On 2017-06-04 14:49, Zero King wrote: > GSoC coding phrase has begun and I'm implementing a CI bot that runs on > Travis CI and tests pull requests. > > My project includes two bots, the CI bot testing pull requests and the > PR bot assigning labels to PRs and notify maintainers.
As far as I understand it, the CI "bot" are just scripts to be executed on Travis CI, but the PR bot will be a daemon process running on our own infrastructure? > The design docs are available at https://github.com/l2dy/mpbot-design, > but the code is not functional yet so I'm not sharing it for now. Quoting from the linked document: | 1. List subports | 2. port lint test | 3. port -d install test | 4. Send data to CI bot ^^ That is supposed to be PR bot, right? | The CI bot generates an ECDSA key pair on start and prints the public | key on Travis log. While testing ports, the bot attempts handshake | with the PR bot by signing the salt PR bot provided (TCP or HTTP?). | The PR bot would grab the public key from Travis logs and verify the | signature. This seems overly complex. In case the CI bot needs to communicate with the PR bot directly, shouldn't a simple password/access token passed in the environment [1] be secure enough for this? Or are we running into these restrictions [2]? As I see it, the status of the PR on GitHub needs to be updated. Travis already has functionality to do so, what role does the PR bot play at that point? Couldn't it just pick up the notification from GitHub [3]? Rainer [1] https://docs.travis-ci.com/user/environment-variables/ [2] https://docs.travis-ci.com/user/pull-requests/#Pull-Requests-and-Security-Restrictions [3] https://developer.github.com/v3/activity/events/types/#pullrequestreviewevent