ignite-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dmitriy Setrakyan <dsetrak...@apache.org>
Subject Re: Fwd: automatic patch validation on TC
Date Wed, 20 May 2015 19:36:26 GMT
On Wed, May 20, 2015 at 6:26 AM, Yakov Zhdanov <yzhdanov@gridgain.com>
wrote:

> I still insist that this should be implemented with great care.
>

I tend to agree with Cos here. Let's implement this feature. If we get some
malicious contributor attaching bad patches, we will catch it very quickly
and remove him/her from Jira. All it takes to catch something like this is
a normal patch review by a committer, which is part of Ignite standard
development process.


>
> Cos, can you please provide information on which projects used same
> approach?
>
> > Don't we trust our contributors?
>
> Well, you never know how they store the password and how strong it is.
>

Again, don't think it is an issue.


>
> > if TC agents aren't running as privileged user - and they shouldn't be -
>   malicious code won't do any harm to the system.
>
> Ignite tests should be able to do a lot of operations - establish network
> connections, accept incoming connections, start processes and access file
> system.
>
> In order to address possible issues we need to:
> 1. limit the tests scenarios launched on patch attach.
> 2. backup TC workers state once a day and store several days history to
> quickly restore the state.
>

And again, if something bad happens, we can deal with it in a normal
fashion.

I personally think that we are worrying about something that will never
happen. My preference is to get this feature out as soon as possible so our
contributors have a normal path to execute builds on TeamCity.

D.

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message