[Buildbot-devel] [PATCH 0/11] Patch series to enhance the WebStatus

[Brian Warner]

On Thu, 15 Nov 2007 23:43:24 +0100
Benoit Sigoure <tsuna at lrde.epita.fr> wrote:

> Hi list (I hope these mails make their way to the list this time)

Thanks!

I've applied patches 1 through 8 to trunk, with some minor changes to the
wording of the generated HTML. Your patches are wonderful! So precise and
clear! It was very easy to review them.

I ran out of time tonight before getting to examine 9 through 12. In general,
I like the idea of being able to upload a diff to the web page, but we have
to be very very careful with this because anyone who can provide the diff
gets to control all the buildslaves.. that's why I've been using much
stronger authentication mechanisms with the 'buildbot try' tool than with
regular force-build commands.

Being able to use LDAP as an authentication backend is a nifty idea. I assume
that the library you're using is going to block, though, which isn't quite in
keeping with the rest of the twisted-based system (specifically if the LDAP
server takes more than a moment to respond, everything else in the
buildmaster will be stuck waiting for it.. other waterfall users, build
scheduling, sending out slave commands, etc).

Twisted has an authentication framework named 'Cred' that is partially
supported by twisted.web and might be a more 'official' way to implement
password-protection on specific web pages. (by 'more official' I mean more
likely to be supported by other Twisted developers and libraries). I haven't
really used it much, though, so I couldn't say whether it is suitable for
this purpose. The ideal approach would be a Cred-based LDAP client, but I
don't even know if such a thing exists.

Ok, I have to get to sleep now. I'll try to grab some time to review the
remaining patches and comment more on them this coming weekend.

thanks for all the excellent work!

cheers,
 -Brian