(shortened). It's important because this is how visitors learn what oVirt is and whether to read more. How about shortening it to, "Complete Open Source Virtualization Platform for the Data Center"? Thanks to mburns on #ovirt for directing me to infra at ovirt.org and board at ovirt.org. Stefan From mburns at redhat.com Thu Jan 12 23:41:52 2012 From: mburns at redhat.com (Mike Burns) Date: Thu, 12 Jan 2012 18:41:52 -0500 Subject: jenkins.ovirt.org Message-ID: <1326411712.2365.104.camel@beelzebub.mburnsfire.net> Is Jenkins ready for additional projects? Can I get an account so I can configure ovirt-node builds? How are you handling build requirements on the slave machines? I know that the ovirt-node image will have some requirements that will probably not be there otherwise. Thanks Mike From kwade at redhat.com Fri Jan 13 04:33:17 2012 From: kwade at redhat.com (Karsten 'quaid' Wade) Date: Thu, 12 Jan 2012 20:33:17 -0800 Subject: vaporizing devel@ Message-ID: <4F0FB40D.8030401@redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The devel at ovirt.org mailing list was intended to serve the same purpose as arch@, and I created it initially more out of habit than anything. Now that arch@ is the active list, we're creating confusion with the vestigial list. There are only two members (myself, pmyers), one post in the archives (a repeated kmestry post), so I'm going to vaporize the list with no loss. - -- name: Karsten 'quaid' Wade, Sr. Community Architect team: Red Hat Community Architecture & Leadership uri: http://communityleadershipteam.org http://TheOpenSourceWay.org gpg: AD0E0C41 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFPD7QM2ZIOBq0ODEERAihoAJ9wQtKUdVlodtZWNTmjRnjNvOeiIwCg4aBm 9YkJNGMSN/bgbmQOtikI+vM= =eMtG -----END PGP SIGNATURE----- From iheim at redhat.com Fri Jan 13 06:57:08 2012 From: iheim at redhat.com (Itamar Heim) Date: Fri, 13 Jan 2012 08:57:08 +0200 Subject: jenkins.ovirt.org In-Reply-To: <1326411712.2365.104.camel@beelzebub.mburnsfire.net> References: <1326411712.2365.104.camel@beelzebub.mburnsfire.net> Message-ID: <4F0FD5C4.2000405@redhat.com> On 01/13/2012 01:41 AM, Mike Burns wrote: > Is Jenkins ready for additional projects? Can I get an account so I can > configure ovirt-node builds? it still still being setup (just installed the other day, hence not advertised yet). > > How are you handling build requirements on the slave machines? I know > that the ovirt-node image will have some requirements that will probably > not be there otherwise. let's discuss :) what do you need? From mburns at redhat.com Fri Jan 13 13:04:02 2012 From: mburns at redhat.com (Mike Burns) Date: Fri, 13 Jan 2012 08:04:02 -0500 Subject: jenkins.ovirt.org In-Reply-To: <4F0FD5C4.2000405@redhat.com> References: <1326411712.2365.104.camel@beelzebub.mburnsfire.net> <4F0FD5C4.2000405@redhat.com> Message-ID: <1326459842.7222.7.camel@beelzebub.mburnsfire.net> On Fri, 2012-01-13 at 08:57 +0200, Itamar Heim wrote: > On 01/13/2012 01:41 AM, Mike Burns wrote: > > Is Jenkins ready for additional projects? Can I get an account so I can > > configure ovirt-node builds? > > it still still being setup (just installed the other day, hence not > advertised yet). Ok, I saw someone mention it a few days ago, so wanted to check. > > > > > How are you handling build requirements on the slave machines? I know > > that the ovirt-node image will have some requirements that will probably > > not be there otherwise. > > let's discuss :) > what do you need? I most likely need Fedora, generally the latest released. I assume, that the defaults are all included [1] Beyond that, livecd-tools appliance-tools-minimizer automake autoconf python-setuptools systemd-units I also need passwordless sudo access for the builder to: setenforce livecd-creator ksflatten Most of these are requirements for the image build. It may make sense to have these available to a different user that runs only the image build on a subset of hosts with only a single instance at a time. Mike [1] http://fedoraproject.org/wiki/Packaging:Guidelines#Exceptions_2 > _______________________________________________ > Infra mailing list > Infra at ovirt.org > http://lists.ovirt.org/mailman/listinfo/infra From ewoud+ovirt at kohlvanwijngaarden.nl Fri Jan 13 15:49:15 2012 From: ewoud+ovirt at kohlvanwijngaarden.nl (Ewoud Kohl van Wijngaarden) Date: Fri, 13 Jan 2012 16:49:15 +0100 Subject: git:// on gerrit Message-ID: <20120113154915.GC19086@bogey.xentower.nl> Hello, Yesterday xTs_w pointed out on IRC that git:// is no longer working. Was there a specific reason to disable this? Note that many guides still use this URL. Another tip to use git:// for fetching and git+ssh:// for pushing. Add the following to ~/.gitconfig: [url "git://github.com/"] insteadOf = "gh:" [url "git at github.com:"] pushInsteadOf = "gh:" then you can use git clone gh:user/repo. You could use something similar for ovirt: [url "git://gerrit.ovirt.org/"] insteadOf = "ovirt:" [url "gerrit.ovirt.org:"] pushInsteadOf = "ovirt:" Then git clone ovirt:ovirt-engine should work. Promoting this can also simplify instructions. With kind regards, Ewoud Kohl van Wijngaarden From iheim at redhat.com Sun Jan 15 14:03:01 2012 From: iheim at redhat.com (Itamar Heim) Date: Sun, 15 Jan 2012 16:03:01 +0200 Subject: git:// on gerrit In-Reply-To: <20120113154915.GC19086@bogey.xentower.nl> References: <20120113154915.GC19086@bogey.xentower.nl> Message-ID: <4F12DC95.5080702@redhat.com> On 01/13/2012 05:49 PM, Ewoud Kohl van Wijngaarden wrote: > Hello, > > Yesterday xTs_w pointed out on IRC that git:// is no longer working. Was > there a specific reason to disable this? Note that many guides still use > this URL. some open files limitation issue - fixed now. > > Another tip to use git:// for fetching and git+ssh:// for pushing. Add > the following to ~/.gitconfig: > > [url "git://github.com/"] > insteadOf = "gh:" > [url "git at github.com:"] > pushInsteadOf = "gh:" > > then you can use git clone gh:user/repo. You could use something similar > for ovirt: > > [url "git://gerrit.ovirt.org/"] > insteadOf = "ovirt:" > [url "gerrit.ovirt.org:"] > pushInsteadOf = "ovirt:" > > Then git clone ovirt:ovirt-engine should work. Promoting this can also > simplify instructions. > > With kind regards, > Ewoud Kohl van Wijngaarden > _______________________________________________ > Infra mailing list > Infra at ovirt.org > http://lists.ovirt.org/mailman/listinfo/infra From mgoldboi at redhat.com Mon Jan 16 12:00:00 2012 From: mgoldboi at redhat.com (Moran Goldboim) Date: Mon, 16 Jan 2012 14:00:00 +0200 Subject: uploading a python filetype to wiki Message-ID: <4F141140.8020506@redhat.com> I'm trying to upload a python file to the wiki - an example on how to use python sdk, unfortunately i can't do it: Permitted file types: png, gif, jpg, jpeg, odp, odt, ods, pdf, jnlp, vsd. is there a way we can make it happen, if not where would be the appropriate place to put it in. Moran. From mgoldboi at redhat.com Mon Jan 16 15:39:35 2012 From: mgoldboi at redhat.com (Moran Goldboim) Date: Mon, 16 Jan 2012 17:39:35 +0200 Subject: oVirt Weekly Sync Meeting Minutes and Logs aren't published on wiki nor sent Message-ID: <4F1444B7.6080701@redhat.com> latest meeting minutes weren't sent nor published on wiki, please look into it. Moran. From sgordon at redhat.com Mon Jan 16 17:45:17 2012 From: sgordon at redhat.com (Steve Gordon) Date: Mon, 16 Jan 2012 12:45:17 -0500 (EST) Subject: oVirt Weekly Sync Meeting Minutes and Logs aren't published on wiki nor sent In-Reply-To: <4F1444B7.6080701@redhat.com> Message-ID: <1d20d7aa-1050-42dd-8bf8-c20e4aa152ec@zmail15.collab.prod.int.phx2.redhat.com> ----- Original Message ----- > From: "Moran Goldboim" <mgoldboi at redhat.com> > To: infra at ovirt.org > Sent: Monday, January 16, 2012 10:39:35 AM > Subject: oVirt Weekly Sync Meeting Minutes and Logs aren't published on wiki nor sent > > latest meeting minutes weren't sent nor published on wiki, please > look > into it. The process of linking the wiki page to the minutes generated by ovirtbot is as far as I know manual, which means the best place to look for the up to date listings is here: http://ovirt.org/meetings/ovirt/ Given that there weren't any oVirt sync meetings listed on the wiki other than the first one I assume nobody has been performing the task of adding the link for this meeting. Please note that anyone can edit the wiki, normal FOSS task assignment applies (read: if you thought of it that's as good as volunteering ;)). In the absence of anyone else doing it I have added the links for the missing meetings for now: http://www.ovirt.org/wiki/Meetings#oVirt_Weekly_Sync_Meeting_Minutes_and_Logs Steve From kwade at redhat.com Mon Jan 16 18:23:33 2012 From: kwade at redhat.com (Karsten 'quaid' Wade) Date: Mon, 16 Jan 2012 10:23:33 -0800 Subject: uploading a python filetype to wiki In-Reply-To: <4F141140.8020506@redhat.com> References: <4F141140.8020506@redhat.com> Message-ID: <4F146B25.9040003@redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/16/2012 04:00 AM, Moran Goldboim wrote: > I'm trying to upload a python file to the wiki - an example on how > to use python sdk, unfortunately i can't do it: Permitted file > types: png, gif, jpg, jpeg, odp, odt, ods, pdf, jnlp, vsd. > > is there a way we can make it happen, if not where would be the > appropriate place to put it in. We can theoretically make it happen. Is there a security risk to attaching a Python script to the wiki? I'm unclear on the exact reasons MediaWiki restricts file types, so I'll look in to that. As another thought, is this something that should be in git? Maybe a new repo of examples? - - Karsten - -- name: Karsten 'quaid' Wade, Sr. Community Architect team: Red Hat Community Architecture & Leadership uri: http://communityleadershipteam.org http://TheOpenSourceWay.org gpg: AD0E0C41 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFPFGsl2ZIOBq0ODEERAvikAKDPDlmz2grEasZXNE4XpEbz9mMJ+wCgt0go HrSHuburVU0f+TKSECQM0fI= =/CTY -----END PGP SIGNATURE----- From kwade at redhat.com Mon Jan 16 18:48:00 2012 From: kwade at redhat.com (Karsten 'quaid' Wade) Date: Mon, 16 Jan 2012 10:48:00 -0800 Subject: uploading a python filetype to wiki In-Reply-To: <4F141140.8020506@redhat.com> References: <4F141140.8020506@redhat.com> Message-ID: <4F1470E0.40905@redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/16/2012 04:00 AM, Moran Goldboim wrote: > I'm trying to upload a python file to the wiki - an example on how > to use python sdk, unfortunately i can't do it: Permitted file > types: png, gif, jpg, jpeg, odp, odt, ods, pdf, jnlp, vsd. > > is there a way we can make it happen, if not where would be the > appropriate place to put it in. So the concern about uploading scripts to MediaWiki is about how I figured it. If there is a flaw in MediaWiki (or possibly the web server), uploaded scripts can be an attack vector. Since we're likely to want more and more examples for people, I think opening a new git repo for cross-project examples (with sub-directories per sub-project?), or just putting examples directly in other repos is probably the way to go. We should be able to provide direct links from the wiki to download scripts via HTTP. You can always paste the contents of a script in to a <pre/> block, which helps with annotating in the wiki etc. - - Karsten - -- name: Karsten 'quaid' Wade, Sr. Community Architect team: Red Hat Community Architecture & Leadership uri: http://communityleadershipteam.org http://TheOpenSourceWay.org gpg: AD0E0C41 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFPFHDg2ZIOBq0ODEERAs4rAJ4pL8MQo0PCGE6NHRY6rpKJJDnxYgCgs0YU tJKgu+4UPr8pHLAT2wdfghw= =fQ6w -----END PGP SIGNATURE----- From iweller at redhat.com Mon Jan 16 19:20:17 2012 From: iweller at redhat.com (Ian Weller) Date: Mon, 16 Jan 2012 14:20:17 -0500 Subject: uploading a python filetype to wiki In-Reply-To: <4F1470E0.40905@redhat.com> References: <4F141140.8020506@redhat.com> <4F1470E0.40905@redhat.com> Message-ID: <20120116192017.GD15069@hovercraft.ianweller.org> On Mon, Jan 16, 2012 at 10:48:00AM -0800, Karsten 'quaid' Wade wrote: > You can always paste the contents of a script in to a <pre/> block, > which helps with annotating in the wiki etc. And if you're interested, there are also some extensions that can be installed for syntax highlighting inside a <pre> block. -- Ian Weller, Intern and Doer of Stuff <iweller at redhat.com> Red Hat, Inc. -- communityleadershipteam.org -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: <http://lists.ovirt.org/pipermail/infra/attachments/20120116/f6e9a3b1/attachment.sig> From kwade at redhat.com Mon Jan 16 18:10:27 2012 From: kwade at redhat.com (Karsten 'quaid' Wade) Date: Mon, 16 Jan 2012 10:10:27 -0800 Subject: oVirt Weekly Sync Meeting Minutes and Logs aren't published on wiki nor sent In-Reply-To: <4F1444B7.6080701@redhat.com> References: <4F1444B7.6080701@redhat.com> Message-ID: <4F146813.4050402@redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/16/2012 07:39 AM, Moran Goldboim wrote: > latest meeting minutes weren't sent nor published on wiki, please > look into it. As Steve said, it's not automagically done, I forgot we were updating the wiki with the notes link. However, they *were* sent to the usual list: http://lists.ovirt.org/pipermail/board/2012-January/000374.html - - Karsten - -- name: Karsten 'quaid' Wade, Sr. Community Architect team: Red Hat Community Architecture & Leadership uri: http://communityleadershipteam.org http://TheOpenSourceWay.org gpg: AD0E0C41 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFPFGgT2ZIOBq0ODEERAphYAJ9vasaQAcYbqJnT4hs8Scq1KgxIlACguHUD JI5GvCNws+I0bfwJLib58KY= =Apbc -----END PGP SIGNATURE----- From eedri at redhat.com Thu Jan 19 10:07:24 2012 From: eedri at redhat.com (Eyal Edri) Date: Thu, 19 Jan 2012 05:07:24 -0500 (EST) Subject: Jenkins Continuous Integration Server for oVirt is up and running! In-Reply-To: <923b70d3-3243-4d94-b36a-4b58b54e056b@zmail13.collab.prod.int.phx2.redhat.com> Message-ID: <ab2db7af-60e7-41ba-ba00-f12d57e8a328@zmail13.collab.prod.int.phx2.redhat.com> fyi, oVirt project now has a Jenkins CI server[1] on http://jenkins.ovirt.org. The CI server runs various jobs on oVirt components *[2] such as ovirt-engine,ovirt-node,etc.. Every commit to gerrit.ovirt.org will trigger the job 'ovirt_engine' which will run 'maven' build and verify that the commit didn't break the code. If the commit did break the code, it will send an alert email to "engine-patches.ovirt.org" and to the commiter with a link to a log console containing the error. On success, the job will trigger other jobs such as "find_bugs", "gwt profiles", "create db", "unit-tests", each testing a different part of the code. In time, more and more jobs will be added to jenkins, which will allow us to catch bugs much faster than before, and to improve code quality even more. If you have questions, don't hesitate to ask me or infra at ovirt.org. [1] http://jenkins-ci.org/ [2] currently only ovirt-engine is configured and working. Eyal Edri oVirt infrastructure team From mburns at redhat.com Thu Jan 19 12:13:54 2012 From: mburns at redhat.com (Mike Burns) Date: Thu, 19 Jan 2012 07:13:54 -0500 Subject: Jenkins Continuous Integration Server for oVirt is up and running! In-Reply-To: <ab2db7af-60e7-41ba-ba00-f12d57e8a328@zmail13.collab.prod.int.phx2.redhat.com> References: <ab2db7af-60e7-41ba-ba00-f12d57e8a328@zmail13.collab.prod.int.phx2.redhat.com> Message-ID: <1326975234.3910.21.camel@beelzebub.mburnsfire.net> On Thu, 2012-01-19 at 05:07 -0500, Eyal Edri wrote: > fyi, > > oVirt project now has a Jenkins CI server[1] on http://jenkins.ovirt.org. > > The CI server runs various jobs on oVirt components *[2] such as ovirt-engine,ovirt-node,etc.. > Every commit to gerrit.ovirt.org will trigger the job 'ovirt_engine' which will run 'maven' build and verify that the commit didn't break the code. > If the commit did break the code, it will send an alert email to "engine-patches.ovirt.org" and to the commiter with a link to a log console containing the error. > On success, the job will trigger other jobs such as "find_bugs", "gwt profiles", "create db", "unit-tests", each testing a different part of the code. > > In time, more and more jobs will be added to jenkins, which will allow us to catch bugs much faster than before, and to improve code quality even more. > If you have questions, don't hesitate to ask me or infra at ovirt.org. > > [1] http://jenkins-ci.org/ > [2] currently only ovirt-engine is configured and working. > Awesome, thanks for putting this together. I'm looking at ovirt-node now (and have already added part of the config). Is there any plan to add a Fedora slave? ovirt-node as it currently stands will only build correctly on Fedora. I might be able to work around it for the ovirt-node.rpm but the ISO really needs to be built on Fedora. Also, there are a few other requirements for building an iso image from ovirt-node: Sudo access: (also need to disable the requiretty option) NOPASSWD: /usr/bin/livecd-creator, /usr/bin/setenforce, /usr/bin/ksflatten, /bin/mount, /bin/umount Packages: livecd-tools, appliance-tools-minimizer, python-setuptools, ksflatten, createrepo, rpm-build (possibly more, but that's what I've hit so far) Thanks Mike > > Eyal Edri > oVirt infrastructure team > _______________________________________________ > Infra mailing list > Infra at ovirt.org > http://lists.ovirt.org/mailman/listinfo/infra -- Michael Burns Software Engineer, Cloud Infrastructure Tech Lead, oVirt Node, RHEV-H Red Hat mburns at redhat.com From jchoate at redhat.com Thu Jan 19 12:31:07 2012 From: jchoate at redhat.com (Jon Choate) Date: Thu, 19 Jan 2012 07:31:07 -0500 Subject: Jenkins Continuous Integration Server for oVirt is up and running! In-Reply-To: <ab2db7af-60e7-41ba-ba00-f12d57e8a328@zmail13.collab.prod.int.phx2.redhat.com> References: <ab2db7af-60e7-41ba-ba00-f12d57e8a328@zmail13.collab.prod.int.phx2.redhat.com> Message-ID: <4F180D0B.1010402@redhat.com> Can you clarify what will trigger a build? Is it a push to Gerrit to initiate a review or is it after the code has been reviewed and it is merged into the repository? Or maybe both? On 01/19/2012 05:07 AM, Eyal Edri wrote: > fyi, > > oVirt project now has a Jenkins CI server[1] on http://jenkins.ovirt.org. > > The CI server runs various jobs on oVirt components *[2] such as ovirt-engine,ovirt-node,etc.. > Every commit to gerrit.ovirt.org will trigger the job 'ovirt_engine' which will run 'maven' build and verify that the commit didn't break the code. > If the commit did break the code, it will send an alert email to "engine-patches.ovirt.org" and to the commiter with a link to a log console containing the error. > On success, the job will trigger other jobs such as "find_bugs", "gwt profiles", "create db", "unit-tests", each testing a different part of the code. > > In time, more and more jobs will be added to jenkins, which will allow us to catch bugs much faster than before, and to improve code quality even more. > If you have questions, don't hesitate to ask me or infra at ovirt.org. > > [1] http://jenkins-ci.org/ > [2] currently only ovirt-engine is configured and working. > > > Eyal Edri > oVirt infrastructure team > _______________________________________________ > Infra mailing list > Infra at ovirt.org > http://lists.ovirt.org/mailman/listinfo/infra From eedri at redhat.com Thu Jan 19 12:42:49 2012 From: eedri at redhat.com (Eyal Edri) Date: Thu, 19 Jan 2012 07:42:49 -0500 (EST) Subject: Jenkins Continuous Integration Server for oVirt is up and running! In-Reply-To: <4F180D0B.1010402@redhat.com> Message-ID: <4efefd6a-65e5-47b5-8c3c-01b271331322@zmail13.collab.prod.int.phx2.redhat.com> ----- Original Message ----- > From: "Jon Choate" <jchoate at redhat.com> > To: infra at ovirt.org > Sent: Thursday, January 19, 2012 2:31:07 PM > Subject: Re: Jenkins Continuous Integration Server for oVirt is up and running! > > Can you clarify what will trigger a build? Is it a push to Gerrit to > initiate a review or is it after the code has been reviewed and it is > merged into the repository? Or maybe both? > For now only a pushed commit that was acked and merged will trigger a build. we will soon add also a gerrit review job that will trigger certain builds once a commit was pushed for review. (pre ack) Eyal. > > On 01/19/2012 05:07 AM, Eyal Edri wrote: > > fyi, > > > > oVirt project now has a Jenkins CI server[1] on > > http://jenkins.ovirt.org. > > > > The CI server runs various jobs on oVirt components *[2] such as > > ovirt-engine,ovirt-node,etc.. > > Every commit to gerrit.ovirt.org will trigger the job > > 'ovirt_engine' which will run 'maven' build and verify that the > > commit didn't break the code. > > If the commit did break the code, it will send an alert email to > > "engine-patches.ovirt.org" and to the commiter with a link to a > > log console containing the error. > > On success, the job will trigger other jobs such as "find_bugs", > > "gwt profiles", "create db", "unit-tests", each testing a > > different part of the code. > > > > In time, more and more jobs will be added to jenkins, which will > > allow us to catch bugs much faster than before, and to improve > > code quality even more. > > If you have questions, don't hesitate to ask me or infra at ovirt.org. > > > > [1] http://jenkins-ci.org/ > > [2] currently only ovirt-engine is configured and working. > > > > > > Eyal Edri > > oVirt infrastructure team > > _______________________________________________ > > Infra mailing list > > Infra at ovirt.org > > http://lists.ovirt.org/mailman/listinfo/infra > > _______________________________________________ > Infra mailing list > Infra at ovirt.org > http://lists.ovirt.org/mailman/listinfo/infra > From iheim at redhat.com Thu Jan 19 13:46:38 2012 From: iheim at redhat.com (Itamar Heim) Date: Thu, 19 Jan 2012 15:46:38 +0200 Subject: Jenkins Continuous Integration Server for oVirt is up and running! In-Reply-To: <1326975234.3910.21.camel@beelzebub.mburnsfire.net> References: <ab2db7af-60e7-41ba-ba00-f12d57e8a328@zmail13.collab.prod.int.phx2.redhat.com> <1326975234.3910.21.camel@beelzebub.mburnsfire.net> Message-ID: <4F181EBE.9090303@redhat.com> On 01/19/2012 02:13 PM, Mike Burns wrote: > On Thu, 2012-01-19 at 05:07 -0500, Eyal Edri wrote: >> fyi, >> >> oVirt project now has a Jenkins CI server[1] on http://jenkins.ovirt.org. >> >> The CI server runs various jobs on oVirt components *[2] such as ovirt-engine,ovirt-node,etc.. >> Every commit to gerrit.ovirt.org will trigger the job 'ovirt_engine' which will run 'maven' build and verify that the commit didn't break the code. >> If the commit did break the code, it will send an alert email to "engine-patches.ovirt.org" and to the commiter with a link to a log console containing the error. >> On success, the job will trigger other jobs such as "find_bugs", "gwt profiles", "create db", "unit-tests", each testing a different part of the code. >> >> In time, more and more jobs will be added to jenkins, which will allow us to catch bugs much faster than before, and to improve code quality even more. >> If you have questions, don't hesitate to ask me or infra at ovirt.org. >> >> [1] http://jenkins-ci.org/ >> [2] currently only ovirt-engine is configured and working. >> > > Awesome, thanks for putting this together. > > I'm looking at ovirt-node now (and have already added part of the > config). Is there any plan to add a Fedora slave? ovirt-node as it well, anyone can contribute machines for their favorite/needed distro and ask eyal to add them as slaves with relevant labels so jobs will run on them. I think eyal can also configure to run a job multiple times on different slaves (multi config job), to check node/vdsm don't break on any distro which added a slave. I'll add a fedora machine and send Eyal the details to add as a slave. before i do that, I want eyal to take a look at the jenkins EC2 plugin, so we can see if we can have the guest only up when needed. > currently stands will only build correctly on Fedora. I might be able > to work around it for the ovirt-node.rpm but the ISO really needs to be > built on Fedora. > > Also, there are a few other requirements for building an iso image from > ovirt-node: > > Sudo access: (also need to disable the requiretty option) > NOPASSWD: /usr/bin/livecd-creator, /usr/bin/setenforce, /usr/bin/ksflatten, /bin/mount, /bin/umount > > Packages: livecd-tools, appliance-tools-minimizer, python-setuptools, > ksflatten, createrepo, rpm-build (possibly more, but that's what I've > hit so far) well, the job can do this each time in case we instantiate more slaves to handle load, or eyal can configure each manually i guess. From eedri at redhat.com Thu Jan 19 14:29:51 2012 From: eedri at redhat.com (Eyal Edri) Date: Thu, 19 Jan 2012 09:29:51 -0500 (EST) Subject: [Jenkins] reboot required In-Reply-To: <60e67015-366e-453e-aa71-ad90286ecbc4@zmail13.collab.prod.int.phx2.redhat.com> Message-ID: <87a024ea-9ce1-4d36-96c6-2ef64e3bfdc9@zmail13.collab.prod.int.phx2.redhat.com> FYI, Jenkins.ovirt.org needs to be rebooted in order to install a new EC2 Amazon plugin. please save any changes you might have currently. it will be back up after a few min. Eyal. From eedri at redhat.com Thu Jan 19 14:44:12 2012 From: eedri at redhat.com (Eyal Edri) Date: Thu, 19 Jan 2012 09:44:12 -0500 (EST) Subject: Jenkins Continuous Integration Server for oVirt is up and running! In-Reply-To: <4F181EBE.9090303@redhat.com> Message-ID: <87624a24-3e6c-4c8b-97c8-3cfc2035e525@zmail13.collab.prod.int.phx2.redhat.com> ----- Original Message ----- > From: "Itamar Heim" <iheim at redhat.com> > To: "Mike Burns" <mburns at redhat.com> > Cc: "Eyal Edri" <eedri at redhat.com>, infra at ovirt.org > Sent: Thursday, January 19, 2012 3:46:38 PM > Subject: Re: Jenkins Continuous Integration Server for oVirt is up and running! > > On 01/19/2012 02:13 PM, Mike Burns wrote: > > On Thu, 2012-01-19 at 05:07 -0500, Eyal Edri wrote: > >> fyi, > >> > >> oVirt project now has a Jenkins CI server[1] on > >> http://jenkins.ovirt.org. > >> > >> The CI server runs various jobs on oVirt components *[2] such as > >> ovirt-engine,ovirt-node,etc.. > >> Every commit to gerrit.ovirt.org will trigger the job > >> 'ovirt_engine' which will run 'maven' build and verify that the > >> commit didn't break the code. > >> If the commit did break the code, it will send an alert email to > >> "engine-patches.ovirt.org" and to the commiter with a link to a > >> log console containing the error. > >> On success, the job will trigger other jobs such as "find_bugs", > >> "gwt profiles", "create db", "unit-tests", each testing a > >> different part of the code. > >> > >> In time, more and more jobs will be added to jenkins, which will > >> allow us to catch bugs much faster than before, and to improve > >> code quality even more. > >> If you have questions, don't hesitate to ask me or > >> infra at ovirt.org. > >> > >> [1] http://jenkins-ci.org/ > >> [2] currently only ovirt-engine is configured and working. > >> > > > > Awesome, thanks for putting this together. > > > > I'm looking at ovirt-node now (and have already added part of the > > config). Is there any plan to add a Fedora slave? ovirt-node as > > it > > well, anyone can contribute machines for their favorite/needed distro > and ask eyal to add them as slaves with relevant labels so jobs will > run > on them. > I think eyal can also configure to run a job multiple times on > different > slaves (multi config job), to check node/vdsm don't break on any > distro > which added a slave. > > I'll add a fedora machine and send Eyal the details to add as a > slave. > before i do that, I want eyal to take a look at the jenkins EC2 > plugin, > so we can see if we can have the guest only up when needed. > I installed the EC2 plugin, need some info on the cloud. attached is the configuration screen ( under http://jenkins.ovirt.org/configure ) > > > currently stands will only build correctly on Fedora. I might be > > able > > to work around it for the ovirt-node.rpm but the ISO really needs > > to be > > built on Fedora. > > > > Also, there are a few other requirements for building an iso image > > from > > ovirt-node: > > > > Sudo access: (also need to disable the requiretty option) > > NOPASSWD: /usr/bin/livecd-creator, /usr/bin/setenforce, > > /usr/bin/ksflatten, /bin/mount, /bin/umount > > > > Packages: livecd-tools, appliance-tools-minimizer, > > python-setuptools, > > ksflatten, createrepo, rpm-build (possibly more, but that's what > > I've > > hit so far) > > well, the job can do this each time in case we instantiate more > slaves > to handle load, or eyal can configure each manually i guess. > -------------- next part -------------- A non-text attachment was scrubbed... Name: 38.png Type: image/png Size: 135139 bytes Desc: not available URL: <http://lists.ovirt.org/pipermail/infra/attachments/20120119/d556bdd8/attachment.png> From iheim at redhat.com Thu Jan 19 14:54:41 2012 From: iheim at redhat.com (Itamar Heim) Date: Thu, 19 Jan 2012 16:54:41 +0200 Subject: Jenkins Continuous Integration Server for oVirt is up and running! In-Reply-To: <87624a24-3e6c-4c8b-97c8-3cfc2035e525@zmail13.collab.prod.int.phx2.redhat.com> References: <87624a24-3e6c-4c8b-97c8-3cfc2035e525@zmail13.collab.prod.int.phx2.redhat.com> Message-ID: <4F182EB1.8070502@redhat.com> On 01/19/2012 04:44 PM, Eyal Edri wrote: > > > ----- Original Message ----- >> From: "Itamar Heim"<iheim at redhat.com> >> To: "Mike Burns"<mburns at redhat.com> >> Cc: "Eyal Edri"<eedri at redhat.com>, infra at ovirt.org >> Sent: Thursday, January 19, 2012 3:46:38 PM >> Subject: Re: Jenkins Continuous Integration Server for oVirt is up and running! >> >> On 01/19/2012 02:13 PM, Mike Burns wrote: >>> On Thu, 2012-01-19 at 05:07 -0500, Eyal Edri wrote: >>>> fyi, >>>> >>>> oVirt project now has a Jenkins CI server[1] on >>>> http://jenkins.ovirt.org. >>>> >>>> The CI server runs various jobs on oVirt components *[2] such as >>>> ovirt-engine,ovirt-node,etc.. >>>> Every commit to gerrit.ovirt.org will trigger the job >>>> 'ovirt_engine' which will run 'maven' build and verify that the >>>> commit didn't break the code. >>>> If the commit did break the code, it will send an alert email to >>>> "engine-patches.ovirt.org" and to the commiter with a link to a >>>> log console containing the error. >>>> On success, the job will trigger other jobs such as "find_bugs", >>>> "gwt profiles", "create db", "unit-tests", each testing a >>>> different part of the code. >>>> >>>> In time, more and more jobs will be added to jenkins, which will >>>> allow us to catch bugs much faster than before, and to improve >>>> code quality even more. >>>> If you have questions, don't hesitate to ask me or >>>> infra at ovirt.org. >>>> >>>> [1] http://jenkins-ci.org/ >>>> [2] currently only ovirt-engine is configured and working. >>>> >>> >>> Awesome, thanks for putting this together. >>> >>> I'm looking at ovirt-node now (and have already added part of the >>> config). Is there any plan to add a Fedora slave? ovirt-node as >>> it >> >> well, anyone can contribute machines for their favorite/needed distro >> and ask eyal to add them as slaves with relevant labels so jobs will >> run >> on them. >> I think eyal can also configure to run a job multiple times on >> different >> slaves (multi config job), to check node/vdsm don't break on any >> distro >> which added a slave. >> >> I'll add a fedora machine and send Eyal the details to add as a >> slave. >> before i do that, I want eyal to take a look at the jenkins EC2 >> plugin, >> so we can see if we can have the guest only up when needed. >> > > I installed the EC2 plugin, need some info on the cloud. > attached is the configuration screen ( under http://jenkins.ovirt.org/configure ) can the plugin start/stop existing slaves, or creates them as needed? does amazon support a delegated user to an account with limited set of permission to only start/stop existing slaves based on permissions? From mburns at redhat.com Thu Jan 19 14:54:43 2012 From: mburns at redhat.com (Mike Burns) Date: Thu, 19 Jan 2012 09:54:43 -0500 Subject: Jenkins Continuous Integration Server for oVirt is up and running! In-Reply-To: <87624a24-3e6c-4c8b-97c8-3cfc2035e525@zmail13.collab.prod.int.phx2.redhat.com> References: <87624a24-3e6c-4c8b-97c8-3cfc2035e525@zmail13.collab.prod.int.phx2.redhat.com> Message-ID: <1326984883.3910.39.camel@beelzebub.mburnsfire.net> On Thu, 2012-01-19 at 09:44 -0500, Eyal Edri wrote: > > ----- Original Message ----- > > From: "Itamar Heim" <iheim at redhat.com> > > To: "Mike Burns" <mburns at redhat.com> > > Cc: "Eyal Edri" <eedri at redhat.com>, infra at ovirt.org > > Sent: Thursday, January 19, 2012 3:46:38 PM > > Subject: Re: Jenkins Continuous Integration Server for oVirt is up and running! > > > > On 01/19/2012 02:13 PM, Mike Burns wrote: > > > On Thu, 2012-01-19 at 05:07 -0500, Eyal Edri wrote: > > >> fyi, > > >> > > >> oVirt project now has a Jenkins CI server[1] on > > >> http://jenkins.ovirt.org. > > >> > > >> The CI server runs various jobs on oVirt components *[2] such as > > >> ovirt-engine,ovirt-node,etc.. > > >> Every commit to gerrit.ovirt.org will trigger the job > > >> 'ovirt_engine' which will run 'maven' build and verify that the > > >> commit didn't break the code. > > >> If the commit did break the code, it will send an alert email to > > >> "engine-patches.ovirt.org" and to the commiter with a link to a > > >> log console containing the error. > > >> On success, the job will trigger other jobs such as "find_bugs", > > >> "gwt profiles", "create db", "unit-tests", each testing a > > >> different part of the code. > > >> > > >> In time, more and more jobs will be added to jenkins, which will > > >> allow us to catch bugs much faster than before, and to improve > > >> code quality even more. > > >> If you have questions, don't hesitate to ask me or > > >> infra at ovirt.org. > > >> > > >> [1] http://jenkins-ci.org/ > > >> [2] currently only ovirt-engine is configured and working. > > >> > > > > > > Awesome, thanks for putting this together. > > > > > > I'm looking at ovirt-node now (and have already added part of the > > > config). Is there any plan to add a Fedora slave? ovirt-node as > > > it > > > > well, anyone can contribute machines for their favorite/needed distro > > and ask eyal to add them as slaves with relevant labels so jobs will > > run > > on them. > > I think eyal can also configure to run a job multiple times on > > different > > slaves (multi config job), to check node/vdsm don't break on any > > distro > > which added a slave. > > > > I'll add a fedora machine and send Eyal the details to add as a > > slave. > > before i do that, I want eyal to take a look at the jenkins EC2 > > plugin, > > so we can see if we can have the guest only up when needed. > > > > I installed the EC2 plugin, need some info on the cloud. > attached is the configuration screen ( under http://jenkins.ovirt.org/configure ) > > > > > > > currently stands will only build correctly on Fedora. I might be > > > able > > > to work around it for the ovirt-node.rpm but the ISO really needs > > > to be > > > built on Fedora. > > > > > > Also, there are a few other requirements for building an iso image > > > from > > > ovirt-node: > > > > > > Sudo access: (also need to disable the requiretty option) > > > NOPASSWD: /usr/bin/livecd-creator, /usr/bin/setenforce, > > > /usr/bin/ksflatten, /bin/mount, /bin/umount > > > > > > Packages: livecd-tools, appliance-tools-minimizer, > > > python-setuptools, > > > ksflatten, createrepo, rpm-build (possibly more, but that's what > > > I've > > > hit so far) > > > > well, the job can do this each time in case we instantiate more > > slaves > > to handle load, or eyal can configure each manually i guess. Correct, the package installations are easy enough. The sudo commands will need to be setup up front, though. Mike > > > _______________________________________________ > Infra mailing list > Infra at ovirt.org > http://lists.ovirt.org/mailman/listinfo/infra From eedri at redhat.com Thu Jan 19 15:05:29 2012 From: eedri at redhat.com (Eyal Edri) Date: Thu, 19 Jan 2012 10:05:29 -0500 (EST) Subject: Jenkins Continuous Integration Server for oVirt is up and running! In-Reply-To: <4F182EB1.8070502@redhat.com> Message-ID: <325a6075-3e6d-43e2-8b48-d44bc00d5251@zmail13.collab.prod.int.phx2.redhat.com> ----- Original Message ----- > From: "Itamar Heim" <iheim at redhat.com> > To: "Eyal Edri" <eedri at redhat.com> > Cc: infra at ovirt.org, "Mike Burns" <mburns at redhat.com> > Sent: Thursday, January 19, 2012 4:54:41 PM > Subject: Re: Jenkins Continuous Integration Server for oVirt is up and running! > > On 01/19/2012 04:44 PM, Eyal Edri wrote: > > > > > > ----- Original Message ----- > >> From: "Itamar Heim"<iheim at redhat.com> > >> To: "Mike Burns"<mburns at redhat.com> > >> Cc: "Eyal Edri"<eedri at redhat.com>, infra at ovirt.org > >> Sent: Thursday, January 19, 2012 3:46:38 PM > >> Subject: Re: Jenkins Continuous Integration Server for oVirt is up > >> and running! > >> > >> On 01/19/2012 02:13 PM, Mike Burns wrote: > >>> On Thu, 2012-01-19 at 05:07 -0500, Eyal Edri wrote: > >>>> fyi, > >>>> > >>>> oVirt project now has a Jenkins CI server[1] on > >>>> http://jenkins.ovirt.org. > >>>> > >>>> The CI server runs various jobs on oVirt components *[2] such as > >>>> ovirt-engine,ovirt-node,etc.. > >>>> Every commit to gerrit.ovirt.org will trigger the job > >>>> 'ovirt_engine' which will run 'maven' build and verify that the > >>>> commit didn't break the code. > >>>> If the commit did break the code, it will send an alert email to > >>>> "engine-patches.ovirt.org" and to the commiter with a link to a > >>>> log console containing the error. > >>>> On success, the job will trigger other jobs such as "find_bugs", > >>>> "gwt profiles", "create db", "unit-tests", each testing a > >>>> different part of the code. > >>>> > >>>> In time, more and more jobs will be added to jenkins, which will > >>>> allow us to catch bugs much faster than before, and to improve > >>>> code quality even more. > >>>> If you have questions, don't hesitate to ask me or > >>>> infra at ovirt.org. > >>>> > >>>> [1] http://jenkins-ci.org/ > >>>> [2] currently only ovirt-engine is configured and working. > >>>> > >>> > >>> Awesome, thanks for putting this together. > >>> > >>> I'm looking at ovirt-node now (and have already added part of the > >>> config). Is there any plan to add a Fedora slave? ovirt-node as > >>> it > >> > >> well, anyone can contribute machines for their favorite/needed > >> distro > >> and ask eyal to add them as slaves with relevant labels so jobs > >> will > >> run > >> on them. > >> I think eyal can also configure to run a job multiple times on > >> different > >> slaves (multi config job), to check node/vdsm don't break on any > >> distro > >> which added a slave. > >> > >> I'll add a fedora machine and send Eyal the details to add as a > >> slave. > >> before i do that, I want eyal to take a look at the jenkins EC2 > >> plugin, > >> so we can see if we can have the guest only up when needed. > >> > > > > I installed the EC2 plugin, need some info on the cloud. > > attached is the configuration screen ( under > > http://jenkins.ovirt.org/configure ) > > can the plugin start/stop existing slaves, or creates them as needed? yes according to the plugin wiki page [1]: "Allow Jenkins to start slaves on EC2 or Ubuntu Enterprise Cloud (Eucalyptus) on demand, and kill them as they get unused. With this plugin, if Jenkins notices that your build cluster is overloaded, it'll start instances using the EC2 API and automatically connect them as Jenkins slaves. When the load goes down, excessive EC2 instances will be terminated. This set up allows you to maintain a small in-house cluster, then spill the spiky build/test loads into EC2 or another EC2 compatible cloud." [1] https://wiki.jenkins-ci.org/display/JENKINS/Amazon+EC2+Plugin > does amazon support a delegated user to an account with limited set > of > permission to only start/stop existing slaves based on permissions? > this can be done via the 'Project-based Matrix Authorization Strategy' to allow certain users to certain jobs / slaves (didn't test it): "This mode is an extension to "Matrix-based security" that allows additional ACL matrix to be defined for each project separately (which is done on the job configuration screen.) This allows you to say things like "Joe can access project A, B, and C but he can't see D." ACLs are additive, so the access rights granted below will be effective for all the projects." we can also look for another security plugins that will better suit our needs. Eyal. From iheim at redhat.com Thu Jan 19 15:20:33 2012 From: iheim at redhat.com (Itamar Heim) Date: Thu, 19 Jan 2012 17:20:33 +0200 Subject: Jenkins Continuous Integration Server for oVirt is up and running! In-Reply-To: <325a6075-3e6d-43e2-8b48-d44bc00d5251@zmail13.collab.prod.int.phx2.redhat.com> References: <325a6075-3e6d-43e2-8b48-d44bc00d5251@zmail13.collab.prod.int.phx2.redhat.com> Message-ID: <4F1834C1.2090900@redhat.com> On 01/19/2012 05:05 PM, Eyal Edri wrote: > > > ----- Original Message ----- >> From: "Itamar Heim"<iheim at redhat.com> >> To: "Eyal Edri"<eedri at redhat.com> >> Cc: infra at ovirt.org, "Mike Burns"<mburns at redhat.com> >> Sent: Thursday, January 19, 2012 4:54:41 PM >> Subject: Re: Jenkins Continuous Integration Server for oVirt is up and running! >> >> On 01/19/2012 04:44 PM, Eyal Edri wrote: >>> >>> >>> ----- Original Message ----- >>>> From: "Itamar Heim"<iheim at redhat.com> >>>> To: "Mike Burns"<mburns at redhat.com> >>>> Cc: "Eyal Edri"<eedri at redhat.com>, infra at ovirt.org >>>> Sent: Thursday, January 19, 2012 3:46:38 PM >>>> Subject: Re: Jenkins Continuous Integration Server for oVirt is up >>>> and running! >>>> >>>> On 01/19/2012 02:13 PM, Mike Burns wrote: >>>>> On Thu, 2012-01-19 at 05:07 -0500, Eyal Edri wrote: >>>>>> fyi, >>>>>> >>>>>> oVirt project now has a Jenkins CI server[1] on >>>>>> http://jenkins.ovirt.org. >>>>>> >>>>>> The CI server runs various jobs on oVirt components *[2] such as >>>>>> ovirt-engine,ovirt-node,etc.. >>>>>> Every commit to gerrit.ovirt.org will trigger the job >>>>>> 'ovirt_engine' which will run 'maven' build and verify that the >>>>>> commit didn't break the code. >>>>>> If the commit did break the code, it will send an alert email to >>>>>> "engine-patches.ovirt.org" and to the commiter with a link to a >>>>>> log console containing the error. >>>>>> On success, the job will trigger other jobs such as "find_bugs", >>>>>> "gwt profiles", "create db", "unit-tests", each testing a >>>>>> different part of the code. >>>>>> >>>>>> In time, more and more jobs will be added to jenkins, which will >>>>>> allow us to catch bugs much faster than before, and to improve >>>>>> code quality even more. >>>>>> If you have questions, don't hesitate to ask me or >>>>>> infra at ovirt.org. >>>>>> >>>>>> [1] http://jenkins-ci.org/ >>>>>> [2] currently only ovirt-engine is configured and working. >>>>>> >>>>> >>>>> Awesome, thanks for putting this together. >>>>> >>>>> I'm looking at ovirt-node now (and have already added part of the >>>>> config). Is there any plan to add a Fedora slave? ovirt-node as >>>>> it >>>> >>>> well, anyone can contribute machines for their favorite/needed >>>> distro >>>> and ask eyal to add them as slaves with relevant labels so jobs >>>> will >>>> run >>>> on them. >>>> I think eyal can also configure to run a job multiple times on >>>> different >>>> slaves (multi config job), to check node/vdsm don't break on any >>>> distro >>>> which added a slave. >>>> >>>> I'll add a fedora machine and send Eyal the details to add as a >>>> slave. >>>> before i do that, I want eyal to take a look at the jenkins EC2 >>>> plugin, >>>> so we can see if we can have the guest only up when needed. >>>> >>> >>> I installed the EC2 plugin, need some info on the cloud. >>> attached is the configuration screen ( under >>> http://jenkins.ovirt.org/configure ) >> >> can the plugin start/stop existing slaves, or creates them as