flex-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christofer Dutz <christofer.d...@c-ware.de>
Subject AW: AW: Interesting news from Infra
Date Tue, 25 Nov 2014 19:31:03 GMT
Hi Alex,

exactly ... you need credentials printed in plain text in order to be able to deploy to apaches
maven repo. If we were to have this done from our machine, someone of ous would have to donate
his credentials to our build machine readable for the others. I would not want to do this
and I would regard it a major security issue.


-----Ursprüngliche Nachricht-----
Von: Alex Harui [mailto:aharui@adobe.com] 
Gesendet: Montag, 24. November 2014 18:46
An: dev@flex.apache.org
Betreff: Re: AW: Interesting news from Infra

On 11/24/14, 1:00 AM, "Christofer Dutz" <christofer.dutz@c-ware.de> wrote:

>The problem is definitely that they dynamically fire up build agents.
>These contain the master credentials for writing to the repos. So I 
>guess this is a good reason for them not giving full access.

I think you’re saying their security scheme is to somehow create and run the build dynamically
so that credentials aren’t sitting around on the machine.  Are credentials needed to deploy
to staging repos or only to Maven Central?

If you’re ok using Windows on Azure to try to get all this working vs trying to get our
builds working on builds.a.o, I’d say it is worth a try.


View raw message