Closed Bug 553728 Opened 14 years ago Closed 14 years ago

need private storage/ftp server for security patch private repo builds

Categories

(mozilla.org Graveyard :: Server Operations, task)

Product:
mozilla.org Graveyard
Component:
Server Operations
Type:
task
Priority:
Not set
Severity:
critical

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: chofmann, Assigned: aravind)

References

Details

(Whiteboard: [sg:nse]) 

more detail on why this is needed in https://securitywiki.mozilla.org/SourceLeakRiskReductionPlan and the main meta tracking bug.

a limited number "trusted" nightly build testers will need access to this ftp server to verify any problems surfaced out of the automated testing and do sanity checks on the the builds before landing security patches on the trunk
Assignee: nobody → server-ops
Blocks: 551756
Component: Server Operations: Projects → Server Operations
Hardware: x86 → All
What's the timing around this?
Assignee: server-ops → nobody
Component: Server Operations → Server Operations: Projects
Assignee: nobody → mrz
Group: infra
Why was this marked infra? It's already restricted to the security group. Please unset infra.
(In reply to comment #2)
> Why was this marked infra? It's already restricted to the security group.
> Please unset infra.

ping. Please remove the infra group from this bug.
I blame Bugzilla here - when I moved components I lost the salmon color and fearing I lost the security flag, I flipped it as infra.
Group: infra
(yeah lame, when you add a comment you lose the salmon coloring too)
Whiteboard: [sg:nse]
So now that we have a repo (bug 551752) RelEng will need this done so they can do bug 551756.

If we can password protect subdirectories of ftp.mozilla.org (we did for partner builds for a while, right?) that would be good enough and we wouldn't need an entire new server.

Need joduinn and mrz/aravind to find a place they can both agree on.
Can this happen today/tomorrow? 

adding in dmoore to see if he can help.
(In reply to comment #7)
> Can this happen today/tomorrow? 
> 
> adding in dmoore to see if he can help.

Raising priority, and removing mrz assignment, as he is on vacation.
Assignee: mrz → nobody
Severity: normal → critical
Assignee: nobody → aravind
Component: Server Operations: Projects → Server Operations
(In reply to comment #8)
> (In reply to comment #7)
> > Can this happen today/tomorrow? 
> > 
> > adding in dmoore to see if he can help.
> 
> Raising priority, and removing mrz assignment, as he is on vacation.

Moving from projects, where it was languishing unloved, as this was needed for a Q2 goal. Pushing over to Aravind after irc with him.
Created a upload location and sent the details to Lukas and John.
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
Can we add the location to this bug here? If they're different I'm really only interested in the download location I can hand out.
Depends on: 587194
(In reply to comment #12)
> I was told the location was going to be
> https://ftp.mozilla.org/pvt-builds/firefox/shadow-central-builds/

Sorry, my bad, I took out the extra 'firefox' because it was already in the path (to staging) so it's:
 
https://ftp.mozilla.org/pvt-builds/shadow-central-builds
I apparently don't have permission to access that anymore :-( Is it not hooked up to the LDAP group for this project?
Nevermind, Aravind reminded me that we set up a simple user:pass system instead. That way we can 1) share builds with people who don't have LDAP accounts, and 2) share builds without having to grant those people access to hgpvt web for future code changes/patch watching.
Product: mozilla.org → mozilla.org Graveyard
Group: core-security
You need to log in before you can comment on or make changes to this bug.