New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 872358 link

Starred by 1 user
Status: Fixed
Owner:
cma...@chromium.org
Last visit > 30 days ago
Closed: Aug 10
Cc:
amineer@chromium.org
robert...@chromium.org
benhenry@chromium.org
st...@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 0
Type: Bug



Sign in to add a comment

Auditing Chrome release branches is spamming Monorail

Project Member Reported by fs...@chromium.org, Aug 8 
See:
https://crbug.com/872348
https://crbug.com/872352

There are at least 10 similar bugs just created in the last couple hours.

Going through them, as far as I could see, seem all false-positives, since they were properly approved on the bugs.

Comment 1 by st...@chromium.org, Aug 8

Cc: benhenry@chromium.org robert...@chromium.org amineer@chromium.org
Labels: -Pri-1 Pri-0
Owner: cma...@chromium.org
Status: Assigned (was: Untriaged)
cmasso@: could you fix the auditing rules asap for Chrome release branches? If not, we'd better disable the auditing on release branches by end of day.

This is spamming Monorail.
There were 1700+ bugs filed, and I suspected that many of them are false positives like the ones reported here

https://bugs.chromium.org/p/chromium/issues/list?can=1&q=reporter%3Acr-audit-commits%40appspot.gserviceaccount.com+label%3AMerge-Without-Approval&colspec=ID+Pri+M+Stars+ReleaseBlock+Component+Status+Owner+Summary+OS+Modified&x=m&y=releaseblock&cells=ids

Comment 2 by st...@chromium.org, Aug 8

Summary: Auditing Chrome release branches is spamming Monorail (was: A bunch of Audit Violation bugs are being mis-filled)

Comment 3 by st...@chromium.org, Aug 8

Components: Infra>Client>Chrome>Release

Comment 4 by cma...@chromium.org, Aug 8 

We should be getting fewer and few bugs as of late. Unfortunately, we can only test things were they are in production.

Comment 6 by cma...@chromium.org, Aug 8 

The issue I am hitting now is the audit app not able to view security bugs

"Found an invalid Monorail bug %!s(int=863069) on relevant commit d8474edf8dc7e6f479937bb67fd191366493315b :: {"error":"unexpected status \"403 Forbidden\". Response: {\"error\": {\"message\": \"User is not allowed to view this  issue chromium:863069 \"}}"}"

Comment 7 by robert...@chromium.org, Aug 8 

I've talked to Estelle, we can make the rule that is failing set the status to ruleSkipped while we get the audit app permissions to see these bugs.
Project Member

Comment 8 by bugdroid1@chromium.org, Aug 9 

The following revision refers to this bug:
  https://chromium.googlesource.com/infra/infra/+/5502b27883a180bca19e544f8d8e16efe40c2ab8

commit 5502b27883a180bca19e544f8d8e16efe40c2ab8
Author: Claude <cmasso@google.com>
Date: Thu Aug 09 17:52:41 2018

Skip auditing commits with security crbugs

Bug:872358
Change-Id: I52ef4e6430fecd54a31f3211ec6879eacd4fecb4
Reviewed-on: https://chromium-review.googlesource.com/1168462
Commit-Queue: Roberto Carrillo <robertocn@chromium.org>
Reviewed-by: Roberto Carrillo <robertocn@chromium.org>

[modify] https://crrev.com/5502b27883a180bca19e544f8d8e16efe40c2ab8/go/src/infra/appengine/cr-audit-commits/app/merge_approval_rules.go

Comment 9 by cma...@chromium.org, Aug 10

Status: Fixed (was: Assigned)

Sign in to add a comment