New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add security-testing repo to nightly runs #70

Open

deeplow opened this issue Jun 13, 2024 · 1 comment

deeplow commented Jun 13, 2024

Add security-testing to nightly test runs. Ping @legoktm

(not sure if this is the right repo, feel free to transfer the issue)

Member

legoktm commented Jun 13, 2024

Thanks for filing and yes, correct repo. The goal here is to run our CI with proposed security fixes to help with catching any possible regressions.

https://www.qubes-os.org/doc/how-to-install-software-in-dom0/#testing-repositories is the documentation I found on how to enable security-testing.

To enable or disable any of these repos permanently, change the corresponding enabled value to 1 in /etc/yum.repos.d/qubes-dom0.repo.

So I think we'd want:

When the VM boots up, we enable the repository permanently
run sudo qubes-dom0-update -y to pull in any pending changes
Reboot the VM
Then we kick off our provisioning and test run.
When we send the notification back to Slack, it should clearly indicate that this was a variant with security-testing enabled.

I think this mimics what a real world experience would be.

Only problem is that we don't yet have the ability to reboot, but we need/want that for other things, so maybe we should just do it.

legoktm mentioned this issue

Determine strategy for variant jobs #75

Open

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment