http://wiki.eclipse.org/Hudson-ci/Hudson_Best_Practices
Always secure Hudson.
- This best practice is around authenticating users and enforcing access control on a Hudson instance
- In the default configuration, Hudson does not perform any security check. This means any person accessing the website can configure Hudson and jobs, and perform builds. While this configuration is normally acceptable for intranet use and quick setup, it introduces high security risks, like someone accidentally deleting your build jobs, reconfiguring your job to run every minute, kicking off too many builds at the same time, reconfiguring your build instance, etc.
- Enough said.
- When you have interdependent projects on Hudson, it often becomes hard to keep track of which version of this is used by which version of that. Hudson supports "file fingerprinting" to simplify this, so make best use of it.
- To ensure a build can be reproducible, the build must be a clean build, which is built fully from Source Code Control. This practice implies that all code is checked into Source Code Control.
- The integration helps to track changes as they are made, including build status, what build has been performed for this requirement or defects, and the link to the actual build results and artifacts.
- Repository browsing provides a quick update on what happens on a Subversion repository. It also provides a graphical diff on what changes have been made from the previous build.
- Trends helps project managers and developers quickly visualize current project progress status. Moreover, unit testing is often not to provide enough confidence that the delivered software complies to the desired quality. The more you test the software, the better the delivered software complies to the desired quality.
- Hudson needs some diskspace to perform builds and keep archives. All the settings, build logs, artifact archives are stored under the Hudson_HOME directory. Simply archive this directory to make a back up. Similarly, restoring the data is just replacing the contents of the Hudson_HOME directory from a back up.
- All unused jobs should be archived so they can be resurrect if the need arises.
- One of advantages of using CI tools is to detect problems early in the development lifecyle. Setting up a different job/project for each branch you create will help to maximize the benefit of detecting problems early as part of supporting parallel development efforts and reducing risk.
- Multiple jobs running at the same time often cause collisions. Try to avoid scheduling all jobs to start at the same time. Allocate a different port for parallel project builds to avoid build collisions.
- Configure each person on the people list with his or her correct email address and what role he or she is currently playing.
- For example, it may be appropriate to run a limited set of "sniff tests" before the full suite.