canonical-ci-engineering team mailing list archive

Thread
Date

Re: Migration of s-jenkins to new hardware

To: Sergio Schvezov <sergio.schvezov@xxxxxxxxxxxxx>
From: Vincent Ladeuil <v.ladeuil@xxxxxxx>
Date: Tue, 08 Oct 2013 09:22:47 +0200
Cc: canonical-ci-engineering@xxxxxxxxxxxxxxxxxxx, ubuntu-engineering@xxxxxxxxxxxxxxxxxxx, QA Team Mailing List <qa-team@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <CAMso8J_ZUOkY+Z2wHwdfS5tfzM3CeT3ZJUWPWRw=4=sbJfHdcA@mail.gmail.com> (Sergio Schvezov's message of "Mon, 7 Oct 2013 19:29:40 -0300")
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/23.4 (gnu/linux)

>>>>> Sergio Schvezov <sergio.schvezov@xxxxxxxxxxxxx> writes:

    > On Mon, Oct 7, 2013 at 7:23 PM, Francis Ginther <
    > francis.ginther@xxxxxxxxxxxxx> wrote:

    >> Updating to the public URLs has been fixed. The "rebuild" link was
    >> intentionally left as is.
    >> 

    > Can we revisit the need to obfuscate this IP?

I don't think it's obfuscated, you need access to the VPN to reach it.

But if it's used as part of a url to a job that *is* already published
to jenkins.qa.ubuntu.com, it makes no sense to still point to the
internal IP. It will take time to track all those occurrences in new
runs and fix the old ones at the same time but I think everybody agree
it's the way to go.

    > As it is, it's cached everywhere on the web[1] just in case
    > obfuscating it brings in a sense of security.

I don't think anyone feels it's secured by obscurity, it's as secured as
the VPN access.

    Vincent

Follow ups

Re: Migration of s-jenkins to new hardware
From: Sergio Schvezov, 2013-10-08

References

Migration of s-jenkins to new hardware
From: Larry Works, 2013-10-05
Re: Migration of s-jenkins to new hardware
From: Rodney Dawes, 2013-10-07
Re: Migration of s-jenkins to new hardware
From: Francis Ginther, 2013-10-07
Re: Migration of s-jenkins to new hardware
From: Sergio Schvezov, 2013-10-07