needed? > > yes according to the plugin wiki page [1]: > > "Allow Jenkins to start slaves on EC2 or Ubuntu Enterprise Cloud (Eucalyptus) on demand, and kill them as they get unused. > With this plugin, if Jenkins notices that your build cluster is overloaded, it'll start instances using the EC2 API and automatically connect them as Jenkins slaves. When the load goes down, excessive EC2 instances will be terminated. This set up allows you to maintain a small in-house cluster, then spill the spiky build/test loads into EC2 or another EC2 compatible cloud." > > [1] https://wiki.jenkins-ci.org/display/JENKINS/Amazon+EC2+Plugin "starting an instance" from an AMI in EC2 is actually creating the instance as well. is there another type of plugin which will start/stop instances? > > >> does amazon support a delegated user to an account with limited set >> of >> permission to only start/stop existing slaves based on permissions? >> > > this can be done via the 'Project-based Matrix Authorization Strategy' to allow certain users to certain jobs / slaves (didn't test it): > > "This mode is an extension to "Matrix-based security" that allows additional ACL matrix to be defined for each project separately (which is done on the job configuration screen.) > This allows you to say things like "Joe can access project A, B, and C but he can't see D." > > ACLs are additive, so the access rights granted below will be effective for all the projects." > > we can also look for another security plugins that will better suit our needs. I'm concerned with limiting what jenkins can do on EC2, not limiting the jenkins side (well, that too, but first EC2) From eedri at redhat.com Thu Jan 19 15:41:22 2012 From: eedri at redhat.com (Eyal Edri) Date: Thu, 19 Jan 2012 10:41:22 -0500 (EST) Subject: Jenkins Continuous Integration Server for oVirt is up and running! In-Reply-To: <4F1834C1.2090900@redhat.com> Message-ID: <767f4e6f-03b9-495c-8a42-7378d9432d6e@zmail13.collab.prod.int.phx2.redhat.com> ----- Original Message ----- > From: "Itamar Heim" <iheim at redhat.com> > To: "Eyal Edri" <eedri at redhat.com> > Cc: infra at ovirt.org, "Mike Burns" <mburns at redhat.com> > Sent: Thursday, January 19, 2012 5:20:33 PM > Subject: Re: Jenkins Continuous Integration Server for oVirt is up and running! > > On 01/19/2012 05:05 PM, Eyal Edri wrote: > > > > > > ----- Original Message ----- > >> From: "Itamar Heim"<iheim at redhat.com> > >> To: "Eyal Edri"<eedri at redhat.com> > >> Cc: infra at ovirt.org, "Mike Burns"<mburns at redhat.com> > >> Sent: Thursday, January 19, 2012 4:54:41 PM > >> Subject: Re: Jenkins Continuous Integration Server for oVirt is up > >> and running! > >> > >> On 01/19/2012 04:44 PM, Eyal Edri wrote: > >>> > >>> > >>> ----- Original Message ----- > >>>> From: "Itamar Heim"<iheim at redhat.com> > >>>> To: "Mike Burns"<mburns at redhat.com> > >>>> Cc: "Eyal Edri"<eedri at redhat.com>, infra at ovirt.org > >>>> Sent: Thursday, January 19, 2012 3:46:38 PM > >>>> Subject: Re: Jenkins Continuous Integration Server for oVirt is > >>>> up > >>>> and running! > >>>> > >>>> On 01/19/2012 02:13 PM, Mike Burns wrote: > >>>>> On Thu, 2012-01-19 at 05:07 -0500, Eyal Edri wrote: > >>>>>> fyi, > >>>>>> > >>>>>> oVirt project now has a Jenkins CI server[1] on > >>>>>> http://jenkins.ovirt.org. > >>>>>> > >>>>>> The CI server runs various jobs on oVirt components *[2] such > >>>>>> as > >>>>>> ovirt-engine,ovirt-node,etc.. > >>>>>> Every commit to gerrit.ovirt.org will trigger the job > >>>>>> 'ovirt_engine' which will run 'maven' build and verify that > >>>>>> the > >>>>>> commit didn't break the code. > >>>>>> If the commit did break the code, it will send an alert email > >>>>>> to > >>>>>> "engine-patches.ovirt.org" and to the commiter with a link to > >>>>>> a > >>>>>> log console containing the error. > >>>>>> On success, the job will trigger other jobs such as > >>>>>> "find_bugs", > >>>>>> "gwt profiles", "create db", "unit-tests", each testing a > >>>>>> different part of the code. > >>>>>> > >>>>>> In time, more and more jobs will be added to jenkins, which > >>>>>> will > >>>>>> allow us to catch bugs much faster than before, and to improve > >>>>>> code quality even more. > >>>>>> If you have questions, don't hesitate to ask me or > >>>>>> infra at ovirt.org. > >>>>>> > >>>>>> [1] http://jenkins-ci.org/ > >>>>>> [2] currently only ovirt-engine is configured and working. > >>>>>> > >>>>> > >>>>> Awesome, thanks for putting this together. > >>>>> > >>>>> I'm looking at ovirt-node now (and have already added part of > >>>>> the > >>>>> config). Is there any plan to add a Fedora slave? ovirt-node > >>>>> as > >>>>> it > >>>> > >>>> well, anyone can contribute machines for their favorite/needed > >>>> distro > >>>> and ask eyal to add them as slaves with relevant labels so jobs > >>>> will > >>>> run > >>>> on them. > >>>> I think eyal can also configure to run a job multiple times on > >>>> different > >>>> slaves (multi config job), to check node/vdsm don't break on any > >>>> distro > >>>> which added a slave. > >>>> > >>>> I'll add a fedora machine and send Eyal the details to add as a > >>>> slave. > >>>> before i do that, I want eyal to take a look at the jenkins EC2 > >>>> plugin, > >>>> so we can see if we can have the guest only up when needed. > >>>> > >>> > >>> I installed the EC2 plugin, need some info on the cloud. > >>> attached is the configuration screen ( under > >>> http://jenkins.ovirt.org/configure ) > >> > >> can the plugin start/stop existing slaves, or creates them as > >> needed? > > > > yes according to the plugin wiki page [1]: > > > > "Allow Jenkins to start slaves on EC2 or Ubuntu Enterprise Cloud > > (Eucalyptus) on demand, and kill them as they get unused. > > With this plugin, if Jenkins notices that your build cluster is > > overloaded, it'll start instances using the EC2 API and > > automatically connect them as Jenkins slaves. When the load goes > > down, excessive EC2 instances will be terminated. This set up > > allows you to maintain a small in-house cluster, then spill the > > spiky build/test loads into EC2 or another EC2 compatible cloud." > > > > [1] https://wiki.jenkins-ci.org/display/JENKINS/Amazon+EC2+Plugin > > "starting an instance" from an AMI in EC2 is actually creating the > instance as well. > > is there another type of plugin which will start/stop instances? > not one that i have seen. btw, jenkins has an openID plugin -> https://wiki.jenkins-ci.org/display/JENKINS/OpenID+plugin maybe we can allow certain users from the community to login using thier openID, and restrict them to certain slaves, using the ROLE STRATEGY PLUGIN -> https://wiki.jenkins-ci.org/display/JENKINS/Role+Strategy+Plugin > > > > > > >> does amazon support a delegated user to an account with limited > >> set > >> of > >> permission to only start/stop existing slaves based on > >> permissions? > >> > > > > this can be done via the 'Project-based Matrix Authorization > > Strategy' to allow certain users to certain jobs / slaves (didn't > > test it): > > > > "This mode is an extension to "Matrix-based security" that allows > > additional ACL matrix to be defined for each project separately > > (which is done on the job configuration screen.) > > This allows you to say things like "Joe can access project A, B, > > and C but he can't see D." > > > > ACLs are additive, so the access rights granted below will be > > effective for all the projects." > > > > we can also look for another security plugins that will better suit > > our needs. > > I'm concerned with limiting what jenkins can do on EC2, not limiting > the > jenkins side (well, that too, but first EC2) > From pmatouse at redhat.com Thu Jan 19 17:46:15 2012 From: pmatouse at redhat.com (Petr Matousek) Date: Thu, 19 Jan 2012 18:46:15 +0100 Subject: ovirt.org / security mailing lists Message-ID: <20120119174614.GA617@dhcp-25-225.brq.redhat.com> Hi Karsten, we have a wiki page describing ovirt.org security mailing lists [1], but I think we should at least mention the security mailing lists and how we handle security issues on our community page [2]. [1] http://ovirt.org/wiki/Security [2] http://www.ovirt.org/project/community/ In the long run, we could also create dedicated security related page referenced from the main menu/front page. Would that be possible? We want security bugs to be sent to security mailing lists, not to the development mailing lists. Thanks, -- Petr Matousek / Red Hat Security Response Team From djorm at redhat.com Thu Jan 19 23:59:33 2012 From: djorm at redhat.com (David Jorm) Date: Fri, 20 Jan 2012 09:59:33 +1000 Subject: ovirt.org / security mailing lists In-Reply-To: <20120119174614.GA617@dhcp-25-225.brq.redhat.com> References: <20120119174614.GA617@dhcp-25-225.brq.redhat.com> Message-ID: <4F18AE65.5070103@redhat.com> On 01/20/2012 03:46 AM, Petr Matousek wrote: > Hi Karsten, > > we have a wiki page describing ovirt.org security mailing lists [1], but > I think we should at least mention the security mailing lists and how we > handle security issues on our community page [2]. > > [1] http://ovirt.org/wiki/Security > [2] http://www.ovirt.org/project/community/ > > In the long run, we could also create dedicated security related page > referenced from the main menu/front page. +1, I think this is a good idea. The existing security page on the wiki could be expanded to include more content than just the mailing list information. > > Would that be possible? > > We want security bugs to be sent to security mailing lists, not to the > development mailing lists. > > Thanks, From cctrieloff at redhat.com Fri Jan 20 18:26:03 2012 From: cctrieloff at redhat.com (Carl Trieloff) Date: Fri, 20 Jan 2012 13:26:03 -0500 Subject: ovirt.org / security mailing lists In-Reply-To: <4F18AE65.5070103@redhat.com> References: <20120119174614.GA617@dhcp-25-225.brq.redhat.com> <4F18AE65.5070103@redhat.com> Message-ID: <4F19B1BB.4050108@redhat.com> On 01/19/2012 06:59 PM, David Jorm wrote: > On 01/20/2012 03:46 AM, Petr Matousek wrote: >> Hi Karsten, >> >> we have a wiki page describing ovirt.org security mailing lists [1], but >> I think we should at least mention the security mailing lists and how we >> handle security issues on our community page [2]. >> >> [1] http://ovirt.org/wiki/Security >> [2] http://www.ovirt.org/project/community/ >> >> In the long run, we could also create dedicated security related page >> referenced from the main menu/front page. > > +1, I think this is a good idea. The existing security page on the > wiki could be expanded to include more content than just the mailing > list information. go for it. sounds good. From kwade at redhat.com Fri Jan 20 20:26:43 2012 From: kwade at redhat.com (Karsten 'quaid' Wade) Date: Fri, 20 Jan 2012 12:26:43 -0800 Subject: ovirt.org / security mailing lists In-Reply-To: <20120119174614.GA617@dhcp-25-225.brq.redhat.com> References: <20120119174614.GA617@dhcp-25-225.brq.redhat.com> Message-ID: <4F19CE03.50605@redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/19/2012 09:46 AM, Petr Matousek wrote: > Hi Karsten, > > we have a wiki page describing ovirt.org security mailing lists > [1], but I think we should at least mention the security mailing > lists and how we handle security issues on our community page [2]. > > [1] http://ovirt.org/wiki/Security [2] > http://www.ovirt.org/project/community/ > > In the long run, we could also create dedicated security related > page referenced from the main menu/front page. > > Would that be possible? > > We want security bugs to be sent to security mailing lists, not to > the development mailing lists. All sounds good. We should just get you an author account in the Wordpress instance that runs ovirt.org so you can modify the content, etc. Does that sound sufficient? - - Karsten - -- name: Karsten 'quaid' Wade, Sr. Community Architect team: Red Hat Community Architecture & Leadership uri: http://communityleadershipteam.org http://TheOpenSourceWay.org gpg: AD0E0C41 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFPGc372ZIOBq0ODEERAg4lAJoDF/sSXY8xdycPSTPTh+IaR758AACfUGHG YO66EHupmoNr+czXrXmzgFk= =H4o8 -----END PGP SIGNATURE----- From pmatouse at redhat.com Mon Jan 23 13:29:03 2012 From: pmatouse at redhat.com (Petr Matousek) Date: Mon, 23 Jan 2012 14:29:03 +0100 Subject: ovirt.org / security mailing lists In-Reply-To: <4F19CE03.50605@redhat.com> References: <20120119174614.GA617@dhcp-25-225.brq.redhat.com> <4F19CE03.50605@redhat.com> Message-ID: <20120123132902.GE15696@dhcp-25-225.brq.redhat.com> On Fri, Jan 20, 2012 at 12:26:43PM -0800, Karsten 'quaid' Wade wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 01/19/2012 09:46 AM, Petr Matousek wrote: > > Hi Karsten, > > > > we have a wiki page describing ovirt.org security mailing lists > > [1], but I think we should at least mention the security mailing > > lists and how we handle security issues on our community page [2]. > > > > [1] http://ovirt.org/wiki/Security [2] > > http://www.ovirt.org/project/community/ > > > > In the long run, we could also create dedicated security related > > page referenced from the main menu/front page. > > > > Would that be possible? > > > > We want security bugs to be sent to security mailing lists, not to > > the development mailing lists. > > All sounds good. We should just get you an author account in the > Wordpress instance that runs ovirt.org so you can modify the content, > etc. Does that sound sufficient? Yes Karsten, thanks, that would work. OTOH I do not want to mess up ovirt.org web, so in case we have any content author/web master, it might be wise to route all the changes through that person -) Petr > > - - Karsten > - -- > name: Karsten 'quaid' Wade, Sr. Community Architect > team: Red Hat Community Architecture & Leadership > uri: http://communityleadershipteam.org > http://TheOpenSourceWay.org > gpg: AD0E0C41 > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iD8DBQFPGc372ZIOBq0ODEERAg4lAJoDF/sSXY8xdycPSTPTh+IaR758AACfUGHG > YO66EHupmoNr+czXrXmzgFk= > =H4o8 > -----END PGP SIGNATURE----- -- Petr Matousek / Red Hat Security Response Team From eedri at redhat.com Mon Jan 23 14:27:19 2012 From: eedri at redhat.com (Eyal Edri) Date: Mon, 23 Jan 2012 09:27:19 -0500 (EST) Subject: [Jenkins] Restarting jenkins server In-Reply-To: <12593908-70bb-4fec-9009-7fe97e218d6b@zmail13.collab.prod.int.phx2.redhat.com> Message-ID: <c2156f14-8655-4978-bfe0-e08cd8635a84@zmail13.collab.prod.int.phx2.redhat.com> fyi, Jenkins.ovirt.org servers needs to be restarted. please save your work. it will be up in a few min. Eyal. From ewoud+ovirt at kohlvanwijngaarden.nl Tue Jan 24 17:13:55 2012 From: ewoud+ovirt at kohlvanwijngaarden.nl (Ewoud Kohl van Wijngaarden) Date: Tue, 24 Jan 2012 18:13:55 +0100 Subject: openid on the wiki? Message-ID: <20120124171355.GD19086@bogey.xentower.nl> Hello, Given gerrit already works with openid I was wondering if the wiki could support the same. It seems there is an extension[1], and it also seems it's packaged for fedora[2]. Has anyone looked into this and would it be a desirable addition? [1]: http://www.mediawiki.org/wiki/Extension:OpenID [2]: http://koji.fedoraproject.org/koji/packageinfo?packageID=5922 From kwade at redhat.com Tue Jan 24 18:40:25 2012 From: kwade at redhat.com (Karsten 'quaid' Wade) Date: Tue, 24 Jan 2012 10:40:25 -0800 Subject: openid on the wiki? In-Reply-To: <20120124171355.GD19086@bogey.xentower.nl> References: <20120124171355.GD19086@bogey.xentower.nl> Message-ID: <4F1EFB19.20704@redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/24/2012 09:13 AM, Ewoud Kohl van Wijngaarden wrote: > Hello, > > Given gerrit already works with openid I was wondering if the wiki > could support the same. It seems there is an extension[1], and it > also seems it's packaged for fedora[2]. Has anyone looked into this > and would it be a desirable addition? > > [1]: http://www.mediawiki.org/wiki/Extension:OpenID [2]: > http://koji.fedoraproject.org/koji/packageinfo?packageID=5922 My major concern with the wiki is keeping us from having spammers ever get accounts on there. We have enough trouble gardening our own work, we'd get buried if we had to manage spam pages. I would reckon that OpenID would give a way for spammers to come in, unless we limited the OpenID servers we worked with, which would sort-of be against the reason for having OpenID in the first place. But I'm very open to other thinking, just unsure how it would be implemented. - - Karsten - -- name: Karsten 'quaid' Wade, Sr. Community Architect team: Red Hat Community Architecture & Leadership uri: http://communityleadershipteam.org http://TheOpenSourceWay.org gpg: AD0E0C41 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFPHvsZ2ZIOBq0ODEERAgiNAJ9J4gu52ZgnZkGt0WpfwQWq1aglcgCeMN+Z LDVFMxgbmvgq6G1htgd71Cs= =hf0c -----END PGP SIGNATURE----- From ewoud+ovirt at kohlvanwijngaarden.nl Tue Jan 24 23:40:02 2012 From: ewoud+ovirt at kohlvanwijngaarden.nl (Ewoud Kohl van Wijngaarden) Date: Wed, 25 Jan 2012 00:40:02 +0100 Subject: openid on the wiki? In-Reply-To: <4F1EFB19.20704@redhat.com> References: <20120124171355.GD19086@bogey.xentower.nl> <4F1EFB19.20704@redhat.com> Message-ID: <20120124233950.GE19086@bogey.xentower.nl> On Tue, Jan 24, 2012 at 10:40:25AM -0800, Karsten 'quaid' Wade wrote: > On 01/24/2012 09:13 AM, Ewoud Kohl van Wijngaarden wrote: > > Given gerrit already works with openid I was wondering if the wiki > > could support the same. It seems there is an extension[1], and it > > also seems it's packaged for fedora[2]. Has anyone looked into this > > and would it be a desirable addition? > > > > [1]: http://www.mediawiki.org/wiki/Extension:OpenID [2]: > > http://koji.fedoraproject.org/koji/packageinfo?packageID=5922 > > My major concern with the wiki is keeping us from having spammers ever > get accounts on there. We have enough trouble gardening our own work, > we'd get buried if we had to manage spam pages. > > I would reckon that OpenID would give a way for spammers to come in, > unless we limited the OpenID servers we worked with, which would > sort-of be against the reason for having OpenID in the first place. > > But I'm very open to other thinking, just unsure how it would be > implemented. I have no experience with mediawiki + openid myself, but maybe giving it a go and monitor it would be good enough for now. Possible downsides: - Spammers use openid to spam Possible upsides: - More open to new people - People can use a single account for both gerrit and the wiki Since the wiki edits are also shown on IRC I think spam would be caught fast enough and in the worst case the change could be reverted. From kwade at redhat.com Wed Jan 25 04:03:58 2012 From: kwade at redhat.com (Karsten 'quaid' Wade) Date: Tue, 24 Jan 2012 20:03:58 -0800 Subject: openid on the wiki? In-Reply-To: <20120124233950.GE19086@bogey.xentower.nl> References: <20120124171355.GD19086@bogey.xentower.nl> <4F1EFB19.20704@redhat.com> <20120124233950.GE19086@bogey.xentower.nl> Message-ID: <4F1F7F2E.1050604@redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/24/2012 03:40 PM, Ewoud Kohl van Wijngaarden wrote: > I have no experience with mediawiki + openid myself, but maybe > giving it a go and monitor it would be good enough for now. > > Possible downsides: - Spammers use openid to spam > > Possible upsides: - More open to new people - People can use a > single account for both gerrit and the wiki > > Since the wiki edits are also shown on IRC I think spam would be > caught fast enough and in the worst case the change could be > reverted. That's a good point, the wiki edits are watched that way more carefully. What would our reaction be if we started to see spam edits via OpenID accounts? * Can we easily disable those accounts? * Would we revert to not using OpenID? ** Sometimes spammers seem to be doing test-spam on a wiki, so a few scattered edits might be preparation for an onslaught. Also consider all this in terms of who is taking care of the wiki. We don't (yet?) have enough individuals or a team that seem to be taking on any wiki management tasks. So a spamming situation could rally such folks, but it could also kill the energy while in the crib by overwhelming it with spam pages from incrementally more spam accounts. I'm reacting a bit here to e.g. more wiki pages being incorrectly named than not, so a lot of wiki gardening required still. OTOH, I am very much in favor of lowering barriers as much as we can. I'd like to proceed with this discussion and just figure out a way to counterbalance the risks, etc. Thanks - Karsten - -- name: Karsten 'quaid' Wade, Sr. Community Architect team: Red Hat Community Architecture & Leadership uri: http://communityleadershipteam.org http://TheOpenSourceWay.org gpg: AD0E0C41 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFPH38u2ZIOBq0ODEERAs66AKCsopk4/0ZZfXPh4ky6iOg5D6g8eACdFKET WrmeZZ7qtLYyqeZmwYr4IWk= =IreL -----END PGP SIGNATURE----- From iheim at redhat.com Wed Jan 25 08:17:43 2012 From: iheim at redhat.com (Itamar Heim) Date: Wed, 25 Jan 2012 10:17:43 +0200 Subject: openid on the wiki? In-Reply-To: <4F1F7F2E.1050604@redhat.com> References: <20120124171355.GD19086@bogey.xentower.nl> <4F1EFB19.20704@redhat.com> <20120124233950.GE19086@bogey.xentower.nl> <4F1F7F2E.1050604@redhat.com> Message-ID: <4F1FBAA7.1040903@redhat.com> On 01/25/2012 06:03 AM, Karsten 'quaid' Wade wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 01/24/2012 03:40 PM, Ewoud Kohl van Wijngaarden wrote: >> I have no experience with mediawiki + openid myself, but maybe >> giving it a go and monitor it would be good enough for now. >> >> Possible downsides: - Spammers use openid to spam >> >> Possible upsides: - More open to new people - People can use a >> single account for both gerrit and the wiki >> >> Since the wiki edits are also shown on IRC I think spam would be >> caught fast enough and in the worst case the change could be >> reverted. > > That's a good point, the wiki edits are watched that way more carefully. > > What would our reaction be if we started to see spam edits via OpenID > accounts? > > * Can