You are viewing a plain text version of this content. The canonical link for it is here.
Posted to infrastructure-issues@apache.org by "Mark Thomas (JIRA)" <ji...@apache.org> on 2015/12/08 20:55:11 UTC
[jira] [Resolved] (INFRA-10776) New VM for Security Team
[ https://issues.apache.org/jira/browse/INFRA-10776?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Mark Thomas resolved INFRA-10776.
---------------------------------
Resolution: Fixed
Thanks. I can confirm that I have access and that sudo is working.
> New VM for Security Team
> ------------------------
>
> Key: INFRA-10776
> URL: https://issues.apache.org/jira/browse/INFRA-10776
> Project: Infrastructure
> Issue Type: Bug
> Components: Other/Misc
> Reporter: Mark Thomas
> Assignee: Daniel Takamori
>
> The security team wishes to evaluate SRC:CLR, a tool for finding known vulnerabilities in project dependencies. To do this we need a VM in which to run the agent part of the tool.
> The agent checks out a project's source and then either builds it or analyses the build files depending on the tool used. Therefore similar specs to a typical build slave should be sufficient.
> The OS needs to be Linux but the requirements are no more specific than that so Infra's preferred / standard variant is fine which I believe is Ubuntu 14.04 LTS.
> I am assuming that the OS will be managed by Puppet and that the security team will be responsible for the day-to-day management of the VM. Please could the following packages be added to the required packages for the VM in Puppet:
> - git
> - openjdk-8-jdk
> - maven (from Ubuntu Wily since we need 3.1 or later)
> The security team will install the SRC:CLR agent manually.
> Please ensure that I (availid markt) has root access to the VM. I'll add other security team members as necessary.
> Thanks in advance.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)