scratch buildds
Hi!
Fedora has an awesome feature for packagers: scratch builds. It would be
great if we could steal the idea.
I find myself doing incremental uploads just to fix bugs that the previous
upload revealed on some weird arch. At home, I can reasonably test only
amd64 and arm64 -- especially if valgrind is involved, qemu-user is not up
to scratch. There are porterboxes but using them is inconvenient and
involved, especially when the task is "build on all archs, report failures".
Thus, what would you guys say about a new distribution, "scratch"? It would
be a kind of extra-experimental that doesn't put its build results anywhere
persistent. Throwing away built .debs would be ok, keeping just logs.
Like any other upload currently, it would be restricted to DDs/DMs only --
I'm told buildds have inadequate isolation to run untrusted builds, even
without taking into account container/VM escapes, etc. On IRC, Ansgar
requested keeping signed records as a precaution against hijacked DD
accounts; that idea sounds good to me.
While every of us can (and in 99% cases does) test on amd64, it would be
nice to ease testing elsewhere as well.
Meow!
--
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Remember, the S in "IoT" stands for Security, while P stands
⢿⡄⠘⠷⠚⠋⠀ for Privacy.
⠈⠳⣄⠀⠀⠀⠀
Reply to: