Thanks for all your hard work on this Jim. This has been a major pain point for external contributors.
I agree with the goal of minimising friction, but I'm just trying to think through the potential consequences of leaving the job open. How isolated is the Jenkins instance? We'd be allowing people to execute arbitrary code on that box as far as I understand it, so we'd want to be very confident that it didn't have any consequences beyond compromising the VM. Does the jenkins user have many privileges on the VM? Could it simply wipe out the job history to destroy the trail? Jenkins also presumably has credentials to make at least some changes to gerrit - are those privileges restrictive enough that it couldn't cause problems there too? - Tim On Tue, Dec 13, 2016 at 8:33 PM, Jim Apple <[email protected]> wrote: > I'm on board with all of this so far. > > On Tue, Dec 13, 2016 at 5:30 PM, Marcel Kornacker <[email protected]> > wrote: > > Regarding suggestion 1: let's make that 01/09 or later to guarantee a > > smoother transition. > > > > On Tue, Dec 13, 2016 at 1:51 PM, Jim Apple <[email protected]> wrote: > >> Before Impala joined the ASF, code reviews had to go through a > >> "verification" step in which a Jenkins jobs downloaded the patch, ran > >> all tests and replied back to Jenkins that everything was OK. That > >> Jenkins job ran on Cloudera infrastructure and could not be accessed, > >> even in a read-only way, by people outside of Cloudera. > >> > >> To follow the Apache way, I am laboring to replace that with a Jenkins > >> server that can be used by any authorized person and read by any > >> person. It is at http://jenkins.impala.io:8080. It is able to verify > >> patches just like the old Jenkins machine. A few remaining questions: > >> > >> 1. What should the prerequisites be to turning off the Cloudera-only > >> Jenkins verification path? > >> > >> 2. Who should be able to run jobs on jenkins.impala.io? Some > >> possibilities: Committers only, anyone who asks, PMC members only, > >> contributors who ask after submitting 5 patches. Higher bars lead to > >> less likelihood of abuse, lower ones to easier contributions from > >> newbies. > >> > >> My proposal is this: > >> > >> 1. We should turn off the CLoudera-only Jenkins verification path > >> January 2. jenkins.impala.io is in pretty good shape, and we can make > >> further improvements as needed. For instance, it took me five minutes > >> just now to cut down on the not-so-interesting debug output from the > >> main verification job, > >> http://jenkins.impala.io:8080/job/ubuntu-14.04-from-scratch/ > >> > >> 2. Everyone with five patches can request a login. > >> > >> I'm not married to these ideas, but I wanted to provide a jumping-off > >> point for discussion. >
