[Buildbot-devel] authenicated SVN checkouts..
Charles Hardin
chardin at 2wire.com
Thu Jun 29 16:30:15 UTC 2006
>
> A question though.. if you are prohibiting public read-only access to
your
> source code this way, aren't you also prohibiting public viewing of
your
> build logs? In this case, having authentication secrets exposed in the
logs
> might not be that much of a problem.
>
Sorta, our particular lunacy is focused around auditing the builds that
get done, so we have an LDAP backend that is used for svn access
restriction and a modification to the buildbot "force page" for
username/password...
The problem with this little endeavor is that the LDAP backend is the
corporate account - so, the passwords are your email passwords - etc...
This is mainly so we don't have to administer a password database - just
leave it to IT to manage the "builds" group for permissions...
So, the buildslaves are restricted access - only ssh and the admins can
get onto the machines to see the logs and we've been trying to make sure
the patches cover not showing the passwords in the logs... And, then
trying to make sure the web pages don't leak any information either...
>
> cheers,
> -Brian
Hopefully, not more confusing...
Charles
More information about the devel
mailing list