Follow-up to https://www.redhat.com/archives/fedora-test-list/2009-July/msg00459.html
I volunteered after the meeting to file this ticket.
One long standing deficiency in our testing process has been the inability to make GA RC testing images and unreleased Alpha and Beta testing images readily and generally available for community testing. Historically these images have been made available to and tested by @redhat.com people only. This contradicts the rest of our processes and philosophy as a project where everyone, regardless of employer can participate.
During Fedora 10 and 11 some test images were been made available on a public facing web server used by Release Engineering. There was no documented policy about who was allowed to access this content and what level of public disclosure there should be around its availability. As a result some people (including me) were (unfairly) publicly accused of "leaking" this information.
Release Engineering contends that it is not possible to make this content publicly available without putting an undue burden on their infrastructure. Endless discussion has taken place at IRC meetings and mailing lists about how this problem without finding a better way forward.
I would like to officially bring this issue to the Infrastructure Team, who I understand to be ultimately responsible for providing services like this (delivering content in the fastest way possible), to see if there is in fact a creative, viable solution to this problem that they can suggest and implement.
Thank you for your consideration,
Hey, I'm not the person to speak for the disclosure policy, but here's my suggestion for the infrastructure side:
Another possibility would be to get the images on an SSL secured host and make it do FAS auth (requiring the qa/any other needed groups in FAS). I'm not sure what other Infrastructure people think about enabling SSL on the secondary download server though. I'd personally rather not do that.
Does this sound OK for you?
Assigning to f13, feel free to reassign if you're not the right person for this :-)
I just checked, and we apparently already have SSL enabled on the secondary server, although that might be subject to change now that we notice it. There is one benefit to FAS auth though - personal FAS credentials are probably less likely to leak out than shared credentials.
I'll nab this one, it aligns with some of the other stuff I've been doing. I've actually got a meeting with jlaska about this sort of thing tomorrow. After that I'll have more details about how this will all look.
Just got off the phone with jlaska about hosting and it sounds like we've used alt.fedoraproject.org in the past but there's been some confusion as to whether or not it's performance was working out. I understand there is going to be another test day on the 29th so I've suggested we keep using alt.fedoraproject.org. I ask that people using it for that day pay attention to how long downloads take and we're going to monitor the box closely.
If alt.fp.o doesn't work out, we'll have a better idea of why and can make adjustments.
I'm downloading http://alt.fedoraproject.org/pub/alt/stage/12-Alpha-TC/Fedora-12-Alpha-i386-DVD/ right now and seeing download speeds as high as 2.0 MB/sec.... averaging about 1.5 MB/sec
Can infrastructure track the number of hits and and complete downloads to this site or create some of those cool cactus graphs to give us an idea of how many people are downloading these pre-release composes?
I think this is all set, we have two places for hosting this content now.
to comment on this ticket.