[mosh-devel] Mosh OS X package build on Travis
john hood
cgull at glup.org
Mon Oct 31 00:12:06 EDT 2016
I've been working on making Travis do the OS X package build for us.
(Previously, some poor Mosh developer had to do it manually and upload
it to the Mosh website.) The thing I have it doing now is building the
package when a tag is pushed, and uploading it to a GitHub release on
cgull/mosh.
The reasons I did this: to get a more externally-visible build for the
package, and to do the release build on something other than my personal
OS X machines. Of course, this means we are trading trust in my OS X
systems for trust in Travis' OS X build environments. I think this is a
win, any opinions?
Alas, we will not get any kind of repeatable builds out of this, Travis
constantly updates their build images and we update to current Homebrew
for dependencies on every build.
Travis will do the build for us, but it will not hold onto build
artifacts for us. So we have to immediately deploy the package
to...someplace else. Currently, I'm using the GitHub deployment
provider. This requires an authentication token with permissions to
create and upload onto a GitHub release on the originating GitHub
project. Do people think this is OK security wise? There are plenty of
other deployment providers, and it's also possible to script an upload
to a random server.
regards,
--jh
More information about the mosh-devel
mailing list