[GSoC] Progress Report

Rainer Müller raimue at macports.org
Sun Jun 4 21:13:54 UTC 2017


On 2017-06-04 14:49, Zero King wrote:
> GSoC coding phrase has begun and I'm implementing a CI bot that runs on
> Travis CI and tests pull requests.
> 
> My project includes two bots, the CI bot testing pull requests and the
> PR bot assigning labels to PRs and notify maintainers.

As far as I understand it, the CI "bot" are just scripts to be executed
on Travis CI, but the PR bot will be a daemon process running on our own
infrastructure?

> The design docs are available at https://github.com/l2dy/mpbot-design,
> but the code is not functional yet so I'm not sharing it for now.

Quoting from the linked document:

| 1. List subports
| 2. port lint test
| 3. port -d install test
| 4. Send data to CI bot
                  ^^
That is supposed to be PR bot, right?

| The CI bot generates an ECDSA key pair on start and prints the public
| key on Travis log. While testing ports, the bot attempts handshake
| with the PR bot by signing the salt PR bot provided (TCP or HTTP?).
| The PR bot would grab the public key from Travis logs and verify the
| signature.

This seems overly complex. In case the CI bot needs to communicate with
the PR bot directly, shouldn't a simple password/access token passed in
the environment [1] be secure enough for this? Or are we running into
these restrictions [2]?

As I see it, the status of the PR on GitHub needs to be updated. Travis
already has functionality to do so, what role does the PR bot play at
that point? Couldn't it just pick up the notification from GitHub [3]?

Rainer

[1] https://docs.travis-ci.com/user/environment-variables/
[2]
https://docs.travis-ci.com/user/pull-requests/#Pull-Requests-and-Security-Restrictions
[3]
https://developer.github.com/v3/activity/events/types/#pullrequestreviewevent


More information about the macports-dev mailing list