'Re: Automated usage of Gitlab'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-devel
Subject:    Re: Automated usage of Gitlab
From:       "=?utf-8?B?SnVsaXVzIEvDvG56ZWw=?=" <jk.kdedev () smartlab ! uber ! space>
Date:       2022-07-03 17:11:28
Message-ID: dcda239a5e6da5258411496c3cf4c91b9e7f995f () smartlab ! uber ! space
[Download RAW message or body]

3. Juli 2022 um 13:43, "Nicolas Fella" <nicolas.fella@gmx.de> schrieb:

> 
> On 7/3/22 12:45, Ben Cooksley wrote:
> 
> > 
> > Hi all,
> > 
> > Recent analysis of the logs of our Giltab instance has revealed
> > numerous instances of files being directly retrieved from Gitlab
> > (using the /raw/ API). Much to my incredible sadness, this has
> > included accesses being made by KDE Applications themselves.
> > 
> > As a reminder, automated access to the "raw files" API of Gitlab is
> > strictly prohibited and not permitted under any circumstances. The
> > only use of it which is allowed is within .gitlab-ci.yml files to
> > import job definitions from sysadmin/ci-utilities.
> > 
> > At this time I am tracking:
> > - Retrieval of qt/qt/qtbase - .qmake.conf and extra-cmake-modules -
> > FindUDev.cmake and  COPYING-CMAKE-SCRIPTS from systems operating in
> > Microsoft Azure using curl.
> > 
> > - Retrieval of *.colors files from the Breeze repositories,
> > originating from KDE CI/CD servers, likely as a consequence of unit
> > tests or Craft builds
> > 
> 
> That looks like
> https://invent.kde.org/packaging/craft-blueprints-kde/-/blob/master/kde/kdemultimedia/kdenlive/kdenlive.py#L116
>  
> That's the only usage of raw invent URLs I see in craft-blueprints-kde

I removed that code now. It was introduced in a pre GitLab time and later just \
ported, but not need anymore. See \
https://invent.kde.org/packaging/craft-blueprints-kde/-/commit/26d86498d6deaf3183723575d487379f01525607


> 
> > 
> > - Retrieval of various code examples from various repositories,
> > originating from KDE CI/CD servers, likely due to unit tests or Craft
> > builds utilising them
> > 
> > - Retrieval by Digikam itself of files from the Digikam code
> > repository (see
> > https://invent.kde.org/graphics/digikam/-/blob/master/core/libs/onlineversion/onlineversionchecker.cpp)
> >  
> > The last one is particularly upsetting, as this is how we ended up
> > with a bad situation with Discover.
> > 
> > Developers - please discuss with Sysadmin before implementing
> > functionality in your software that communicates with KDE.org
> > infrastructure so we can ensure that the endpoints you are contacting
> > are highly scalable.
> > Gitlab does not meet this criteria by any definition at all.
> > 
> > If we could please get these corrected that would be appreciated.
> > 
> > Thanks,
> > Ben
> > 
> 

Julius Künzel
Volunteer KDE Developer, mainly hacking Kdenlive
KDE GitLab: https://my.kde.org/user/jlskuz/
Matrix: @jlskuz:kde.org


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic