From 7c18d43632302cc3c6ab1092478c44a1b740802b Mon Sep 17 00:00:00 2001
From: Jeremy Stanley <fungi@yuggoth.org>
Date: Thu, 9 Jun 2016 14:08:21 +0000
Subject: [PATCH] Private embargoed vulnerability announcement list

Add an embargo-notice@lists.openstack.org mailing list for private
advance notification of embargoed security vulnerabilities to
downstream stakeholders. Subscribers will be manually added by the
OpenStack Vulnerability Management Team, and all posts to this list
from non-VMT members will be moderated by the VMT. This is intended
as a very low-volume ML for announcements only, and followup replies
will be directed to use comments in corresponding private bugs
instead of the embargo-notice list.

Change-Id: I9a31fd5151e45644c9fb2209b69250b108b04889
---
 modules/openstack_project/manifests/lists.pp | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/modules/openstack_project/manifests/lists.pp b/modules/openstack_project/manifests/lists.pp
index bc1d252460..2a253c635e 100644
--- a/modules/openstack_project/manifests/lists.pp
+++ b/modules/openstack_project/manifests/lists.pp
@@ -367,4 +367,12 @@ class openstack_project::lists(
     webserver   => $listdomain,
     mailserver  => $listdomain,
   }
+  maillist { 'embargo-notice':
+    ensure      => present,
+    admin       => 'jeremy@openstack.org',
+    password    => $listpassword,
+    description => 'Announcements to stakeholders for embargoed security vulnerabilities.',
+    webserver   => $listdomain,
+    mailserver  => $listdomain,
+  }
 }