x-yaml","patch_set":1,"id":"f9372ed7_e39c2479","line":77,"updated":"2022-09-30 12:57:05.000000000","message":"Another option would be to just not have this pipeline leave a Verified vote, and expect reviewers to pay attention to the job results from it (similar to how we do non-voting pipelines like check-arm64 and experimental).","commit_id":"03a365cc373e330171d1d0092ea43023350ac7d3"},{"author":{"_account_id":5263,"name":"Jeremy Stanley","display_name":"fungi","email":"fungi@yuggoth.org","username":"fungi","status":"missing, presumed fed"},"change_message_id":"0527c06e35c74665b7468777c18a65b89e1145cb","unresolved":false,"context_lines":[{"line_number":74,"context_line":"        open: True"},{"line_number":75,"context_line":"        current-patchset: True"},{"line_number":76,"context_line":"        approval:"},{"line_number":77,"context_line":"          - Post-Check: [1]"},{"line_number":78,"context_line":"    trigger:"},{"line_number":79,"context_line":"      gerrit:"},{"line_number":80,"context_line":"        - event: comment-added"}],"source_content_type":"text/x-yaml","patch_set":1,"id":"2e0f8b6c_da97e619","line":77,"updated":"2022-09-30 12:21:20.000000000","message":"So the plan is to make this a separate label in Gerrit (rather than triggering on Code-Review +2), and grant access for that label to a particular review group? If so, naming the label something which makes its purpose and relationship to the pipeline more clear, like Allow-Post-Review, migh be better.\n\nAlso it may make sense to have the approval requirements include Verified +1 from username zuul so that this doesn\u0027t race the check pipeline and then get its Verified -1 vote overridden by a +1 from check depending on which reports sooner (though as long as gate includes the union of the jobs from the check and post-review pipelines, at least it won\u0027t increase the chances of a legitimate failure being ignored and subsequently merging to the branch).","commit_id":"03a365cc373e330171d1d0092ea43023350ac7d3"},{"author":{"_account_id":27900,"name":"Artem Goncharov","email":"artem.goncharov@gmail.com","username":"gtema"},"change_message_id":"eb9d06d89c41d60f8fdd73c80df8cf63e1d4161a","unresolved":false,"context_lines":[{"line_number":74,"context_line":"        open: True"},{"line_number":75,"context_line":"        current-patchset: True"},{"line_number":76,"context_line":"        approval:"},{"line_number":77,"context_line":"          - Post-Check: [1]"},{"line_number":78,"context_line":"    trigger:"},{"line_number":79,"context_line":"      gerrit:"},{"line_number":80,"context_line":"        - event: comment-added"}],"source_content_type":"text/x-yaml","patch_set":1,"id":"063179b1_c4cfc9ea","line":77,"in_reply_to":"2e0f8b6c_da97e619","updated":"2022-09-30 12:35:39.000000000","message":"\u003e So the plan is to make this a separate label in Gerrit (rather than triggering on Code-Review +2), and grant access for that label to a particular review group? If so, naming the label something which makes its purpose and relationship to the pipeline more clear, like Allow-Post-Review, migh be better.\n\nSure, makes also sense. I explicitly didn\u0027t want to use code-review +2, since it signals core reviewer went into every particular aspect of the change. Purpose here is exactly to help core-reviewer.\n\n\u003e \n\u003e Also it may make sense to have the approval requirements include Verified +1 from username zuul so that this doesn\u0027t race the check pipeline and then get its Verified -1 vote overridden by a +1 from check depending on which reports sooner (though as long as gate includes the union of the jobs from the check and post-review pipelines, at least it won\u0027t increase the chances of a legitimate failure being ignored and subsequently merging to the branch).