Hi Sebastien,
Unfortunately, I don't think this solution is possible for me: I don't
think the security team in my company would appreciate that a server
inside our network runs some arbitrary shell commands provided by some
external source.
I still think this would be the best thing, and I feel that from a
security point of view, it doesn't really differ from what you are
doing now already - see below.
Neither can I expose the buildbot master web interface.
That shouldn't be necessary.
Also I had to customize the buildbot rules in order to work with some
specificities of AIX (see attached master.cfg), and I can't guarantee
that this buildbot will run 24 hours a day; I may have to schedule it
only once at night for example if it consumes too much resources.
(And the results are very unstable at the moment, mostly because of
issue 9862).
If you are having the build slave compile Python, I'd like to point
out that you *already* run arbitrary shell commands provided by
some external source: if somebody would check some commands into
Python's configure.in, you would unconditionally execute them.
So if it's ok that you run the Python build process at all, it should
(IMO) also be acceptable to run a build slave.
If there are concerns that running it under your Unix account gives it
too much power, you should create a separate, locked-down account.
On the other hand, I could upload the build results with rsync or scp
somewhere or setup some MailNotifier if that can help.
How do you think I could share those results?
I'd be hesitant to support this as a special case. If the results
are not in the standard locations, people won't look at them, anyway.
Given that one often also needs access to the hardware in order to
fix problems, it might be sufficient if only you look at the buildslave
results, and create bug reports whenever you notice a problem.
Regards,
Martin
_______________________________________________
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
