infra-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chris Lambertus (JIRA)" <>
Subject [jira] [Updated] (INFRA-17540) Allow Jenkins jobs to commit/push to SVN and Git
Date Mon, 07 Jan 2019 02:01:00 GMT


Chris Lambertus updated INFRA-17540:
    Status: Waiting for user  (was: Waiting for Infra)

Hi, I am going to close this ticket at "wont't fix" -- not because we're (Infra) unwilling
to discuss the issue, but because as it stands, there are too many questions and too many
potential problems associated with the ask of "use ASF Jenkins to deploy release artifacts."

There are already some situations where jenkins can be used to deploy artifacts: convenience
binaries for docker, nexus staging releases, websites, etc. None of these are "ASF Release
Artifacts," a term which carries with it very specific Legal provenance requirements which
are set forth by the Foundation, and in most cases simply enforced by Infra.

Until the topic has been fully hashed out on builds@ and addressed by Legal and possibly Board,
there is nothing actionable on the Infra side.

Before I close the ticket, I'm going to leave this in "Waiting for User" for a day or two,
because I want folks to understand that this is not Infra arbitrarily saying "NO" but instead
a request to direct the discussion to the appropriate forums until the topic can be fully
vetted and addressed by everyone involved.

> Allow Jenkins jobs to commit/push to SVN and Git
> ------------------------------------------------
>                 Key: INFRA-17540
>                 URL:
>             Project: Infrastructure
>          Issue Type: Improvement
>          Components: Buildbot, Jenkins
>            Reporter: Alex Harui
>            Priority: Major
> Creating this issue so we don't lose track:
> Per this thread:
> It would be great if Jenkins jobs could commit/push to SVN and/or Git.
> I think if there was a "user" in LDAP called buildbot or build@a.o, then projects could
see which commits are coming from builds.a.o.
> Maven builds might also require allowing this "user" to PGP sign as well.

This message was sent by Atlassian JIRA

View raw message