Hi On Tue, Jun 12, 2018 at 8:39 PM, Victoria Henry <vhe...@pivotal.io> wrote:
> Hi Dave, > > >> >> No, because it's firewalled to the nines inside our network. There's no >> chance I'm making production build machines internet-accessible. >> > > For a Open Source project, if the community cannot see the place where the > tests are running it looses a huge part of the process. We believe that > removing this capability will have a negative impact on the development, > especially because we do not have a CI/CD. Before the code is merged we > will never know if master is broken or not. > This is one of multiple CI/CD systems; specifically it's the one that will be producing our official builds. Security always trumps developer convenience for build machines as far as I'm concerned - have you ever had to deal with a possibly-compromised build server and the PR fallout etc that can result from that? The existing public system will be replaced with one that mirrors a portion of the build system; specifically, the test jobs, but not the production build jobs or dependencies. It may be removed completely in the future if I can find a way to securely allow access to build info from the build system. > > >> >> >>> We have some examples from our pipeline that we can share: >>> Script that we use to run the UT + Feature tests on a docker image that >>> has python+yarn+selenium+postgres installed on it: >>> https://github.com/greenplum-db/pgadmin4-ci/blob/master/ >>> tasks/run-postgres-tests/run.sh >>> >>> This type of scripts can be added to the Jenkinsfile to create a >>> pipeline step. A good practice in a reproducible pipeline is to use Docker >>> to ensure that every test runs in a clean and predictable environment, this >>> make it easy to reproduce a problem found in testing. >>> >> >> Docker is of little use to us here, as 2 of the 4 build platforms cannot >> be run in Docker (macOS and the Docker container), and the 3rd would be >> extremely difficult to run that way (Windows) >> > > The docker files that we are talking about here is to run the tests, and > we believe that the tests are all running in a Linux environment. > No, I'm running tests on all platforms. We've proven numerous times that just running them on Linux is not enough. -- Dave Page Blog: http://pgsnake.blogspot.com Twitter: @pgsnake EnterpriseDB UK: http://www.enterprisedb.com The Enterprise PostgreSQL Company
