On Tue, Jul 28, 2015 at 12:36PM, Dmitriy Setrakyan wrote: > > Cos, we are not talking about checking binaries. We are planning to > support > > > > GIT/SVN/etc repositories with a POM file. This way we simply build it > > > using maven ourselves and deploy it. > > > > Well, even worst IMO. Why would you want to run an external build > > process as a part of the nodes deployment? This will pose a security risk > > in the production deployment and you will have to find a way to disable this > > in some case and allow it in the others, no? > > > > Our Docker container right now does exactly that. The workflow is as > following:
I am an old dog and I don't think it is a real good idea to use Docker in any sensible production. So, I don't buy that argument ;) > > 1. user changes code in a GIT repo > 2. the GIT repo is provided as a parameter at docker container startup > 3. docker builds the code and deploys it into Ignite > 4. docker starts an Ignite server > > This is very convenient for a user, especially during development. What I > wanted to do with "deploy(...)" method, is add the same level of > convenience directly from client code. > > Why do you think it will be a security risk? Yes, I think so. I won't allow something like that to be happening in the production data center: there are too many ways where it can backfire. Cos
