Hacker News new | past | comments | ask | show | jobs | submit login

Wait, he wants to type commands into a chat system to have it do a deploy and thinks that somebody else's architecture is odd?



GitHub's Hubot does this too, and I don't think it's a bad idea. It's very similar to typing commands at a terminal, and has the advantages of being innately asynchronous, and telling everyone else in the team what you're doing.


Sure. It is convenient.

Consider the security implications of arbitrary commands like he suggests, instead of using, I dunno, SSH or whatever.


Well, (a) he's not suggesting that, and (b) even if he were, it doesn't seem like a huge deal.

If an attacker has access to Hubot, then they already have access to everything the Hubot server can do.


If they can TALK to hubot. So whatever the security is on campfire, or whatever it is.


Campfire's a webapp, so presumably https.


Use an IRC server with SSL and client cert authentication? It's a standard feature in many daemons and clients nowadays.


We do this at my job too, although we use Jenkins and its IRC plugin. Very neat.


GitHub uses hubot for deploys too.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: