diff options
| author | bors-servo <lbergstrom+bors@mozilla.com> | 2019-01-07 13:33:42 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-01-07 13:33:42 -0500 |
| commit | 121cbd0078c5bd1693b040567e166a3ca55d7269 (patch) | |
| tree | d1c1897d7fee4179044f5af6b6e6b9b844389988 /components/script/dom/xr.rs | |
| parent | 54d15a307a93d98856673b88c410e2341b045e9f (diff) | |
| parent | 7a628080ec279cb78c6fdbde541d0ea3e1ac06de (diff) | |
| download | servo-121cbd0078c5bd1693b040567e166a3ca55d7269.tar.gz servo-121cbd0078c5bd1693b040567e166a3ca55d7269.zip | |
Auto merge of #22597 - servo:tc-pr, r=jdm
Taskcluster: run tidy on PRs
Taskcluster: run tasks for PRs from everyone
These tasks should be untrusted, since they run before review. The `repo:github.com/servo/servo:pull-request` role determines what scopes (permissions) those tasks have.
https://tools.taskcluster.net/auth/roles/repo%3Agithub.com%2Fservo%2Fservo%3Apull-request
~For more paranoia, we could run these tasks on entirely separate worker types (machine pools). For now, maybe being careful to to give scopes for any kind of write access is hopefully enough.~
There seems to be no way to disable the "docker-in-docker" feature, which could allow tasks to escalate to root on the host worker. So this uses a separate `servo-docker-untrusted` worker type. To manage cost, these workers are configured with `minCapacity: 0` and to shut down after 2 minutes idle. (This is a trade-off with the latency of spinning up new AWS EC2 instances.)
<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/22597)
<!-- Reviewable:end -->
Diffstat (limited to 'components/script/dom/xr.rs')
0 files changed, 0 insertions, 0 deletions