Propose to add a new group for CVE tesing

[llxia]

Currently, we have testing groups, such as functional, system, openjdk, etc. There is a new set of tests - CVE. It contains special openjdk tests. Given the fact that all openjdk levels (including dev.openjdk and special.openjdk) are used for existing tests and the execution time of CVE testing will increase over time as we add more and more tests. Currently, it takes ~10mins for Jan release on JDK11 xlinux.

Should we add a new group for CVE tests? i.e., call it cve or maybe osb? So that we can do sanity.cve, extended.cve, special.cve, just like other test groups.

@pshipton @smlambert Please let me know what do you think? Thanks

[pshipton]

cve is more generic, I suggest we stick with that.

[smlambert]

This relates to our previous discussions @llxia of whether we introduce a security group, however, I know this proposal includes a set of tests that are not open / publicly available, the question is whether we also move some of the other public security tests into a logical group with these cve tests.