On Wed, 3 Mar 2021 at 17:13, Matthew Miller <mattdm@xxxxxxxxxxxxxxxxx> wrote:
On Wed, Mar 03, 2021 at 01:53:28PM -0800, Kevin Fenzi wrote:
> 4) We could add some kind of GSSAPI/Kerberos support to pagure, so
> people could use https and a kerberos ticket.
What's amount of effort required for this option? Because other than "it
might be a lot of work", it seems ideal, and would resolve a lot of other
cases where it's an extra step to have to configure an access token for
pagure. But "it might be a lot of work" is a pretty big con.
If the answer is "yeah, it's a lot", I vote for whichever other option makes
this a logical next step when there is time to do such work.
The real question is 'can any of the choices be fully done in a very short schedule with many of the people who could work on it are working on meeting the first AAA deadline or F34 beta?' Basically it needs to do the following:
0. Code needs to be written and tested in sandboxes.
1. It needs to be made to work in staging and tested by people. (1 week)
2. Does the same method need to be made to work with CentOS src staging if so probably (1 week) [We are a combined auth system and git/pagure is used in both for central work. Changes we make tend to roll out over both CentOS and Fedora.]
3. It needs to be made ready to roll out in production (1 week)
4. It needs to be documented new workflow with posts and 'yes I know yesterday you did this but today you are doing this' before a F34 release
5. Rolled out.
6. What is the fall back if production doesn't work?
--
Stephen J Smoogen.
_______________________________________________ infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure