[Gluster-infra] separating code analysis from download

Kaleb KEITHLEY kkeithle at redhat.com
Thu Nov 5 11:13:52 UTC 2015 

<top post>
How about devel.gluster.org? Or upload.gluster.org?

Either one would be reasonable for nightly coverity/clang/etc reports as
well as community uploads?

</top post>


On 11/05/2015 04:31 AM, Michael Scherer wrote:
> Hi,
> 
> as part of the hardening of the infra (as I do not want to have to deal
> again with the same type of issue as we dealt with the shell.gluster.com
> compromise), I would like to keep download.gluster.org restricted as
> much as possible and used only for "official" download.
> 
> And also keep everything in salt, which didn't happen as soon as 2 days
> after putting the new server in production (which would make me scream
> if I was not forbidden for medical reason this week), since the static
> analysis results and a separate user were added without telling. 
> 
> So in order to lock down again the server, I propose to change that.
> 
> As there is a need to share data as part of development, I would propose
> 2 things:
> 
> - place all automated tests reports (ie, stuff like the coverty reports,
> etc) on a separate server. This way, a compromise of the automated tests
> client wouldn't result into suspicion on the download server, and as we
> do not need backup and redundancy for them, this would simplify the work
> and requires less ressources.
> 
> I would have done that right away if I had a idea of a correct naming
> for the server. So if someone find a name that has some kind of
> consensus by the end of the week, I will take it. Otherwise, people will
> have to live with whatever horrible name I find ( I guess
> reports.gluster.org might be my choice for now ). Someone will have to
> fix the docs we have somewhere, if we have.
> 
> - place all user produced data in a separate people.gluster.org
> webserver. This would permit to give back some freedom to share stuff to
> the community, but this one would requires that I finish to setup
> freeipa first, and that we decide who has access, or under what
> condition. 
> 
> If no one protest or comment by end of the 11th of november, I will
> consider as full acceptance for whatever I will do.
> 
> 
> 
> _______________________________________________
> Gluster-infra mailing list
> Gluster-infra at gluster.org
> http://www.gluster.org/mailman/listinfo/gluster-infra
>

More information about the Gluster-infra mailing list