[Rpm-maint] [rpm-software-management/rpm] Implement a way to ensure build artifacts integrity after the `%build`, and during post-build phases like `%check` (Discussion #3009)

Miroslav Suchý notifications at github.com
Tue Apr 2 14:59:46 UTC 2024


When you run rpmbuild directly I would argue that you do not care about security already :) I guess it will be hard for rpmbuild to handle remounts for you. While it is no brainer for Mock.
What mock will need to have in rpm implemented is:
1) rpmbuild -ba --nocheck foo.spec  # this already exists
2) rpmbuild -bC  --short-circuit # C as check, i.e. short circuit directly to %check section and not running anything else.

Between these two steps, Mock can fetch results and remount the filesystem.


-- 
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/discussions/3009#discussioncomment-8985347
You are receiving this because you are subscribed to this thread.

Message ID: <rpm-software-management/rpm/repo-discussions/3009/comments/8985347 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20240402/2b15cba2/attachment-0001.html>


More information about the Rpm-maint mailing list