www-builds mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew Bayer <andrew.ba...@gmail.com>
Subject Heads up - Planning to disable anonymous workspace read access on builds.a.o
Date Thu, 15 May 2014 20:55:21 GMT
So from https://issues.jenkins-ci.org/browse/JENKINS-23056 it sounds like
at least one of the problems we're having with Jenkins hanging is because
of attempts to access the workspace of jobs through the UI - when a slave
is slow or hanging and that kind of request is made, it can lock up the
whole UI. I've contacted the Mahout team regarding their linking to
javadocs in job workspaces, and am going to contact the Maven team
regarding what looks to be build usage of bits from some of their jobs'
workspaces, but I'd also like to nip this in the bud permanently by
requiring authentication for access to job workspaces.

My thinking is that the only legitimate reason to be accessing the
workspace is if you need to in order to debug a failed build - otherwise,
if there's something that you want to be publishing from your build, you
can use the archive artifacts functionality. Does this sound reasonable to
everyone?

A.

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message