|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [PATCH 1/3] CI: Remove CI_COMMIT_REF_PROTECTED requirement for HW jobs
This restriction doesn't provide any security because anyone with suitable
permissions on the HW runners can bypass it with this local patch.
Requiring branches to be protected hampers usability of transient testing
branches (specifically, can't delete branches except via the Gitlab UI).
Drop the requirement.
Fixes: 746774cd1786 ("automation: introduce a dom0less test run on Xilinx
hardware")
Fixes: 0ab316e7e15f ("automation: add a smoke and suspend test on an Alder Lake
system")
Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
---
CC: Roger Pau Monné <roger.pau@xxxxxxxxxx>
CC: Stefano Stabellini <sstabellini@xxxxxxxxxx>
CC: Michal Orzel <michal.orzel@xxxxxxx>
CC: Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx>
CC: Oleksii Kurochko <oleksii.kurochko@xxxxxxxxx>
Fixes because this wants backporting, but it also needs acks from both Marek
and Stefano as the owners of the hardware in question.
---
automation/gitlab-ci/test.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/automation/gitlab-ci/test.yaml b/automation/gitlab-ci/test.yaml
index ad249fa0a5d9..efd3ad46f08e 100644
--- a/automation/gitlab-ci/test.yaml
+++ b/automation/gitlab-ci/test.yaml
@@ -92,7 +92,7 @@
when: always
only:
variables:
- - $XILINX_JOBS == "true" && $CI_COMMIT_REF_PROTECTED == "true"
+ - $XILINX_JOBS == "true"
tags:
- xilinx
@@ -112,7 +112,7 @@
when: always
only:
variables:
- - $QUBES_JOBS == "true" && $CI_COMMIT_REF_PROTECTED == "true"
+ - $QUBES_JOBS == "true"
tags:
- qubes-hw2
--
2.30.2
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |