Ticket #200 (new enhancement)

Opened 8 months ago

Provide HTTP auth around build buttons

Reported by: zandr Assigned to:
Priority: major Milestone: undecided
Component: buildprocess Version: 0.7.6
Keywords: Cc:

Description

Allmydata.com runs several Buildbot instances for various projects, both internal and external. In many cases we have slaves providing builds for community projects, and we have community provided slaves building our projects.

As such, there's some tension between contributors being able to invoke builds, and desire to keep malicious bots from DoSing? our slaves. (Not that this has happened yet)

An obvious solution would be to wrap the build button with http basic auth, and automatically populate that table with the buildslave logins. Thus running a slave gives you permission to make it do work. I'm not terribly concerned about making things more granular than that (such that you can only make *your* slave run), at least not yet.

I'll be implementing this manually for Allmydata next week, but it seems like it would be simple and valuable to add some of this to Buildbot itself.