On Wed, May 27, 2020 at 2:31 PM Matt Turner <matts...@gentoo.org> wrote:
> On Wed, May 27, 2020 at 1:14 AM Alec Warner <anta...@gentoo.org> wrote: > > On Tue, May 26, 2020, 23:08 Michał Górny <mgo...@gentoo.org> wrote: > >> > >> On Tue, 2020-05-26 at 20:24 -0700, Alec Warner wrote: > >> > The TL;DR is that a crack team of infra-folks[0] have been putting > together > >> > demos of CI services and things like gitlab / gitea / gerrit and so > on. > >> > > >> > Some of these come in combined (e.g. gitlab offers repo hosting, code > >> > review / pull reqs, CI services, and deploy services.) Some of these > are > >> > piecemeal (e.g. gerrit has code review, zuul has CI) and gitea offers > >> > repo-hosting but CI is separate (e.g. drone.) > >> > > >> > On the infra-side, I think we are pretty happy with repo-hosting > (gitolite) > >> > and repo-serving (gitweb). We are missing a CI piece and a > pull-request > >> > piece. Most of the users using PRs use either a gitlab or github > mirror. > >> > > >> > I think the value of CI is pretty obvious to me (and I see tons of use > >> > cases in Infra.) We could easily build CI into our current repository > >> > solution (e.g. gitolite.) However gitolite doesn't really support PRs > in a > >> > uniform way and so CI is mostly for submitted code; similar to the > existing > >> > ::gentoo repo CI offered by mgorny. > >> > > >> > If we build a code review solution (like gitea / gerrit) would people > use > >> > it? Would you use it if you couldn't merge (because the code review > >> > solution can't gpg sign your commits or merges) so a tool like the > existing > >> > pram tool would be needed to merge? > >> > > >> > >> Does GitLab count? Gerrit is just PITA. I think we had some concerns > >> about Gitea, so I'd like to test it before deciding. GitLab OTOH works > >> just fine for a lot of projects, and seems the next best thing after > >> GitHub > > > > > > Gitlab does count (we deployed and tested an onprem version.) I think > there are some major issues with it though. > > - Licensing. Gitlab-CE is available, gitlab-EE is not OSS nor OSI > approved and many of the features we need are EE only and are not available > in CE. > > It's very surprising to me that CE wouldn't work for our purposes. > Debian, GNOME, KDE, XFCE, and FreeDesktop have all switched to GitLab > and are using CE. It's hard to believe that Gentoo's usage or > requirements would be so different as to make GitLab a non-viable > option. > > What features of EE do you think we need? > I know debian spent considerable effort customizing their gitlab. I've not heavily investigated the other deployments. We set up a demo on gitlab.gentoo.org already as a test and there are some issues. Many of them are related to operations and not to the app itself. [mirroring] - We can't do pull-based git mirroring ( https://docs.gitlab.com/ee/user/project/repository/repository_mirroring.html#pulling-from-a-remote-repository-starter ) [Auth] Note that we have keycloak now, so we can perhaps workaround these LDAP issues. - GItlab doesn't support multiple redundant LDAP servers - Gitlab doesn't support LDAP group syncing - Gitlab doesn't support syncing admin users from LDAP [mgmnt] - The gitlab terraform provider is pretty bad; and I struggled to get it to control our admin users; did not leave me excited about managing other resources (projects, users, hooks, etc.) The pull-based mirroring is a bit sad, as it would be nice to auto-update some forks, but it's not a killer feature. I think our new SSO solution could potentially be a fix for the auth subsystems, but more work there will be needed. Another major issue is operating the software. I haven't found anyone to *run* gitlab; I'm not eager to do it. Today Gentoo is mostly distributed, bugs are in bugzilla, wiki is on mediawiki, code is on gitolite with N mirrors, email and lists are separate, etc. In a world where bugs, wiki, code, ci, containers, PRs, are all on gitlab and it breaks and we can't fix it; it will be bad news for all of those things. If the bugzilla machine breaks we lose bugzilla; if gitlab breaks we lose the ability to edit the wiki, file bugs, commit, run CI, etc. -A