Let's make sure that committers GPG public keys are available. Ideally, it'd be great to have a virtual key-signing party, as we apparently can not all get together in the same place at the same time.
Cos On Wed, Mar 18, 2015 at 03:10PM, jay vyas wrote: > Great Idea ! > > On Tue, Mar 17, 2015 at 7:52 PM, Konstantin Boudnik <[email protected]> wrote: > > > I think it isn't much different from how any of the passwords will be used > > by > > anyone. We can, perhaps, check-in a file engcrypted with everyone's public > > GPG > > keys. That's will do guarantee that everyone has access to it and it is > > secured. > > > > Perhaps other solutions are possible as well. > > Cos > > > > On Tue, Mar 17, 2015 at 10:53AM, jay vyas wrote: > > > hi folks this week i found myself in want of many passwords :) > > > > > > 1) twitter password, lost it.. wanted to tweet about using > > > bigpetstore-transaction-queue in kubernetes. > > > > > > 2) maven publishing password : wanted to publish the bps jars to apache > > > repos. > > > > > > 3) dockerhub password : to push docker images upstream for use in (1). > > > > > > Thats just 2 examples, but thera rea many other places where passwords > > > abound (for example, jenkins, aws, ...). > > > > > > ................... > > > > > > can we centralize the password info for bigtop somewhere. how do other > > > apache projects manage passwords ? > > > > > > -- > > > jay vyas > > > > > > -- > jay vyas
