passwords

[jay vyas <ja...@gmail.com>]

hi folks  this week i found myself in want of many passwords :)

1) twitter password, lost it.. wanted to tweet about using
bigpetstore-transaction-queue in kubernetes.

2) maven publishing password : wanted to publish the bps jars to apache
repos.

3) dockerhub password : to push docker images upstream for use in (1).

Thats just 2 examples, but  thera rea many other places where passwords
abound (for example, jenkins, aws, ...).

...................

can we centralize the password info for bigtop somewhere.  how do other
apache projects manage passwords ?

-- 
jay vyas

Re: passwords

[jay vyas <ja...@gmail.com>]

moved here https://issues.apache.org/jira/browse/BIGTOP-1762

On Wed, Mar 18, 2015 at 3:10 PM, jay vyas <ja...@gmail.com>
wrote:

> Great Idea !
>
> On Tue, Mar 17, 2015 at 7:52 PM, Konstantin Boudnik <co...@apache.org>
> wrote:
>
>> I think it isn't much different from how any of the passwords will be
>> used by
>> anyone. We can, perhaps, check-in a file engcrypted with everyone's
>> public GPG
>> keys. That's will do guarantee that everyone has access to it and it is
>> secured.
>>
>> Perhaps other solutions are possible as well.
>> Cos
>>
>> On Tue, Mar 17, 2015 at 10:53AM, jay vyas wrote:
>> > hi folks  this week i found myself in want of many passwords :)
>> >
>> > 1) twitter password, lost it.. wanted to tweet about using
>> > bigpetstore-transaction-queue in kubernetes.
>> >
>> > 2) maven publishing password : wanted to publish the bps jars to apache
>> > repos.
>> >
>> > 3) dockerhub password : to push docker images upstream for use in (1).
>> >
>> > Thats just 2 examples, but  thera rea many other places where passwords
>> > abound (for example, jenkins, aws, ...).
>> >
>> > ...................
>> >
>> > can we centralize the password info for bigtop somewhere.  how do other
>> > apache projects manage passwords ?
>> >
>> > --
>> > jay vyas
>>
>
>
>
> --
> jay vyas
>



-- 
jay vyas

Re: passwords

[jay vyas <ja...@gmail.com>]

okay we'll resolve this stuff at apache con.

lets have some goals of resolving a way that all of us can push stuff to
maven and so on after apache con.


On Sun, Mar 22, 2015 at 1:22 AM, Konstantin Boudnik <co...@apache.org> wrote:

> On Sat, Mar 21, 2015 at 10:44AM, Roman Shaposhnik wrote:
> > On Wed, Mar 18, 2015 at 12:20 PM, Konstantin Boudnik <co...@apache.org>
> wrote:
> > > Let's make sure that committers GPG public keys are available.
> Ideally, it'd
> > > be great to have a virtual key-signing party, as we apparently can not
> all get
> > > together in the same place at the same time.
> >
> > Is there any chance we can do it at least with a semblance of an
> in-person
> > meeting? I'm pretty paranoid when it comes to things like this.
>
> We should do one at ApacheCon. And by virtual I meant doing this on
> a video conference so essentially almost face to face.
>
> Cos
>
>


-- 
jay vyas

Re: passwords

[Konstantin Boudnik <co...@apache.org>]

On Sat, Mar 21, 2015 at 10:44AM, Roman Shaposhnik wrote:
> On Wed, Mar 18, 2015 at 12:20 PM, Konstantin Boudnik <co...@apache.org> wrote:
> > Let's make sure that committers GPG public keys are available. Ideally, it'd
> > be great to have a virtual key-signing party, as we apparently can not all get
> > together in the same place at the same time.
> 
> Is there any chance we can do it at least with a semblance of an in-person
> meeting? I'm pretty paranoid when it comes to things like this.

We should do one at ApacheCon. And by virtual I meant doing this on
a video conference so essentially almost face to face.

Cos

Re: passwords

[Roman Shaposhnik <ro...@shaposhnik.org>]

On Wed, Mar 18, 2015 at 12:20 PM, Konstantin Boudnik <co...@apache.org> wrote:
> Let's make sure that committers GPG public keys are available. Ideally, it'd
> be great to have a virtual key-signing party, as we apparently can not all get
> together in the same place at the same time.

Is there any chance we can do it at least with a semblance of an in-person
meeting? I'm pretty paranoid when it comes to things like this.

