Closed mslacken closed 1 year ago
adrianschroeter
commented
2 years ago this would be for one a grave security risk and not be in an reproducible environment.
We could support buildtime services, but then again, you can not build an environment without a spec file ...
so you would first need to create a VM just for prepocessing the source. Not sure if this approach is scaling...
mslacken
commented
2 years ago this would be for one a grave security risk and not be in an reproducible environment.
We could support buildtime services, but then again, you can not build an environment without a spec file ...
so you would first need to create a VM just for prepocessing the source. Not sure if this approach is scaling...
I also thought about this and had following two ideas:
osc build --scmsync_post and print a big warning sign if there is a <scmsync_post> tag. devel_basis installed should fit for most of the casesadrianschroeter
commented
1 year ago we don't have containers on this level.
But what maybe is working for you is to work with source services. You may have a specific which you may run on local builds and also server side at buildtime (no network access then).
You can have any own service, if you provide it yourself in your project and are brave enough to install it on your workstation.
Would that be a solution for you?
mcepl
commented
1 year ago What about osc co making sure there is for every git-managed package a .git/hooks/post-update hook:
#!/bin/sh
exec osc service remoterunWe support source services execution meanwhile also for scmsync packages or projects.
That means you can execute anything, but you need to provide a service. And you need to install it locally if you want to run it locally.
Some upstream project tend to have only a
FOO.spec.inand tend to create a real spec file with e.g.make genconfig. Is there a way to call a script via the meta tags, like?