Synopsis
I have Hudson set up on our Mac OS Server (Snow Leopard 10.6.5), running under the standard Tomcat (so, Tomcat 6) which is enabled using Server Admin application.
I'd like to be able to run my Hudson scripts as a Unix user/login which is not the Tomcat login.
Details
My Hudson job is a freestyle project that runs bash scripts that invoke xcodebuild (it's an iPhone project) to clean and build the build.
The problem is that using this standard set-up, Hudson (as far as I can see) runs with Tomcat's Unix user, which is _appserver.
This means that _appserver is the user which is invoking xcodebuild and all the scripts that make up the job.
I would prefer for Hudson to have it's own Unix login, complete with home directory etc. Aside from being a bit happier about the permissions etc. of the login which is trying to do the build, Xcode itself seems to prefer the user to have a Home directory, and the build logs are filled with warnings such as:
2010-11-11 17:29:11.729 Interface Builder Cocoa Touch Tool[58771:1903] CFPreferences: user home directory at file://localhost/var/empty/Library/Application%20Support/iPhone%20Simulator/User/ is unavailable. User domains will be volatile.
and
Couldn't open shared capabilities memory GSCapabilities (No such file or directory)
Plus I suspect getting the provisioning profiles to work to build device builds would be a lot easier if the login was a standard login that can build the targets from Xcode.
BUT I totally can't find any way to set the login account! It seems like exactly the sort of thing you'd want to do, but have scoured the web for info to no avail. The tomcat-users.xml felt like it may be useful, but didn't seem to link to a "real" (Unix) user?
Another approach may be to live with Hudson being _appserver, but have the scripts themselves run as my build user. This seems to point to using sudo but everything seems to be so locked down I can't find a way to run a script as another user, even one I can lock down to have minimal security access...?
Hope you can help folks!
The simplest way to achieve what you want (and the only way I know how) would be:
Create a new slave in Hudson, and point it to the Hudson server (your master system will also now be a new slave); have it log in using SSH, but with the user credentials that you want to use for the build (lets say 'hudson').
Point your project to build on the slave. This way, your job does not depend on Tomcat (or its user), but on the slave login.
In steps:
1) Click on 'Build Executor Status'
2) On the left sidebar, click on New Node
3) Give the slave a name, click "Dumb Slave", and "OK"
4) Number of executors = 1
5) remote FS root = /home/<hudson_user>
6) Launch method = UNIX SSH or JNLP
7) If launch = SSH: host = ip address of master,
username = hudson, password = hatever_password
8) If launch = JNLP, log in as the hudson user, go to hudson and start
the web service from your hudson site
9) Configure your job to use your slave (restrict where this project can be run)
9a) Possibly, under configuration, turn off all executors on your master,
and use the new slave for anything you need to build.
I know it sounds a bit convoluted, but if you need any more explanation or have any questions, let me know.
Related
My boss has asked me to look into launching a PowerShell script I've written (which is to be deployed to all users desktops) when the user clicks on a link in their web browser (and not by the clicking on a desktop icon as I've proposed). I did not think this was possible for security reasons and can't understand how this can be done. Does anyone know if this is possible ? i.e. a web link can somehow trigger the running of a PowerShell script held locally on the user's machine? Seems dangerous to me but he says it can be done !!!
No, it won't automatically run a linked script and will require the user to download and then run it.
The way to accomplish the goal of running a script when they click on something, though, would be to do it with server-side code that launches the script remotely or creates a scheduled task on the user's system. However, this may not work if the user needs to see the command window or interact with the script.
I apologize if this is not the right place to ask such question, but I'm at my wit's end since Embarcadero's forum won't allow me to post any question there.
I have enabled the "Deploy" feature in the C++ Builder IDE, to test out about the depending dll & bpl files of my application, when I'm done, I found myself trapped in an annoying state - I can't perform any debugging without connected to a remote pc (with their PAServer)! This is causing a HUGE problem for me as I will not be able to debug my application if I'm away from the office, i.e. I'm on a field service at my client's place or at home.
