On Sun, 22 May 2016 at 10:12 Ralph Meijer <ralphm@ik.nu> wrote:
On May 22, 2016 9:36:28 AM GMT+02:00, Glyph <glyph@twistedmatrix.com> wrote:
[..] (Please nobody try to do the clever thing where you configure buildbot to automatically pull all PRs, that would effectively negate any security protections...)
I've been assuming that in the worst-case scenario, we'd do what Cryptography does and have a bot that polls for special comments and then triggers buildbot in exactly this way. Perhaps I should have made that assumption explicit, I thought it was ticketed somewhere in Braid already.
The Jenkins plugin for GitHub PR triggers has this feature, too. However, it also has a feature to whitelist users and GitHub teams so that PRs/commits can trigger automatically for them. Maybe that's a thing for us, too?
I don't think we need a whitelist, we can just automatically build branches that are pushed to the twisted/twisted repository. If you can push a branch there, you can also push a change directly to trunk, so you can already execute arbitrary code on the buildbots.