Danilo Šegan <[email protected]> writes: > Heya Andy, > > У уто, 27. 11 2012. у 12:24 -0600, Andy Doan пише: > >> yes, we have ways of transferring a file from target->host in our >> dispatcher. We could use that so that our private key only has to live >> on our actual server(s). > > Cool. > >> > Since we'd like to switch to API-based publishing as well, I suppose >> > that means we could also have a key stored in the database for pushing >> > stuff over: does that make sense? >> >> So you are saying we might need a new "publishing key". That seems fine, >> just a slightly different config option for our setup I'd think. > > Yeah, mostly for the sanity (and symmetry) of our existing set up. The > way it's currently set up is that our publishing framework accepts SSH > connections with very limited permissions: > > - upload step which only allows sftp-ing > to /srv/snapshots.linaro.org/uploads which is not publicly accessible > - trigger step which reshuffles the files into appropriate location > (restricted to running publish_to_snapshots.py script)
[..] > I am hoping we can find some time to improve this with an API on > https://snapshots.linaro.org that would be authenticated directly, but > we can't make promises on when that's going to be around. Sounds like all the more reason to keep the job file at the fairly abstract "publish" level then. Cheers, mwh _______________________________________________ linaro-validation mailing list [email protected] http://lists.linaro.org/mailman/listinfo/linaro-validation
