diff options
author | Karen Arutyunov <karen@codesynthesis.com> | 2017-05-25 21:12:03 +0300 |
---|---|---|
committer | Karen Arutyunov <karen@codesynthesis.com> | 2017-05-31 01:10:52 +0300 |
commit | d6a34b68d4667d4b99c1e76d63604a7bc1c9c3dd (patch) | |
tree | b3429ea208e804bdd4b7f80416510e509ff36181 /mod/options.cli | |
parent | 94b04d166c1041028571222b9931121b0f7dfded (diff) |
Add support for bbot agent authentication
Diffstat (limited to 'mod/options.cli')
-rw-r--r-- | mod/options.cli | 42 |
1 files changed, 40 insertions, 2 deletions
diff --git a/mod/options.cli b/mod/options.cli index 65f5549..e6beb6e 100644 --- a/mod/options.cli +++ b/mod/options.cli @@ -52,6 +52,27 @@ namespace brep } }; + class openssl_options + { + path openssl = "openssl" + { + "<path>", + "The openssl program to be used for crypto operations. You can also + specify additional options that should be passed to the openssl + program with \cb{openssl-option}. If the openssl program is not + explicitly specified, then \cb{brep} will use \cb{openssl} by + default." + } + + strings openssl-option + { + "<opt>", + "Additional option to be passed to the openssl program (see + \cb{openssl} for details). Repeat this option to specify multiple + openssl options." + } + }; + class package_db { string package-db-user @@ -107,14 +128,31 @@ namespace brep } }; - class build + class build: openssl_options { path build-config { "<buildtab>", "Build configuration file. If not specified, then the package building functionality will be disabled. If specified, then the build database - must be configured (see \cb{build-db-*})." + must be configured (see \cb{build-db-*}). The \cb{brep} instance + needs to be restarted after modifying <buildtab> for the changes to + take effect." + } + + dir_path build-bot-agent-keys + { + "<dir>", + "Directory containing build bot agent public keys. If specified, then + \cb{brep} will perform agent authentication and will reject build + results from unauthenticated ones. If not specified, then build + results are accepted from all agents (which will be a security + risk if the \cb{brep} instance is publicly accessible). + + The directory is expected to contain one PEM-encoded public key + per file with the \cb{.pem} extension. All other files and + subdirectories are ignored. The \cb{brep} instance needs to be + restarted after adding new key files for the changes to take effect." } size_t build-forced-rebuild-timeout = 600 |