Closed
Bug 1266864
Opened 8 years ago
Closed 8 years ago
Create a new Firefox repository to receive autolanded commits
Categories
(Developer Services :: Mercurial: hg.mozilla.org, defect)
Developer Services
Mercurial: hg.mozilla.org
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: gps, Assigned: gps)
References
Details
Let's call it "autoland." I think the path should be integration/autoland. It should be non-publishing. Write access should be limited to the autoland user. We should also make it generaldelta and bundle2 only because it isn't bound by legacy access requirements.
Assignee | ||
Comment 1•8 years ago
|
||
Well, write access also needs to be granted by sheriffs + a very limited set of people. We can create a new scm access group to hold the small set of people.
Assignee | ||
Comment 2•8 years ago
|
||
fubar: should we add an LDAP or local system group for this? We want to be sure people don't get added to this group. It doesn't really matter to me where it is defined as long is access is significantly restricted and people don't get access accidentally (including through social engineering via whoever has write permissions to the list).
Flags: needinfo?(klibby)
Assignee | ||
Comment 3•8 years ago
|
||
https://hg.mozilla.org/integration/autoland now exists. It can only be written to by me. I used experimental/mozilla-central-gd as the base repo. I set format.maxchainlen=10000 going forward so the manifest delta chains aren't so long. This will improve performance a bit. The repo requires bundle2, so you'll need Mercurial 3.4+ to clone/pull from it. Of course, everyone should be running Mercurial 3.7.3+ because of security fixes, so this shouldn't be a problem :)
Comment 4•8 years ago
|
||
(In reply to Gregory Szorc [:gps] from comment #2) > fubar: should we add an LDAP or local system group for this? We want to be > sure people don't get added to this group. It doesn't really matter to me > where it is defined as long is access is significantly restricted and people > don't get access accidentally (including through social engineering via > whoever has write permissions to the list). ldap, else we'll run into problems when we finally (hah) get to bug 1204555. we should also communicate out to the folks involved in the commit access policy chain (eg MOC, ldap admins, marcia knous, etc) so that they are aware and can update their own docs.
Flags: needinfo?(klibby)
Assignee | ||
Comment 5•8 years ago
|
||
LDAP group created and repo permissions on the server updated. Calling this bug done.
Status: ASSIGNED → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•