Hello,

I am just starting to learn Bitten. What is the point of granting
anonymous BUILD_EXEC permission? Does that mean that just anybody can
submit builds to my Trac instance? Is it safe? Explanation about the
role of this permission would help a lot, esp. with a reference from
http://bitten.edgewall.org/wiki/Documentation/install.html page.

--
anatoly t.

Granting anonymous the BUILD_EXEC permission allows anyone to process
builds (i.e. claim a build and submit results). If you have a widely
accessible Trac instance, it's probably not a good idea. It's not
required -- your slaves can authenticate (see bitten-slave --help)
themselves and you can grant authenticated slaves permissions the same
way you would any other user.

This probably does need updating.  Does the wording below makes things clearer?

=====
This will create the database tables and directories that Bitten requires.
You probably also want to grant permissions to someone (such as yourself)
to manage build configurations, and allow anonymous users to view the
status and results of builds::

  $ trac-admin /path/to/projenv permission add [yourname] BUILD_ADMIN
  $ trac-admin /path/to/projenv permission add anonymous BUILD_VIEW

Build slaves (see next section) will need permission to process builds
which you can grant using::

  $ trac-admin /path/to/projenv permission add [slavegroup] BUILD_EXEC

Alternatively you may allow anyone to submit builds by given anonymous
this permission.
====

Schiavo
Simon

On Feb 26, 8:20 pm, Simon Cross <hodges...@gmail.com> wrote:

Much better. Only the usage of the word "build" is confusing. For
people, who see the Bitten for the first time, "Build" can mean
number, binary package, Makefile configuration, revision in
repository, tag or something else. In this respect "to process build"
is something mysterious, "to claim a build and submit results" is
better if you already know about master/slave communication and phrase
"to download build configuration and submit results" would make it
even more clear about the roles of master/slave from the start. The
only question I would like to ask at this point - what kind of results
are accepted by server - could these be binaries or just plain text
metrics? This info in installation part would, of course, better be
seen as a reference.

--
anatoly t.

Hmm, that page doesn't describe BUILD_EXEC, though it should.

BUILD_EXEC is the permission that the bitten-slaves need to work.
With this it would allow them to:
 * Connect to the bitten-master to get build requests.
 * Submit results of such builds.  This would include:
   * Success or Failure of the build.
   * Logs of each step.
   * Lint, Coverage, and/or Unit-tests results.
   * Attachments to the Build pages.
For simplicity of an initial installation, I can see giving anonymous
this ability.  This would allow one to get the slaves operational
without those pesky authentication issues getting in they way
(sarcasm).  I could see with this configuration, anyone could abuse
the Bitten system.  I personally defined a new user in Trac and only
that one user has BUILD_EXEC permission.  Originally that was the only
permission that I gave this new user and plan to move back to that
model shortly.

On Feb 26, 12:12 pm, anatoly techtonik <techto...@gmail.com> wrote:

Quoting "anatoly techtonik" <techto...@gmail.com>:

I have a "bitten" user in my Trac and all authenticated users have
BUILD_EXEC permission. I don't know wether this is the best way,
but it works.

Thanks for prompt replies. I now reached Zen of Bitten permissions. =)

I couldn't spot any differences in documentation, so I've created a
ticket for docs update. It is ticket #555 - a lucky number that makes
me wonder if all the docs need a major update?