Closed mslacken closed 1 year ago
this would be for one a grave security risk and not be in an reproducible environment.
We could support buildtime services, but then again, you can not build an environment without a spec file ...
so you would first need to create a VM just for prepocessing the source. Not sure if this approach is scaling...
this would be for one a grave security risk and not be in an reproducible environment.
We could support buildtime services, but then again, you can not build an environment without a spec file ...
so you would first need to create a VM just for prepocessing the source. Not sure if this approach is scaling...
I also thought about this and had following two ideas:
osc build --scmsync_post
and print a big warning sign if there is a <scmsync_post>
tag. devel_basis
installed should fit for most of the caseswe don't have containers on this level.
But what maybe is working for you is to work with source services. You may have a specific which you may run on local builds and also server side at buildtime (no network access then).
You can have any own service, if you provide it yourself in your project and are brave enough to install it on your workstation.
Would that be a solution for you?
What about osc co
making sure there is for every git-managed package a .git/hooks/post-update
hook:
#!/bin/sh
exec osc service remoterun
We support source services execution meanwhile also for scmsync packages or projects.
That means you can execute anything, but you need to provide a service. And you need to install it locally if you want to run it locally.
Some upstream project tend to have only a
FOO.spec.in
and tend to create a real spec file with e.g.make genconfig
. Is there a way to call a script via the meta tags, like?