CI system for PR builds (was: Re: Changing default cxx_stdlib to libc++)

db iamsudo at gmail.com
Thu Mar 15 12:00:14 UTC 2018


On 15 Mar 2018, at 05:13, Ryan Schmidt <ryandesign at macports.org> wrote:
> Because PRs come from untrusted sources, we have to assume their contents are tainted. So after any PR is finished building, the VM is tainted and we have to throw it away and make a new one from our template for the next PR build.

> On Mar 14, 2018, at 07:25, db wrote:
>> Otherwise, you could make the machines sync to the packages public server for the distributable, and to a private server for the non-distributable binaries.
> I can't find an interpretation of that sentence that helps to solve the prepopulation problem.

I didn't know how you handled the templating. Couldn't you just prepopulate the cloned VM, take a snapshot, build the PR, restore the snapshot, eventually, delete the snapshot, update outdated, then retake it?



More information about the macports-dev mailing list