\n\noh right, the reverse stuff I haven\u0027t thought. Setting dependency on verified + 1 is making a problem that you need wait 1.5 hour 2 times before getting results (from regular SDK job timing).","commit_id":"03a365cc373e330171d1d0092ea43023350ac7d3"},{"author":{"_account_id":27900,"name":"Artem Goncharov","email":"artem.goncharov@gmail.com","username":"gtema"},"change_message_id":"0b981a7fb83c4bab7bb3b8361df982697374b374","unresolved":false,"context_lines":[{"line_number":74,"context_line":"        open: True"},{"line_number":75,"context_line":"        current-patchset: True"},{"line_number":76,"context_line":"        approval:"},{"line_number":77,"context_line":"          - Post-Check: [1]"},{"line_number":78,"context_line":"    trigger:"},{"line_number":79,"context_line":"      gerrit:"},{"line_number":80,"context_line":"        - event: comment-added"}],"source_content_type":"text/x-yaml","patch_set":1,"id":"d3429b0d_6e7f1474","line":77,"in_reply_to":"f9372ed7_e39c2479","updated":"2022-09-30 13:08:53.000000000","message":"done","commit_id":"03a365cc373e330171d1d0092ea43023350ac7d3"},{"author":{"_account_id":5263,"name":"Jeremy Stanley","display_name":"fungi","email":"fungi@yuggoth.org","username":"fungi","status":"missing, presumed fed"},"change_message_id":"d2ef4030aa08170d3147da0dcae3f358d03479c4","unresolved":false,"context_lines":[{"line_number":78,"context_line":"    trigger:"},{"line_number":79,"context_line":"      gerrit:"},{"line_number":80,"context_line":"        - event: comment-added"},{"line_number":81,"context_line":"          comment: (?i)^(Patch Set [0-9]+:)?( [\\w\\\\+-]*)*(\\n\\n)?\\s*recheck\\spost"},{"line_number":82,"context_line":"        - event: comment-added"},{"line_number":83,"context_line":"          require-approval:"},{"line_number":84,"context_line":"            - Post-Check: [1]"}],"source_content_type":"text/x-yaml","patch_set":1,"id":"f63bed75_98b134c4","line":81,"updated":"2022-09-30 12:57:05.000000000","message":"Sure, but the \"recheck\" at the beginning of \"recheck post\" is also going to match the check pipeline trigger and so both will end up enqueued if you leave a comment starting with \"recheck post\".","commit_id":"03a365cc373e330171d1d0092ea43023350ac7d3"},{"author":{"_account_id":5263,"name":"Jeremy Stanley","display_name":"fungi","email":"fungi@yuggoth.org","username":"fungi","status":"missing, presumed fed"},"change_message_id":"0527c06e35c74665b7468777c18a65b89e1145cb","unresolved":false,"context_lines":[{"line_number":78,"context_line":"    trigger:"},{"line_number":79,"context_line":"      gerrit:"},{"line_number":80,"context_line":"        - event: comment-added"},{"line_number":81,"context_line":"          comment: (?i)^(Patch Set [0-9]+:)?( [\\w\\\\+-]*)*(\\n\\n)?\\s*recheck\\spost"},{"line_number":82,"context_line":"        - event: comment-added"},{"line_number":83,"context_line":"          require-approval:"},{"line_number":84,"context_line":"            - Post-Check: [1]"}],"source_content_type":"text/x-yaml","patch_set":1,"id":"d93fc733_f7384034","line":81,"updated":"2022-09-30 12:21:20.000000000","message":"This comment will end up triggering both check and post-review jobs, increasing the risk of the race described above, so perhaps consider something like \"check post\" (like we do with \"check experimental\") to reduce the chances of that.","commit_id":"03a365cc373e330171d1d0092ea43023350ac7d3"},{"author":{"_account_id":27900,"name":"Artem Goncharov","email":"artem.goncharov@gmail.com","username":"gtema"},"change_message_id":"eb9d06d89c41d60f8fdd73c80df8cf63e1d4161a","unresolved":false,"context_lines":[{"line_number":78,"context_line":"    trigger:"},{"line_number":79,"context_line":"      gerrit:"},{"line_number":80,"context_line":"        - event: comment-added"},{"line_number":81,"context_line":"          comment: (?i)^(Patch Set [0-9]+:)?( [\\w\\\\+-]*)*(\\n\\n)?