[Buildbot-devel] Force scheduler accepting patch
Tom Prince
tom.prince at ualberta.net
Tue Oct 30 20:27:53 UTC 2012
"Dustin J. Mitchell" <dustin at v.igoro.us> writes:
>> 2. I'm not at all sure how I'm going to be secure on the contents of a
>> patch, or the result of it. One of my reasons for using the force scheduler
>> is that I can then only enable the patch functionality to be applied through
>> an authenticated user, whom presumably I trust.
>
> That's exactly how it should work. Try supports either
> username/password authentication, or SSH authentication, so the force
> scheduler will need to support authentication as well. It already
> does, using cookies, which could be a bit hard to use from an API
> client.
Although, it still also accepts authentication passed in with the request.
>> 3. A command line try client separated from buildbot and it's dependencies
>> sounds good, but I think not a necessity to get this working.
>
> Well, you'll need to write a client anyway, right? I would think that
> it would be easier to write it outside of Buildbot. But whatever
> seems best to you.
This would usefully go in contrib, without depending on buildbot. (But
I'd be inclined to suggest depending on twisted.
Something like
https://bazaar.launchpad.net/~twisted-dev/twisted-trac-integration/trunk/view/head:/tools/force-builds.py
>> 4. JSON input would be something I would also put in the 'would like to
>> have' basket.
>
> I think JSON will be *easier* than formulating a form submission of
> the sort a browser would create.
One thing to be careful of, if submitting patches in json, is that
strings in json are only unicode, so you will need to deal with
encodings.
Tom
More information about the devel
mailing list