jdm
commented
4 years ago In general our build.servo.org services rely on secrets that need to be provided as part of the submission process (eg: https://github.com/servo/standups/blob/415c2fe2a399575740cd9ce585eeff0b11fafec1/standups/flask_server.py#L90). The crash reporter would need to embed the secret in the binary, which is unavoidable, but it's Good Enough for casual attempts to abuse the server.
We would be able to store the secret in taskcluster rather than the repository, so it would only be added to nightly builds, and we could add a simple #define override mechanism to make it easy to add to local builds when necessary.
paulrouget
bors-servo
Flask: https://github.com/paulrouget/crash-reporter - this will need a review, and be migrated under github.com/servo. Tested and appears to work as expected.
Saltfs configuration is blindly copy/pasted from the intermittent-tracker code.
@jdm can you give a quick a look at the flask code? And do we have any mechanism in place to prevent abuse of the different build.servo.org services?