\\s*recheck\\spost"},{"line_number":82,"context_line":"        - event: comment-added"},{"line_number":83,"context_line":"          require-approval:"},{"line_number":84,"context_line":"            - Post-Check: [1]"}],"source_content_type":"text/x-yaml","patch_set":1,"id":"5f1a5ec1_07293981","line":81,"in_reply_to":"d93fc733_f7384034","updated":"2022-09-30 12:35:39.000000000","message":"but here I explicitly did \"recheck post\"","commit_id":"03a365cc373e330171d1d0092ea43023350ac7d3"},{"author":{"_account_id":27900,"name":"Artem Goncharov","email":"artem.goncharov@gmail.com","username":"gtema"},"change_message_id":"0b981a7fb83c4bab7bb3b8361df982697374b374","unresolved":false,"context_lines":[{"line_number":78,"context_line":"    trigger:"},{"line_number":79,"context_line":"      gerrit:"},{"line_number":80,"context_line":"        - event: comment-added"},{"line_number":81,"context_line":"          comment: (?i)^(Patch Set [0-9]+:)?( [\\w\\\\+-]*)*(\\n\\n)?\\s*recheck\\spost"},{"line_number":82,"context_line":"        - event: comment-added"},{"line_number":83,"context_line":"          require-approval:"},{"line_number":84,"context_line":"            - Post-Check: [1]"}],"source_content_type":"text/x-yaml","patch_set":1,"id":"83f25e58_4abbc0ac","line":81,"in_reply_to":"f63bed75_98b134c4","updated":"2022-09-30 13:08:53.000000000","message":"Right, haven\u0027t though of that","commit_id":"03a365cc373e330171d1d0092ea43023350ac7d3"},{"author":{"_account_id":6547,"name":"Andreas Jaeger","email":"jaegerandi@gmail.com","username":"jaegerandi"},"change_message_id":"f850fce594b5380a183afae5140295a41630132d","unresolved":true,"context_lines":[{"line_number":62,"context_line":"      Patches received initial review by project trusted members enter this"},{"line_number":63,"context_line":"      pipeline to execute additional jobs. This pipeline can be used to access"},{"line_number":64,"context_line":"      secrets before gating."},{"line_number":65,"context_line":"    success-message: Build succeeded (check pipeline)."},{"line_number":66,"context_line":"    failure-message: |"},{"line_number":67,"context_line":"      Build failed (check pipeline).  For information on how to proceed, see"},{"line_number":68,"context_line":"      https://docs.opendev.org/opendev/infra-manual/latest/developers.html#automated-testing"}],"source_content_type":"text/x-yaml","patch_set":2,"id":"0ddd8648_1c2f46ad","line":65,"updated":"2022-10-10 07:35:58.000000000","message":"post-review instead of check? Also line 67.","commit_id":"accc9d832c28c635c3ae9ae68ec828fd4e5e0a3b"},{"author":{"_account_id":13252,"name":"Dr. Jens Harbott","display_name":"Jens Harbott (frickler)","email":"frickler@offenerstapel.de","username":"jrosenboom"},"change_message_id":"02228d1066c9312d82b0bbcdcf75d0af16c5c9ef","unresolved":false,"context_lines":[{"line_number":62,"context_line":"      Patches received initial review by project trusted members enter this"},{"line_number":63,"context_line":"      pipeline to execute additional jobs. This pipeline can be used to access"},{"line_number":64,"context_line":"      secrets before gating."},{"line_number":65,"context_line":"    success-message: Build succeeded (check pipeline)."},{"line_number":66,"context_line":"    failure-message: |"},{"line_number":67,"context_line":"      Build failed (check pipeline).  For information on how to proceed, see"},{"line_number":68,"context_line":"      https://docs.opendev.org/opendev/infra-manual/latest/developers.html#automated-testing"}],"source_content_type":"text/x-yaml","patch_set":2,"id":"add4c895_a7691b3a","line":65,"in_reply_to":"0ddd8648_1c2f46ad","updated":"2022-11-23 08:51:15.000000000","message":"Done","commit_id":"accc9d832c28c635c3ae9ae68ec828fd4e5e0a3b"},{"author":{"_account_id":5263,"name":"Jeremy Stanley","display_name":"fungi","email":"fungi@yuggoth.org","username":"fungi","status":"missing, presumed fed"},"change_message_id":"6aeaf9b4a50a2450785d011dc2683d57b160e894","unresolved":false,"context_lines":[{"line_number":78,"context_line":"    trigger:"},{"line_number":79,"context_line":"      gerrit:"},{"line_number":80,"context_line":"        - event: comment-added"},{"line_number":81,"context_line":"          comment: (?i)^(Patch Set [0-9]+:)?( [\\w\\\\+-]*)*(\\n\\n)?