Metadata
- Source
- FLUID-5960
- Type
- Task
- Priority
- Major
- Status
- Open
- Resolution
- N/A
- Assignee
- N/A
- Reporter
- Justin Obara
- Created
2016-09-16T08:09:05.773-0400 - Updated
2016-09-16T13:21:04.407-0400 - Versions
- N/A
- Fixed Versions
- N/A
- Component
-
- Infrastructure
- Release
Description
The CI server should publish a dev package to NPM on a merge that successfully builds and passes tests.
This will make use of the fluid-publish module that we have been using to manually create dev packages.
Comments
-
Avtar Gill commented
2016-09-16T11:07:59.147-0400 A few notes summarizing what Justin and I discussed offline:
- An account will need to be created for the CI server
- The CI server should be able to authenticate itself without having to reveal the credentials so being able to use environment variables or having the secrets live in a config file would be ideal
- The account will need to be given required privileges in order to publish Infusion dev packages
- If the CI server is compromised someone could use it to publish malicious payloads
- If the publishing process fails it should return non-zero exit codes