From f5ca8fcfbf61bdc3f7f7943f1da30913c95eb510 Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Fri, 28 Apr 2023 10:24:20 -0700
Subject: [PATCH] koji: add scm plugin

Add a scm plugin and some policy for it.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
---
 roles/koji_builder/templates/kojid.conf | 1 +
 roles/koji_hub/templates/hub.conf.j2    | 6 ++++++
 2 files changed, 7 insertions(+)

diff --git a/roles/koji_builder/templates/kojid.conf b/roles/koji_builder/templates/kojid.conf
index 9e67b307f2..a99f6679a0 100644
--- a/roles/koji_builder/templates/kojid.conf
+++ b/roles/koji_builder/templates/kojid.conf
@@ -163,6 +163,7 @@ keytab = /etc/kojid/kojid.keytab
 {{ plugins.append("osbuild") }}
 {% endif %}
 
+{{ plugins.append("scmpolicy") }}
 
 ; Config for the runroot plugin lives in /etc/kojid/runroot.conf, if enabled
 plugins = {{ plugins | join(" ") }}
diff --git a/roles/koji_hub/templates/hub.conf.j2 b/roles/koji_hub/templates/hub.conf.j2
index 92ec52e9d7..ebf0fe8efd 100644
--- a/roles/koji_hub/templates/hub.conf.j2
+++ b/roles/koji_hub/templates/hub.conf.j2
@@ -211,3 +211,9 @@ build_from_scm =
     # allow to build from forks
     match scm_type GIT GIT+SSH && match scm_host src.fedoraproject.org/forks/* :: allow
 {% endif %}
+
+scm =
+      # allow scratch builds from any commits
+      bool scratch :: allow
+      match_all branches * !! deny Commit must be present on some branch
+      all :: allow