we easily disable those accounts? > * Would we revert to not using OpenID? > ** Sometimes spammers seem to be doing test-spam on a wiki, so a few > scattered edits might be preparation for an onslaught. > > Also consider all this in terms of who is taking care of the wiki. We > don't (yet?) have enough individuals or a team that seem to be taking > on any wiki management tasks. > > So a spamming situation could rally such folks, but it could also kill > the energy while in the crib by overwhelming it with spam pages from > incrementally more spam accounts. > > I'm reacting a bit here to e.g. more wiki pages being incorrectly > named than not, so a lot of wiki gardening required still. OTOH, I am > very much in favor of lowering barriers as much as we can. I'd like to > proceed with this discussion and just figure out a way to > counterbalance the risks, etc. can we separate the openid support for authentication (so people can user same user/password) from authorization (can an openid account do something)? so we would still have the process of an existing user has to give edit permissions to an openid user? From ewoud+ovirt at kohlvanwijngaarden.nl Wed Jan 25 10:45:10 2012 From: ewoud+ovirt at kohlvanwijngaarden.nl (Ewoud Kohl van Wijngaarden) Date: Wed, 25 Jan 2012 11:45:10 +0100 Subject: openid on the wiki? In-Reply-To: <4F1FBAA7.1040903@redhat.com> References: <20120124171355.GD19086@bogey.xentower.nl> <4F1EFB19.20704@redhat.com> <20120124233950.GE19086@bogey.xentower.nl> <4F1F7F2E.1050604@redhat.com> <4F1FBAA7.1040903@redhat.com> Message-ID: <20120125104510.GF19086@bogey.xentower.nl> On Wed, Jan 25, 2012 at 10:17:43AM +0200, Itamar Heim wrote: > On 01/25/2012 06:03 AM, Karsten 'quaid' Wade wrote: > >On 01/24/2012 03:40 PM, Ewoud Kohl van Wijngaarden wrote: > >>I have no experience with mediawiki + openid myself, but maybe > >>giving it a go and monitor it would be good enough for now. > >> > >>Possible downsides: - Spammers use openid to spam > >> > >>Possible upsides: - More open to new people - People can use a > >>single account for both gerrit and the wiki > >> > >>Since the wiki edits are also shown on IRC I think spam would be > >>caught fast enough and in the worst case the change could be > >>reverted. > > > >That's a good point, the wiki edits are watched that way more carefully. > > > >What would our reaction be if we started to see spam edits via OpenID > >accounts? > > > >* Can we easily disable those accounts? > >* Would we revert to not using OpenID? > >** Sometimes spammers seem to be doing test-spam on a wiki, so a few > >scattered edits might be preparation for an onslaught. > > > >Also consider all this in terms of who is taking care of the wiki. We > >don't (yet?) have enough individuals or a team that seem to be taking > >on any wiki management tasks. > > > >So a spamming situation could rally such folks, but it could also kill > >the energy while in the crib by overwhelming it with spam pages from > >incrementally more spam accounts. > > > >I'm reacting a bit here to e.g. more wiki pages being incorrectly > >named than not, so a lot of wiki gardening required still. OTOH, I am > >very much in favor of lowering barriers as much as we can. I'd like to > >proceed with this discussion and just figure out a way to > >counterbalance the risks, etc. > > can we separate the openid support for authentication (so people can > user same user/password) from authorization (can an openid account > do something)? > > so we would still have the process of an existing user has to give > edit permissions to an openid user? That could be a mitigation in case we do get spammers. I'm wondering how wikipedia handles this since that's an open wiki using the same software. Using an extension for authentication makes us a non-standard target and thus harder. I think it's important, if not vital, for an open source project to have a low barrier to join. Making it easy to do small fixes on the wiki could help get people more involved. So in short I think using openid authentication and open authorization will benefit the project at an acceptable risk of spammers. If we do notice spammers we can switch to user authorization with manual approval of users or in the worst case fully disable openid and revert to the current workflow. From jbrooks at redhat.com Wed Jan 25 17:06:28 2012 From: jbrooks at redhat.com (Jason Brooks) Date: Wed, 25 Jan 2012 09:06:28 -0800 Subject: openid on the wiki? In-Reply-To: <4F1F7F2E.1050604@redhat.com> References: <20120124171355.GD19086@bogey.xentower.nl> <4F1EFB19.20704@redhat.com> <20120124233950.GE19086@bogey.xentower.nl> <4F1F7F2E.1050604@redhat.com> Message-ID: <4F203694.1060807@redhat.com> On 01/24/2012 08:03 PM, Karsten 'quaid' Wade wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 01/24/2012 03:40 PM, Ewoud Kohl van Wijngaarden wrote: >> I have no experience with mediawiki + openid myself, but maybe >> giving it a go and monitor it would be good enough for now. >> I'm a fan of openid -- many is the time I've chosen not to engage somewhere because I don't want to create a new user name / password. Jason From kwade at redhat.com Wed Jan 25 21:30:24 2012 From: kwade at redhat.com (Karsten 'quaid' Wade) Date: Wed, 25 Jan 2012 13:30:24 -0800 Subject: openid on the wiki? In-Reply-To: <4F203694.1060807@redhat.com> References: <20120124171355.GD19086@bogey.xentower.nl> <4F1EFB19.20704@redhat.com> <20120124233950.GE19086@bogey.xentower.nl> <4F1F7F2E.1050604@redhat.com> <4F203694.1060807@redhat.com> Message-ID: <4F207470.1090201@redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/25/2012 09:06 AM, Jason Brooks wrote: > On 01/24/2012 08:03 PM, Karsten 'quaid' Wade wrote: >> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >> >> On 01/24/2012 03:40 PM, Ewoud Kohl van Wijngaarden wrote: >>> I have no experience with mediawiki + openid myself, but maybe >>> giving it a go and monitor it would be good enough for now. >>> > > I'm a fan of openid -- many is the time I've chosen not to engage > somewhere because I don't want to create a new user name / > password. Careful or I'll recruit you to the wiki gardening crew. :) - - Karsten - -- name: Karsten 'quaid' Wade, Sr. Community Architect team: Red Hat Community Architecture & Leadership uri: http://communityleadershipteam.org http://TheOpenSourceWay.org gpg: AD0E0C41 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFPIHRw2ZIOBq0ODEERAmekAJ9qcw4maZFlYeakixacyAYhg+ZlKQCdEgfW VcuuywX956TcAKPFJiYs+HE= =MTdt -----END PGP SIGNATURE----- From kwade at redhat.com Wed Jan 25 21:35:04 2012 From: kwade at redhat.com (Karsten 'quaid' Wade) Date: Wed, 25 Jan 2012 13:35:04 -0800 Subject: openid on the wiki? In-Reply-To: <20120125104510.GF19086@bogey.xentower.nl> References: <20120124171355.GD19086@bogey.xentower.nl> <4F1EFB19.20704@redhat.com> <20120124233950.GE19086@bogey.xentower.nl> <4F1F7F2E.1050604@redhat.com> <4F1FBAA7.1040903@redhat.com> <20120125104510.GF19086@bogey.xentower.nl> Message-ID: <4F207588.3090904@redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/25/2012 02:45 AM, Ewoud Kohl van Wijngaarden wrote: > On Wed, Jan 25, 2012 at 10:17:43AM +0200, Itamar Heim wrote: >> On 01/25/2012 06:03 AM, Karsten 'quaid' Wade wrote: >>> On 01/24/2012 03:40 PM, Ewoud Kohl van Wijngaarden wrote: >>>> I have no experience with mediawiki + openid myself, but >>>> maybe giving it a go and monitor it would be good enough for >>>> now. >>>> >>>> Possible downsides: - Spammers use openid to spam >>>> >>>> Possible upsides: - More open to new people - People can use >>>> a single account for both gerrit and the wiki >>>> >>>> Since the wiki edits are also shown on IRC I think spam would >>>> be caught fast enough and in the worst case the change could >>>> be reverted. >>> >>> That's a good point, the wiki edits are watched that way more >>> carefully. >>> >>> What would our reaction be if we started to see spam edits via >>> OpenID accounts? >>> >>> * Can we easily disable those accounts? * Would we revert to >>> not using OpenID? ** Sometimes spammers seem to be doing >>> test-spam on a wiki, so a few scattered edits might be >>> preparation for an onslaught. >>> >>> Also consider all this in terms of who is taking care of the >>> wiki. We don't (yet?) have enough individuals or a team that >>> seem to be taking on any wiki management tasks. >>> >>> So a spamming situation could rally such folks, but it could >>> also kill the energy while in the crib by overwhelming it with >>> spam pages from incrementally more spam accounts. >>> >>> I'm reacting a bit here to e.g. more wiki pages being >>> incorrectly named than not, so a lot of wiki gardening required >>> still. OTOH, I am very much in favor of lowering barriers as >>> much as we can. I'd like to proceed with this discussion and >>> just figure out a way to counterbalance the risks, etc. >> >> can we separate the openid support for authentication (so people >> can user same user/password) from authorization (can an openid >> account do something)? >> >> so we would still have the process of an existing user has to >> give edit permissions to an openid user? > That could be a mitigation in case we do get spammers. > > I'm wondering how wikipedia handles this since that's an open wiki > using the same software. Using an extension for authentication > makes us a non-standard target and thus harder. AIUI, a large part is the legion of volunteers who revert spam edits. All of the protection tools, such as Captchas, are reportedly cracked by spammers. > I think it's important, if not vital, for an open source project to > have a low barrier to join. Making it easy to do small fixes on the > wiki could help get people more involved. This I do agree with, and wrote in to The Open Source Way handbook: https://www.theopensourceway.org/wiki/How_to_loosely_organize_a_community#Use_lightweight.2C_open_collaboration_tools_-_wikis.2C_mailing_lists.2C_IRC.2C_version_control.2C_bug_trackers_-_and_give_out_access ... and then as a project, struggle with how to handle the wiki auth. (Short URL of above: http://bit.ly/TOSWOpenTooling ) > So in short I think using openid authentication and open > authorization will benefit the project at an acceptable risk of > spammers. If we do notice spammers we can switch to user > authorization with manual approval of users or in the worst case > fully disable openid and revert to the current workflow. Are you able to volunteer to help with wiki gardening? In specific, keeping things cleaned up if we do get a spammer - reverting changes, deleting accounts, etc. If we can get enough of us to watch things with commitment, then I'm much more comfortable with the idea of rolling out OpenID. - - Karsten - -- name: Karsten 'quaid' Wade, Sr. Community Architect team: Red Hat Community Architecture & Leadership uri: http://communityleadershipteam.org http://TheOpenSourceWay.org gpg: AD0E0C41 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFPIHWI2ZIOBq0ODEERAiioAJ96Cc0ZKm7ZvnaFfQAnrHhvla0e9wCdG4c4 AIOT2IIfTrJ8qtN47c96hcw= =D3ho -----END PGP SIGNATURE----- From kwade at redhat.com Wed Jan 25 21:37:18 2012 From: kwade at redhat.com (Karsten 'quaid' Wade) Date: Wed, 25 Jan 2012 13:37:18 -0800 Subject: openid on the wiki? In-Reply-To: <20120125104510.GF19086@bogey.xentower.nl> References: <20120124171355.GD19086@bogey.xentower.nl> <4F1EFB19.20704@redhat.com> <20120124233950.GE19086@bogey.xentower.nl> <4F1F7F2E.1050604@redhat.com> <4F1FBAA7.1040903@redhat.com> <20120125104510.GF19086@bogey.xentower.nl> Message-ID: <4F20760E.5020400@redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 (Separating topics in this thread.) On 01/25/2012 02:45 AM, Ewoud Kohl van Wijngaarden wrote: > On Wed, Jan 25, 2012 at 10:17:43AM +0200, Itamar Heim wrote: >> can we separate the openid support for authentication (so people >> can user same user/password) from authorization (can an openid >> account do something)? >> >> so we would still have the process of an existing user has to >> give edit permissions to an openid user? > > That could be a mitigation in case we do get spammers. That's a rather nice idea - it would save us from losing the investment in getting OpenID working if we didn't have to roll all the way back, and if we had to fall-back to manual-initial authorization, at least we'd be helping contributors reduce account complexity. - - Karsten - -- name: Karsten 'quaid' Wade, Sr. Community Architect team: Red Hat Community Architecture & Leadership uri: http://communityleadershipteam.org http://TheOpenSourceWay.org gpg: AD0E0C41 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFPIHYO2ZIOBq0ODEERAkt7AJ9ZuqPFFW/qEHgSItBqB2QgJ/xLOwCdGcpf VS6cFPMJ+rupMepGmA5peZc= =7FWL -----END PGP SIGNATURE----- From ewoud+ovirt at kohlvanwijngaarden.nl Thu Jan 26 11:37:46 2012 From: ewoud+ovirt at kohlvanwijngaarden.nl (Ewoud Kohl van Wijngaarden) Date: Thu, 26 Jan 2012 12:37:46 +0100 Subject: openid on the wiki? In-Reply-To: <4F207588.3090904@redhat.com> References: <20120124171355.GD19086@bogey.xentower.nl> <4F1EFB19.20704@redhat.com> <20120124233950.GE19086@bogey.xentower.nl> <4F1F7F2E.1050604@redhat.com> <4F1FBAA7.1040903@redhat.com> <20120125104510.GF19086@bogey.xentower.nl> <4F207588.3090904@redhat.com> Message-ID: <20120126113746.GG19086@bogey.xentower.nl> On Wed, Jan 25, 2012 at 01:35:04PM -0800, Karsten 'quaid' Wade wrote: > Are you able to volunteer to help with wiki gardening? In specific, > keeping things cleaned up if we do get a spammer - reverting changes, > deleting accounts, etc. > > If we can get enough of us to watch things with commitment, then I'm > much more comfortable with the idea of rolling out OpenID. I can watch the RSS feed and monitor for spam. Given the current amount of wiki edits I don't think it'll take that much time. From kwade at redhat.com Fri Jan 27 23:26:29 2012 From: kwade at redhat.com (Karsten 'quaid' Wade) Date: Fri, 27 Jan 2012 15:26:29 -0800 Subject: openid on the wiki? In-Reply-To: <20120126113746.GG19086@bogey.xentower.nl> References: <20120124171355.GD19086@bogey.xentower.nl> <4F1EFB19.20704@redhat.com> <20120124233950.GE19086@bogey.xentower.nl> <4F1F7F2E.1050604@redhat.com> <4F1FBAA7.1040903@redhat.com> <20120125104510.GF19086@bogey.xentower.nl> <4F207588.3090904@redhat.com> <20120126113746.GG19086@bogey.xentower.nl> Message-ID: <4F2332A5.9070708@redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/26/2012 03:37 AM, Ewoud Kohl van Wijngaarden wrote: > On Wed, Jan 25, 2012 at 01:35:04PM -0800, Karsten 'quaid' Wade > wrote: >> Are you able to volunteer to help with wiki gardening? In >> specific, keeping things cleaned up if we do get a spammer - >> reverting changes, deleting accounts, etc. >> >> If we can get enough of us to watch things with commitment, then >> I'm much more comfortable with the idea of rolling out OpenID. > I can watch the RSS feed and monitor for spam. Given the current > amount of wiki edits I don't think it'll take that much time. OK, I'm game for doing this then. Can we do a quick process write-up here? That is, what do we think it's going to take in steps so far, then we can find the gaps and fill with our knowledge. In the end, I'd like to have the service up _and_ a page similar to these: http://ovirt.org/wiki/Category:Infrastructure_documentation - - Karsten - -- name: Karsten 'quaid' Wade, Sr. Community Architect team: Red Hat Community Architecture & Leadership uri: http://communityleadershipteam.org http://TheOpenSourceWay.org gpg: AD0E0C41 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFPIzKl2ZIOBq0ODEERAl09AJ9woyvf7luyxXnY19dBdvqyBeh7/wCgsc9a kDilp1hmkcNaRxhSiZk4cgk= =yAA+ -----END PGP SIGNATURE----- From masayag at redhat.com Mon Jan 30 12:36:22 2012 From: masayag at redhat.com (Moti Asayag) Date: Mon, 30 Jan 2012 14:36:22 +0200 Subject: Jenkins doesn't notify committers who broke the build Message-ID: <4F268EC6.3050806@redhat.com> Hi, The Jenkins doesn't send emails on a broken build to the users which submitted their problematic patch, causing emails from Jenkins to engine-patches not being distinguished. Could a specific mail be sent to the committer and to the patch reviewers (or just for those who set the +2 flag)? Thanks, Moti From eedri at redhat.com Mon Jan 30 12:42:41 2012 From: eedri at redhat.com (Eyal Edri) Date: Mon, 30 Jan 2012 07:42:41 -0500 (EST) Subject: Jenkins doesn't notify committers who broke the build In-Reply-To: <4F268EC6.3050806@redhat.com> Message-ID: <92f1edde-964e-498c-b17c-9a039f73dafa@zmail13.collab.prod.int.phx2.redhat.com> Do you mean email isn't being sent to a patch being reviewed or pushed already? we didn't add gerrit support to jenkins.ovirt.org yet. but emails to individual commiters who broke the build should be sent. and to the best of my knowledge are sent. (please let me know if you know on a problem) there is a plan to add gerrit review support (similar to downstream) soon. Eyal. ----- Original Message ----- > From: "Moti Asayag" <masayag at redhat.com> > To: infra at ovirt.org, "Eyal Edri" <eedri at redhat.com> > Sent: Monday, January 30, 2012 2:36:22 PM > Subject: Jenkins doesn't notify committers who broke the build > > Hi, > > The Jenkins doesn't send emails on a broken build to the users which > submitted their problematic patch, causing emails from Jenkins to > engine-patches not being distinguished. > > Could a specific mail be sent to the committer and to the patch > reviewers (or just for those who set the +2 flag)? > > Thanks, > Moti > From ewoud+ovirt at kohlvanwijngaarden.nl Tue Jan 31 17:48:51 2012 From: ewoud+ovirt at kohlvanwijngaarden.nl (Ewoud Kohl van Wijngaarden) Date: Tue, 31 Jan 2012 18:48:51 +0100 Subject: openid on the wiki? In-Reply-To: <4F2332A5.9070708@redhat.com> References: <20120124171355.GD19086@bogey.xentower.nl> <4F1EFB19.20704@redhat.com> <20120124233950.GE19086@bogey.xentower.nl> <4F1F7F2E.1050604@redhat.com> <4F1FBAA7.1040903@redhat.com> <20120125104510.GF19086@bogey.xentower.nl> <4F207588.3090904@redhat.com> <20120126113746.GG19086@bogey.xentower.nl> <4F2332A5.9070708@redhat.com> Message-ID: <20120131174851.GH19086@bogey.xentower.nl> On Fri, Jan 27, 2012 at 03:26:29PM -0800, Karsten 'quaid' Wade wrote: > OK, I'm game for doing this then. > > Can we do a quick process write-up here? That is, what do we think > it's going to take in steps so far, then we can find the gaps and fill > with our knowledge. In the end, I'd like to have the service up _and_ > a page similar to these: > > http://ovirt.org/wiki/Category:Infrastructure_documentation Are you by any chance at FOSDEM this weekend? Maybe we could look at this in person. From kwade at redhat.com Tue Jan 31 17:57:46 2012 From: kwade at redhat.com (Karsten 'quaid' Wade) Date: Tue, 31 Jan 2012 09:57:46 -0800 Subject: openid on the wiki? In-Reply-To: <20120131174851.GH19086@bogey.xentower.nl> References: <20120124171355.GD19086@bogey.xentower.nl> <4F1EFB19.20704@redhat.com> <20120124233950.GE19086@bogey.xentower.nl> <4F1F7F2E.1050604@redhat.com> <4F1FBAA7.1040903@redhat.com> <20120125104510.GF19086@bogey.xentower.nl> <4F207588.3090904@redhat.com> <20120126113746.GG19086@bogey.xentower.nl> <4F2332A5.9070708@redhat.com> <20120131174851.GH19086@bogey.xentower.nl> Message-ID: <4F282B9A.3020906@redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/31/2012 09:48 AM, Ewoud Kohl van Wijngaarden wrote: > On Fri, Jan 27, 2012 at 03:26:29PM -0800, Karsten 'quaid' Wade > wrote: >> OK, I'm game for doing this then. >> >> Can we do a quick process write-up here? That is, what do we >> think it's going to take in steps so far, then we can find the >> gaps and fill with our knowledge. In the end, I'd like to have >> the service up _and_ a page similar to these: >> >> http://ovirt.org/wiki/Category:Infrastructure_documentation > > Are you by any chance at FOSDEM this weekend? Maybe we could look > at this in person. Nope, I'll be blissfully at home. (I also never seem to find time to do those sorts of things at conferences.) But if some others want to get together to talk about this or other infrastructure topics, I can be available remotely. - - Karsten - -- name: Karsten 'quaid' Wade, Sr. Community Architect team: Red Hat Community Architecture & Leadership uri: http://communityleadershipteam.org http://TheOpenSourceWay.org gpg: AD0E0C41 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFPKCua2ZIOBq0ODEERApRUAKDiLGhRw78D5xVU+Ba5r6smrKlf/gCg5isT WOU8pklHUTgPl0EVaK9mFxI= =8pwZ -----END PGP SIGNATURE-----

