On 18/02/11 at 09:11 -0600, Raphael Geissert wrote: > Raphael Hertzog wrote: > > On Fri, 18 Feb 2011, Lucas Nussbaum wrote: > >> On 17/02/11 at 20:01 -0600, Raphael Geissert wrote: > >> > Unless there's any justified objection, I'm going to switch the qa > >> > repository checkout on quantz to use https instead of ssh. > >> > The side effects will be: > >> > a) no special subversion configuration will be needed for the qa user > >> > to update the repository, and > >> > b) it won't be possible to commit changes from within that checkout. > >> > > >> > It would be great if the PTS followed the change too, but that's more > >> > on hands of Raphaƫl Hertzog and Stefano Zacchiroli. In fact, it would > >> > be even better if that mantra becomes part of the past. > >> > >> Mmmh, I liked the fact that simple changes could be tested and committed > >> directly on the live instance. > > We should better focus on providing a way to test changes without breaking > or risking the infrastructure. Most, if not all, of the qa webpages can be > run from a userdir without further changes and it will Just Work. > > > I also often commit from the PTS repository on master. > > > > What's the rationale for the change? > > Because in order to commit changes from qa.d.o one has to do either of > these: > a) type the password of the alioth account, which is risky > b) use an ssh key on a shared host, which again is risky and even more > because they can't be restricted to, say, only execute svnserve because > GForge rejects such kind of entries.
I usually do (b) when I need to commit, and I'm still not convinced that we need to move to another behaviour. Lucas -- To UNSUBSCRIBE, email to debian-qa-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110218204830.ga26...@xanadu.blop.info
