Comments (6)
odony
commented on August 19, 2024
1
Sounds like a good idea 👍
One "further task" we desperately need is a lint check that looks for security-sensitive patterns in PRs (e.g. t-raw, cr.execute, sudo, *eval, _.sprintf, etc.), and adds/removes a tag on the PR, e.g. "Need Security Review". Mergebot would refuse to merge PRs with this tag unless someone with a "Security Review" role has approved it, either via r+ or maybe a specific/limited s+ 🤔
from runbot.
odony
commented on August 19, 2024
An external gitlab ci/cd might seem overkill though, the bulk of the work is to write the checks, we kind of have the pipeline boilerplate already I guess.
from runbot.
xmo-odoo
commented on August 19, 2024
An external gitlab ci/cd might seem overkill though, the bulk of the work is to write the checks, we kind of have the pipeline boilerplate already I guess.
Might be. My understanding of e.g. gitlab pipelines is you can easily define "concurrent" check jobs, easily set up new workers connected to the base instance, that sort of things.
from runbot.
Xavier-Do
commented on August 19, 2024
The asynchronous tests system is in place. I t think that most of the points here can be easily set up.
- Cla check is actually very fast so no real need to do it async, even if right now it is the case in master and staging master.
- linting commit messages: I have a little script that does that, it could be interesting to rewrite it and test it.
- code linting and formatting (JS and / or python, possibly moving the pylint pass out of the runbot's sequence) right now, all tests are spitted in staging, with no particular choice. The difference is that pylint could be executed without any install I guess. But adding more lint and js linting could be very useful.
- documentation CI it has been asked bu devs we can work on it
- ease of adding further tasks it is already the case
from runbot.
Xavier-Do
commented on August 19, 2024
Except for the commit message validation, all done.
from runbot.
KangOl
commented on August 19, 2024
For this, upgradeci run gitlint on all commits of the PR (upgradeci only works at PR level, not on branches).
On the upgrade repo, it uses the committed config but the runbot may use its own config file.
from runbot.
Related Issues (20)
- set partner to author / source of webhook in order to correctly track sync consequences
- Surface / clarify / better expose modify/delete conflict
- fix followups of detached PRs when disabling branch
- On incorrect command or the "help" command, send a help comment
- The long and lonesome road to upgrading mergebot to 17.0 HOT 1
- "Arguments List Too Long"
- Add *teams* sync to the mergebot
- Add "fw=no" as a proper mode
- Log forward port followup to chatter
- Re-add feedback when approving an already approved PR
- add details of current PR statuses to github preview
- Investigate cache misses on commit notification
- Don't log merge errors as errors.
- Fix handling of inconsistent batches & allow moving a PR outside of a batch
- source author should have r- rights on forward ports
- Don't mark closed PRs as being staged when the batch is
- fold details of PR in GH preview when it's merged
- Configure repos to ignore tags, and force branches when rev-parsing
- Add backport wizard
- Support shifting commits into branches without PR HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from runbot.