On Mon, Oct 20, 2014 at 6:25 PM, Stefan Hajnoczi <stefa...@redhat.com> wrote: > Hi, > At KVM Forum 2014 we discussed a patch checking bot that automates patch > format checking and smoke testing: > > 1. Did the patch submitter include Signed-off-by? > 2. Does checkpatch.pl pass? > 3. Does the patch apply to qemu.git/master? > 4. Does each patch compile? > 5. Does the series pass make check and qemu-iotests? > > Here are some thoughts on the patch checker: > > If a patch series passes successfully, no email is sent. If a patch > series fails, an email with the errors is sent as a reply to the patch > series email thread. The patch submitter can then respond in case there > are false positive (e.g. from checkpatch.pl) - the bot doesn't care > about replies but it tells the human reviewers and maintainers what the > patch submitter intends to do. > > The bot should detect new patches within 15 minutes so humans can rely > on it to perform these basic checks before they review the patch series. > > There should be a web page showing the check status of each patch series > on the mailing list. This allows anyone to see which patch series have > passed, failed, or are pending check. > > Ideas on the implementation: > > The "patches" tool allows querying patch series on the mailing list. It > can be used to apply patches to a git tree and display patches in mbox > format: > > https://github.com/stefanha/patches/tree/stefanha-tweaks > > Patch series contain untrusted code so it is critical that operations > are performed inside a sandbox. Otherwise people could send email to > qemu-devel@nongnu.org with Makefile or checkpatch.pl changes that get > executed with the bot's privileges! > > Use docker or lxc to run a container for builds. The root file system > should be fresh for each build so previous builds cannot affect later > ones. The container cannot have external networking connectivity (for > security).
A small question: if the container doesn't have network connectivity, where does the bot's checking scripts read the patch mail from? > > Include automated deployment scripts so bot instances can be created > easily. Here is an example of automated deployment scripts written with > Fabric that I use for VM that builds the QEMU "patches" database: > > https://github.com/stefanha/qemu-patches
