hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From GitBox <...@apache.org>
Subject [GitHub] [hbase] virajjasani commented on a change in pull request #2438: HBASE-25033 : Provide an option to ignore svn ci for create-release
Date Thu, 01 Oct 2020 13:12:47 GMT

virajjasani commented on a change in pull request #2438:
URL: https://github.com/apache/hbase/pull/2438#discussion_r498224048



##########
File path: dev-support/create-release/do-release-docker.sh
##########
@@ -77,6 +77,10 @@ Options:
                If none specified, runs tag, then publish-dist, and then publish-release.
                'publish-snapshot' is also an allowed, less used, option.
   -x           debug. do less clean up. (env file, gpg forwarding on mac)
+  -i [ignore-svn-ci]

Review comment:
       > i think the ssh-agent could be used to forward credentials into the docker environment,
similar to how it's done with gpg-agent.
   
   An example for ssh-forward [here](https://github.com/nardeas/ssh-agent)
   This definitely sounds reasonable, but if we just ignore svn ci, user might have other
options available too (maybe upload to some apache resource via `sftp` or maybe `git checkin`
or manually upload via `ui` to an apache resource?), not that I can think of much other than
uploading to h.a.o/p.a.o that I am aware of, however something might come up in future and
then password-less scp might become stale. I believe, having artifacts available locally for
committers without PMC rights might be enough for them to decide on next step?
   
   Even if we prefer automation around RC upload, we are not sure that all committers will
have `public_html` under their respective home dir in home.apache.org, hence, I was considering
option to take full path in argument (e.g `do-release-docker.sh -u home.apache.org:/home/vjasani/public_html/2.3.2RC4/`),
which I believe should be acceptable. Moreover, h.a.o's authorized_keys should be updated
with public key (just one time activity, not a big deal).
   
   Overall, nothing wrong with ssh-agent based approach that we can explore but I am just
thinking if it is worth having an optional additional docker container for long term.
   
   @ndimiduk what would you prefer?
   
   
   > Actually, the same authentication mechanism (ssh keys) should ideally be used for
interacting with svn as well. Maybe this require infra to update the svn repository somehow.
   
   Let me explore svn auth, i don't have much context here. Thank you for bringing this up.




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



Mime
View raw message