Hi, Cos,
I cannot agree with you.
I rechecked it again. What I did:
1. Sign up with new user to Apache Jira (
https://issues.apache.org/jira/secure/Signup!default.jspa). // I didn't add
any privileges.
2. Open https://issues.apache.org/jira/browse/IGNITE-456
3. Add txt and patch - files to the
Are we saying that non-contributors can attach patches?
On Thu, May 21, 2015 at 2:24 AM, Artiom Shutak ashu...@gridgain.com wrote:
Hi, Cos,
I cannot agree with you.
I rechecked it again. What I did:
1. Sign up with new user to Apache Jira (
On 21.05.2015 11:35, Dmitriy Setrakyan wrote:
Are we saying that non-contributors can attach patches?
Slow down. Anyone who sends a patch is, by definition, a contributor.
Whether or not you decide to use the patch is a different matter. You
don't want to invent any extremely paranoid access
On 21.05.2015 12:00, Dmitriy Setrakyan wrote:
On Thu, May 21, 2015 at 2:48 AM, Branko Čibej br...@apache.org wrote:
On 21.05.2015 11:35, Dmitriy Setrakyan wrote:
Are we saying that non-contributors can attach patches?
Slow down. Anyone who sends a patch is, by definition, a contributor.
On Thu, May 21, 2015 at 2:48 AM, Branko Čibej br...@apache.org wrote:
On 21.05.2015 11:35, Dmitriy Setrakyan wrote:
Are we saying that non-contributors can attach patches?
Slow down. Anyone who sends a patch is, by definition, a contributor.
Whether or not you decide to use the patch is a
I think I found good way to resolve any security issues here. We will use
attachments only from approved users list (contributors).
Objections?
-- Artem --
On Thu, May 21, 2015 at 1:13 PM, Branko Čibej br...@apache.org wrote:
On 21.05.2015 12:00, Dmitriy Setrakyan wrote:
On Thu, May 21,
On Thu, May 21, 2015 at 10:32AM, Dmitriy Setrakyan wrote:
On Thu, May 21, 2015 at 10:27 AM, Konstantin Boudnik c...@apache.org wrote:
Can anyone with project admin rights check the permissions chema and see
if there's a tweak for 'Patch available' for different roles in the
project? i
Ok, I've reopened the root issue
https://issues.apache.org/jira/browse/IGNITE-456 and will continue progress.
If there is any objections, let me know.
-- Artem --
On Tue, May 19, 2015 at 8:53 PM, Konstantin Boudnik c...@apache.org wrote:
Here's two reasons why current approach is secure
There's user ignite-ci, that I created a while ago, but it isn't mandatory to
use it of course ;)
On Thu, May 21, 2015 at 12:23AM, Artiom Shutak wrote:
I've created new Jira user without granting him some additional privileges.
The user cannot move jira status, but he can add any attachment
On Wed, May 20, 2015 at 6:26 AM, Yakov Zhdanov yzhda...@gridgain.com
wrote:
I still insist that this should be implemented with great care.
I tend to agree with Cos here. Let's implement this feature. If we get some
malicious contributor attaching bad patches, we will catch it very quickly
and
On 20.05.2015 21:36, Dmitriy Setrakyan wrote:
On Wed, May 20, 2015 at 6:26 AM, Yakov Zhdanov yzhda...@gridgain.com
wrote:
I still insist that this should be implemented with great care.
I tend to agree with Cos here. Let's implement this feature. If we get some
malicious contributor
Guys,
It seems we need to stop any activity in this direction.
I have just realized that automatic patch validation (at least in its form
we agreed on) opens a huge security hole - anyone who attaches a patch to
JIRA can execute literally any code (!) on our public TC -
java/bash/binary/built-in
Here's two reasons why current approach is secure enough (and in fact has
been used for some time on Apache build infrastructure):
- only project contributors can manipulate JIRA: attaching, changing
state, etc. Don't we trust our contributors?
- if TC agents aren't running as privileged user -
Sergey and I had a good Skype call and everything seems to be resolved. The
installed jira-cli tools work just fine http://bit.ly/1c2qmeH
Attachments and comments do not need to be fetched using jira-cli. The
proposed workflow for the automatic patching is explained at the bottom of
Hi Sergey.
I can not re-attach an instance with the command you provided; also using
attach doesn't provide me with an interactive shell.
Clearly these instances are running sshd, but I have no credentials to log in.
Perhaps it'd be easier if we can jump on a skype call and quickly figure it
Ah, darn - now I remember that the TC is in containers ;( Silly me - thanks
man: we'll check it shortly and report about my findings.
Cos
On Fri, May 01, 2015 at 01:24PM, Sergey Bachinskiy wrote:
Cos, agents in docker container 2 of them in master - you can login to
root shell of agent by
Just got confirmation that the password was changed. We must be very
careful going forward.
On Fri, May 1, 2015 at 5:38 AM, Dmitriy Setrakyan dsetrak...@gridgain.com
wrote:
I have instructed Sergey to change the password and not send passwords to
a public dev list.
D.
On Fri, May 1, 2015
Cos, agents in docker container 2 of them in master - you can login to
root shell of agent by shell command - docker -i -t container_id bash, id
of container you can get by command - docker ps (all enabled and running
containers)
to another machine with agents you can login by ip 204.14.53.153
Cos,
Does cli works on your local machine?
Can you check if our JIRA allows remote API calls - Go to Administration
- General Configuration and ensure Accept remote API calls in ON?
Sergey tried it locally and it just hangs.
--Yakov
2015-04-28 20:30 GMT+03:00 Konstantin Boudnik
Yakov
Yes, cli works on my local machine. In fact I am using this version of cli to
work with ASF JIRA for years. This
https://issues.apache.org/jira/browse/IGNITE-495 is populated via cli only -
no manual edits.
Unfortunately, I wasn't able to verify the slaves last night - we'll try
today.
Cos, could you pls give example how you get attachment or comment from jira
issue?
On Wed, Apr 29, 2015 at 10:16 PM, Konstantin Boudnik c...@apache.org wrote:
Yakov
Yes, cli works on my local machine. In fact I am using this version of cli
to
work with ASF JIRA for years. This
On Wed, Apr 29, 2015 at 4:02 PM, Konstantin Boudnik c...@apache.org wrote:
If you look at the branch ignite-620 (as referred in the ticket) you'll see
the example at the very end. I am waiting to get this stuff committed, so I
can finish all the tiny bits that left, like commenting.
If you look at the branch ignite-620 (as referred in the ticket) you'll see
the example at the very end. I am waiting to get this stuff committed, so I
can finish all the tiny bits that left, like commenting.
Literally, all I need right now, is a review so I can commit the code (which
is
On Wed, Apr 29, 2015 at 04:38PM, Dmitriy Setrakyan wrote:
On Wed, Apr 29, 2015 at 4:02 PM, Konstantin Boudnik c...@apache.org wrote:
If you look at the branch ignite-620 (as referred in the ticket) you'll see
the example at the very end. I am waiting to get this stuff committed, so I
can
24 matches
Mail list logo
