Buildbot worker security

We are looking into creating an LLVM buildbot worker, to build and test with XCore as the default target.

I understand the process in [1]. I have a worker building correctly under a local master.

Can we authenticate when the worker connects? That is, can we be sure we are connecting to the real master, and not to something that will send malicious commands? Can we use the --use-tls option or equivalent [2]? I haven’t seen authentication mentioned or found “tls” in zorg files.





+Galina Kistanova

Hello Nigel,

Sorry for the late reply.

You could use TLS when connecting workers to the buildbot.

Feel free to ping me when you are ready and I’ll provide you with instructions.