[Zope-dev] [Distutils] [buildout] "private" releases

Jim Fulton jim at zope.com
Thu Mar 31 07:18:58 EDT 2011


On Thu, Mar 31, 2011 at 5:38 AM, Martijn Pieters <mj at zopatista.com> wrote:
> On Wed, Mar 30, 2011 at 15:08, Jim Fulton <jim at zope.com> wrote:
>> We do something similar with sftp (zc.buildoutsftp).  To publish eggs,
>> we just use scp.
>> The advantage of this is that it leverages ssh infrastructure, so *no*
>> additional password management is needed.  This is wildly better, IMO,
>> than keeping passwords in clear text in your buildout configuration or
>> in a dot file.
>
> That depends on your deployment scenarios. We generate separate
> passwords per customer, and give them a dedicated URL to load their
> private eggs from, then put the password in the buildout.cfg. To load
> the buildout.cfg in the first place, the exact same password is used.
>
> Managing SSH accounts and keys for those customers would cost us much
> more overhead, and would complicate our instructions for deployment to
> them.
>
> On the other hand, for deployments of a buildout from a SVN repository
> already served over SSH would make the sftp route the logical choice.

Some customers are too dumb to be secure. OK, makes sense. :)

Seriously, I assume this is a read-only scenario, in which case having
clear-text passwords laying around in prominent places seems less
problematic.  If they could write to the repo, then I would still have
serious problems with this approach.

Another approach would be to integrate with some secure key-management
service (keychain) on the customer's machines, but I expect that would
be as painful as helping them figure out ssh.

Jim

-- 
Jim Fulton
http://www.linkedin.com/in/jimfulton


More information about the Zope-Dev mailing list