Mailinglist Archive: opensuse-factory (468 mails)

< Previous Next >
Re: [opensuse-factory] Run scripts via a service
On 2020/04/06 11:38:40 +0200, Dominique Leuenberger / DimStar wrote:
On Mon, 2020-04-06 at 11:25 +0200, Dr. Werner Fink wrote:

accordingly to
there is a possibilty to run scripts via a service.

But in the following decription there exists no explanation nor an
example how this supposed to work ... also the command

osc api /service

does not show anything about this feature, maybe as it is local only.
If so I'd like to see how this can be automatically done at
checkin time.

I don't think anybody ever implemented that service - and I'd be really
concerned by it, security wise.

A simple 'osc branch; fix; osc ci' - and any randomly present file being executed on my machine? no thanks!

Also, that would certainly never be executed server side - for the same
reason. Running a random, untrusted script would require OBS to spawn a
VM for every checkin to somewhat contain what the script can do. That
would turn our really expensive action.

For many of the - containing packages it is often rather
simple to move to _multibuild; most I'd seen only toggle
some flag at the beginning of a spec file, but otherwise have exact
copies of the spec. The only drawback here: you might make my life (and
I return yours) more miserable when we have to deal with separation in
rings (e.g: I can't split flavors between ring0 and ring1, so
multibuild is no option there; we have some logic to 'disable' a flavor
inside the ring if it's something we don't want to care for that much)

Hmmm ... my does extract latest patch from a tar ball to
add this to the package version number ... and I do not think that
this can be done with _multibuild ... also not with the various scm services


"Having a smoking section in a restaurant is like having
a peeing section in a swimming pool." -- Edward Burr
< Previous Next >