[Box-Admins] CI build slaves
Frank Shearar
frank.shearar at gmail.com
Sun Jan 6 17:33:09 UTC 2013
Hi Chris Cunnington and fellow box-admins,
I'm ready to report on my distributed build slave experiment, and
wondered if you'd take a look at my proposed announcement before I
hit the send button. Usually I'd just send these kinds of things, but
since I _use_ squeakci but don't _own_ it (in the responsibility
sense), I thought I'd check here first for things like tone, and
whether we'd want to allow people to help out in the below fashion.
In particular, there are possible security concerns, mostly on the
client side, but possibly (in the sense that I don't know) on the
server side. So:
<proposal>
Hi,
Our community have very few dedicated official resources: running
www.squeak.org and so on either takes cash or donations.
The new CI work is rather heavy CPU wise, and limited to (CentOS)
Linux builds only. However, Jenkins supports the use of headless build
slaves that connect TO a Jenkins master, permitting these slaves to
run while still behind NATs.
I've been experimenting these past few days investigating using build
slaves. I've set up jobs for building FreeBSD VMs (both broken,
because FreeBSD support does lag behind the other platforms) and for
running Trunk tests on OS X. You can see that we have some (known)
network issues on OS X here:
http://squeakci.org/job/SqueakTrunk-OSX/9/testReport/?
It's pretty easy to run a build slave. If you wish to donate some
computing time, ask here and we can create a node for you, with a
(unique) name of your choice. Once that's done, you need to
* have (a recent version of) Java installed
* download the slave.jar from http://squeakci.org/jnlpJars/slave.jar
* run the jar somehow. On a Unix machine that'll be $ java -jar
slave.jar -jnlpUrl
http://squeakci.org/computer/${SLAVENAME}/slave-agent.jnlp
What are the downsides? Jenkins masters can send arbitrary Java
classes to a slave for running. That means that if squeakci.org's
Jenkins was compromised, your build slave could potentially be
compromised. You will want to, at the minimum, run the slave under a
dedicated user with low privileges.
You can find more reading material here:
https://wiki.jenkins-ci.org/display/JENKINS/Distributed+builds
</proposal>
frank
More information about the Box-Admins
mailing list