[Mesa-dev] Thoughts after hitting 100 merge requests?
Jason Ekstrand
jason at jlekstrand.net
Tue Jan 22 18:45:14 UTC 2019
On Thu, Jan 17, 2019 at 1:07 PM Daniel Stone <daniel at fooishbar.org> wrote:
> Hi,
>
> On Thu, 17 Jan 2019 at 16:35, Jason Ekstrand <jason at jlekstrand.net> wrote:
> > On January 17, 2019 08:58:03 Erik Faye-Lund <
> erik.faye-lund at collabora.com> wrote:
> > > Whoops! I meant to say something like "we'd need to be able to
> > > distinguis between CI steps that are triggered due to new MRs versus
> > > updated MRs, or pushes to existing branches".
> > >
> > >> Anyway, Jason did actually write that hook, and it's something I'm
> > >> happy to host on existing fd.o machines. I just haven't got to doing
> > >> it, since I ended up taking my sabbatical a lot more seriously than I
> > >> expected, and now I'm back to work I've got a bit of a backlog. But
> > >> we
> > >> can definitely do it, and pretty soon.
> > >
> > > Cool, then I won't worry about it, and just assume it'll appear
> > > magically soon :)
> >
> > My script was a total hack. It's probably massively insecure and doesn't
> > include any code to provide a diffstat which has been requested by
> several
> > people. Someone taking it a bit more seriously would probably be good
> > before we deploy anything.
>
> With the caveat that I can no longer see the script because it's been
> expired out of the pastebin (why not make a GitLab repo or at least
> upload it to a snippet?) ...
>
https://gitlab.freedesktop.org/jekstrand/gitlab-mailbot
> I had the same assumption when you posted it, but came to the
> conclusion it was actually OK, or at least would be with very minimal
> work. We can configure Apache and GitLab pretty easily so it can only
> be triggered with a secret token which is buried in the repo config
> and/or accessible only to admins. It calls back into GitLab to get the
> changes, so there's no danger of it sending completely arbitrary
> content even if someone does figure out how to trigger it when they
> shouldn't. It also has GitLab project -> email destination hardcoded
> in the script, so there's no danger of it being used to spam arbitrary
> addresses either.
>
That makes me feel a tiny bit better.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/mesa-dev/attachments/20190122/b63cb187/attachment.html>
More information about the mesa-dev
mailing list