From kwade at redhat.com Tue Jan 3 23:55:14 2012 From: kwade at redhat.com (Karsten 'quaid' Wade) Date: Tue, 03 Jan 2012 15:55:14 -0800 Subject: Fwd: Please test git-review RPM In-Reply-To: <20111230111546.234d2f0c@lembas.zaitcev.lan> References: <20111230111546.234d2f0c@lembas.zaitcev.lan> Message-ID: <4F039562.3070503@redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Are these useful to us? That is, are we using 'git-review' for our Gerrit instance? If so, then, yes, packages are useful to us. If yes, then we probably want to check for compatibility, and report back to Pete if we get any problems. - - Karsten - -------- Original Message -------- Subject: Please test git-review RPM Date: Fri, 30 Dec 2011 11:15:46 -0700 From: Pete Zaitcev Reply-To: Fedora Cloud SIG Organization: Red Hat, Inc. To: Fedora Cloud SIG Dear All: I am thinking about packaging git-review (the real one, not Facebook's), and to that end I prepared RPMs that are to be submitted for Fedora. Before I do that, I'd like someone verify that they work. AFAIK both Gluster and OpenStack use Gerrit with git-review. These RPMs come from OpenStack source, and I am very curious if they are compatible with Gluster use, so that we can have one in Fedora. http://people.redhat.com/zaitcev/linux/git-review-1.8-1.fc16.noarch.rpm http://people.redhat.com/zaitcev/linux/git-review-1.8-1.fc16.src.rpm Thanks and have a happy New Year, - -- Pete _______________________________________________ cloud mailing list cloud at lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/cloud -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFPA5Vi2ZIOBq0ODEERAqmrAJ4veOcjfLMFKvKflEyO72T5UaH+hQCeO6dL LmgcSwfotHPNrCEY4WpPnDc= =dHSS -----END PGP SIGNATURE----- From danken at redhat.com Wed Jan 4 09:10:22 2012 From: danken at redhat.com (Dan Kenigsberg) Date: Wed, 4 Jan 2012 11:10:22 +0200 Subject: Fwd: Please test git-review RPM In-Reply-To: <4F039562.3070503@redhat.com> References: <20111230111546.234d2f0c@lembas.zaitcev.lan> <4F039562.3070503@redhat.com> Message-ID: <20120104091021.GC13575@redhat.com> On Tue, Jan 03, 2012 at 03:55:14PM -0800, Karsten 'quaid' Wade wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Are these useful to us? > > That is, are we using 'git-review' for our Gerrit instance? If so, > then, yes, packages are useful to us. > > If yes, then we probably want to check for compatibility, and report > back to Pete if we get any problems. Yes, this is useful (some of us use it already from upstream), and yes the rpm seems to be working. (I hate the requirement to submit from a named branch, but that's a rant for upstream git-review) Dan. From stefanha at linux.vnet.ibm.com Fri Jan 6 21:32:20 2012 From: stefanha at linux.vnet.ibm.com (Stefan Hajnoczi) Date: Fri, 6 Jan 2012 21:32:20 +0000 Subject: Tagline on ovirt.org does not communicate a clear and simple message Message-ID: <20120106213220.GA2359@stefanha-thinkpad.localdomain> Hi, The tagline on ovirt.org is long and unclear: "Complete and Comprehensive Open Source Infrastructure and Management Virtualization Platform for the Data Center". "Complete and Comprehensive" is almost a tautology. "Infrastructure and Management Virtualization Platform" does not make sense, I'm not sure what a "Management Virtualization Platform" is. Something shorter would communicate what ovirt.org is about better. This tagline is used in the

and (shortened). It's important because this is how visitors learn what oVirt is and whether to read more. How about shortening it to, "Complete Open Source Virtualization Platform for the Data Center"? Thanks to mburns on #ovirt for directing me to infra at ovirt.org and board at ovirt.org. Stefan From mburns at redhat.com Thu Jan 12 23:41:52 2012 From: mburns at redhat.com (Mike Burns) Date: Thu, 12 Jan 2012 18:41:52 -0500 Subject: jenkins.ovirt.org Message-ID: <1326411712.2365.104.camel@beelzebub.mburnsfire.net> Is Jenkins ready for additional projects? Can I get an account so I can configure ovirt-node builds? How are you handling build requirements on the slave machines? I know that the ovirt-node image will have some requirements that will probably not be there otherwise. Thanks Mike From kwade at redhat.com Fri Jan 13 04:33:17 2012 From: kwade at redhat.com (Karsten 'quaid' Wade) Date: Thu, 12 Jan 2012 20:33:17 -0800 Subject: vaporizing devel@ Message-ID: <4F0FB40D.8030401@redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The devel at ovirt.org mailing list was intended to serve the same purpose as arch@, and I created it initially more out of habit than anything. Now that arch@ is the active list, we're creating confusion with the vestigial list. There are only two members (myself, pmyers), one post in the archives (a repeated kmestry post), so I'm going to vaporize the list with no loss. - -- name: Karsten 'quaid' Wade, Sr. Community Architect team: Red Hat Community Architecture & Leadership uri: http://communityleadershipteam.org http://TheOpenSourceWay.org gpg: AD0E0C41 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFPD7QM2ZIOBq0ODEERAihoAJ9wQtKUdVlodtZWNTmjRnjNvOeiIwCg4aBm 9YkJNGMSN/bgbmQOtikI+vM= =eMtG -----END PGP SIGNATURE----- From iheim at redhat.com Fri Jan 13 06:57:08 2012 From: iheim at redhat.com (Itamar Heim) Date: Fri, 13 Jan 2012 08:57:08 +0200 Subject: jenkins.ovirt.org In-Reply-To: <1326411712.2365.104.camel@beelzebub.mburnsfire.net> References: <1326411712.2365.104.camel@beelzebub.mburnsfire.net> Message-ID: <4F0FD5C4.2000405@redhat.com> On 01/13/2012 01:41 AM, Mike Burns wrote: > Is Jenkins ready for additional projects? Can I get an account so I can > configure ovirt-node builds? it still still being setup (just installed the other day, hence not advertised yet). > > How are you handling build requirements on the slave machines? I know > that the ovirt-node image will have some requirements that will probably > not be there otherwise. let's discuss :) what do you need? From mburns at redhat.com Fri Jan 13 13:04:02 2012 From: mburns at redhat.com (Mike Burns) Date: Fri, 13 Jan 2012 08:04:02 -0500 Subject: jenkins.ovirt.org In-Reply-To: <4F0FD5C4.2000405@redhat.com> References: <1326411712.2365.104.camel@beelzebub.mburnsfire.net> <4F0FD5C4.2000405@redhat.com> Message-ID: <1326459842.7222.7.camel@beelzebub.mburnsfire.net> On Fri, 2012-01-13 at 08:57 +0200, Itamar Heim wrote: > On 01/13/2012 01:41 AM, Mike Burns wrote: > > Is Jenkins ready for additional projects? Can I get an account so I can > > configure ovirt-node builds? > > it still still being setup (just installed the other day, hence not > advertised yet). Ok, I saw someone mention it a few days ago, so wanted to check. > > > > > How are you handling build requirements on the slave machines? I know > > that the ovirt-node image will have some requirements that will probably > > not be there otherwise. > > let's discuss :) > what do you need? I most likely need Fedora, generally the latest released. I assume, that the defaults are all included [1] Beyond that, livecd-tools appliance-tools-minimizer automake autoconf python-setuptools systemd-units I also need passwordless sudo access for the builder to: setenforce livecd-creator ksflatten Most of these are requirements for the image build. It may make sense to have these available to a different user that runs only the image build on a subset of hosts with only a single instance at a time. Mike [1] http://fedoraproject.org/wiki/Packaging:Guidelines#Exceptions_2 > _______________________________________________ > Infra mailing list > Infra at ovirt.org > http://lists.ovirt.org/mailman/listinfo/infra From ewoud+ovirt at kohlvanwijngaarden.nl Fri Jan 13 15:49:15 2012 From: ewoud+ovirt at kohlvanwijngaarden.nl (Ewoud Kohl van Wijngaarden) Date: Fri, 13 Jan 2012 16:49:15 +0100 Subject: git:// on gerrit Message-ID: <20120113154915.GC19086@bogey.xentower.nl> Hello, Yesterday xTs_w pointed out on IRC that git:// is no longer working. Was there a specific reason to disable this? Note that many guides still use this URL. Another tip to use git:// for fetching and git+ssh:// for pushing. Add the following to ~/.gitconfig: [url "git://github.com/"] insteadOf = "gh:" [url "git at github.com:"] pushInsteadOf = "gh:" then you can use git clone gh:user/repo. You could use something similar for ovirt: [url "git://gerrit.ovirt.org/"] insteadOf = "ovirt:" [url "gerrit.ovirt.org:"] pushInsteadOf = "ovirt:" Then git clone ovirt:ovirt-engine should work. Promoting this can also simplify instructions. With kind regards, Ewoud Kohl van Wijngaarden From iheim at redhat.com Sun Jan 15 14:03:01 2012 From: iheim at redhat.com (Itamar Heim) Date: Sun, 15 Jan 2012 16:03:01 +0200 Subject: git:// on gerrit In-Reply-To: <20120113154915.GC19086@bogey.xentower.nl> References: <20120113154915.GC19086@bogey.xentower.nl> Message-ID: <4F12DC95.5080702@redhat.com> On 01/13/2012 05:49 PM, Ewoud Kohl van Wijngaarden wrote: > Hello, > > Yesterday xTs_w pointed out on IRC that git:// is no longer working. Was > there a specific reason to disable this? Note that many guides still use > this URL. some open files limitation issue - fixed now. > > Another tip to use git:// for fetching and git+ssh:// for pushing. Add > the following to ~/.gitconfig: > > [url "git://github.com/"] > insteadOf = "gh:" > [url "git at github.com:"] > pushInsteadOf = "gh:" > > then you can use git clone gh:user/repo. You could use something similar > for ovirt: > > [url "git://gerrit.ovirt.org/"] > insteadOf = "ovirt:" > [url "gerrit.ovirt.org:"] > pushInsteadOf = "ovirt:" > > Then git clone ovirt:ovirt-engine should work. Promoting this can also > simplify instructions. > > With kind regards, > Ewoud Kohl van Wijngaarden > _______________________________________________ > Infra mailing list > Infra at ovirt.org > http://lists.ovirt.org/mailman/listinfo/infra From mgoldboi at redhat.com Mon Jan 16 12:00:00 2012 From: mgoldboi at redhat.com (Moran Goldboim) Date: Mon, 16 Jan 2012 14:00:00 +0200 Subject: uploading a python filetype to wiki Message-ID: <4F141140.8020506@redhat.com> I'm trying to upload a python file to the wiki - an example on how to use python sdk, unfortunately i can't do it: Permitted file types: png, gif, jpg, jpeg, odp, odt, ods, pdf, jnlp, vsd. is there a way we can make it happen, if not where would be the appropriate place to put it in. Moran. From mgoldboi at redhat.com Mon Jan 16 15:39:35 2012 From: mgoldboi at redhat.com (Moran Goldboim) Date: Mon, 16 Jan 2012 17:39:35 +0200 Subject: oVirt Weekly Sync Meeting Minutes and Logs aren't published on wiki nor sent Message-ID: <4F1444B7.6080701@redhat.com> latest meeting minutes weren't sent nor published on wiki, please look into it. Moran. From sgordon at redhat.com Mon Jan 16 17:45:17 2012 From: sgordon at redhat.com (Steve Gordon) Date: Mon, 16 Jan 2012 12:45:17 -0500 (EST) Subject: oVirt Weekly Sync Meeting Minutes and Logs aren't published on wiki nor sent In-Reply-To: <4F1444B7.6080701@redhat.com> Message-ID: <1d20d7aa-1050-42dd-8bf8-c20e4aa152ec@zmail15.collab.prod.int.phx2.redhat.com> ----- Original Message ----- > From: "Moran Goldboim" <mgoldboi at redhat.com> > To: infra at ovirt.org > Sent: Monday, January 16, 2012 10:39:35 AM > Subject: oVirt Weekly Sync Meeting Minutes and Logs aren't published on wiki nor sent > > latest meeting minutes weren't sent nor published on wiki, please > look > into it. The process of linking the wiki page to the minutes generated by ovirtbot is as far as I know manual, which means the best place to look for the up to date listings is here: http://ovirt.org/meetings/ovirt/ Given that there weren't any oVirt sync meetings listed on the wiki other than the first one I assume nobody has been performing the task of adding the link for this meeting. Please note that anyone can edit the wiki, normal FOSS task assignment applies (read: if you thought of it that's as good as volunteering ;)). In the absence of anyone else doing it I have added the links for the missing meetings for now: http://www.ovirt.org/wiki/Meetings#oVirt_Weekly_Sync_Meeting_Minutes_and_Logs Steve From kwade at redhat.com Mon Jan 16 18:23:33 2012 From: kwade at redhat.com (Karsten 'quaid' Wade) Date: Mon, 16 Jan 2012 10:23:33 -0800 Subject: uploading a python filetype to wiki In-Reply-To: <4F141140.8020506@redhat.com> References: <4F141140.8020506@redhat.com> Message-ID: <4F146B25.9040003@redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/16/2012 04:00 AM, Moran Goldboim wrote: > I'm trying to upload a python file to the wiki - an example on how > to use python sdk, unfortunately i can't do it: Permitted file > types: png, gif, jpg, jpeg, odp, odt, ods, pdf, jnlp, vsd. > > is there a way we can make it happen, if not where would be the > appropriate place to put it in. We can theoretically make it happen. Is there a security risk to attaching a Python script to the wiki? I'm unclear on the exact reasons MediaWiki restricts file types, so I'll look in to that. As another thought, is this something that should be in git? Maybe a new repo of examples? - - Karsten - -- name: Karsten 'quaid' Wade, Sr. Community Architect team: Red Hat Community Architecture & Leadership uri: http://communityleadershipteam.org http://TheOpenSourceWay.org gpg: AD0E0C41 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFPFGsl2ZIOBq0ODEERAvikAKDPDlmz2grEasZXNE4XpEbz9mMJ+wCgt0go HrSHuburVU0f+TKSECQM0fI= =/CTY -----END PGP SIGNATURE----- From kwade at redhat.com Mon Jan 16 18:48:00 2012 From: kwade at redhat.com (Karsten 'quaid' Wade) Date: Mon, 16 Jan 2012 10:48:00 -0800 Subject: uploading a python filetype to wiki In-Reply-To: <4F141140.8020506@redhat.com> References: <4F141140.8020506@redhat.com> Message-ID: <4F1470E0.40905@redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/16/2012 04:00 AM, Moran Goldboim wrote: > I'm trying to upload a python file to the wiki - an example on how > to use python sdk, unfortunately i can't do it: Permitted file > types: png, gif, jpg, jpeg, odp, odt, ods, pdf, jnlp, vsd. > > is there a way we can make it happen, if not where would be the > appropriate place to put it in. So the concern about uploading scripts to MediaWiki is about how I figured it. If there is a flaw in MediaWiki (or possibly the web server), uploaded scripts can be an attack vector. Since we're likely to want more and more examples for people, I think opening a new git repo for cross-project examples (with sub-directories per sub-project?), or just putting examples directly in other repos is probably the way to go. We should be able to provide direct links from the wiki to download scripts via HTTP. You can always paste the contents of a script in to a <pre/> block, which helps with annotating in the wiki etc. - - Karsten - -- name: Karsten 'quaid' Wade, Sr. Community Architect team: Red Hat Community Architecture & Leadership uri: http://communityleadershipteam.org http://TheOpenSourceWay.org gpg: AD0E0C41 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFPFHDg2ZIOBq0ODEERAs4rAJ4pL8MQo0PCGE6NHRY6rpKJJDnxYgCgs0YU tJKgu+4UPr8pHLAT2wdfghw= =fQ6w -----END PGP SIGNATURE----- From iweller at redhat.com Mon Jan 16 19:20:17 2012 From: iweller at redhat.com (Ian Weller) Date: Mon, 16 Jan 2012 14:20:17 -0500 Subject: uploading a python filetype to wiki In-Reply-To: <4F1470E0.40905@redhat.com> References: <4F141140.8020506@redhat.com> <4F1470E0.40905@redhat.com> Message-ID: <20120116192017.GD15069@hovercraft.ianweller.org> On Mon, Jan 16, 2012 at 10:48:00AM -0800, Karsten 'quaid' Wade wrote: > You can always paste the contents of a script in to a <pre/> block, > which helps with annotating in the wiki etc. And if you're interested, there are also some extensions that can be installed for syntax highlighting inside a <pre> block. -- Ian Weller, Intern and Doer of Stuff <iweller at redhat.com> Red Hat, Inc. -- communityleadershipteam.org -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: <http://lists.ovirt.org/pipermail/infra/attachments/20120116/f6e9a3b1/attachment.sig> From kwade at redhat.com Mon Jan 16 18:10:27 2012 From: kwade at redhat.com (Karsten 'quaid' Wade) Date: Mon, 16 Jan 2012 10:10:27 -0800 Subject: oVirt Weekly Sync Meeting Minutes and Logs aren't published on wiki nor sent In-Reply-To: <4F1444B7.6080701@redhat.com> References: <4F1444B7.6080701@redhat.com> Message-ID: <4F146813.4050402@redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/16/2012 07:39 AM, Moran Goldboim wrote: > latest meeting minutes weren't sent nor published on wiki, please > look into it. As Steve said, it's not automagically done, I forgot we were updating the wiki with the notes link. However, they were sent to the usual list: http://lists.ovirt.org/pipermail/board/2012-January/000374.html - - Karsten - -- name: Karsten 'quaid' Wade, Sr. Community Architect team: Red Hat Community Architecture & Leadership uri: http://communityleadershipteam.org http://TheOpenSourceWay.org gpg: AD0E0C41 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFPFGgT2ZIOBq0ODEERAphYAJ9vasaQAcYbqJnT4hs8Scq1KgxIlACguHUD JI5GvCNws+I0bfwJLib58KY= =Apbc -----END PGP SIGNATURE----- From eedri at redhat.com Thu Jan 19 10:07:24 2012 From: eedri at redhat.com (Eyal Edri) Date: Thu, 19 Jan 2012 05:07:24 -0500 (EST) Subject: Jenkins Continuous Integration Server for oVirt is up and running! In-Reply-To: <923b70d3-3243-4d94-b36a-4b58b54e056b@zmail13.collab.prod.int.phx2.redhat.com> Message-ID: <ab2db7af-60e7-41ba-ba00-f12d57e8a328@zmail13.collab.prod.int.phx2.redhat.com> fyi, oVirt project now has a Jenkins CI server[1] on http://jenkins.ovirt.org. The CI server runs various jobs on oVirt components [2] such as ovirt-engine,ovirt-node,etc.. Every commit to gerrit.ovirt.org will trigger the job 'ovirt_engine' which will run 'maven' build and verify that the commit didn't break the code. If the commit did break the code, it will send an alert email to "engine-patches.ovirt.org" and to the commiter with a link to a log console containing the error. On success, the job will trigger other jobs such as "find_bugs", "gwt profiles", "create db", "unit-tests", each testing a different part of the code. In time, more and more jobs will be added to jenkins, which will allow us to catch bugs much faster than before, and to improve code quality even more. If you have questions, don't hesitate to ask me or infra at ovirt.org. [1] http://jenkins-ci.org/ [2] currently only ovirt-engine is configured and working. Eyal Edri oVirt infrastructure team From mburns at redhat.com Thu Jan 19 12:13:54 2012 From: mburns at redhat.com (Mike Burns) Date: Thu, 19 Jan 2012 07:13:54 -0500 Subject: Jenkins Continuous Integration Server for oVirt is up and running! In-Reply-To: <ab2db7af-60e7-41ba-ba00-f12d57e8a328@zmail13.collab.prod.int.phx2.redhat.com> References: <ab2db7af-60e7-41ba-ba00-f12d57e8a328@zmail13.collab.prod.int.phx2.redhat.com> Message-ID: <1326975234.3910.21.camel@beelzebub.mburnsfire.net> On Thu, 2012-01-19 at 05:07 -0500, Eyal Edri wrote: > fyi, > > oVirt project now has a Jenkins CI server[1] on http://jenkins.ovirt.org. > > The CI server runs various jobs on oVirt components [2] such as ovirt-engine,ovirt-node,etc.. > Every commit to gerrit.ovirt.org will trigger the job 'ovirt_engine' which will run 'maven' build and verify that the commit didn't break the code. > If the commit did break the code, it will send an alert email to "engine-patches.ovirt.org" and to the commiter with a link to a log console containing the error. > On success, the job will trigger other jobs such as "find_bugs", "gwt profiles", "create db", "unit-tests", each testing a different part of the code. > > In time, more and more jobs will be added to jenkins, which will allow us to catch bugs much faster than before, and to improve code quality even more. > If you have questions, don't hesitate to ask me or infra at ovirt.org. > > [1] http://jenkins-ci.org/ > [2] currently only ovirt-engine is configured and working. > Awesome, thanks for putting this together. I'm looking at ovirt-node now (and have already added part of the config). Is there any plan to add a Fedora slave? ovirt-node as it currently stands will only build correctly on Fedora. I might be able to work around it for the ovirt-node.rpm but the ISO really needs to be built on Fedora. Also, there are a few other requirements for building an iso image from ovirt-node: Sudo access: (also need to disable the requiretty option) NOPASSWD: /usr/bin/livecd-creator, /usr/bin/setenforce, /usr/bin/ksflatten, /bin/mount, /bin/umount Packages: livecd-tools, appliance-tools-minimizer, python-setuptools, ksflatten, createrepo, rpm-build (possibly more, but that's what I've hit so far) Thanks Mike > > Eyal Edri > oVirt infrastructure team > _______________________________________________ > Infra mailing list > Infra at ovirt.org > http://lists.ovirt.org/mailman/listinfo/infra -- Michael Burns Software Engineer, Cloud Infrastructure Tech Lead, oVirt Node, RHEV-H Red Hat mburns at redhat.com From jchoate at redhat.com Thu Jan 19 12:31:07 2012 From: jchoate at redhat.com (Jon Choate) Date: Thu, 19 Jan 2012 07:31:07 -0500 Subject: Jenkins Continuous Integration Server for oVirt is up and running! In-Reply-To: <ab2db7af-60e7-41ba-ba00-f12d57e8a328@zmail13.collab.prod.int.phx2.redhat.com> References: <ab2db7af-60e7-41ba-ba00-f12d57e8a328@zmail13.collab.prod.int.phx2.redhat.com> Message-ID: <4F180D0B.1010402@redhat.com> Can you clarify what will trigger a build? Is it a push to Gerrit to initiate a review or is it after the code has been reviewed and it is merged into the repository? Or maybe both? On 01/19/2012 05:07 AM, Eyal Edri wrote: > fyi, > > oVirt project now has a Jenkins CI server[1] on http://jenkins.ovirt.org. > > The CI server runs various jobs on oVirt components [2] such as ovirt-engine,ovirt-node,etc.. > Every commit to gerrit.ovirt.org will trigger the job 'ovirt_engine' which will run 'maven' build and verify that the commit didn't break the code. > If the commit did break the code, it will send an alert email to "engine-patches.ovirt.org" and to the commiter with a link to a log console containing the error. > On success, the job will trigger other jobs such as "find_bugs", "gwt profiles", "create db", "unit-tests", each testing a different part of the code. > > In time, more and more jobs will be added to jenkins, which will allow us to catch bugs much faster than before, and to improve code quality even more. > If you have questions, don't hesitate to ask me or infra at ovirt.org. > > [1] http://jenkins-ci.org/ > [2] currently only ovirt-engine is configured and working. > > > Eyal Edri > oVirt infrastructure team > _______________________________________________ > Infra mailing list > Infra at ovirt.org > http://lists.ovirt.org/mailman/listinfo/infra From eedri at redhat.com Thu Jan 19 12:42:49 2012 From: eedri at redhat.com (Eyal Edri) Date: Thu, 19 Jan 2012 07:42:49 -0500 (EST) Subject: Jenkins Continuous Integration Server for oVirt is up and running! In-Reply-To: <4F180D0B.1010402@redhat.com> Message-ID: <4efefd6a-65e5-47b5-8c3c-01b271331322@zmail13.collab.prod.int.phx2.redhat.com> ----- Original Message ----- > From: "Jon Choate" <jchoate at redhat.com> > To: infra at ovirt.org > Sent: Thursday, January 19, 2012 2:31:07 PM > Subject: Re: Jenkins Continuous Integration Server for oVirt is up and running! > > Can you clarify what will trigger a build? Is it a push to Gerrit to > initiate a review or is it after the code has been reviewed and it is > merged into the repository? Or maybe both? > For now only a pushed commit that was acked and merged will trigger a build. we will soon add also a gerrit review job that will trigger certain builds once a commit was pushed for review. (pre ack) Eyal. > > On 