-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Jul 5, 2008, at 11:23 PM, Cristóbal Palmer wrote:
To be clear, I have not set up ANYthing that would push from garp (the machine hosting pootle.metalab) back to anywhere else with bzr. If there's some sort of automatic sync that pootle is trying to make happen, I don't know how it's doing it or where other than garp it's going. Honestly I think everything happening in pootle is currently staying on garp.
I think we need to either have it publish a http://pootle.metalab.unc.edu/bzr/mailman/ branch or, as Barry suggested, have it push back to launchpad. Both of those would require some setup and I'd like to hear what's optimal before I go digging to figure out how to actually do it. :)
I think we have two options. The first is to use 'bzr serve' on garp to publish read-only branches from the pootle server. This would require us (the core developers) to pull branches from garp for integration into the main line. This probably has the advantage of being relatively simple to set up, but it has two disadvantages that I can think of. - - Those branches are less discoverable because they are in a different location than all the other Mailman bzr branches. We can mitigate this by documenting them in the wiki. - - We add more dependencies on garp. I'm highly grateful to Cristobal for setting this up, but what happens if that machine crashes or some other technical problem puts garp off line? All those branches go with it. The second option, AFAICT, is to create a fake user on Launchpad and have some cron job on garp push branch updates to this fake user every night. I like this, and think it would be fairly simple to set up, but I talked to one of the LP/bzr guys a few nights ago, and he said they discourage the use of fake users like this. His suggestion was to create an ssh keypair and associate it with one of real users, letting this cron job push to one of our accounts. Because the privkey would necessarily have no passphrase, and because it's an automated process, I personally would not feel comfortable doing this with my account. I doubt anybody else who thinks of security would either. Comments are welcome. For now, I'm favoring the 'fake' user approach. - -Barry -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (Darwin) iQCVAwUBSHDZk3EjvBPtnXfVAQI3BAQAoNcwHvfmP++8Pd4nlmTVUdulJNlWlAVl DWUp2fIa2W2+mACxDkopVqFr/EYUQ1somn9YgYk+sKkgMb5yFTrUxMtdPZhmnjMG GBM7fbFfvvoYsNLe6mmMeftTt2CMPKXzYNBVVs2GWPQ1eiZLA8cL8nzUm0p1FTdH AaTy333e7Ps= =eypS -----END PGP SIGNATURE-----