I have to ask - why would a remote build agent need to keep its copy after it is done? Shouldn't a remote be setup to checkout, build, cleanup? If it does a full package/install or deploy, its final output is stored where it belongs anyway.. And If I'm looking for site reports, they should be deployed at my enterprise location; if I'm looking for compilation results, the build log is all I need.
I'd much prefer an option where I can set the build agents to leave nothing around that anyone could backdoor into. Their remote lifecycle should be get it, do it, clean it. Louis On Wed, Jun 1, 2011 at 12:27 PM, Brett Porter <[email protected]> wrote: > I'd agree with Wendy, at least at this point. There's no need for the > complexity of user or project-level auth on the build agent. We also should > remember that anyone that can run a build, can access every working copy on > the agent via the backdoor :) > > I do think there's some value to per-user access to the WC from the agent > over HTTP, as long as none of the info is duplicated - but I'd consider that > a separate feature, not a core part of how this should be implemented. > > - Brett > > On 01/06/2011, at 9:18 PM, Wendy Smoak wrote: > > > On Tue, May 31, 2011 at 4:57 AM, Deng Ching <[email protected]> wrote: > >> Currently, there is no security implemented for accessing (read-only) > the > >> working copies in the build agent via webdav. For CONTINUUM-2632, I'm > >> planning to use a similar mechanism as with Maven when > downloading/getting > >> artifacts from a secured repository: > > ... > > > > This seems to imply that people would be accessing the build agent > > individually? I don't think the build agent needs to know about users > > -- the access should all go through the master which can handle > > security via the user database. > > > > If you introduce an xml file on the build agent, how would it get > > populated for a new build agent, or updated for an existing one? It > > also seems like that file would duplicate information already stored > > in the user database (what user can see what group). > > > > I think the build agent should only respond to requests from the > > master. It shouldn't be talking to anybody else. As long as it has > > some way to verify that the request is indeed coming from the master, > > I think that's enough to keep the working copies reasonably secure. > > > > -- > > Wendy > > -- > Brett Porter > [email protected] > http://brettporter.wordpress.com/ > http://au.linkedin.com/in/brettporter > > > > > -- Dr. Louis Smith, ThD Chief Technology Officer, Kyra InfoTech Colonel, Commemorative Air Force
