Some jenkins plugins can allow a certain list of (github) users to be automatically tested, but for unknown users the PR has to be okay'ed by a known user (or a shorter admin list) to give the go-ahead via a comment on the review. One of those approved people can also add the unknown user to the list of known users via a review comment.
Used this scheme on a quite old version of jenkins, but I assume something like it is still around. https://plugins.jenkins.io/ghprb --Steve > -----Original Message----- > From: Joan Touzet <woh...@apache.org> > Sent: Friday, January 4, 2019 1:07 PM > To: builds@apache.org > Subject: Re: PRJenkins builds for Projects > > > ----- Original Message ----- > > From: "Allen Wittenauer" <a...@effectivemachines.com.INVALID> > > > This is the same model the ASF has used for JIRA for a decade+. > > It’s always been possible for anyone to submit anything to Jenkins > > and have it get executed. Limiting PRs or patch files in JIRAs to > > just committers is very anti-community. (This is why all this talk > > about using Jenkins for building artifacts I find very > > entertaining. The infrastructure just flat out isn’t built for it > > and absolutely requires disposable environments.) > > Then we build a new, additional Jenkins that is committer-only (or PMC- > only, perhaps, if it's for release purposes). This is a tractable > problem. > > We are stuck at an impasse where people need something to reduce the > manual workload, and we have an obsolete policy standing in its way. > We must be the last organisation in the world where people are forced > to release software through a manual process. > > I don't see why this is something to be gleeful about. > > -Joan
