On 18/07/12 13:45, Jan Goyvaerts wrote:
Personally I was hoping for something with encrypted file systems only the customers can mount.
Any system that can read your source code to build it must also have access to the plaintext. An administrator of the virtualisation cluster just has to wait until the filesystem is mounted, copy the contents, and snapshot the VM. If they have the VM, they have the keys already.
In practice, you are not safe from your own disgruntled in-house sysadmin, so it is all a matter of risk management. In management think your source code is valuable enough to keep secret, they should pay for secure private compute capacity for building.
Jenkins can probably help you by keeping your limited but secure private compute capacity for compile-only jobs, and shift all your unit and integration tests to EC2 nodes as stripped binaries.
-- Ben Caradoc-Davies <[email protected]> Software Engineer CSIRO Earth Science and Resource Engineering Australian Resources Research Centre