01/19/2012 05:07 AM, Eyal Edri wrote: > > fyi, > > > > oVirt project now has a Jenkins CI server[1] on > > http://jenkins.ovirt.org. > > > > The CI server runs various jobs on oVirt components [2] such as > > ovirt-engine,ovirt-node,etc.. > > Every commit to gerrit.ovirt.org will trigger the job > > 'ovirt_engine' which will run 'maven' build and verify that the > > commit didn't break the code. > > If the commit did break the code, it will send an alert email to > > "engine-patches.ovirt.org" and to the commiter with a link to a > > log console containing the error. > > On success, the job will trigger other jobs such as "find_bugs", > > "gwt profiles", "create db", "unit-tests", each testing a > > different part of the code. > > > > In time, more and more jobs will be added to jenkins, which will > > allow us to catch bugs much faster than before, and to improve > > code quality even more. > > If you have questions, don't hesitate to ask me or infra at ovirt.org. > > > > [1] http://jenkins-ci.org/ > > [2] currently only ovirt-engine is configured and working. > > > > > > Eyal Edri > > oVirt infrastructure team > > _ > > Infra mailing list > > Infra at ovirt.org > > http://lists.ovirt.org/mailman/listinfo/infra > > _ > Infra mailing list > Infra at ovirt.org > http://lists.ovirt.org/mailman/listinfo/infra > From iheim at redhat.com Thu Jan 19 13:46:38 2012 From: iheim at redhat.com (Itamar Heim) Date: Thu, 19 Jan 2012 15:46:38 +0200 Subject: Jenkins Continuous Integration Server for oVirt is up and running! In-Reply-To: <1326975234.3910.21.camel@beelzebub.mburnsfire.net> References: <ab2db7af-60e7-41ba-ba00-f12d57e8a328@zmail13.collab.prod.int.phx2.redhat.com> <1326975234.3910.21.camel@beelzebub.mburnsfire.net> Message-ID: <4F181EBE.9090303@redhat.com> On 01/19/2012 02:13 PM, Mike Burns wrote: > On Thu, 2012-01-19 at 05:07 -0500, Eyal Edri wrote: >> fyi, >> >> oVirt project now has a Jenkins CI server[1] on http://jenkins.ovirt.org. >> >> The CI server runs various jobs on oVirt components [2] such as ovirt-engine,ovirt-node,etc.. >> Every commit to gerrit.ovirt.org will trigger the job 'ovirt_engine' which will run 'maven' build and verify that the commit didn't break the code. >> If the commit did break the code, it will send an alert email to "engine-patches.ovirt.org" and to the commiter with a link to a log console containing the error. >> On success, the job will trigger other jobs such as "find_bugs", "gwt profiles", "create db", "unit-tests", each testing a different part of the code. >> >> In time, more and more jobs will be added to jenkins, which will allow us to catch bugs much faster than before, and to improve code quality even more. >> If you have questions, don't hesitate to ask me or infra at ovirt.org. >> >> [1] http://jenkins-ci.org/ >> [2] currently only ovirt-engine is configured and working. >> > > Awesome, thanks for putting this together. > > I'm looking at ovirt-node now (and have already added part of the > config). Is there any plan to add a Fedora slave? ovirt-node as it well, anyone can contribute machines for their favorite/needed distro and ask eyal to add them as slaves with relevant labels so jobs will run on them. I think eyal can also configure to run a job multiple times on different slaves (multi config job), to check node/vdsm don't break on any distro which added a slave. I'll add a fedora machine and send Eyal the details to add as a slave. before i do that, I want eyal to take a look at the jenkins EC2 plugin, so we can see if we can have the guest only up when needed. > currently stands will only build correctly on Fedora. I might be able > to work around it for the ovirt-node.rpm but the ISO really needs to be > built on Fedora. > > Also, there are a few other requirements for building an iso image from > ovirt-node: > > Sudo access: (also need to disable the requiretty option) > NOPASSWD: /usr/bin/livecd-creator, /usr/bin/setenforce, /usr/bin/ksflatten, /bin/mount, /bin/umount > > Packages: livecd-tools, appliance-tools-minimizer, python-setuptools, > ksflatten, createrepo, rpm-build (possibly more, but that's what I've > hit so far) well, the job can do this each time in case we instantiate more slaves to handle load, or eyal can configure each manually i guess. From eedri at redhat.com Thu Jan 19 14:29:51 2012 From: eedri at redhat.com (Eyal Edri) Date: Thu, 19 Jan 2012 09:29:51 -0500 (EST) Subject: [Jenkins] reboot required In-Reply-To: <60e67015-366e-453e-aa71-ad90286ecbc4@zmail13.collab.prod.int.phx2.redhat.com> Message-ID: <87a024ea-9ce1-4d36-96c6-2ef64e3bfdc9@zmail13.collab.prod.int.phx2.redhat.com> FYI, Jenkins.ovirt.org needs to be rebooted in order to install a new EC2 Amazon plugin. please save any changes you might have currently. it will be back up after a few min. Eyal. From eedri at redhat.com Thu Jan 19 14:44:12 2012 From: eedri at redhat.com (Eyal Edri) Date: Thu, 19 Jan 2012 09:44:12 -0500 (EST) Subject: Jenkins Continuous Integration Server for oVirt is up and running! In-Reply-To: <4F181EBE.9090303@redhat.com> Message-ID: <87624a24-3e6c-4c8b-97c8-3cfc2035e525@zmail13.collab.prod.int.phx2.redhat.com> ----- Original Message ----- > From: "Itamar Heim" <iheim at redhat.com> > To: "Mike Burns" <mburns at redhat.com> > Cc: "Eyal Edri" <eedri at redhat.com>, infra at ovirt.org > Sent: Thursday, January 19, 2012 3:46:38 PM > Subject: Re: Jenkins Continuous Integration Server for oVirt is up and running! > > On 01/19/2012 02:13 PM, Mike Burns wrote: > > On Thu, 2012-01-19 at 05:07 -0500, Eyal Edri wrote: > >> fyi, > >> > >> oVirt project now has a Jenkins CI server[1] on > >> http://jenkins.ovirt.org. > >> > >> The CI server runs various jobs on oVirt components [2] such as > >> ovirt-engine,ovirt-node,etc.. > >> Every commit to gerrit.ovirt.org will trigger the job > >> 'ovirt_engine' which will run 'maven' build and verify that the > >> commit didn't break the code. > >> If the commit did break the code, it will send an alert email to > >> "engine-patches.ovirt.org" and to the commiter with a link to a > >> log console containing the error. > >> On success, the job will trigger other jobs such as "find_bugs", > >> "gwt profiles", "create db", "unit-tests", each testing a > >> different part of the code. > >> > >> In time, more and more jobs will be added to jenkins, which will > >> allow us to catch bugs much faster than before, and to improve > >> code quality even more. > >> If you have questions, don't hesitate to ask me or > >> infra at ovirt.org. > >> > >> [1] http://jenkins-ci.org/ > >> [2] currently only ovirt-engine is configured and working. > >> > > > > Awesome, thanks for putting this together. > > > > I'm looking at ovirt-node now (and have already added part of the > > config). Is there any plan to add a Fedora slave? ovirt-node as > > it > > well, anyone can contribute machines for their favorite/needed distro > and ask eyal to add them as slaves with relevant labels so jobs will > run > on them. > I think eyal can also configure to run a job multiple times on > different > slaves (multi config job), to check node/vdsm don't break on any > distro > which added a slave. > > I'll add a fedora machine and send Eyal the details to add as a > slave. > before i do that, I want eyal to take a look at the jenkins EC2 > plugin, > so we can see if we can have the guest only up when needed. > I installed the EC2 plugin, need some info on the cloud. attached is the configuration screen ( under http://jenkins.ovirt.org/configure ) > > > currently stands will only build correctly on Fedora. I might be > > able > > to work around it for the ovirt-node.rpm but the ISO really needs > > to be > > built on Fedora. > > > > Also, there are a few other requirements for building an iso image > > from > > ovirt-node: > > > > Sudo access: (also need to disable the requiretty option) > > NOPASSWD: /usr/bin/livecd-creator, /usr/bin/setenforce, > > /usr/bin/ksflatten, /bin/mount, /bin/umount > > > > Packages: livecd-tools, appliance-tools-minimizer, > > python-setuptools, > > ksflatten, createrepo, rpm-build (possibly more, but that's what > > I've > > hit so far) > > well, the job can do this each time in case we instantiate more > slaves > to handle load, or eyal can configure each manually i guess. > -------------- next part -------------- A non-text attachment was scrubbed... Name: 38.png Type: image/png Size: 135139 bytes Desc: not available URL: <http://lists.ovirt.org/pipermail/infra/attachments/20120119/d556bdd8/attachment.png> From iheim at redhat.com Thu Jan 19 14:54:41 2012 From: iheim at redhat.com (Itamar Heim) Date: Thu, 19 Jan 2012 16:54:41 +0200 Subject: Jenkins Continuous Integration Server for oVirt is up and running! In-Reply-To: <87624a24-3e6c-4c8b-97c8-3cfc2035e525@zmail13.collab.prod.int.phx2.redhat.com> References: <87624a24-3e6c-4c8b-97c8-3cfc2035e525@zmail13.collab.prod.int.phx2.redhat.com> Message-ID: <4F182EB1.8070502@redhat.com> On 01/19/2012 04:44 PM, Eyal Edri wrote: > > > ----- Original Message ----- >> From: "Itamar Heim"<iheim at redhat.com> >> To: "Mike Burns"<mburns at redhat.com> >> Cc: "Eyal Edri"<eedri at redhat.com>, infra at ovirt.org >> Sent: Thursday, January 19, 2012 3:46:38 PM >> Subject: Re: Jenkins Continuous Integration Server for oVirt is up and running! >> >> On 01/19/2012 02:13 PM, Mike Burns wrote: >>> On Thu, 2012-01-19 at 05:07 -0500, Eyal Edri wrote: >>>> fyi, >>>> >>>> oVirt project now has a Jenkins CI server[1] on >>>> http://jenkins.ovirt.org. >>>> >>>> The CI server runs various jobs on oVirt components [2] such as >>>> ovirt-engine,ovirt-node,etc.. >>>> Every commit to gerrit.ovirt.org will trigger the job >>>> 'ovirt_engine' which will run 'maven' build and verify that the >>>> commit didn't break the code. >>>> If the commit did break the code, it will send an alert email to >>>> "engine-patches.ovirt.org" and to the commiter with a link to a >>>> log console containing the error. >>>> On success, the job will trigger other jobs such as "find_bugs", >>>> "gwt profiles", "create db", "unit-tests", each testing a >>>> different part of the code. >>>> >>>> In time, more and more jobs will be added to jenkins, which will >>>> allow us to catch bugs much faster than before, and to improve >>>> code quality even more. >>>> If you have questions, don't hesitate to ask me or >>>> infra at ovirt.org. >>>> >>>> [1] http://jenkins-ci.org/ >>>> [2] currently only ovirt-engine is configured and working. >>>> >>> >>> Awesome, thanks for putting this together. >>> >>> I'm looking at ovirt-node now (and have already added part of the >>> config). Is there any plan to add a Fedora slave? ovirt-node as >>> it >> >> well, anyone can contribute machines for their favorite/needed distro >> and ask eyal to add them as slaves with relevant labels so jobs will >> run >> on them. >> I think eyal can also configure to run a job multiple times on >> different >> slaves (multi config job), to check node/vdsm don't break on any >> distro >> which added a slave. >> >> I'll add a fedora machine and send Eyal the details to add as a >> slave. >> before i do that, I want eyal to take a look at the jenkins EC2 >> plugin, >> so we can see if we can have the guest only up when needed. >> > > I installed the EC2 plugin, need some info on the cloud. > attached is the configuration screen ( under http://jenkins.ovirt.org/configure ) can the plugin start/stop existing slaves, or creates them as needed? does amazon support a delegated user to an account with limited set of permission to only start/stop existing slaves based on permissions? From mburns at redhat.com Thu Jan 19 14:54:43 2012 From: mburns at redhat.com (Mike Burns) Date: Thu, 19 Jan 2012 09:54:43 -0500 Subject: Jenkins Continuous Integration Server for oVirt is up and running! In-Reply-To: <87624a24-3e6c-4c8b-97c8-3cfc2035e525@zmail13.collab.prod.int.phx2.redhat.com> References: <87624a24-3e6c-4c8b-97c8-3cfc2035e525@zmail13.collab.prod.int.phx2.redhat.com> Message-ID: <1326984883.3910.39.camel@beelzebub.mburnsfire.net> On Thu, 2012-01-19 at 09:44 -0500, Eyal Edri wrote: > > ----- Original Message ----- > > From: "Itamar Heim" <iheim at redhat.com> > > To: "Mike Burns" <mburns at redhat.com> > > Cc: "Eyal Edri" <eedri at redhat.com>, infra at ovirt.org > > Sent: Thursday, January 19, 2012 3:46:38 PM > > Subject: Re: Jenkins Continuous Integration Server for oVirt is up and running! > > > > On 01/19/2012 02:13 PM, Mike Burns wrote: > > > On Thu, 2012-01-19 at 05:07 -0500, Eyal Edri wrote: > > >> fyi, > > >> > > >> oVirt project now has a Jenkins CI server[1] on > > >> http://jenkins.ovirt.org. > > >> > > >> The CI server runs various jobs on oVirt components [2] such as > > >> ovirt-engine,ovirt-node,etc.. > > >> Every commit to gerrit.ovirt.org will trigger the job > > >> 'ovirt_engine' which will run 'maven' build and verify that the > > >> commit didn't break the code. > > >> If the commit did break the code, it will send an alert email to > > >> "engine-patches.ovirt.org" and to the commiter with a link to a > > >> log console containing the error. > > >> On success, the job will trigger other jobs such as "find_bugs", > > >> "gwt profiles", "create db", "unit-tests", each testing a > > >> different part of the code. > > >> > > >> In time, more and more jobs will be added to jenkins, which will > > >> allow us to catch bugs much faster than before, and to improve > > >> code quality even more. > > >> If you have questions, don't hesitate to ask me or > > >> infra at ovirt.org. > > >> > > >> [1] http://jenkins-ci.org/ > > >> [2] currently only ovirt-engine is configured and working. > > >> > > > > > > Awesome, thanks for putting this together. > > > > > > I'm looking at ovirt-node now (and have already added part of the > > > config). Is there any plan to add a Fedora slave? ovirt-node as > > > it > > > > well, anyone can contribute machines for their favorite/needed distro > > and ask eyal to add them as slaves with relevant labels so jobs will > > run > > on them. > > I think eyal can also configure to run a job multiple times on > > different > > slaves (multi config job), to check node/vdsm don't break on any > > distro > > which added a slave. > > > > I'll add a fedora machine and send Eyal the details to add as a > > slave. > > before i do that, I want eyal to take a look at the jenkins EC2 > > plugin, > > so we can see if we can have the guest only up when needed. > > > > I installed the EC2 plugin, need some info on the cloud. > attached is the configuration screen ( under http://jenkins.ovirt.org/configure ) > > > > > > > currently stands will only build correctly on Fedora. I might be > > > able > > > to work around it for the ovirt-node.rpm but the ISO really needs > > > to be > > > built on Fedora. > > > > > > Also, there are a few other requirements for building an iso image > > > from > > > ovirt-node: > > > > > > Sudo access: (also need to disable the requiretty option) > > > NOPASSWD: /usr/bin/livecd-creator, /usr/bin/setenforce, > > > /usr/bin/ksflatten, /bin/mount, /bin/umount > > > > > > Packages: livecd-tools, appliance-tools-minimizer, > > > python-setuptools, > > > ksflatten, createrepo, rpm-build (possibly more, but that's what > > > I've > > > hit so far) > > > > well, the job can do this each time in case we instantiate more > > slaves > > to handle load, or eyal can configure each manually i guess. Correct, the package installations are easy enough. The sudo commands will need to be setup up front, though. Mike > > > _______________________________________________ > Infra mailing list > Infra at ovirt.org > http://lists.ovirt.org/mailman/listinfo/infra From eedri at redhat.com Thu Jan 19 15:05:29 2012 From: eedri at redhat.com (Eyal Edri) Date: Thu, 19 Jan 2012 10:05:29 -0500 (EST) Subject: Jenkins Continuous Integration Server for oVirt is up and running! In-Reply-To: <4F182EB1.8070502@redhat.com> Message-ID: <325a6075-3e6d-43e2-8b48-d44bc00d5251@zmail13.collab.prod.int.phx2.redhat.com> ----- Original Message ----- > From: "Itamar Heim" <iheim at redhat.com> > To: "Eyal Edri" <eedri at redhat.com> > Cc: infra at ovirt.org, "Mike Burns" <mburns at redhat.com> > Sent: Thursday, January 19, 2012 4:54:41 PM > Subject: Re: Jenkins Continuous Integration Server for oVirt is up and running! > > On 01/19/2012 04:44 PM, Eyal Edri wrote: > > > > > > ----- Original Message ----- > >> From: "Itamar Heim"<iheim at redhat.com> > >> To: "Mike Burns"<mburns at redhat.com> > >> Cc: "Eyal Edri"<eedri at redhat.com>, infra at ovirt.org > >> Sent: Thursday, January 19, 2012 3:46:38 PM > >> Subject: Re: Jenkins Continuous Integration Server for oVirt is up > >> and running! > >> > >> On 01/19/2012 02:13 PM, Mike Burns wrote: > >>> On Thu, 2012-01-19 at 05:07 -0500, Eyal Edri wrote: > >>>> fyi, > >>>> > >>>> oVirt project now has a Jenkins CI server[1] on > >>>> http://jenkins.ovirt.org. > >>>> > >>>> The CI server runs various jobs on oVirt components [2] such as > >>>> ovirt-engine,ovirt-node,etc.. > >>>> Every commit to gerrit.ovirt.org will trigger the job > >>>> 'ovirt_engine' which will run 'maven' build and verify that the > >>>> commit didn't break the code. > >>>> If the commit did break the code, it will send an alert email to > >>>> "engine-patches.ovirt.org" and to the commiter with a link to a > >>>> log console containing the error. > >>>> On success, the job will trigger other jobs such as "find_bugs", > >>>> "gwt profiles", "create db", "unit-tests", each testing a > >>>> different part of the code. > >>>> > >>>> In time, more and more jobs will be added to jenkins, which will > >>>> allow us to catch bugs much faster than before, and to improve > >>>> code quality even more. > >>>> If you have questions, don't hesitate to ask me or > >>>> infra at ovirt.org. > >>>> > >>>> [1] http://jenkins-ci.org/ > >>>> [2] currently only ovirt-engine is configured and working. > >>>> > >>> > >>> Awesome, thanks for putting this together. > >>> > >>> I'm looking at ovirt-node now (and have already added part of the > >>> config). Is there any plan to add a Fedora slave? ovirt-node as > >>> it > >> > >> well, anyone can contribute machines for their favorite/needed > >> distro > >> and ask eyal to add them as slaves with relevant labels so jobs > >> will > >> run > >> on them. > >> I think eyal can also configure to run a job multiple times on > >> different > >> slaves (multi config job), to check node/vdsm don't break on any > >> distro > >> which added a slave. > >> > >> I'll add a fedora machine and send Eyal the details to add as a > >> slave. > >> before i do that, I want eyal to take a look at the jenkins EC2 > >> plugin, > >> so we can see if we can have the guest only up when needed. > >> > > > > I installed the EC2 plugin, need some info on the cloud. > > attached is the configuration screen ( under > > http://jenkins.ovirt.org/configure ) > > can the plugin start/stop existing slaves, or creates them as needed? yes according to the plugin wiki page [1]: "Allow Jenkins to start slaves on EC2 or Ubuntu Enterprise Cloud (Eucalyptus) on demand, and kill them as they get unused. With this plugin, if Jenkins notices that your build cluster is overloaded, it'll start instances using the EC2 API and automatically connect them as Jenkins slaves. When the load goes down, excessive EC2 instances will be terminated. This set up allows you to maintain a small in-house cluster, then spill the spiky build/test loads into EC2 or another EC2 compatible cloud." [1] https://wiki.jenkins-ci.org/display/JENKINS/Amazon+EC2+Plugin > does amazon support a delegated user to an account with limited set > of > permission to only start/stop existing slaves based on permissions? > this can be done via the 'Project-based Matrix Authorization Strategy' to allow certain users to certain jobs / slaves (didn't test it): "This mode is an extension to "Matrix-based security" that allows additional ACL matrix to be defined for each project separately (which is done on the job configuration screen.) This allows you to say things like "Joe can access project A, B, and C but he can't see D." ACLs are additive, so the access rights granted below will be effective for all the projects." we can also look for another security plugins that will better suit our needs. Eyal. From iheim at redhat.com Thu Jan 19 15:20:33 2012 From: iheim at redhat.com (Itamar Heim) Date: Thu, 19 Jan 2012 17:20:33 +0200 Subject: Jenkins Continuous Integration Server for oVirt is up and running! In-Reply-To: <325a6075-3e6d-43e2-8b48-d44bc00d5251@zmail13.collab.prod.int.phx2.redhat.com> References: <325a6075-3e6d-43e2-8b48-d44bc00d5251@zmail13.collab.prod.int.phx2.redhat.com> Message-ID: <4F1834C1.2090900@redhat.com> On 01/19/2012 05:05 PM, Eyal Edri wrote: > > > ----- Original Message ----- >> From: "Itamar Heim"<iheim at redhat.com> >> To: "Eyal Edri"<eedri at redhat.com> >> Cc: infra at ovirt.org, "Mike Burns"<mburns at redhat.com> >> Sent: Thursday, January 19, 2012 4:54:41 PM >> Subject: Re: Jenkins Continuous Integration Server for oVirt is up and running! >> >> On 01/19/2012 04:44 PM, Eyal Edri wrote: >>> >>> >>> ----- Original Message ----- >>>> From: "Itamar Heim"<iheim at redhat.com> >>>> To: "Mike Burns"<mburns at redhat.com> >>>> Cc: "Eyal Edri"<eedri at redhat.com>, infra at ovirt.org >>>> Sent: Thursday, January 19, 2012 3:46:38 PM >>>> Subject: Re: Jenkins Continuous Integration Server for oVirt is up >>>> and running! >>>> >>>> On 01/19/2012 02:13 PM, Mike Burns wrote: >>>>> On Thu, 2012-01-19 at 05:07 -0500, Eyal Edri wrote: >>>>>> fyi, >>>>>> >>>>>> oVirt project now has a Jenkins CI server[1] on >>>>>> http://jenkins.ovirt.org. >>>>>> >>>>>> The CI server runs various jobs on oVirt components [2] such as >>>>>> ovirt-engine,ovirt-node,etc.. >>>>>> Every commit to gerrit.ovirt.org will trigger the job >>>>>> 'ovirt_engine' which will run 'maven' build and verify that the >>>>>> commit didn't break the code. >>>>>> If the commit did break the code, it will send an alert email to >>>>>> "engine-patches.ovirt.org" and to the commiter with a