[llvm-dev] GitHub Hooks
Tim Northover via llvm-dev
llvm-dev at lists.llvm.org
Tue Jul 19 14:29:33 PDT 2016
On 19 July 2016 at 13:44, Vedant Kumar via llvm-dev
<llvm-dev at lists.llvm.org> wrote:
>> https://help.github.com/articles/about-required-status-checks/
>
> Does this require submitting a PR for each commit?
It shouldn't do. It looks like the workflow would be:
1. Make your changes locally.
2. Push to your own fork (alternatively your own branch on github).
3. Run a sanity-check script that then POSTs to the status API on this
branch to indicate success.
4. git push to master.
I'm guessing a bit with step 2 -- I assume it has to allow statuses
from other forks, otherwise there would be chaos on LLVM's main
repository.
What I'm still not entirely clear on is how the status is
authenticated, it looks like it has to be an entirely trust-based
system. It doesn't look like you can check "this status was set by a
server at llvm.org".
>From here and IRC, it seems like the current checks we might want are:
1. Linear history.
2. Monotonic timestamps.
3. No timestamps from the future (checked against a reliable internet
clock, not locally).
Tim.
P.S. Notes on using statuses for experiments:
1. Create OAuth token here https://github.com/settings/tokens (scope
should be repo:/status).
2. Put simple status json into file:
{
"state": "success",
"target_url": "https://example.com/build/status",
"description": "The build succeeded!",
"context": "sanity-check"
}
3. Update a commit on GitHub. E.g. (last hash is a commit, substitute
your username/OAuth token for authentication):
curl -H "Content-Type: application/json" -u TNorthover:<OAuth SHA>
--data @simple.txt
https://api.github.com/repos/TNorthover/tmp/statuses/d0679d64a1f8b70bb33d27123ff4ed23dad18012
4. Now that at least one status exists, you can enable protected
branch on your project. I have https://github.com/TNorthover/tmp for
now (with master protected). I'd be happy to add anyone as a developer
if they want to play too (could be good for testing the fork
behaviour).
5. GitHub will deny a push to master unless it has a visible commit
with the successful status.
More information about the llvm-dev
mailing list