Thanks,
Roman.

Re: passwords

[Konstantin Boudnik <co...@apache.org>]

Let's make sure that committers GPG public keys are available. Ideally, it'd
be great to have a virtual key-signing party, as we apparently can not all get
together in the same place at the same time.

Cos

On Wed, Mar 18, 2015 at 03:10PM, jay vyas wrote:
> Great Idea !
> 
> On Tue, Mar 17, 2015 at 7:52 PM, Konstantin Boudnik <co...@apache.org> wrote:
> 
> > I think it isn't much different from how any of the passwords will be used
> > by
> > anyone. We can, perhaps, check-in a file engcrypted with everyone's public
> > GPG
> > keys. That's will do guarantee that everyone has access to it and it is
> > secured.
> >
> > Perhaps other solutions are possible as well.
> > Cos
> >
> > On Tue, Mar 17, 2015 at 10:53AM, jay vyas wrote:
> > > hi folks  this week i found myself in want of many passwords :)
> > >
> > > 1) twitter password, lost it.. wanted to tweet about using
> > > bigpetstore-transaction-queue in kubernetes.
> > >
> > > 2) maven publishing password : wanted to publish the bps jars to apache
> > > repos.
> > >
> > > 3) dockerhub password : to push docker images upstream for use in (1).
> > >
> > > Thats just 2 examples, but  thera rea many other places where passwords
> > > abound (for example, jenkins, aws, ...).
> > >
> > > ...................
> > >
> > > can we centralize the password info for bigtop somewhere.  how do other
> > > apache projects manage passwords ?
> > >
> > > --
> > > jay vyas
> >
> 
> 
> 
> -- 
> jay vyas

Re: passwords

[jay vyas <ja...@gmail.com>]

Great Idea !

On Tue, Mar 17, 2015 at 7:52 PM, Konstantin Boudnik <co...@apache.org> wrote:

> I think it isn't much different from how any of the passwords will be used
> by
> anyone. We can, perhaps, check-in a file engcrypted with everyone's public
> GPG
> keys. That's will do guarantee that everyone has access to it and it is
> secured.
>
> Perhaps other solutions are possible as well.
> Cos
>
> On Tue, Mar 17, 2015 at 10:53AM, jay vyas wrote:
> > hi folks  this week i found myself in want of many passwords :)
> >
> > 1) twitter password, lost it.. wanted to tweet about using
> > bigpetstore-transaction-queue in kubernetes.
> >
> > 2) maven publishing password : wanted to publish the bps jars to apache
> > repos.
> >
> > 3) dockerhub password : to push docker images upstream for use in (1).
> >
> > Thats just 2 examples, but  thera rea many other places where passwords
> > abound (for example, jenkins, aws, ...).
> >
> > ...................
> >
> > can we centralize the password info for bigtop somewhere.  how do other
> > apache projects manage passwords ?
> >
> > --
> > jay vyas
>



-- 
jay vyas

Re: passwords

[Konstantin Boudnik <co...@apache.org>]

I think it isn't much different from how any of the passwords will be used by
anyone. We can, perhaps, check-in a file engcrypted with everyone's public GPG
keys. That's will do guarantee that everyone has access to it and it is
secured.

Perhaps other solutions are possible as well.
Cos

On Tue, Mar 17, 2015 at 10:53AM, jay vyas wrote:
> hi folks  this week i found myself in want of many passwords :)
> 
> 1) twitter password, lost it.. wanted to tweet about using
> bigpetstore-transaction-queue in kubernetes.
> 
> 2) maven publishing password : wanted to publish the bps jars to apache
> repos.
> 
> 3) dockerhub password : to push docker images upstream for use in (1).
> 
> Thats just 2 examples, but  thera rea many other places where passwords
> abound (for example, jenkins, aws, ...).
> 
> ...................
> 
> can we centralize the password info for bigtop somewhere.  how do other
> apache projects manage passwords ?
> 
> -- 
> jay vyas

Re: passwords

[Roman Shaposhnik <ro...@shaposhnik.org>]

On Tue, Mar 17, 2015 at 7:53 AM, jay vyas <ja...@gmail.com> wrote:
> 3) dockerhub password : to push docker images upstream for use in (1).

That's a good point. I've never shared that. As a matter of fact, I am
now curious
whether it would be possible to have a 'joint' account over on
dockerhub. I'll check.

Thanks,
Roman.