[Buildbot-devel] Questions: edit the standard pages and use osx server to serve Buildbot pages trough it

Fulvio Cervone fcervone at me.com
Thu Jan 27 19:53:38 UTC 2011 

On Jan 27, 2011, at 11:20 AM, tom fogal wrote:

> Hi,
> 
> Please do not remove the list from the CC list.
> 


Sorry, pressed the reply instead of reply all.


> Fulvio Cervone <fcervone at me.com> writes:
>> On Jan 27, 2011, at 9:36 AM, tom fogal wrote:
>> 
>>> Fulvio Cervone <fcervone at me.com> writes:
>>> One alternative approach is to use apache or whatever you'd like
>>> (i.e. OS X's builtin stuff) to serve up the directories buildbot
>>> creates, so users could view all the log files on the standard http
>>> port.  You get ultimate customization that way.. but of course a
>>> lot more work, too :)
>> 
>> I am curious at this point to know how you all protect your
>> buildbots....I as sume that you must have at least some sort of auth
>> system to allow only few u sers to launch a build process or get info
>> about what was committed and by wh o....I would love to have a mini
>> auth server bundled with BB for these cases, but in the meantime
>> gotta find a solution to protect it....any suggestion is more than
>> welcome.
> 
> Users don't start builds.  Commits to the repository start builds.
> 
> Of course, you could always just setup no schedulers, enable the
> "build" buttons in the web UI, and force your users to click the button
> every time they want a build to happen.  That kind of defeats the
> point, though.
> 
> It seems your main confusion is how a CI system works, in the above
> regard; there really isn't any need for authorization, because
> generally there are not any harmful bits exposed that someone could
> fiddle with.
> 

Well, I am aware of how the system works; probably I didn't explained myself well enough and I apologize for that.

My point is that if i have my web server with my project running on the BB, called "my next secret application for mac"; and people can see on my buildbot page the name of the project, or see in the comments for the commits where the other devs says "added feature to make coffee" or "improved the scan of the barcode" and such; in fact they are gathering informations about my project,  while is not time yet to make it public.

So my point is to protect my pages, so only people in my team can see what is going on, and they are not all on my network, so i must have the buildbot running on a machine that is visible from outside (and osx server fits perfectly, at least from what i heard about it); so my next logical step was to just turn on ssl and use the encryption so i can allow only few people to see what is going on.

Then i was thinking that we could get other collaborators that would need limited access to what is going on; hence my idea to just protect some pages and modify others to give limited info about the buildbot activity.


> Instead of trying to figure out how the entire system works: just setup
> a buildbot.  Don't try to get it to slice your bread in addition to
> running your builds; just get something that notices you committed
> something, and builds it.  Then go back and tinker to get things more
> like you want in the final system.
> 

Now I do not know if my use is compatible with what the Buildbot was planned to do, since I just started to use it less than 2 weeks ago; otherwise I guess that I gotta find another bread slicer :)

Sorry again for the confusion.

More information about the devel mailing list