Guys,
Last I checked the Allura download at Apache it was a compressed tar ball and
the inner tar was empty. Can someone point me to a correct download site? We
are entering a critical evaluation period while trying to migrate from Team
Forge (costs too much). I’d appreciate it if we could get Allura into the
evaluation mix.
Thanks,
-Fred-
On Apr 15, 2014, at 2:36 PM, Dave Brondsema <[email protected]> wrote:
> On 4/14/14 12:34 PM, jan i wrote:
>> On 13 April 2014 23:37, Dave Brondsema <[email protected]> wrote:
>>
>>>
>>>> On Apr 12, 2014, at 2:40 PM, jan i <[email protected]> wrote:
>
>
>>>>
>>>> I am PMC in AOO, LABS and active committer in INFRA (I was the one who
>>> made
>>>> your vm recently).
>>>>
>>>> We are slowly moving labs (project that gives sandboxes to committers
>>> with
>>>> good ideas) to a selfserve state, and I think allura would fill the
>>> purpose.
>>>>
>>>> This would also give the allura project (if wanted) a test ground that at
>>>> the same time is used real life.
>>>>
>>>> If we can find common ground (meaning the allura project also likes the
>>>> idea), I could volunteer as tester and provide the project with "pain in
>>>> the a.. questions" :-) remark even though I am a programmer I cannot help
>>>> with programming (ENOTIME) but maybe submit better bug reports.
>>>>
>>>> Let me know, what the project think of my idea ?
>>>
>>> I like the idea very much :) We could make a "labs" neighborhood in
>>> allura for all the labs projects to go in. If you create an account on
>>> forge-allura.a.o then we can make you an admin for the neighborhood and you
>>> can start exploring
>>>
>>
>> Account created "jani".
>
> I've created the neighborhood at https://forge-allura.apache.org/labs/ You
> and
> I are the admins. If you log in, you can set various admin settings and
> register new projects and try them out.
>
> Also make sure to set your email address in your account settings, if you want
> to see how email integration works. (I think Allura should prompt more to set
> up an email address)
>
>>
>> Having been with infra for a period, I am getting just as paranoid as they
>> are, so a questions/concern:
>>
>> How do you secure that the passwords are stored so they cannot be read ? I
>> would feel a lot saver if we could use ldap for committers.
>
> The local login option uses salted sha256 hashes of passwords. Code at:
>
> https://forge-allura.apache.org/p/allura/git/ci/fcb2f3/tree/Allura/allura/lib/plugin.py#l261
>
>>
>> If you look at translate.a.o, that has the same mix:
>> - committers login using ldap
>> - non-committers are stored in pootles local database.
>>
>> thoughts ?
>
> Yes, this plan was discussed a little bit several months ago. It would take
> some work for:
>
> 1) infra to enable an LDAP login proxy in front of certain Allura URL patterns
> 2) us to write a custom auth provider which supports the LDAP proxy, as well
> as
> local accounts, and handle any potential username conflicts
>
> So I think we are in agreement, just a matter of time to do it.
>
>>
>> rgds
>> jan I.
>>
>>
>>>>
>>>> rgds
>>>> jan I
>>>
>>
>
>
>
> --
> Dave Brondsema : [email protected]
> http://www.brondsema.net : personal
> http://www.splike.com : programming
> <><