I tried deleting the deployment profile, but it just get recreated every-time I compile my project and there is a DEPLOY command upon running compiling and running the source code. I have to wait until the connection attempt to the remote pc time-out to continue testing the application by manually clicking the .exe of my application.
Is there any way to turn off the "Deploy" feature so that I can do debugging on my local machine just as before activating the "Deploy" feature?
I've found out where the profile was hiding and deleted it, now I can debug as usual.
In the Rad Studio help:
ms-help://embarcadero.rs_xe5/rad/Connection_Profile_Manager.html
On occasion, I have this same problem with DelphiXE5 (where the problem is that I forget how to get back to the default environment without losing my remote settings.)
Remote Deploy active:
The Revert option for the normal build/debug environment:
And finally, the previous Remote Deploy settings available via the same Target Platform context menu (i.e., Properties):
The Default Connection isn't something to be setup. To the contrary, it's really not a connection at all. The Revert... menu item essentially means Revert to local build & debug.
I installed Eclipse (Kepler) on this W7 64-bit machine and initially I could run it "normally" by just clicking the desktop icon or whatever.
Then I replaced the whole "workspace" directory with one from another machine (because I'm changing systems).
Now if I run Eclipse not "as administrator" it opens and will even run apps... but nothing can be saved, including changes to files and updates to the .metadata of any kind.
I changed all the "ownership" and "permissions" which could possibly be involved. I am the only user of this machine, and I am in the administrators group. I CAN still use it, if I run "as an administrator". But I'm stumped why the UAC should have been happy to run Eclipse before without the "as 'strator" but now refuses...
Because... what I've understood about this question is that the UAC looks at apps and decides whether or not they look dodgy and on that basis decides whether you have to run "as 'strator". So what's changed?
I have the option of uninstalling Eclipse and reinstalling it, and then incrementally adding the various project folders... fine, it may work. But I like to understand these things as far as is feasibly possible!
Because... what I've understood about this question is that the UAC looks at apps and decides whether or not they look dodgy and on that basis decides whether you have to run "as 'strator".
UAC doesn't do anything like that. UAC is an ability of Windows to run an application as an administrator. There are three four ways an application can be run as an administrator (causing the UAC consent dialog to appear):
you right-click the application and select "Run As Administrator"
the application has been manifested with a requestedExecutionLevel of requireAdministrator
the application has a filename that looks like a setup application (e.g. setup.exe, install.exe, update.exe), in which case the Shell opts to run it elevated just in case
you call ShellExecute with the runas verb.
i think there's one of two things happening:
you missed a spot, in which case you should use Process Monitor to look for Access denied errors
you tried copying files to a protected location (e.g. Program Files) and they were instead redirected to:
C:\Users\Mike\AppData\Local\VirtualStore\Program Files(x86)\Eclipse
And then when you run Eclipse, the files are not there.
Again, use Process Monitor to find where Eclipse is looking for what.
I'm trying to develop a little toy PHP project, and the most convenient location to run it is on a shared host I happen to have for my ill-maintained blog. The problem with this is that I have no way to run Subversion on this shared host, nor do I even have SSH access to be able to access an external repository from the host. Had I been thinking straight a few months ago when the hosting was up for renewal, I probably should have paid a couple extra bucks to switch to something a bit better, but for now I can't justify throwing money at having a second host just for side projects.
This means that a working copy of my project would need to be checked out to my laptop, while the project itself would need to be uploaded to the shared host to run. My best option seems to be creating a virtual machine running Linux and developing everything from in there, but I know from past experience that the extra barrier that creates, small though it may be, is enough that it puts me off firing the VM up just to do a couple minutes work to make some minor change I just thought up. I'd much prefer to just be able to fire up my editor and get to work.
While I'd imagine I'm not the first to encounter such a problem, I haven't had much success finding a solution online. Perhaps there isn't one beyond the VM or "manual mirroring" options, but if there is I'd expect StackOverflow to be the place to find it.
