Discussion on archiving kuksa.integration repo

[bs-jokri]

Hi Kuksa Community,

I assume you all have heard about the recent discussions on the log4j vulnerability. We are currently checking the repositories of Eclipse Kuksa whether they are affected and identified
https://github.com/eclipse/kuksa.integration
as a candidate repository, which at least references this dependency.

As this repository is used for internal integration testing there should be no direct effect on users. However, we now would like to take this opportunity to start a discussion on how to further proceed with this repository. As the integration tests rely on technology (Jenkins, remote clusters) not used in other repositories of the project such as kuksa.val, we would suggest to archive the integration test repository (https://github.com/eclipse/kuksa.integration) and incrementally migrate the tests to their respective repositories if sensible.

Please comment on this issue so we can come to a conclusion on how to further proceed.

[bs-jokri]

+1 for archiving the repo and moving tests if applicable.

[SebastianSchildt]

+1 I am fine with archiving, but I also have no stakes in this repo

[daschubert]

+1 for archiving but no stakes

[lukaskrawczyk]

+1 for archiving (no stakes)

[bs-jokri]

submitted bugzilla issue to request archiving repo.
https://bugs.eclipse.org/bugs/show_bug.cgi?id=577900