Great Thanks gregg
——————————— Professor, University of Maryland, College Park Director , Trace R&D Center, UMD Co-Founder Raising the Floor. http://raisingthefloor.org And the Global Public Inclusive Infrastructure (GPII) http://GPII.net > On Apr 20, 2020, at 5:24 PM, Steve Grundell <sgrund...@raisingthefloor.org> > wrote: > > Well, thanks to TLS they're effectively already signed, by Github, to prove > that only those with commit rights have produced it, and the commit hash in > the url means it will only point to that specific version. > > > Ste gr > > On Mon, Apr 20, 2020 at 9:40 PM Christopher Walker > <christop...@raisingthefloor.org <mailto:christop...@raisingthefloor.org>> > wrote: > Can we digitally sign the solutions registry files so that the client can > verify they was created by us? > > Christopher > > On Mon, Apr 20, 2020 at 16:37 Gregg Vanderheiden RTF > <gr...@raisingthefloor.org <mailto:gr...@raisingthefloor.org>> wrote: > Is Github secure enough that we want production code to be downloading from > there? > > I guess if the URL for downloading is in the siteconfig - we can easily move > it later. > > gregg > > ——————————— > Professor, University of Maryland, College Park > Director , Trace R&D Center, UMD > Co-Founder Raising the Floor. http://raisingthefloor.org > <http://raisingthefloor.org/> > And the Global Public Inclusive Infrastructure (GPII) http://GPII.net > <http://gpii.net/> > > > > >> On Apr 20, 2020, at 2:09 PM, Joseph Scheuhammer <cl...@alum.mit.edu >> <mailto:cl...@alum.mit.edu>> wrote: >> >> All, but mostly Stepan, Alfredo, and Sergey (dev-ops), >> >> The goal of GPII-4273[i] is to provide a means by which the Morphic >> client can fetch its platform's latest solutions registry from github. >> In this case "latest" is defined by the version of gpii-universal >> running in the cloud. >> >> I've modified the solutions registry datasource (SRDS) subcomponent of >> the local flow manager (LFM) to construct an url to github for the >> appropriate solutions registry and make a GET request to download it. >> An example of such an url is, assuming Morphic is running on Windows: >> https://raw.githubusercontent.com/GPII/universal/bd992f03313acd9a35b81f00fc63922540292255/testData/solutions/win32.json5 >> >> <https://raw.githubusercontent.com/GPII/universal/bd992f03313acd9a35b81f00fc63922540292255/testData/solutions/win32.json5> >> >> I have modified the production tests to test the new LFM and its SRDS. >> The production tests involve running docker containers built from an >> image of gpii-universal that provide the main components of the GPII cloud. >> >> The production tests also run in GCP in dev and stg. Here a >> "productiontests" container is run in which the production tests are >> executed as a one-shot job. >> >> Given that background: will the security within GCP allow the LFM/SRDS >> within the productiontests container to make the outgoing GET request to >> github? I suspect not, but I will test with my dev cluster. >> >> i. https://issues.gpii.net/browse/GPII-4273 >> <https://issues.gpii.net/browse/GPII-4273> >> >> -- >> ;;;;joseph. >> >> 'The only reason for time is so that everything doesn't happen all at once.' >> - B. Banzai - >> >> _______________________________________________ >> Architecture mailing list >> Architecture@lists.gpii.net <mailto:Architecture@lists.gpii.net> >> https://lists.gpii.net/mailman/listinfo/architecture >> <https://lists.gpii.net/mailman/listinfo/architecture> > > _______________________________________________ > Architecture mailing list > Architecture@lists.gpii.net <mailto:Architecture@lists.gpii.net> > https://lists.gpii.net/mailman/listinfo/architecture > <https://lists.gpii.net/mailman/listinfo/architecture> > _______________________________________________ > Architecture mailing list > Architecture@lists.gpii.net <mailto:Architecture@lists.gpii.net> > https://lists.gpii.net/mailman/listinfo/architecture > <https://lists.gpii.net/mailman/listinfo/architecture>
_______________________________________________ Architecture mailing list Architecture@lists.gpii.net https://lists.gpii.net/mailman/listinfo/architecture
