From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by sourceware.org (Postfix) with ESMTPS id 0929E3858C55 for ; Tue, 20 Sep 2022 14:26:57 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 0929E3858C55 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1663684016; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to; bh=DSZik5DTWz10NsvX3QBUTE6I2NZG48n0FovZaVyhd6A=; b=cX8DYeKFSo4/+bh23p66b6OdOgb94ApDLONhOE1XIQhje9b3DHmLqs+aHOF2djUEB2t3Hp 2PnUzdnMfTcKkZnExgDaVRERXD83dAFmKOG5M8mmBQX8XiJkf/x8XWlmA3r2dA4VqRVwmh T/hHqoNbTorCpbtbmXmzmiZ9E9nlHFM= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-358-zK7z0zJ1P-StIVcjIDcaAg-1; Tue, 20 Sep 2022 10:26:53 -0400 X-MC-Unique: zK7z0zJ1P-StIVcjIDcaAg-1 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 4F739801231; Tue, 20 Sep 2022 14:26:53 +0000 (UTC) Received: from greed.delorie.com (unknown [10.22.8.19]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 3269240C206B; Tue, 20 Sep 2022 14:26:53 +0000 (UTC) Received: from greed.delorie.com.redhat.com (localhost [127.0.0.1]) by greed.delorie.com (8.15.2/8.15.2) with ESMTP id 28KEQguu2499031; Tue, 20 Sep 2022 10:26:42 -0400 From: DJ Delorie To: "Carlos O'Donell" Cc: siddhesh@gotplt.org, libc-alpha@sourceware.org Subject: Re: Run TryBot-apply_patch on the full queue? In-Reply-To: Date: Tue, 20 Sep 2022 10:26:42 -0400 Message-ID: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.1 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain X-Spam-Status: No, score=-5.0 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW,SPF_HELO_NONE,SPF_NONE,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: "Carlos O'Donell" writes: > My only concern had been "how do you authenticate this?" > > However, after having slept a full night I realized that we need signed > emails, so the curator already needs to validate signatures. > > The "injection" API could take signed messages too? Any authentication needs to happen before the request is sent to the trybot. In our current scheme, it's the curator's job. If you write your own patchwork bot, it will be up to you to figure out what/if you're going to authenticate. I'll note that authentication isn't really required just to see if a patch *applies* though. It's a build that's a security issue. > Yes. We should just accept a "signed message" API? The trybot API is not public. It trusts the runner to manage authorizations. Curator authenticates, runner authorizes, trybot does[*]. > That would reuse all the same infrastructure we have for signed emails? Once we have that, sure, we can share bits of code between the curator and other patchbots. However, once we have that, we might not *need* to share that between patchbots, because the curator would handle those cases for us. But signed emails won't solve Siddhesh's request of retrying every pending patch every day, because they won't be signed. [*] because, as we all know; do or do not, there is no try.