Random thoughts/crazy idea: Drop SSL certs
Colin Walters
walters at verbum.org
Mon Apr 27 17:39:45 UTC 2015
On Mon, Apr 27, 2015, at 01:12 PM, Pierre-Yves Chibon wrote:
> But we allow new-comers to make scratch-build on koji before they are in the
> packager group. Giving them the opportunity to test their build in real
> condition.
The "non-packager scratch build" case is addressed by COPR, no?
> Using ssh could also become problematic for application like koschei no?
I don't see why - it's just as easy to make a ssh key for an application
as it is for an SSL certificate. If starting a build is a matter of ssh
restricted logins, it wouldn't be that hard to create a connection
programmatically, via subprocess or one of the ssh shared libraries.
(Also, it'd be nice if I could include X-Koji-Build-Now: yes metadata
in the commit message and skip the secondary build invocation entirely,
or even go to a model where builds happen on commit by default,
with a way to opt-out)
More information about the rel-eng
mailing list