Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add users option to both GitHub and Gitea restricting project owners #394

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add users option to both GitHub and Gitea restricting project owners #394

wants to merge 1 commit into from
+106 −12

Conversation

MagicRB
Copy link
Contributor

@MagicRB MagicRB commented Feb 12, 2025

Hopefully closes #393

@MagicRB MagicRB marked this pull request as draft February 12, 2025 11:25
@MagicRB
Copy link
Contributor Author

MagicRB commented Feb 12, 2025

@zowoq this looks good? I tested the Gitea backend at it works, didn't test the GitHub one as I don't have GitHub setup, but it should work. @Mic92 can you test?

@MagicRB MagicRB marked this pull request as ready for review February 12, 2025 13:12
@zowoq
Copy link
Contributor

zowoq commented Feb 13, 2025

Tested removing the topic and using only the repoAllowlist in nix-community, adding/removing repos works, did need to change the buildbot-nix topic default from build-with-buildbot to null.

-      topic = "nix-community-buildbot";
+      repoAllowlist = [
+        "nix-community/authentik-nix"
+        "nix-community/autofirma-nix"
+        "nix-community/dream2nix"
+        "nix-community/ethereum.nix"
+        "nix-community/infra"
+        "nix-community/lanzaboote"
+        "nix-community/neovim-nightly-overlay"
+        "nix-community/nix-direnv"
+        "nix-community/nix-index"
+        "nix-community/nix4nvchad"
+        "nix-community/NixNG"
+        "nix-community/nixos-facter"
+        "nix-community/nixos-facter-modules"
+        "nix-community/nixos-generators"
+        "nix-community/nixos-images"
+        "nix-community/nixpkgs-update"
+        "nix-community/nixpkgs-xr"
+        "nix-community/nixvim"
+        "nix-community/raspberry-pi-nix"
+        "nix-community/srvos"
+      ];
diff --git a/nix/master.nix b/nix/master.nix
index 2a75c8f74..3a3fc8854 100644
--- a/nix/master.nix
+++ b/nix/master.nix
@@ -374,7 +374,7 @@ in
         };
         topic = lib.mkOption {
           type = lib.types.nullOr lib.types.str;
-          default = "build-with-buildbot";
+          default = null;
           description = ''
             Projects that have this topic will be built by buildbot.
             If null, all projects that the buildbot Gitea user has access to, are built.
@@ -453,7 +453,7 @@ in
         };
         topic = lib.mkOption {
           type = lib.types.nullOr lib.types.str;
-          default = "build-with-buildbot";
+          default = null;
           description = ''
             Projects that have this topic will be built by buildbot.
             If null, all projects that the buildbot github user has access to, are built.

@MagicRB
Copy link
Contributor Author

MagicRB commented Feb 13, 2025

You should be able to just set it to null no? I think that building everything by default is not a good idea.

@Mic92
Copy link
Member

Mic92 commented Feb 13, 2025

You should be able to just set it to null no? I think that building everything by default is not a good idea.

I think this was just for testing not intended as the new default.

Mic92
Mic92 reviewed Feb 13, 2025
View reviewed changes
nix/master.nix
userAllowlist = lib.mkOption {
type = lib.types.nullOr (lib.types.listOf lib.types.str);
default = null;
description = "If non-null, specifies users/organizations that are allowed to use buildbot, i.e. buildbot-nix will ignore any repositories not owned by these users/organizations.";
Copy link
Member

@Mic92 Mic92 Feb 13, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we mention here that this in addition to the buildbot github topic?

@zowoq
Copy link
Contributor

zowoq commented Feb 13, 2025

You should be able to just set it to null no? I think that building everything by default is not a good idea.

I think this was just for testing not intended as the new default.

Was kind of thinking of a new default. Could have an assert requiring that one or more of topic, userAllowlist, repoAllowlist is set? But maybe not be worth the disruption for other users.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Mic92 Mic92 Mic92 left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add way to ignore installations based on the owner of the repository
3 participants
@MagicRB @zowoq @Mic92