\\s*check post\\s*$"},{"line_number":82,"context_line":"        - event: comment-added"},{"line_number":83,"context_line":"          require-approval:"},{"line_number":84,"context_line":"            - Allow-Post-Review: [1]"}],"source_content_type":"text/x-yaml","patch_set":3,"id":"45b89063_ea8f3c61","line":81,"updated":"2022-10-24 16:02:10.000000000","message":"Good point. While this does, as written, require a core reviewer to at least okay running the post-review jobs, it still allows anyone with a Gerrit account to repeatedly re-run those jobs (to the extent that any semaphores and quotas make possible). Limiting it to trigger by vote would make it so that only permitted reviewers for the project could retrigger builds (by removing and readding their vote, or by another reviewer adding a similar vote of their own).","commit_id":"57df82c76b7f50a6a520896135830ad52d2ab1d8"},{"author":{"_account_id":4146,"name":"Clark Boylan","email":"cboylan@sapwetik.org","username":"cboylan"},"change_message_id":"17515dc88c180afc206907ecccf8800252c31b73","unresolved":true,"context_lines":[{"line_number":78,"context_line":"    trigger:"},{"line_number":79,"context_line":"      gerrit:"},{"line_number":80,"context_line":"        - event: comment-added"},{"line_number":81,"context_line":"          comment: (?i)^(Patch Set [0-9]+:)?( [\\w\\\\+-]*)*(\\n\\n)?\\s*check post\\s*$"},{"line_number":82,"context_line":"        - event: comment-added"},{"line_number":83,"context_line":"          require-approval:"},{"line_number":84,"context_line":"            - Allow-Post-Review: [1]"}],"source_content_type":"text/x-yaml","patch_set":3,"id":"29165dd4_bec0c3aa","line":81,"updated":"2022-10-24 15:16:44.000000000","message":"Similar to my comments about not carrying over the Allow-Post-Review votes across patchsets I think we shouldn\u0027t trigger on `check post` comments. The reason for this is to avoid brute forcing once the value is set. Instead I think reviewers with the appropriate access should explicitly request these to run via the voting mechanism.","commit_id":"57df82c76b7f50a6a520896135830ad52d2ab1d8"},{"author":{"_account_id":13252,"name":"Dr. Jens Harbott","display_name":"Jens Harbott (frickler)","email":"frickler@offenerstapel.de","username":"jrosenboom"},"change_message_id":"02228d1066c9312d82b0bbcdcf75d0af16c5c9ef","unresolved":false,"context_lines":[{"line_number":78,"context_line":"    trigger:"},{"line_number":79,"context_line":"      gerrit:"},{"line_number":80,"context_line":"        - event: comment-added"},{"line_number":81,"context_line":"          comment: (?i)^(Patch Set [0-9]+:)?( [\\w\\\\+-]*)*(\\n\\n)?\\s*check post\\s*$"},{"line_number":82,"context_line":"        - event: comment-added"},{"line_number":83,"context_line":"          require-approval:"},{"line_number":84,"context_line":"            - Allow-Post-Review: [1]"}],"source_content_type":"text/x-yaml","patch_set":3,"id":"245588d1_d10628ac","line":81,"in_reply_to":"29165dd4_bec0c3aa","updated":"2022-11-23 08:51:15.000000000","message":"Done","commit_id":"57df82c76b7f50a6a520896135830ad52d2ab1d8"},{"author":{"_account_id":13252,"name":"Dr. Jens Harbott","display_name":"Jens Harbott (frickler)","email":"frickler@offenerstapel.de","username":"jrosenboom"},"change_message_id":"02228d1066c9312d82b0bbcdcf75d0af16c5c9ef","unresolved":true,"context_lines":[{"line_number":74,"context_line":"        open: True"},{"line_number":75,"context_line":"        current-patchset: True"},{"line_number":76,"context_line":"        approval:"},{"line_number":77,"context_line":"          - Allow-Post-Review: [1]"},{"line_number":78,"context_line":"    trigger:"},{"line_number":79,"context_line":"      gerrit:"},{"line_number":80,"context_line":"        - event: comment-added"}],"source_content_type":"text/x-yaml","patch_set":5,"id":"97b03a54_cce06d5d","line":77,"range":{"start_line":77,"start_character":31,"end_line":77,"end_character":34},"updated":"2022-11-23 08:51:15.000000000","message":"Nit: Could this just be \"1\" instead of a list?","commit_id":"51e501abc49865589ea1d055ae265b5047beea17"}]}