-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Lance/repros support #486
base: main
Are you sure you want to change the base?
Lance/repros support #486
Conversation
d7b0430
to
82127f4
Compare
Hi @lrvick , I have a series of questions and comments on this. First, is this a branch that's still in flux (= draft PR) or a full PR that's ready for comments and review? I'm not aware of an engineering ticket on Linear that's linked to this (not totally surprising based on recent conversations). However, the PR itself also has no code comments, notes on non-trivial/potentially unexpected parts, or a high-level summary. The primary reason I'm mentioning this is are the changes to What is this The I expect As outlined, I think TOFU isn't a good choice here, since the TOFU check and the usage are so close to each other and will repeat on every GitHub action run. Instead, I highly recommend configuring the runner with the pre-determined fixed expected host keys, namely:
(Side note, the benefit from the One practical scenario where the current definition would hurt us is if we cancel the Hetzner server, someone else gets authoritative control over the IP after it gets reassigned to another customer, and we forget about cancelling our runner job in time. Then they could setup a kind of ssh honeypot that accepts the incoming ssh + git requests and cause problems. This attack would not have to be Turnkey-specific or even targeted at us. |
On a related note, it would be helpful for https://github.com/tkhq/repros-sigs to have a |
Summary & Motivation (Problem vs. Solution)
How I Tested These Changes
Pre merge check list