[Buildbot-devel] Github pull request

Daniel Mizyrycki mdaniel at glidelink.net
Sat Jun 15 02:18:03 UTC 2013


On 2013-06-13 20:49, Dustin J. Mitchell wrote:
> There's been some discussion of the topic, but no direct
> implementation that I know of.
I guess this is an opportunity to do the next step then :)

> 
> The closest has been Adi Roban's
> `master/buildbot/status/github_status.py`, which posts status from a
> build to a GitHub commit.  However, it isn't triggered from a pull
> request, and doesn't attach status to pull requests.
So we have %50 done right here. Sweet!

> There's some security risk around building arbitrary pull requests -
> anyone can file a build request, after all, with whatever kind of
> abusive code they'd like to run on your slaves.  Most solutions in
> place now, e.g,. Travis-CI, are using virtualization as a security
> mechanism - presumably Docker could fit that bill, too.  There are a
> few approaches to being more secure, too - the simplest being a
> whitelist of users whose pulls would be built.  That puts the
> responsibility of authentication on GitHub, but that's probably
> acceptable for most users.
It looks like 2 tier process. First, capture github PR event, possibly 
with some sort of filter as you described and use buildbot API to 
deliver it to the builder. Second, create a good (isolated) slave 
environment to run the test. The latter sort of falls more into the 
sphere of the engineer who designed the test at least in early 
implementations. The former needs more help from inside buildbot.
In the tests I did, buildbot/status/web/hooks/github.py is actually 
listening and processing github's PR events. The code fails to properly 
parse the JSON PR payload as it is meant to process github push events, 
but maybe we can try to massage the data to make it look like a push at 
least as a first step (eg: a github PR can't satisfy line 36: user = 
payload['repository']['owner']['name'] , but we can be creative and use 
payload['repository']['owner']['login'] for example)

> 
> I think this would be an *awesome* addition to Buildbot.
:)

> 
> Dustin
> 
> ------------------------------------------------------------------------------
> This SF.net email is sponsored by Windows:
> 
> Build for Windows Store.
> 
> http://p.sf.net/sfu/windows-dev2dev
> _______________________________________________
> Buildbot-devel mailing list
> Buildbot-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/buildbot-devel




More information about the devel mailing list