Difference between revisions of "Deployed to a repository"
| Line 1: | Line 1: | ||
In general we use a non-standard approach to deploying builds. The standard approach to deploying python projects is to run something like 'sdist upload' and on java it would be using the java release plugin. We do not agree with those approaches to releasing software for a few reasons: | In general we use a non-standard approach to deploying builds. The standard approach to deploying python projects is to run something like 'sdist upload' and on java it would be using the java release plugin. We do not agree with those approaches to releasing software for a few reasons: | ||
| − | # It's doing too much, | + | # It's doing too much, those things are doing build, test, deployments and even possibly tagging all in one. What we want is to simply copy a file to a repository. |
# It's posing a security risk by downloading from multiple repsitories, we are concerned that something might get through that could re-route the builds to an evil repository. | # It's posing a security risk by downloading from multiple repsitories, we are concerned that something might get through that could re-route the builds to an evil repository. | ||
| − | |||
So instead we simply use curl to deploy the builds to the appropriate repository. | So instead we simply use curl to deploy the builds to the appropriate repository. | ||
Revision as of 18:57, 2 December 2013
In general we use a non-standard approach to deploying builds. The standard approach to deploying python projects is to run something like 'sdist upload' and on java it would be using the java release plugin. We do not agree with those approaches to releasing software for a few reasons:
- It's doing too much, those things are doing build, test, deployments and even possibly tagging all in one. What we want is to simply copy a file to a repository.
- It's posing a security risk by downloading from multiple repsitories, we are concerned that something might get through that could re-route the builds to an evil repository.
So instead we simply use curl to deploy the builds to the appropriate repository.
CI Build Deployments
When CI builds are created it usually gets deployed to the tarballs file server.
Release Deployments
When tags are created the tagged build gets deployed to an appropriate repository depending on the type of project that is built. Here is a list of some of the repositories:
- Python projects are deployed to pypi
- General Java projects are deployed to maven central
- Jenkins plugins are deployed to jenkins repo
