On Wed, May 20, 2015 at 6:26 AM, Yakov Zhdanov <yzhda...@gridgain.com> wrote:
> I still insist that this should be implemented with great care. > I tend to agree with Cos here. Let's implement this feature. If we get some malicious contributor attaching bad patches, we will catch it very quickly and remove him/her from Jira. All it takes to catch something like this is a normal patch review by a committer, which is part of Ignite standard development process. > > Cos, can you please provide information on which projects used same > approach? > > > Don't we trust our contributors? > > Well, you never know how they store the password and how strong it is. > Again, don't think it is an issue. > > > if TC agents aren't running as privileged user - and they shouldn't be - > malicious code won't do any harm to the system. > > Ignite tests should be able to do a lot of operations - establish network > connections, accept incoming connections, start processes and access file > system. > > In order to address possible issues we need to: > 1. limit the tests scenarios launched on patch attach. > 2. backup TC workers state once a day and store several days history to > quickly restore the state. > And again, if something bad happens, we can deal with it in a normal fashion. I personally think that we are worrying about something that will never happen. My preference is to get this feature out as soon as possible so our contributors have a normal path to execute builds on TeamCity. D.