Hi, What I have done now is storing the Git organization name, username and passwords against in a table against the AF tenant domain. I agree that this is not an acceptable practice. As a solution we can use OAuth tokens but that can expire within a certain time period.
Thanks Manisha On Thu, Jan 9, 2014 at 2:21 PM, Ajanthan Balachandran <ajant...@wso2.com>wrote: > On Mon, Jan 6, 2014 at 11:02 AM, Manisha Gayathri <mani...@wso2.com> > wrote: > > Hi all, > > > > According to the diagram in Sanjiva's mail, I have come up with a > sequence > > diagram of the scenarios that would cover in this user story. Please > refer > > [1] > > > > For M11, we are hoping to implement the scenarios up to Add Developer > user > > story. > According to the diagram we are storing the Github credentials in DB > while creating Tenant.I think it is not good practice storing > credentials of 3rd party service credentials(we don't have control > password reset and most of the user will not give) > > > > [1]. > > > http://www.websequencediagrams.com/?lz=dGl0bGUgUGVyIERldmVsb3BlciBSZXBvIEltcGwgd2l0aCBHaXRIdWIKCm9wdCBDcmVhdGUgTmV3IFRlbmFudAogAAIHQWRtaW4gLT4AKAc6ACMIYSBHaXQgb3JnYW5pemF0aW9uACESQUYAJgluAD8bQUY6IFByb3ZpZGUgZwBGDyBjb250ZXh0ICYgY3JlZGVudGlhbHMAfCJuIGFwcCBvd25lciB0ZWFtAIFtBnB1c2ggcGVybWlzcwCBHRVHaXRodWI6YwCBXAhkZXYAOQZpZiBub3QgZXhpc3RpbmcgYW5kIGFkZCB1c2VyIHRvACAJCmVuZACCQhFBcHAKICBBcHBPAIELBQCCCBIAGgdGAIJVE25ldyByZXBvIGluIHRoZSBvcmcuAIINCAogAIM-BwCCaAUAWAc6IFJlc3BvbnNlAINhBgCDcQVkZXRhaQCCMwUAXwZKZW5raW5zOiBBZGQAgxcFYnVpbGQgdGFzayBmb3IAgjgFcmVwbwCBRQpBZGQAhEEKAIE_DwCEWgk6IGludml0AIM0BnRvIGpvaW4gcHJvamVjdAogAIUACwCEFgdTdXJlIACBaRFGb3JrAIFnBW1haW4AgQEGAIFdDABjC0hlcmUncyB5b3VyIGZvcmtlZAAnCACBQSYALQdkZXYAgV8PAIYrCldyaXRlcyBDb2RlAIEyEACGCghHaXQgUHVsbACBUhAAggwLACsUAIIrC0xvY2FsIElERQCDAgYASx5zaACDaw0Ag0IJQgA0BwCDVQcAgxIHIENsb3VkOiBEZXBsb3kgZACIBQkAVRUAgz8LAIguCnRlc3QvZGVidWcAhVQKUHVsbCBSZXF1ZXMAg0UVABsFcgAXCQCFVQYAhRkKABMMIHJlY2VpdmVkAIYUEACFRgt2aQCGAgUARgkAhkALAIkQCE1lcmdlAIR_Gk5vd > GlmeSBhY2NlcHQAhyEF&s=vs2010 > > > > Thanks > > Manisha > > > > > > On Sun, Jan 5, 2014 at 3:07 AM, Dimuthu Leelarathne <dimut...@wso2.com> > > wrote: > >> > >> Hi Manisha and all, > >> > >> Please see my comments inline. > >> > >>>> > >>>> On Friday, January 3, 2014, Manisha Gayathri wrote: > >>>>> > >>>>> Hi all, > >>>>> > >>>>> For the M11 of App Factory, we are implementing per developer repo > >>>>> feature to give a github like experience for the developers. The > user story > >>>>> for this federated development will be as follows: > >>>>> - Once an app-owner creates an application, the application will be > >>>>> getting a repo in gitblit > >>>>> - When a developer logs in, he gets an option to fork the main repo > of > >>>>> the app > >> > >> > >> Fork option should not be something done by developer when he logs in. > >> Here is the user story we want from Sanjiva's mail titled > "per-developer git > >> repos for App Factory. Here is the link from the mail [1]. The diagram > here > >> is very precise. Basically the fork request should be sent by AF when a > >> developer is added to the project. And it should be done by AF on a > listener > >> when "add user to application" event is fired, so the developer do not > do > >> it. > >> > >> And as per the mail states GitBlit does not support "PR(pull request) > git > >> workflow". Then thinking along this line, IMO we should NOT implement > "per > >> developer" repos using Gitblit, because it would require major hacking. > I > >> believe we should integrate with GitHub for this feature. > >> > >> Basically our story should be "if underlying repo provider supports PR > >> workflow then we do [1]". So lets provide this feature using GitHub. > And if > >> one day GitBlit provides "PR git workflow", lets make it available for > Git > >> repositories as well. > >> > >> thanks, > >> dimuthu > >> > >> > >> [1] > >> > >> > http://www.websequencediagrams.com/?lz=dGl0bGUgQXBwIEZhY3RvcnkgR2l0IFJlcG9zCgpvcHQgQ3JlYXRlIE5ldyBBcHAKICBBcHBPd25lciAtPiBBRjoAGQhuABcKRiAtPiBHaXRibGl0ABMNcmVwbwogABMIADwFAEYHOiBIZXJlJ3MgeW91ciBhcHAAJAgARwZKZW5raW5zOiBBZGQAZQVidWlsZCB0YXNrIGZvACYLZW5kAIExBkFkZCBEZXZlbG9wZXIAgScPAA8JOiBpbnZpdGF0aW9uIHRvIGpvaW4gcHJvamVjdAogADYKAIFjCFN1cmUgAIFJGXJlcG8AgQkFZGV2AIFYDgBmCwCBWwxwcml2ADEIAIFCKWRldgCBXA8AgR0KV3JpdGVzIENvZGUAgS8QAIMGCUdpdCBQdWxsAIFQEACCCgsALBQAgikLTG9jYWwgSURFAIMABgBLH3NoAINkDgCDQglCADYHAINVBwCDEgcgQ2xvdWQ6IERlcGxveSBkAIJ6CQBXFQCDPwsAgyMKdGVzdC9kZWJ1ZwCEBQpQdWxsIFJlcXVlcwCDRRUAGwVyABcJAIU9BgCFEwoAEwwgcmVjZWl2ZWQAhXwQAIVCCVJldmkAhWkFAEYJAIYoCwCGDwlNZXJnZQCFABpOb3RpZnkgYWNjZXB0AIVTBQ&s=vs2010 > >> > >> > >>>>> > >>>>> - The developer should not be permitted to directly commit to the > main > >>>>> repo > >>>>> - Developer can fork the main repo and have it as his remote repo. > >>>>> Developer commits his changes to his remote repo > >>>>> - Once the changes are committed he sends a pull request with the > >>>>> committed changes > >>>>> - App owner can login to the main repo and check what are the > >>>>> available pull requests. He can review the commits and reject the > >>>>> problamatic ones and merge the accepted changes with the main repo > >>>>> > >>>>> There are couple of things to consider. > >>>>> We are using Gitblit as the repo provider in AF. In Gitblit only the > >>>>> fork option is available. The pull merge capability of Gitblit is > still in > >>>>> work in progress state according to their discussions. They are > hoping to > >>>>> make it available in the next release but still could not find even > a trunk > >>>>> build of those components. In that case we will need to implement > that > >>>>> capability in AF side. > >>>>> Therefore, we will give all these repo releated options from AF side. > >>>>> > >>>>> Thanks > >>>>> Manisha > >>>>> > >>>>> -- > >>>>> ~Regards > >>>>> Manisha Eleperuma > >>>>> Software Engineer > >>>>> WSO2, Inc.: http://wso2.com > >>>>> lean.enterprise.middleware > >>>>> > >>>>> blog: http://manisha-eleperuma.blogspot.com/ > >>>>> mobile: +94 71 8279777 > >>>>> > >>>>> -- > >>>>> You received this message because you are subscribed to the Google > >>>>> Groups "WSO2 Engineering Group" group. > >>>>> To unsubscribe from this group and stop receiving emails from it, > send > >>>>> an email to engineering-group+unsubscr...@wso2.com. > >>>>> For more options, visit > >>>>> https://groups.google.com/a/wso2.com/groups/opt_out. > >>>> > >>>> > >>>> > >>>> -- > >>>> S.Uthaiyashankar > >>>> VP Engineering > >>>> WSO2 Inc. > >>>> http://wso2.com/ - "lean . enterprise . middleware" > >>>> > >>>> Phone: +94 714897591 > >>>> > >>>> -- > >>>> You received this message because you are subscribed to the Google > >>>> Groups "WSO2 Engineering Group" group. > >>>> To unsubscribe from this group and stop receiving emails from it, send > >>>> an email to engineering-group+unsubscr...@wso2.com. > >>>> For more options, visit > >>>> https://groups.google.com/a/wso2.com/groups/opt_out. > >>> > >>> > >>> > >>> > >>> -- > >>> Shiroshica Kulatilake > >>> > >>> Architect, > >>> WSO2, Inc. http://wso2.com/ > >>> Phone: +94 776523867 > >> > >> > >> > >> > >> -- > >> Dimuthu Leelarathne > >> Architect & Product Lead of App Factory > >> > >> WSO2, Inc. (http://wso2.com) > >> email: dimut...@wso2.com > >> Mobile : 0773661935 > >> > >> Lean . Enterprise . Middleware > > > > > > > > > > -- > > ~Regards > > Manisha Eleperuma > > Software Engineer > > WSO2, Inc.: http://wso2.com > > lean.enterprise.middleware > > > > blog: http://manisha-eleperuma.blogspot.com/ > > mobile: +94 71 8279777 > > > > > > _______________________________________________ > > Architecture mailing list > > Architecture@wso2.org > > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > > > > > -- > ajanthan > -- > Ajanthan Balachandiran > Senior Software Engineer; > Solutions Technologies Team ;WSO2, Inc.; http://wso2.com/ > > email: ajant...@wso2.com; cell: +94775581497 > blog: http://bkayts.blogspot.com/ > > Lean . Enterprise . Middleware > _______________________________________________ > Architecture mailing list > Architecture@wso2.org > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > -- ~Regards *Manisha Eleperuma* Software Engineer WSO2, Inc.: http://wso2.com lean.enterprise.middleware *blog: http://manisha-eleperuma.blogspot.com/ <http://manisha-eleperuma.blogspot.com/>* *mobile: +94 71 8279777*
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture