www-infrastructure-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From J├╝rgen Schmidt <jogischm...@gmail.com>
Subject Re: Discussion on enabling users to specify own machines as dynamic hosts
Date Thu, 17 Apr 2014 06:39:04 GMT
On 4/16/14 10:57 PM, jan i wrote:
> On 16 April 2014 22:45, Alex Harui <aharui@adobe.com> wrote:
>> On 4/16/14 1:08 PM, "jan i" <jani@apache.org> wrote:
>>> And from a PMC perspective I would worry about a build in a non-controlled
>>> enviroment.
>> Is an Azure VM considered "non-controlled"?  I get that my personal
>> computer which I use for browsing the internet and reading email is prone
>> to attack, but if an Azure VM is only running CI, isn't that safe enough
>> for nightly builds which are not an official release?
>>> There is a big difference between developer builds which can happen
>>> everywhere (I also build on my own machine), and builds that are sent to
>>> tester or maybe even voted on.
>> Are we allowed to vote on bits built by a CI server?
> I have raised this question a couple of times, and the answers have been
> consistent:
> As a PMC you need to get the source and build it, in order to validate it,
> but builds from trusted buildbots can be used for validation. And just at
> apacheCon denver one discussion concluded that build machines where we
> (asf) do not know whats installed cannot be seen as secure.

and we have nowadays enduser products like OpenOffice and where
convenience binary builds are more important for the millions of users
than the src release.

We need a reliable build bot systems where we can build the binary
releases in a controlled environment. Especially for Linux where we need
a defined baseline to support as many as possible Linux distros.

We still have no Mac build bot and the Linux bots don"t fulfill our
baseline. There exists one centos bot (I believe 32 bit) as far as I
know but it is not yet fully integrated and we would need a 64 bit bot
as well.

I hope with some more volunteers from the project we can bring this
forward in the near future. It is quite important for the success of the


> Personally I think the ASF policies on this point need a little clearer
> text.
> rgds
> jan I.
>> Thanks,
>> -Alex

View raw message