> > a project (jakarta) wide system, or is each project
> > responsible to make the nightly build and transfer the
> > results to /www/jakarta.apache.org/builds/{projectname}/nightly/
>
> Craig does many, Costin does a few more, I currently do Ant, Jason van Zyl
> does velocity...
>
> I'd be glad to post what Gump builds nightly, but as the saying goes "Life
> is like a box of chocolates..." ;-)
Sam - I would be willing to bet on Gump for doing the "normal" nightly for
Tomcat 3.2 and 3.3.
The only problem is that we need some extra features ( I can help
integrate them in Gump if you want - but for now I'll just run them in
the old way ):
- builds on multiple VMs ( i.e. JDK1.1 and Java2 )
- builds with multiple classpaths ( i.e. with and without JSSE )
Another thing is the nightly run of watchdog and sanity - but I can do
some tricks in build.xml so the tests can be part of the build ( and trick
Gump who'll believe it's just doing a build :-)
My biggest concern - my current experience is that nightly builds are very
tricky, and require a lot of attention. I can (kind-of) spend the time and
fix my scripts when they brake ( since they are simple enough for me to
manage ), but I'm a bit scared of a more complex system.
-------
Regarding the upload of the binaries on jakarta.apache.org:
There are 2 choices for scp: you either pull the binaries from the
build machine or you push them.
The only way to push is by using scp. In order for that to work you need
to authorize login from the build machine into jakarta ( using
"authorized_keys" ). That's a bit dangerous ( since a pottential intruder
on the build machine might get access to jakarta ).
I would strongly recomend a "pull" method, where you use a cron script to
get the binaries from the build machine. You can either use scp ( and
accept that jakarta is more secure than the build machine ) or htget.
The later will require you to place the binaries in a public place,
accessible via http or ftp.
In general, the build machine should be "untrusted" - it'll be used to run
complex scripts ( ant can run shell, test scripts, etc ) - i.e. code that
may be insecure. Don't keep it inside your firewall, don't store sensitive
information on it :-)
--
Costin
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
