On Tue, Apr 29, 2014 at 9:11 PM, Jim Nasby <j...@nasby.net> wrote:

> On 4/17/14, 9:38 AM, Tom Lane wrote:
>> But the ability to easily spin up temporary branches for testing would
>>>> >>also be great.  Unfortunately, I suspect that only a minority of the
>>>> >>buildfarm owners would choose to participate, which would make it less
>>>> >>useful, but if we could solve that problem I'd be all in favor of it.
>>> >... Of course, all this would be done in my copious spare time*cough*.
>>> I'm
>>> >not sure this would be the best use of it.
>> I agree that this would not be worth the effort needed to make it happen.
> There's also a sizeable security risk there, of someone putting something
> malicious in a branch and then triggering a run from that branch. I suppose
> that could be overcome if this was purposefully limited to the main git
> repo that only our core committers had access to, but we'd need to be
> careful.

I would suggest a separate repo to keep the main one "clean", but other
than that, yes, it would have to be limited to the same committers as the
rest I think.

It's reasonably easy to set up build environments in containers/jais on
many Unix boxes where that would actually not be a problem (just blow the
whole jail away once the build is complete), but one of the main platforms
that people would want to use this on I bet is Windows, which has no such
facilities AFAIK.

 Magnus Hagander
 Me: http://www.hagander.net/
 Work: http://www.redpill-linpro.com/

Reply via email to