Edit: There's some confusion, it seems, so let me attempt to clarify. The shared host here is basically my dev server, but it has no svn or ssh. In other words, I can svn checkout to my laptop, but I can't run that on my shared host. Similarly, I can run/test my code on the shared host, but I can't do that on my laptop (well, I technically could, but it's Windows, and I don't want to worry about Win-vs.-Linux differences with PHP, since I do want this to become public at some point, and it will certainly be Linux-based at that point).
You might consider writing a post-commit hook to automatically upload the code to your host, so that any time you commit a change, a script executes that:
Checks out a copy of the code into a temporary directory
Uploads that code via FTP (or whatever your preferred method is) to the shared host
Cleans up after itself, optionally informing you via e.g. email when the transfer is successful
Subversion makes enough information available to these scripts at runtime that you could get more sophisticated and opt only to upload the files that changed or alter behavior based on specific property changes, for instance, but for a small project the brute force "copy it all" approach should be fine.
I've been trying to figure this out and so far haven't found a simple solution. Is it really that hard to deploy a database project (and a web site) using TFS 2010 as part of the build process?
I've found one example that involved lots of complicated checks and editing the workflow (which is a giant workflow btw).
I've even purchased the book "professional application lifecycle management with VS 2010", but apparently professionals don't deploy their applications since it isn't even mentioned in the book.
I know I'm retarded when it comes to TFS, but it seems like there should be any easy way to do this. Is there?
I can't speak for the database portion, but I just went through this on the web portion, the magic part is not very well documented component, namely the MSBuild Parameters.
In your build definition:
Process on the Left
Required > Items to Build > Configurations to Build
Edit, add a new one, for this example
Configuration: Dev (I cover how to create a configuration below)
Platform: Any CPU
Advanced > MSBuild Process
Use the following arguments (at least for me, your publish method may vary).
MsBuild Params:
/p:MSDeployServiceURL="http://myserver"
/p:MSDeployPublishMethod=RemoteAgent
/p:DeployOnBuild=True
/p:DeployTarget=MsDeployPublish
/p:CreatePackageOnPublish=True
/p:username=aduser
/p:password=adpassword
Requirements:
You need to install the MS Deploy Remote Agent Service on the destination web server, MSDeploy needs to be on the Build/Deployer server as well, but this should be the case by default.
The account you use in the params above needs admin access, at least to IIS...I'm not sure what the minimum permission requirements are.
You configure which WebSite/Virtual Directory the site goes to in the Web project you're deploying. Personally I have a build configuration for each environment, this makes the builds very easy to handle and organize. For example we have Release, Debug and Dev (there are more but for this example that's it). Only the Web project has a Dev configuration.
To do this, right click the solution, Configuration Manager..., On the web project click the configuration drop down, click New.... Give it a name, "Dev" for this example, copy settings from debug or release, whatever matches closest to what your deployment server environment should be. Make sure "Create new solution configurations" is checked, it is by default. After creating this, change the configuration dropdown on the solution to the new Dev one, and Any CPU...make sure your projects are all correct, I had some flipping to x86 and x64 randomly, not sure of the exact cause of that).
In your web project, right click, properties. On the left, click Package/Publish Web (you'll also want to mess with the other Package/Publish SQL tab, but I can't speak to that). In the options on the right click Create deployment package as a zip file. The default location is fine, the next textbox I didn't find documented anywhere. The format is this: WebSite/Virtual Directory, so if you have a site called "BuildSite" in IIS with no virtual directory (app == site root), you would have BuildSite only in this box. If it was in a virtual directory, you might have Default Web Site/BuildVirtualDirectory.
After you set all that, make sure to check-in the solution and web project so the build server has the configuration changes you made, then kick off a build :)
If you have more questions, I recommend you watch this video by Vishal Joshi, specifically around 22 and 59 minutes in, he covers the database portion as well...but I have no actual experience trying it since we're on top of a non MSSQL database.