From a171d3f0f2bde9a7658bf9ef0fed50033eb446bf Mon Sep 17 00:00:00 2001 From: James Strong Date: Wed, 24 Aug 2022 22:20:05 -0400 Subject: [PATCH] adding cve finding and adding release-notes to PR template (#8916) * adding cve finding and adding release-notes to PR template Signed-off-by: James Strong * update cve report with verbiage around open CVEs and not disclosures Signed-off-by: James Strong * fix then assignees Signed-off-by: James Strong Signed-off-by: James Strong --- .github/ISSUE_TEMPLATE/cve_report.md | 20 +++++++++++++ .github/ISSUE_TEMPLATE/feature_request.md | 2 -- .github/PULL_REQUEST_TEMPLATE.md | 36 ++++++++++++++++++++++- 3 files changed, 55 insertions(+), 3 deletions(-) create mode 100644 .github/ISSUE_TEMPLATE/cve_report.md diff --git a/.github/ISSUE_TEMPLATE/cve_report.md b/.github/ISSUE_TEMPLATE/cve_report.md new file mode 100644 index 000000000..b5ecf7ecf --- /dev/null +++ b/.github/ISSUE_TEMPLATE/cve_report.md @@ -0,0 +1,20 @@ +--- +name: CVE Finding Report +about: CVE reporting for ingress-nginx +title: '' +labels: kind/bug +assignees: + - strongjz + - rikatz +--- + + + + + + + + + + diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md index 73df4d20b..0e892d626 100644 --- a/.github/ISSUE_TEMPLATE/feature_request.md +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -15,8 +15,6 @@ The announcement in the dev mailing list is here https://groups.google.com/a/kub Thank you, Ingress-Nginx maintainer - - --> diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index 9bc455303..a14cc7004 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -9,6 +9,7 @@ - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) +- [ ] CVE Report (Scanner found CVE and adding report) - [ ] Breaking change (fix or feature that would cause existing functionality to change) - [ ] Documentation only @@ -30,5 +31,38 @@ fixes # - [ ] My change requires a change to the documentation. - [ ] I have updated the documentation accordingly. - [ ] I've read the [CONTRIBUTION](https://github.com/kubernetes/ingress-nginx/blob/main/CONTRIBUTING.md) guide -- [ ] I have added tests to cover my changes. +- [ ] I have added unit and/or e2e tests to cover my changes. - [ ] All new and existing tests passed. +- [ ] Added Release Notes. + +## Does my pull request need a release note? +Any user-visible or operator-visible change qualifies for a release note. This could be a: + +- CLI change +- API change +- UI change +- configuration schema change +- behavioral change +- change in non-functional attributes such as efficiency or availability, availability of a new platform +- a warning about a deprecation +- fix of a previous Known Issue +- fix of a vulnerability (CVE) + +No release notes are required for changes to the following: + +- Tests +- Build infrastructure +- Fixes for unreleased bugs + +For more tips on writing good release notes, check out the [Release Notes Handbook](https://github.com/kubernetes/sig-release/tree/master/release-team/role-handbooks/release-notes) + + +```release-note +PLACE RELEASE NOTES HERE +```