link to a >>>>>> log console containing the error. >>>>>> On success, the job will trigger other jobs such as "find_bugs", >>>>>> "gwt profiles", "create db", "unit-tests", each testing a >>>>>> different part of the code. >>>>>> >>>>>> In time, more and more jobs will be added to jenkins, which will >>>>>> allow us to catch bugs much faster than before, and to improve >>>>>> code quality even more. >>>>>> If you have questions, don't hesitate to ask me or >>>>>> infra at ovirt.org. >>>>>> >>>>>> [1] http://jenkins-ci.org/ >>>>>> [2] currently only ovirt-engine is configured and working. >>>>>> >>>>> >>>>> Awesome, thanks for putting this together. >>>>> >>>>> I'm looking at ovirt-node now (and have already added part of the >>>>> config). Is there any plan to add a Fedora slave? ovirt-node as >>>>> it >>>> >>>> well, anyone can contribute machines for their favorite/needed >>>> distro >>>> and ask eyal to add them as slaves with relevant labels so jobs >>>> will >>>> run >>>> on them. >>>> I think eyal can also configure to run a job multiple times on >>>> different >>>> slaves (multi config job), to check node/vdsm don't break on any >>>> distro >>>> which added a slave. >>>> >>>> I'll add a fedora machine and send Eyal the details to add as a >>>> slave. >>>> before i do that, I want eyal to take a look at the jenkins EC2 >>>> plugin, >>>> so we can see if we can have the guest only up when needed. >>>> >>> >>> I installed the EC2 plugin, need some info on the cloud. >>> attached is the configuration screen ( under >>> http://jenkins.ovirt.org/configure ) >> >> can the plugin start/stop existing slaves, or creates them as needed? > > yes according to the plugin wiki page [1]: > > "Allow Jenkins to start slaves on EC2 or Ubuntu Enterprise Cloud (Eucalyptus) on demand, and kill them as they get unused. > With this plugin, if Jenkins notices that your build cluster is overloaded, it'll start instances using the EC2 API and automatically connect them as Jenkins slaves. When the load goes down, excessive EC2 instances will be terminated. This set up allows you to maintain a small in-house cluster, then spill the spiky build/test loads into EC2 or another EC2 compatible cloud." > > [1] https://wiki.jenkins-ci.org/display/JENKINS/Amazon+EC2+Plugin "starting an instance" from an AMI in EC2 is actually creating the instance as well. is there another type of plugin which will start/stop instances? > > >> does amazon support a delegated user to an account with limited set >> of >> permission to only start/stop existing slaves based on permissions? >> > > this can be done via the 'Project-based Matrix Authorization Strategy' to allow certain users to certain jobs / slaves (didn't test it): > > "This mode is an extension to "Matrix-based security" that allows additional ACL matrix to be defined for each project separately (which is done on the job configuration screen.) > This allows you to say things like "Joe can access project A, B, and C but he can't see D." > > ACLs are additive, so the access rights granted below will be effective for all the projects." > > we can also look for another security plugins that will better suit our needs. I'm concerned with limiting what jenkins can do on EC2, not limiting the jenkins side (well, that too, but first EC2) From eedri at redhat.com Thu Jan 19 15:41:22 2012 From: eedri at redhat.com (Eyal Edri) Date: Thu, 19 Jan 2012 10:41:22 -0500 (EST) Subject: Jenkins Continuous Integration Server for oVirt is up and running! In-Reply-To: <4F1834C1.2090900@redhat.com> Message-ID: <767f4e6f-03b9-495c-8a42-7378d9432d6e@zmail13.collab.prod.int.phx2.redhat.com> ----- Original Message ----- > From: "Itamar Heim" <iheim at redhat.com> > To: "Eyal Edri" <eedri at redhat.com> > Cc: infra at ovirt.org, "Mike Burns" <mburns at redhat.com> > Sent: Thursday, January 19, 2012 5:20:33 PM > Subject: Re: Jenkins Continuous Integration Server for oVirt is up and running! > > On 01/19/2012 05:05 PM, Eyal Edri wrote: > > > > > > ----- Original Message ----- > >> From: "Itamar Heim"<iheim at redhat.com> > >> To: "Eyal Edri"<eedri at redhat.com> > >> Cc: infra at ovirt.org, "Mike Burns"<mburns at redhat.com> > >> Sent: Thursday, January 19, 2012 4:54:41 PM > >> Subject: Re: Jenkins Continuous Integration Server for oVirt is up > >> and running! > >> > >> On 01/19/2012 04:44 PM, Eyal Edri wrote: > >>> > >>> > >>> ----- Original Message ----- > >>>> From: "Itamar Heim"<iheim at redhat.com> > >>>> To: "Mike Burns"<mburns at redhat.com> > >>>> Cc: "Eyal Edri"<eedri at redhat.com>, infra at ovirt.org > >>>> Sent: Thursday, January 19, 2012 3:46:38 PM > >>>> Subject: Re: Jenkins Continuous Integration Server for oVirt is > >>>> up > >>>> and running! > >>>> > >>>> On 01/19/2012 02:13 PM, Mike Burns wrote: > >>>>> On Thu, 2012-01-19 at 05:07 -0500, Eyal Edri wrote: > >>>>>> fyi, > >>>>>> > >>>>>> oVirt project now has a Jenkins CI server[1] on > >>>>>> http://jenkins.ovirt.org. > >>>>>> > >>>>>> The CI server runs various jobs on oVirt components [2] such > >>>>>> as > >>>>>> ovirt-engine,ovirt-node,etc.. > >>>>>> Every commit to gerrit.ovirt.org will trigger the job > >>>>>> 'ovirt_engine' which will run 'maven' build and verify that > >>>>>> the > >>>>>> commit didn't break the code. > >>>>>> If the commit did break the code, it will send an alert email > >>>>>> to > >>>>>> "engine-patches.ovirt.org" and to the commiter with a link to > >>>>>> a > >>>>>> log console containing the error. > >>>>>> On success, the job will trigger other jobs such as > >>>>>> "find_bugs", > >>>>>> "gwt profiles", "create db", "unit-tests", each testing a > >>>>>> different part of the code. > >>>>>> > >>>>>> In time, more and more jobs will be added to jenkins, which > >>>>>> will > >>>>>> allow us to catch bugs much faster than before, and to improve > >>>>>> code quality even more. > >>>>>> If you have questions, don't hesitate to ask me or > >>>>>> infra at ovirt.org. > >>>>>> > >>>>>> [1] http://jenkins-ci.org/ > >>>>>> [2] currently only ovirt-engine is configured and working. > >>>>>> > >>>>> > >>>>> Awesome, thanks for putting this together. > >>>>> > >>>>> I'm looking at ovirt-node now (and have already added part of > >>>>> the > >>>>> config). Is there any plan to add a Fedora slave? ovirt-node > >>>>> as > >>>>> it > >>>> > >>>> well, anyone can contribute machines for their favorite/needed > >>>> distro > >>>> and ask eyal to add them as slaves with relevant labels so jobs > >>>> will > >>>> run > >>>> on them. > >>>> I think eyal can also configure to run a job multiple times on > >>>> different > >>>> slaves (multi config job), to check node/vdsm don't break on any > >>>> distro > >>>> which added a slave. > >>>> > >>>> I'll add a fedora machine and send Eyal the details to add as a > >>>> slave. > >>>> before i do that, I want eyal to take a look at the jenkins EC2 > >>>> plugin, > >>>> so we can see if we can have the guest only up when needed. > >>>> > >>> > >>> I installed the EC2 plugin, need some info on the cloud. > >>> attached is the configuration screen ( under > >>> http://jenkins.ovirt.org/configure ) > >> > >> can the plugin start/stop existing slaves, or creates them as > >> needed? > > > > yes according to the plugin wiki page [1]: > > > > "Allow Jenkins to start slaves on EC2 or Ubuntu Enterprise Cloud > > (Eucalyptus) on demand, and kill them as they get unused. > > With this plugin, if Jenkins notices that your build cluster is > > overloaded, it'll start instances using the EC2 API and > > automatically connect them as Jenkins slaves. When the load goes > > down, excessive EC2 instances will be terminated. This set up > > allows you to maintain a small in-house cluster, then spill the > > spiky build/test loads into EC2 or another EC2 compatible cloud." > > > > [1] https://wiki.jenkins-ci.org/display/JENKINS/Amazon+EC2+Plugin > > "starting an instance" from an AMI in EC2 is actually creating the > instance as well. > > is there another type of plugin which will start/stop instances? > not one that i have seen. btw, jenkins has an openID plugin -> https://wiki.jenkins-ci.org/display/JENKINS/OpenID+plugin maybe we can allow certain users from the community to login using thier openID, and restrict them to certain slaves, using the ROLE STRATEGY PLUGIN -> https://wiki.jenkins-ci.org/display/JENKINS/Role+Strategy+Plugin > > > > > > >> does amazon support a delegated user to an account with limited > >> set > >> of > >> permission to only start/stop existing slaves based on > >> permissions? > >> > > > > this can be done via the 'Project-based Matrix Authorization > > Strategy' to allow certain users to certain jobs / slaves (didn't > > test it): > > > > "This mode is an extension to "Matrix-based security" that allows > > additional ACL matrix to be defined for each project separately > > (which is done on the job configuration screen.) > > This allows you to say things like "Joe can access project A, B, > > and C but he can't see D." > > > > ACLs are additive, so the access rights granted below will be > > effective for all the projects." > > > > we can also look for another security plugins that will better suit > > our needs. > > I'm concerned with limiting what jenkins can do on EC2, not limiting > the > jenkins side (well, that too, but first EC2) > From pmatouse at redhat.com Thu Jan 19 17:46:15 2012 From: pmatouse at redhat.com (Petr Matousek) Date: Thu, 19 Jan 2012 18:46:15 +0100 Subject: ovirt.org / security mailing lists Message-ID: <20120119174614.GA617@dhcp-25-225.brq.redhat.com> Hi Karsten, we have a wiki page describing ovirt.org security mailing lists [1], but I think we should at least mention the security mailing lists and how we handle security issues on our community page [2]. [1] http://ovirt.org/wiki/Security [2] http://www.ovirt.org/project/community/ In the long run, we could also create dedicated security related page referenced from the main menu/front page. Would that be possible? We want security bugs to be sent to security mailing lists, not to the development mailing lists. Thanks, -- Petr Matousek / Red Hat Security Response Team From djorm at redhat.com Thu Jan 19 23:59:33 2012 From: djorm at redhat.com (David Jorm) Date: Fri, 20 Jan 2012 09:59:33 +1000 Subject: ovirt.org / security mailing lists In-Reply-To: <20120119174614.GA617@dhcp-25-225.brq.redhat.com> References: <20120119174614.GA617@dhcp-25-225.brq.redhat.com> Message-ID: <4F18AE65.5070103@redhat.com> On 01/20/2012 03:46 AM, Petr Matousek wrote: > Hi Karsten, > > we have a wiki page describing ovirt.org security mailing lists [1], but > I think we should at least mention the security mailing lists and how we > handle security issues on our community page [2]. > > [1] http://ovirt.org/wiki/Security > [2] http://www.ovirt.org/project/community/ > > In the long run, we could also create dedicated security related page > referenced from the main menu/front page. +1, I think this is a good idea. The existing security page on the wiki could be expanded to include more content than just the mailing list information. > > Would that be possible? > > We want security bugs to be sent to security mailing lists, not to the > development mailing lists. > > Thanks, From cctrieloff at redhat.com Fri Jan 20 18:26:03 2012 From: cctrieloff at redhat.com (Carl Trieloff) Date: Fri, 20 Jan 2012 13:26:03 -0500 Subject: ovirt.org / security mailing lists In-Reply-To: <4F18AE65.5070103@redhat.com> References: <20120119174614.GA617@dhcp-25-225.brq.redhat.com> <4F18AE65.5070103@redhat.com> Message-ID: <4F19B1BB.4050108@redhat.com> On 01/19/2012 06:59 PM, David Jorm wrote: > On 01/20/2012 03:46 AM, Petr Matousek wrote: >> Hi Karsten, >> >> we have a wiki page describing ovirt.org security mailing lists [1], but >> I think we should at least mention the security mailing lists and how we >> handle security issues on our community page [2]. >> >> [1] http://ovirt.org/wiki/Security >> [2] http://www.ovirt.org/project/community/ >> >> In the long run, we could also create dedicated security related page >> referenced from the main menu/front page. > > +1, I think this is a good idea. The existing security page on the > wiki could be expanded to include more content than just the mailing > list information. go for it. sounds good. From kwade at redhat.com Fri Jan 20 20:26:43 2012 From: kwade at redhat.com (Karsten 'quaid' Wade) Date: Fri, 20 Jan 2012 12:26:43 -0800 Subject: ovirt.org / security mailing lists In-Reply-To: <20120119174614.GA617@dhcp-25-225.brq.redhat.com> References: <20120119174614.GA617@dhcp-25-225.brq.redhat.com> Message-ID: <4F19CE03.50605@redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/19/2012 09:46 AM, Petr Matousek wrote: > Hi Karsten, > > we have a wiki page describing ovirt.org security mailing lists > [1], but I think we should at least mention the security mailing > lists and how we handle security issues on our community page [2]. > > [1] http://ovirt.org/wiki/Security [2] > http://www.ovirt.org/project/community/ > > In the long run, we could also create dedicated security related > page referenced from the main menu/front page. > > Would that be possible? > > We want security bugs to be sent to security mailing lists, not to > the development mailing lists. All sounds good. We should just get you an author account in the Wordpress instance that runs ovirt.org so you can modify the content, etc. Does that sound sufficient? - - Karsten - -- name: Karsten 'quaid' Wade, Sr. Community Architect team: Red Hat Community Architecture & Leadership uri: http://communityleadershipteam.org http://TheOpenSourceWay.org gpg: AD0E0C41 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFPGc372ZIOBq0ODEERAg4lAJoDF/sSXY8xdycPSTPTh+IaR758AACfUGHG YO66EHupmoNr+czXrXmzgFk= =H4o8 -----END PGP SIGNATURE----- From pmatouse at redhat.com Mon Jan 23 13:29:03 2012 From: pmatouse at redhat.com (Petr Matousek) Date: Mon, 23 Jan 2012 14:29:03 +0100 Subject: ovirt.org / security mailing lists In-Reply-To: <4F19CE03.50605@redhat.com> References: <20120119174614.GA617@dhcp-25-225.brq.redhat.com> <4F19CE03.50605@redhat.com> Message-ID: <20120123132902.GE15696@dhcp-25-225.brq.redhat.com> On Fri, Jan 20, 2012 at 12:26:43PM -0800, Karsten 'quaid' Wade wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 01/19/2012 09:46 AM, Petr Matousek wrote: > > Hi Karsten, > > > > we have a wiki page describing ovirt.org security mailing lists > > [1], but I think we should at least mention the security mailing > > lists and how we handle security issues on our community page [2]. > > > > [1] http://ovirt.org/wiki/Security [2] > > http://www.ovirt.org/project/community/ > > > > In the long run, we could also create dedicated security related > > page referenced from the main menu/front page. > > > > Would that be possible? > > > > We want security bugs to be sent to security mailing lists, not to > > the development mailing lists. > > All sounds good. We should just get you an author account in the > Wordpress instance that runs ovirt.org so you can modify the content, > etc. Does that sound sufficient? Yes Karsten, thanks, that would work. OTOH I do not want to mess up ovirt.org web, so in case we have any content author/web master, it might be wise to route all the changes through that person -) Petr > > - - Karsten > - -- > name: Karsten 'quaid' Wade, Sr. Community Architect > team: Red Hat Community Architecture & Leadership > uri: http://communityleadershipteam.org > http://TheOpenSourceWay.org > gpg: AD0E0C41 > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iD8DBQFPGc372ZIOBq0ODEERAg4lAJoDF/sSXY8xdycPSTPTh+IaR758AACfUGHG > YO66EHupmoNr+czXrXmzgFk= > =H4o8 > -----END PGP SIGNATURE----- -- Petr Matousek / Red Hat Security Response Team From eedri at redhat.com Mon Jan 23 14:27:19 2012 From: eedri at redhat.com (Eyal Edri) Date: Mon, 23 Jan 2012 09:27:19 -0500 (EST) Subject: [Jenkins] Restarting jenkins server In-Reply-To: <12593908-70bb-4fec-9009-7fe97e218d6b@zmail13.collab.prod.int.phx2.redhat.com> Message-ID: <c2156f14-8655-4978-bfe0-e08cd8635a84@zmail13.collab.prod.int.phx2.redhat.com> fyi, Jenkins.ovirt.org servers needs to be restarted. please save your work. it will be up in a few min. Eyal. From ewoud+ovirt at kohlvanwijngaarden.nl Tue Jan 24 17:13:55 2012 From: ewoud+ovirt at kohlvanwijngaarden.nl (Ewoud Kohl van Wijngaarden) Date: Tue, 24 Jan 2012 18:13:55 +0100 Subject: openid on the wiki? Message-ID: <20120124171355.GD19086@bogey.xentower.nl> Hello, Given gerrit already works with openid I was wondering if the wiki could support the same. It seems there is an extension[1], and it also seems it's packaged for fedora[2]. Has anyone looked into this and would it be a desirable addition? [1]: http://www.mediawiki.org/wiki/Extension:OpenID [2]: http://koji.fedoraproject.org/koji/packageinfo?packageID=5922 From kwade at redhat.com Tue Jan 24 18:40:25 2012 From: kwade at redhat.com (Karsten 'quaid' Wade) Date: Tue, 24 Jan 2012 10:40:25 -0800 Subject: openid on the wiki? In-Reply-To: <20120124171355.GD19086@bogey.xentower.nl> References: <20120124171355.GD19086@bogey.xentower.nl> Message-ID: <4F1EFB19.20704@redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/24/2012 09:13 AM, Ewoud Kohl van Wijngaarden wrote: > Hello, > > Given gerrit already works with openid I was wondering if the wiki > could support the same. It seems there is an extension[1], and it > also seems it's packaged for fedora[2]. Has anyone looked into this > and would it be a desirable addition? > > [1]: http://www.mediawiki.org/wiki/Extension:OpenID [2]: > http://koji.fedoraproject.org/koji/packageinfo?packageID=5922 My major concern with the wiki is keeping us from having spammers ever get accounts on there. We have enough trouble gardening our own work, we'd get buried if we had to manage spam pages. I would reckon that OpenID would give a way for spammers to come in, unless we limited the OpenID servers we worked with, which would sort-of be against the reason for having OpenID in the first place. But I'm very open to other thinking, just unsure how it would be implemented. - - Karsten - -- name: Karsten 'quaid' Wade, Sr. Community Architect team: Red Hat Community Architecture & Leadership uri: http://communityleadershipteam.org http://TheOpenSourceWay.org gpg: AD0E0C41 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFPHvsZ2ZIOBq0ODEERAgiNAJ9J4gu52ZgnZkGt0WpfwQWq1aglcgCeMN+Z LDVFMxgbmvgq6G1htgd71Cs= =hf0c -----END PGP SIGNATURE----- From ewoud+ovirt at kohlvanwijngaarden.nl Tue Jan 24 23:40:02 2012 From: ewoud+ovirt at kohlvanwijngaarden.nl (Ewoud Kohl van Wijngaarden) Date: Wed, 25 Jan 2012 00:40:02 +0100 Subject: openid on the wiki? In-Reply-To: <4F1EFB19.20704@redhat.com> References: <20120124171355.GD19086@bogey.xentower.nl> <4F1EFB19.20704@redhat.com> Message-ID: <20120124233950.GE19086@bogey.xentower.nl> On Tue, Jan 24, 2012 at 10:40:25AM -0800, Karsten 'quaid' Wade wrote: > On 01/24/2012 09:13 AM, Ewoud Kohl van Wijngaarden wrote: > > Given gerrit already works with openid I was wondering if the wiki > > could support the same. It seems there is an extension[1], and it > > also seems it's packaged for fedora[2]. Has anyone looked into this > > and would it be a desirable addition? > > > > [1]: http://www.mediawiki.org/wiki/Extension:OpenID [2]: > > http://koji.fedoraproject.org/koji/packageinfo?packageID=5922 > > My major concern with the wiki is keeping us from having spammers ever > get accounts on there. We have enough trouble gardening our own work, > we'd get buried if we had to manage spam pages. > > I would reckon that OpenID would give a way for spammers to come in, > unless we limited the OpenID servers we worked with, which would > sort-of be against the reason for having OpenID in the first place. > > But I'm very open to other thinking, just unsure how it would be > implemented. I have no experience with mediawiki + openid myself, but maybe giving it a go and monitor it would be good enough for now. Possible downsides: - Spammers use openid to spam Possible upsides: - More open to new people - People can use a single account for both gerrit and the wiki Since the wiki edits are also shown on IRC I think spam would be caught fast enough and in the worst case the change could be reverted. From kwade at redhat.com Wed Jan 25 04:03:58 2012 From: kwade at redhat.com (Karsten 'quaid' Wade) Date: Tue, 24 Jan 2012 20:03:58 -0800 Subject: openid on the wiki? In-Reply-To: <20120124233950.GE19086@bogey.xentower.nl> References: <20120124171355.GD19086@bogey.xentower.nl> <4F1EFB19.20704@redhat.com> <20120124233950.GE19086@bogey.xentower.nl> Message-ID: <4F1F7F2E.1050604@redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/24/2012 03:40 PM, Ewoud Kohl van Wijngaarden wrote: > I have no experience with mediawiki + openid myself, but maybe > giving it a go and monitor it would be good enough for now. > > Possible downsides: - Spammers use openid to spam > > Possible upsides: - More open to new people - People can use a > single account for both gerrit and the wiki > > Since the wiki edits are also shown on IRC I think spam would be > caught fast enough and in the worst case the change could be > reverted. That's a good point, the wiki edits are watched that way more carefully. What would our reaction be if we started to see spam edits via OpenID accounts? Can we easily disable those accounts? * Would we revert to not using OpenID? ** Sometimes spammers seem to be doing test-spam on a wiki, so a few scattered edits might be preparation for an onslaught. Also consider all this in terms of who is taking care of the wiki. We don't (yet?) have enough individuals or a team that seem to be taking on any wiki management tasks. So a spamming situation could rally such folks, but it could also kill the energy while in the crib by overwhelming it with spam pages from incrementally more spam accounts. I'm reacting a bit here to e.g. more wiki pages being incorrectly named than not, so a lot of wiki gardening required still. OTOH, I am very much in favor of lowering barriers as much as we can. I'd