* Serving files via HTTPS
** Binary packages for all the clients (<code>PORTAGE_BINHOST</code>), which were built by the [[#Build_host_requirements|build host]]
*** Binary packages will be accessible via a HTTP URL such as <code>https://packages.example.com/gentoo/ENVIRONMENT/ARCH/BUILD-PROFILE-NAME/latest</code>. This is a symlink to the current snapshot <code>https://packages.example.com/gentoo/ENVIRONMENT/ARCH/BUILD-PROFILE-NAME/YYYY-MM-DD</code>.*** Clients will have <code>PORTAGE_BINHOST="https://packages.example.com/ENVIRONMENT/gentoo/ARCH/SYSTEMENVIRONMENT/BUILD-PROFILE-NAME https://packages.example.com/ENVIRONMENT/gentoo/ENVIRONMENT/ARCH/APP-STACK-PROFILE-NAME ..."</code> set in their <code>/etc/portage/make.conf</code>.
* Support for all three environments (development, staging and production)
* Possibility to authenticate clients either via HTTP basic auth or client certificates.
== File mirror host requirements ==
* Hosts all the files required to build a package (<code>GENTOO_MIRRORS=mirror.example.com/public/gentoo/distfiles</code>)** Acts as a caching mirror for already downloaded packages from an official mirror** Serves fetch-restricted files (<code>dev-java/oracle-jdk-bin</code> for example), to authorized clients* Files are served via HTTPS* Distinguishes between three groups of files** '''public''': Files which are available to all clients (theoretically even to the entire internet)** '''site-local''': Files which are only available to authenticated clients belonging to the same infrastructure (for example those which would put us into [http://www.bettercallsaul.com/ legal troubles] if available to the public)** '''stack-local''': Files which are only available to authenticated clients belonging to the same infrastructure and the software stack group (private files of a specific customer) * Provides an easy way to let an administrator manually upload new files, for example via WebDAV-CGI, SFTP or a similar mechanism.* Possibility to authenticate clients either via HTTP basic auth or client certificates.* Old or no longer supported files will be removed automatically* Can be implemented on the see [[Mirror Server#Build_host_requirements|build hostRequirements]]
== Puppet requirements ==
** puppet report data
** test results and code analysis results
* When we come to continuos deployment the jenkins master will also be able to trigger puppet when merges to master happen. Thus rolling * This rolls out releases to the sub-system that was signed off by a merge to a master branch(see branching strategy in git proposal).
=== Links ===
==== build orchestration ====
* [http://mesos.apache.org/ Apache Mesos] cluster manager that provides efficient resource isolation and sharing across distributed applications, or frameworks. Can run for instance Jenkins.
==== package building ====