Bug 186834

Summary:	Provide a mechanism for EWS bots to comment on- and upload result archives to- security bugs
Product:	WebKit	Reporter:	Daniel Bates <dbates>
Component:	Tools / Tests	Assignee:	Nobody <webkit-unassigned>
Status:	NEW ---
Severity:	Normal	CC:	lforschler
Priority:	P2
Version:	WebKit Local Build
Hardware:	Unspecified
OS:	Unspecified
See Also:	https://bugs.webkit.org/show_bug.cgi?id=186831
Bug Depends on:
Bug Blocks:	186832

Description Daniel Bates 2018-06-19 22:14:43 PDT

In the patch for bug #186291 we added the infrastructure to allow EWS bots with unprivileged Bugzilla accounts to process webkit-queues.webkit.org-hosted (status-server-hosted) copies of security-sensitive patches. Although the bots can now process these patches they can neither post comments to- or upload result archives to- the associated security-sensitive bug because they use an unprivileged Bugzilla account. We need to provide a mechanism for these bots to post this information to the Bugzilla bug.

We will likely need to take a similar approach as done in the patch for bug #186291 and use the status server as an intermediate data store for some privileged bot to download and re-upload to Bugzilla. Maybe the privileged bot could be the feeder EWS?