like to proceed with this discussion and just figure out a way to counterbalance the risks, etc. Thanks - Karsten - -- name: Karsten 'quaid' Wade, Sr. Community Architect team: Red Hat Community Architecture & Leadership uri: http://communityleadershipteam.org http://TheOpenSourceWay.org gpg: AD0E0C41 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFPH38u2ZIOBq0ODEERAs66AKCsopk4/0ZZfXPh4ky6iOg5D6g8eACdFKET WrmeZZ7qtLYyqeZmwYr4IWk= =IreL -----END PGP SIGNATURE----- From iheim at redhat.com Wed Jan 25 08:17:43 2012 From: iheim at redhat.com (Itamar Heim) Date: Wed, 25 Jan 2012 10:17:43 +0200 Subject: openid on the wiki? In-Reply-To: <4F1F7F2E.1050604@redhat.com> References: <20120124171355.GD19086@bogey.xentower.nl> <4F1EFB19.20704@redhat.com> <20120124233950.GE19086@bogey.xentower.nl> <4F1F7F2E.1050604@redhat.com> Message-ID: <4F1FBAA7.1040903@redhat.com> On 01/25/2012 06:03 AM, Karsten 'quaid' Wade wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 01/24/2012 03:40 PM, Ewoud Kohl van Wijngaarden wrote: >> I have no experience with mediawiki + openid myself, but maybe >> giving it a go and monitor it would be good enough for now. >> >> Possible downsides: - Spammers use openid to spam >> >> Possible upsides: - More open to new people - People can use a >> single account for both gerrit and the wiki >> >> Since the wiki edits are also shown on IRC I think spam would be >> caught fast enough and in the worst case the change could be >> reverted. > > That's a good point, the wiki edits are watched that way more carefully. > > What would our reaction be if we started to see spam edits via OpenID > accounts? > > * Can we easily disable those accounts? > * Would we revert to not using OpenID? > ** Sometimes spammers seem to be doing test-spam on a wiki, so a few > scattered edits might be preparation for an onslaught. > > Also consider all this in terms of who is taking care of the wiki. We > don't (yet?) have enough individuals or a team that seem to be taking > on any wiki management tasks. > > So a spamming situation could rally such folks, but it could also kill > the energy while in the crib by overwhelming it with spam pages from > incrementally more spam accounts. > > I'm reacting a bit here to e.g. more wiki pages being incorrectly > named than not, so a lot of wiki gardening required still. OTOH, I am > very much in favor of lowering barriers as much as we can. I'd like to > proceed with this discussion and just figure out a way to > counterbalance the risks, etc. can we separate the openid support for authentication (so people can user same user/password) from authorization (can an openid account do something)? so we would still have the process of an existing user has to give edit permissions to an openid user? From ewoud+ovirt at kohlvanwijngaarden.nl Wed Jan 25 10:45:10 2012 From: ewoud+ovirt at kohlvanwijngaarden.nl (Ewoud Kohl van Wijngaarden) Date: Wed, 25 Jan 2012 11:45:10 +0100 Subject: openid on the wiki? In-Reply-To: <4F1FBAA7.1040903@redhat.com> References: <20120124171355.GD19086@bogey.xentower.nl> <4F1EFB19.20704@redhat.com> <20120124233950.GE19086@bogey.xentower.nl> <4F1F7F2E.1050604@redhat.com> <4F1FBAA7.1040903@redhat.com> Message-ID: <20120125104510.GF19086@bogey.xentower.nl> On Wed, Jan 25, 2012 at 10:17:43AM +0200, Itamar Heim wrote: > On 01/25/2012 06:03 AM, Karsten 'quaid' Wade wrote: > >On 01/24/2012 03:40 PM, Ewoud Kohl van Wijngaarden wrote: > >>I have no experience with mediawiki + openid myself, but maybe > >>giving it a go and monitor it would be good enough for now. > >> > >>Possible downsides: - Spammers use openid to spam > >> > >>Possible upsides: - More open to new people - People can use a > >>single account for both gerrit and the wiki > >> > >>Since the wiki edits are also shown on IRC I think spam would be > >>caught fast enough and in the worst case the change could be > >>reverted. > > > >That's a good point, the wiki edits are watched that way more carefully. > > > >What would our reaction be if we started to see spam edits via OpenID > >accounts? > > > >* Can we easily disable those accounts? > >* Would we revert to not using OpenID? > >** Sometimes spammers seem to be doing test-spam on a wiki, so a few > >scattered edits might be preparation for an onslaught. > > > >Also consider all this in terms of who is taking care of the wiki. We > >don't (yet?) have enough individuals or a team that seem to be taking > >on any wiki management tasks. > > > >So a spamming situation could rally such folks, but it could also kill > >the energy while in the crib by overwhelming it with spam pages from > >incrementally more spam accounts. > > > >I'm reacting a bit here to e.g. more wiki pages being incorrectly > >named than not, so a lot of wiki gardening required still. OTOH, I am > >very much in favor of lowering barriers as much as we can. I'd like to > >proceed with this discussion and just figure out a way to > >counterbalance the risks, etc. > > can we separate the openid support for authentication (so people can > user same user/password) from authorization (can an openid account > do something)? > > so we would still have the process of an existing user has to give > edit permissions to an openid user? That could be a mitigation in case we do get spammers. I'm wondering how wikipedia handles this since that's an open wiki using the same software. Using an extension for authentication makes us a non-standard target and thus harder. I think it's important, if not vital, for an open source project to have a low barrier to join. Making it easy to do small fixes on the wiki could help get people more involved. So in short I think using openid authentication and open authorization will benefit the project at an acceptable risk of spammers. If we do notice spammers we can switch to user authorization with manual approval of users or in the worst case fully disable openid and revert to the current workflow. From jbrooks at redhat.com Wed Jan 25 17:06:28 2012 From: jbrooks at redhat.com (Jason Brooks) Date: Wed, 25 Jan 2012 09:06:28 -0800 Subject: openid on the wiki? In-Reply-To: <4F1F7F2E.1050604@redhat.com> References: <20120124171355.GD19086@bogey.xentower.nl> <4F1EFB19.20704@redhat.com> <20120124233950.GE19086@bogey.xentower.nl> <4F1F7F2E.1050604@redhat.com> Message-ID: <4F203694.1060807@redhat.com> On 01/24/2012 08:03 PM, Karsten 'quaid' Wade wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 01/24/2012 03:40 PM, Ewoud Kohl van Wijngaarden wrote: >> I have no experience with mediawiki + openid myself, but maybe >> giving it a go and monitor it would be good enough for now. >> I'm a fan of openid -- many is the time I've chosen not to engage somewhere because I don't want to create a new user name / password. Jason From kwade at redhat.com Wed Jan 25 21:30:24 2012 From: kwade at redhat.com (Karsten 'quaid' Wade) Date: Wed, 25 Jan 2012 13:30:24 -0800 Subject: openid on the wiki? In-Reply-To: <4F203694.1060807@redhat.com> References: <20120124171355.GD19086@bogey.xentower.nl> <4F1EFB19.20704@redhat.com> <20120124233950.GE19086@bogey.xentower.nl> <4F1F7F2E.1050604@redhat.com> <4F203694.1060807@redhat.com> Message-ID: <4F207470.1090201@redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/25/2012 09:06 AM, Jason Brooks wrote: > On 01/24/2012 08:03 PM, Karsten 'quaid' Wade wrote: >> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >> >> On 01/24/2012 03:40 PM, Ewoud Kohl van Wijngaarden wrote: >>> I have no experience with mediawiki + openid myself, but maybe >>> giving it a go and monitor it would be good enough for now. >>> > > I'm a fan of openid -- many is the time I've chosen not to engage > somewhere because I don't want to create a new user name / > password. Careful or I'll recruit you to the wiki gardening crew. :) - - Karsten - -- name: Karsten 'quaid' Wade, Sr. Community Architect team: Red Hat Community Architecture & Leadership uri: http://communityleadershipteam.org http://TheOpenSourceWay.org gpg: AD0E0C41 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFPIHRw2ZIOBq0ODEERAmekAJ9qcw4maZFlYeakixacyAYhg+ZlKQCdEgfW VcuuywX956TcAKPFJiYs+HE= =MTdt -----END PGP SIGNATURE----- From kwade at redhat.com Wed Jan 25 21:35:04 2012 From: kwade at redhat.com (Karsten 'quaid' Wade) Date: Wed, 25 Jan 2012 13:35:04 -0800 Subject: openid on the wiki? In-Reply-To: <20120125104510.GF19086@bogey.xentower.nl> References: <20120124171355.GD19086@bogey.xentower.nl> <4F1EFB19.20704@redhat.com> <20120124233950.GE19086@bogey.xentower.nl> <4F1F7F2E.1050604@redhat.com> <4F1FBAA7.1040903@redhat.com> <20120125104510.GF19086@bogey.xentower.nl> Message-ID: <4F207588.3090904@redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/25/2012 02:45 AM, Ewoud Kohl van Wijngaarden wrote: > On Wed, Jan 25, 2012 at 10:17:43AM +0200, Itamar Heim wrote: >> On 01/25/2012 06:03 AM, Karsten 'quaid' Wade wrote: >>> On 01/24/2012 03:40 PM, Ewoud Kohl van Wijngaarden wrote: >>>> I have no experience with mediawiki + openid myself, but >>>> maybe giving it a go and monitor it would be good enough for >>>> now. >>>> >>>> Possible downsides: - Spammers use openid to spam >>>> >>>> Possible upsides: - More open to new people - People can use >>>> a single account for both gerrit and the wiki >>>> >>>> Since the wiki edits are also shown on IRC I think spam would >>>> be caught fast enough and in the worst case the change could >>>> be reverted. >>> >>> That's a good point, the wiki edits are watched that way more >>> carefully. >>> >>> What would our reaction be if we started to see spam edits via >>> OpenID accounts? >>> >>> * Can we easily disable those accounts? * Would we revert to >>> not using OpenID? ** Sometimes spammers seem to be doing >>> test-spam on a wiki, so a few scattered edits might be >>> preparation for an onslaught. >>> >>> Also consider all this in terms of who is taking care of the >>> wiki. We don't (yet?) have enough individuals or a team that >>> seem to be taking on any wiki management tasks. >>> >>> So a spamming situation could rally such folks, but it could >>> also kill the energy while in the crib by overwhelming it with >>> spam pages from incrementally more spam accounts. >>> >>> I'm reacting a bit here to e.g. more wiki pages being >>> incorrectly named than not, so a lot of wiki gardening required >>> still. OTOH, I am very much in favor of lowering barriers as >>> much as we can. I'd like to proceed with this discussion and >>> just figure out a way to counterbalance the risks, etc. >> >> can we separate the openid support for authentication (so people >> can user same user/password) from authorization (can an openid >> account do something)? >> >> so we would still have the process of an existing user has to >> give edit permissions to an openid user? > That could be a mitigation in case we do get spammers. > > I'm wondering how wikipedia handles this since that's an open wiki > using the same software. Using an extension for authentication > makes us a non-standard target and thus harder. AIUI, a large part is the legion of volunteers who revert spam edits. All of the protection tools, such as Captchas, are reportedly cracked by spammers. > I think it's important, if not vital, for an open source project to > have a low barrier to join. Making it easy to do small fixes on the > wiki could help get people more involved. This I do agree with, and wrote in to The Open Source Way handbook: https://www.theopensourceway.org/wiki/How_to_loosely_organize_a_community#Use_lightweight.2C_open_collaboration_tools_-_wikis.2C_mailing_lists.2C_IRC.2C_version_control.2C_bug_trackers_-_and_give_out_access ... and then as a project, struggle with how to handle the wiki auth. (Short URL of above: http://bit.ly/TOSWOpenTooling ) > So in short I think using openid authentication and open > authorization will benefit the project at an acceptable risk of > spammers. If we do notice spammers we can switch to user > authorization with manual approval of users or in the worst case > fully disable openid and revert to the current workflow. Are you able to volunteer to help with wiki gardening? In specific, keeping things cleaned up if we do get a spammer - reverting changes, deleting accounts, etc. If we can get enough of us to watch things with commitment, then I'm much more comfortable with the idea of rolling out OpenID. - - Karsten - -- name: Karsten 'quaid' Wade, Sr. Community Architect team: Red Hat Community Architecture & Leadership uri: http://communityleadershipteam.org http://TheOpenSourceWay.org gpg: AD0E0C41 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFPIHWI2ZIOBq0ODEERAiioAJ96Cc0ZKm7ZvnaFfQAnrHhvla0e9wCdG4c4 AIOT2IIfTrJ8qtN47c96hcw= =D3ho -----END PGP SIGNATURE----- From kwade at redhat.com Wed Jan 25 21:37:18 2012 From: kwade at redhat.com (Karsten 'quaid' Wade) Date: Wed, 25 Jan 2012 13:37:18 -0800 Subject: openid on the wiki? In-Reply-To: <20120125104510.GF19086@bogey.xentower.nl> References: <20120124171355.GD19086@bogey.xentower.nl> <4F1EFB19.20704@redhat.com> <20120124233950.GE19086@bogey.xentower.nl> <4F1F7F2E.1050604@redhat.com> <4F1FBAA7.1040903@redhat.com> <20120125104510.GF19086@bogey.xentower.nl> Message-ID: <4F20760E.5020400@redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 (Separating topics in this thread.) On 01/25/2012 02:45 AM, Ewoud Kohl van Wijngaarden wrote: > On Wed, Jan 25, 2012 at 10:17:43AM +0200, Itamar Heim wrote: >> can we separate the openid support for authentication (so people >> can user same user/password) from authorization (can an openid >> account do something)? >> >> so we would still have the process of an existing user has to >> give edit permissions to an openid user? > > That could be a mitigation in case we do get spammers. That's a rather nice idea - it would save us from losing the investment in getting OpenID working if we didn't have to roll all the way back, and if we had to fall-back to manual-initial authorization, at least we'd be helping contributors reduce account complexity. - - Karsten - -- name: Karsten 'quaid' Wade, Sr. Community Architect team: Red Hat Community Architecture & Leadership uri: http://communityleadershipteam.org http://TheOpenSourceWay.org gpg: AD0E0C41 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFPIHYO2ZIOBq0ODEERAkt7AJ9ZuqPFFW/qEHgSItBqB2QgJ/xLOwCdGcpf VS6cFPMJ+rupMepGmA5peZc= =7FWL -----END PGP SIGNATURE----- From ewoud+ovirt at kohlvanwijngaarden.nl Thu Jan 26 11:37:46 2012 From: ewoud+ovirt at kohlvanwijngaarden.nl (Ewoud Kohl van Wijngaarden) Date: Thu, 26 Jan 2012 12:37:46 +0100 Subject: openid on the wiki? In-Reply-To: <4F207588.3090904@redhat.com> References: <20120124171355.GD19086@bogey.xentower.nl> <4F1EFB19.20704@redhat.com> <20120124233950.GE19086@bogey.xentower.nl> <4F1F7F2E.1050604@redhat.com> <4F1FBAA7.1040903@redhat.com> <20120125104510.GF19086@bogey.xentower.nl> <4F207588.3090904@redhat.com> Message-ID: <20120126113746.GG19086@bogey.xentower.nl> On Wed, Jan 25, 2012 at 01:35:04PM -0800, Karsten 'quaid' Wade wrote: > Are you able to volunteer to help with wiki gardening? In specific, > keeping things cleaned up if we do get a spammer - reverting changes, > deleting accounts, etc. > > If we can get enough of us to watch things with commitment, then I'm > much more comfortable with the idea of rolling out OpenID. I can watch the RSS feed and monitor for spam. Given the current amount of wiki edits I don't think it'll take that much time. From kwade at redhat.com Fri Jan 27 23:26:29 2012 From: kwade at redhat.com (Karsten 'quaid' Wade) Date: Fri, 27 Jan 2012 15:26:29 -0800 Subject: openid on the wiki? In-Reply-To: <20120126113746.GG19086@bogey.xentower.nl> References: <20120124171355.GD19086@bogey.xentower.nl> <4F1EFB19.20704@redhat.com> <20120124233950.GE19086@bogey.xentower.nl> <4F1F7F2E.1050604@redhat.com> <4F1FBAA7.1040903@redhat.com> <20120125104510.GF19086@bogey.xentower.nl> <4F207588.3090904@redhat.com> <20120126113746.GG19086@bogey.xentower.nl> Message-ID: <4F2332A5.9070708@redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/26/2012 03:37 AM, Ewoud Kohl van Wijngaarden wrote: > On Wed, Jan 25, 2012 at 01:35:04PM -0800, Karsten 'quaid' Wade > wrote: >> Are you able to volunteer to help with wiki gardening? In >> specific, keeping things cleaned up if we do get a spammer - >> reverting changes, deleting accounts, etc. >> >> If we can get enough of us to watch things with commitment, then >> I'm much more comfortable with the idea of rolling out OpenID. > I can watch the RSS feed and monitor for spam. Given the current > amount of wiki edits I don't think it'll take that much time. OK, I'm game for doing this then. Can we do a quick process write-up here? That is, what do we think it's going to take in steps so far, then we can find the gaps and fill with our knowledge. In the end, I'd like to have the service up _and_ a page similar to these: http://ovirt.org/wiki/Category:Infrastructure_documentation - - Karsten - -- name: Karsten 'quaid' Wade, Sr. Community Architect team: Red Hat Community Architecture & Leadership uri: http://communityleadershipteam.org http://TheOpenSourceWay.org gpg: AD0E0C41 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFPIzKl2ZIOBq0ODEERAl09AJ9woyvf7luyxXnY19dBdvqyBeh7/wCgsc9a kDilp1hmkcNaRxhSiZk4cgk= =yAA+ -----END PGP SIGNATURE----- From masayag at redhat.com Mon Jan 30 12:36:22 2012 From: masayag at redhat.com (Moti Asayag) Date: Mon, 30 Jan 2012 14:36:22 +0200 Subject: Jenkins doesn't notify committers who broke the build Message-ID: <4F268EC6.3050806@redhat.com> Hi, The Jenkins doesn't send emails on a broken build to the users which submitted their problematic patch, causing emails from Jenkins to engine-patches not being distinguished. Could a specific mail be sent to the committer and to the patch reviewers (or just for those who set the +2 flag)? Thanks, Moti From eedri at redhat.com Mon Jan 30 12:42:41 2012 From: eedri at redhat.com (Eyal Edri) Date: Mon, 30 Jan 2012 07:42:41 -0500 (EST) Subject: Jenkins doesn't notify committers who broke the build In-Reply-To: <4F268EC6.3050806@redhat.com> Message-ID: <92f1edde-964e-498c-b17c-9a039f73dafa@zmail13.collab.prod.int.phx2.redhat.com> Do you mean email isn't being sent to a patch being reviewed or pushed already? we didn't add gerrit support to jenkins.ovirt.org yet. but emails to individual commiters who broke the build should be sent. and to the best of my knowledge are sent. (please let me know if you know on a problem) there is a plan to add gerrit review support (similar to downstream) soon. Eyal. ----- Original Message ----- > From: "Moti Asayag" <masayag at redhat.com> > To: infra at ovirt.org, "Eyal Edri" <eedri at redhat.com> > Sent: Monday, January 30, 2012 2:36:22 PM > Subject: Jenkins doesn't notify committers who broke the build > > Hi, > > The Jenkins doesn't send emails on a broken build to the users which > submitted their problematic patch, causing emails from Jenkins to > engine-patches not being distinguished. > > Could a specific mail be sent to the committer and to the patch > reviewers (or just for those who set the +2 flag)? > > Thanks, > Moti > From ewoud+ovirt at kohlvanwijngaarden.nl Tue Jan 31 17:48:51 2012 From: ewoud+ovirt at kohlvanwijngaarden.nl (Ewoud Kohl van Wijngaarden) Date: Tue, 31 Jan 2012 18:48:51 +0100 Subject: openid on the wiki? In-Reply-To: <4F2332A5.9070708@redhat.com> References: <20120124171355.GD19086@bogey.xentower.nl> <4F1EFB19.20704@redhat.com> <20120124233950.GE19086@bogey.xentower.nl> <4F1F7F2E.1050604@redhat.com> <4F1FBAA7.1040903@redhat.com> <20120125104510.GF19086@bogey.xentower.nl> <4F207588.3090904@redhat.com> <20120126113746.GG19086@bogey.xentower.nl> <4F2332A5.9070708@redhat.com> Message-ID: <20120131174851.GH19086@bogey.xentower.nl> On Fri, Jan 27, 2012 at 03:26:29PM -0800, Karsten 'quaid' Wade wrote: > OK, I'm game for doing this then. > > Can we do a quick process write-up here? That is, what do we think > it's going to take in steps so far, then we can find the gaps and fill > with our knowledge. In the end, I'd like to have the service up _and_ > a page similar to these: > > http://ovirt.org/wiki/Category:Infrastructure_documentation Are you by any chance at FOSDEM this weekend? Maybe we could look at this in person. From kwade at redhat.com Tue Jan 31 17:57:46 2012 From: kwade at redhat.com (Karsten 'quaid' Wade) Date: Tue, 31 Jan 2012 09:57:46 -0800 Subject: openid on the wiki? In-Reply-To: <20120131174851.GH19086@bogey.xentower.nl> References: <20120124171355.GD19086@bogey.xentower.nl> <4F1EFB19.20704@redhat.com> <20120124233950.GE19086@bogey.xentower.nl> <4F1F7F2E.1050604@redhat.com> <4F1FBAA7.1040903@redhat.com> <20120125104510.GF19086@bogey.xentower.nl> <4F207588.3090904@redhat.com> <20120126113746.GG19086@bogey.xentower.nl> <4F2332A5.9070708@redhat.com> <20120131174851.GH19086@bogey.xentower.nl> Message-ID: <4F282B9A.3020906@redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/31/2012 09:48 AM, Ewoud Kohl van Wijngaarden wrote: > On Fri, Jan 27, 2012 at 03:26:29PM -0800, Karsten 'quaid' Wade > wrote: >> OK, I'm game for doing this then. >> >> Can we do a quick process write-up here? That is, what do we >> think it's going to take in steps so far, then we can find the >> gaps and fill with our knowledge. In the end, I'd like to have >> the service up _and_ a page similar to these: >> >> http://ovirt.org/wiki/Category:Infrastructure_documentation > > Are you by any chance at FOSDEM this weekend? Maybe we could look > at this in person. Nope, I'll be blissfully at home. (I also never seem to find time to do those sorts of things at conferences.) But if some others want to get together to talk about this or other infrastructure topics, I can be available remotely. - - Karsten - -- name: Karsten 'quaid' Wade, Sr. Community Architect team: Red Hat Community Architecture & Leadership uri: http://communityleadershipteam.org http://TheOpenSourceWay.org gpg: AD0E0C41 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFPKCua2ZIOBq0ODEERApRUAKDiLGhRw78D5xVU+Ba5r6smrKlf/gCg5isT WOU8pklHUTgPl0EVaK9mFxI= =8pwZ -----END PGP SIGNATURE-----