Hi Jan, have you had a chance to check out this space on Allura for Labs? Any feedback about how it might work for the labs projects?
On 4/15/14 5:36 PM, Dave Brondsema wrote: > On 4/14/14 12:34 PM, jan i wrote: >> On 13 April 2014 23:37, Dave Brondsema <[email protected]> wrote: >> >>> >>>> On Apr 12, 2014, at 2:40 PM, jan i <[email protected]> wrote: > > >>>> >>>> I am PMC in AOO, LABS and active committer in INFRA (I was the one who >>> made >>>> your vm recently). >>>> >>>> We are slowly moving labs (project that gives sandboxes to committers >>> with >>>> good ideas) to a selfserve state, and I think allura would fill the >>> purpose. >>>> >>>> This would also give the allura project (if wanted) a test ground that at >>>> the same time is used real life. >>>> >>>> If we can find common ground (meaning the allura project also likes the >>>> idea), I could volunteer as tester and provide the project with "pain in >>>> the a.. questions" :-) remark even though I am a programmer I cannot help >>>> with programming (ENOTIME) but maybe submit better bug reports. >>>> >>>> Let me know, what the project think of my idea ? >>> >>> I like the idea very much :) We could make a "labs" neighborhood in >>> allura for all the labs projects to go in. If you create an account on >>> forge-allura.a.o then we can make you an admin for the neighborhood and you >>> can start exploring >>> >> >> Account created "jani". > > I've created the neighborhood at https://forge-allura.apache.org/labs/ You > and > I are the admins. If you log in, you can set various admin settings and > register new projects and try them out. > > Also make sure to set your email address in your account settings, if you want > to see how email integration works. (I think Allura should prompt more to set > up an email address) > >> >> Having been with infra for a period, I am getting just as paranoid as they >> are, so a questions/concern: >> >> How do you secure that the passwords are stored so they cannot be read ? I >> would feel a lot saver if we could use ldap for committers. > > The local login option uses salted sha256 hashes of passwords. Code at: > > https://forge-allura.apache.org/p/allura/git/ci/fcb2f3/tree/Allura/allura/lib/plugin.py#l261 > >> >> If you look at translate.a.o, that has the same mix: >> - committers login using ldap >> - non-committers are stored in pootles local database. >> >> thoughts ? > > Yes, this plan was discussed a little bit several months ago. It would take > some work for: > > 1) infra to enable an LDAP login proxy in front of certain Allura URL patterns > 2) us to write a custom auth provider which supports the LDAP proxy, as well > as > local accounts, and handle any potential username conflicts > > So I think we are in agreement, just a matter of time to do it. > >> >> rgds >> jan I. >> >> >>>> >>>> rgds >>>> jan I >>> >> > > > -- Dave Brondsema : [email protected] http://www.brondsema.net : personal http://www.splike.com : programming <><
