@Richard I raise the question on apache infra, and there is no plan to automatically build PRs from non-committers on the on-demand CI infra. This for security reasons as currently implemented in the current CI infra.
@Swell, Thank you for including the github actions for PR on 9.x branch. I included the jenkins job creation for branch 9.x via TOMEE-4178 too. El mar, 31 ene 2023 a las 6:59, Swell (<[email protected]>) escribió: > about PR builds in GitHub > > i saw there is: > * no GitHub actions for Pull Requests on *branch 9.x* (code in main branch) > * inversions of PR and non PR keys for the GitHub cache on *branch main* > > i have a PR ready if both needed. > > -- > Swell > > On Tue, 31 Jan 2023 at 00:32, Cesar Hernandez <[email protected]> > wrote: > > > Thank you for the update Richard, I was not aware that Jenkins jobs have > > the same restriction Github Actions has about not building PR's from > > non-committers. > > Indeed I have met with the INFRA team, and I'll raise these questions > about > > non-committers PR's. > > > > El lun, 30 ene 2023 a las 7:27, Richard Zowalla (<[email protected]>) > > escribió: > > > > > Hi all, > > > > > > the topic appeared a few times on the list. Short summary to remember: > > > > > > Currently, we cannot automatically build PRs from non committers due to > > > ASF restrictions on Jenkins. INFRA (and I think Cesar?) is working on > > > better build nodes (ephermal runners on AWS) to improve Jenkins > > > performance and reduce the risk for security issues originating from > > > PRs. > > > > > > At the moment I (most of the time) manually created jobs to get some > > > feedback on PRs. To avoid that manual step, I created two parameterized > > > jobs: > > > > > > - Java 8: > > > https://ci-builds.apache.org/job/Tomee/job/pull-request-8.x-manual/ > > > - Java 11: > > > https://ci-builds.apache.org/job/Tomee/job/pull-request-manual/ > > > > > > They can be (manually triggered by any TomEE committer) either on the > > > TomEE GitHub repo itself or on any fork. The branch is also a > > > parameter. I think, that the security concern (from INFRA) is ok here > > > as a build isn't triggered automatically and requires committer > > > intervention to actually run. > > > > > > Happy building. > > > > > > Gruß > > > Richard > > > > > > > > > -- > > Atentamente: > > César Hernández. > > > -- Atentamente: César Hernández.
