[Chandler-dev] Using svn instead of builds for tarballs?
Heikki Toivonen
heikki at osafoundation.org
Thu Nov 9 23:01:26 PST 2006
Andi Vajda wrote:
> On Thu, 9 Nov 2006, Heikki Toivonen wrote:
> I know, I know.... the logic is incomplete though, if svn tends to be
> unavailable more often than builds, then putting all eggs into the svn
> basket
> would be unwise. I sure don't know that that is the case, I was just not
> convinced by the argument...
I don't understand that logic.
Currently:
svn | builds | can checkout and build
=====================================
no | no | no
no | yes | no
yes | no | no
yes | yes | yes
All in svn:
svn | builds | can checkout and build
=====================================
no | no | no
no | yes | no
yes | no | yes
yes | yes | yes
>> Like I mentioned, when you use svn+ssh. By its nature it encrypts the
>> connection and verifies that nothing changes over the wire.
>
> How is that more secure than downloading source tarballs over ssh, https ?
It isn't, but we are downloading the tarballs over http, not ssh or
https. We could probably make downloads reasonably easy over https
(would need to enable SSL on builds, checkin a cert to chandler/ and
make curl use that cert when doing the SSL checks.)
> My main concern is that I'm not sure svn is such a great tool for
> handling large files. I could be wrong... If we follow this route,
I believe my tests showed that download speeds should not be an issue.
If you want me to run other tests I'd be happy to.
--
Heikki Toivonen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 254 bytes
Desc: OpenPGP digital signature
Url : http://lists.osafoundation.org/pipermail/chandler-dev/attachments/20061109/59aacf5e/signature.pgp
More information about the chandler-dev
mailing list