New label for officially announced CVE

- Currently, it is not possible to filter for issues and PRs that are related to CVEs found in Kubernetes - It will allow filtering and automation to create a CVE feed for Kubernetes - This is a restricted label that can be added by SRC and Tooling Lead - Limited to k/k repo for clarity of scope
kubernetes · Sep 28, 2021 · 4c4c4bd · 4c4c4bd
1 parent c522870
commit 4c4c4bd
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 1 deletion.
diff --git a/config/prow/plugins.yaml b/config/prow/plugins.yaml
@@ -121,7 +121,13 @@ label:
     - tide/merge-method-squash
     # This label, for k/website, identifies issues relevant to https://katacoda.com/
     - team/katacoda
-
+  restricted_labels:
+    kubernetes/kubernetes:
+      - allowed_teams:
+          - security-response-committee
+        allowed_users:
+          - pushkarj
+        label: official-cve-feed
 lgtm:
 - repos:
   - bazelbuild

diff --git a/label_sync/labels.md b/label_sync/labels.md
@@ -376,6 +376,7 @@ larger set of contributors to apply/remove them.
 | <a id="area/network-policy" href="#area/network-policy">`area/network-policy`</a> | Issues or PRs related to Network Policy subproject| label | |
 | <a id="area/release-eng" href="#area/release-eng">`area/release-eng`</a> | Issues or PRs related to the Release Engineering subproject <br><br> This was previously `area/release-infra`, | label | |
 | <a id="deprecated/hyperkube" href="#deprecated/hyperkube">`deprecated/hyperkube`</a> | Issues or PRs related to the hyperkube subproject <br><br> This was previously `area/hyperkube`, | label | |
+| <a id="official-cve-feed" href="#official-cve-feed">`official-cve-feed`</a> | Issues or PRs related to CVEs officially announced by Security Response Committee (SRC)| anyone |  [label](https://git.k8s.io/test-infra/prow/plugins/label) |
 
 ## Labels that apply to kubernetes/kubernetes, only for issues
 

diff --git a/label_sync/labels.yaml b/label_sync/labels.yaml
@@ -1131,6 +1131,12 @@ repos:
         target: prs
         prowPlugin: require-matching-label
         addedBy: prow
+      - color: 0052cc
+        description: Issues or PRs related to CVEs officially announced by Security Response Committee (SRC)
+        name: official-cve-feed
+        target: both
+        prowPlugin: label
+        addedBy: anyone
 
   kubernetes/org:
     labels: