1 |
once we move to git, the workflow for proxy maintainers is going to be |
2 |
a lot smoother. the question is how to handle signing with proxy |
3 |
maintainers. |
4 |
|
5 |
it would be nice if said proxied maintainers would sign things and |
6 |
that would be preserved all the way to the push to the common server. |
7 |
pros: |
8 |
- Gentoo dev doing the proxy can pull, look at the commits, and then push |
9 |
cons: |
10 |
- proxied maintainers need to set up pgp too |
11 |
- we need to have another list of keys to accept outside of the |
12 |
existing Gentoo dev list |
13 |
- easy to miss if commit was made through repoman, or on an older tree |
14 |
|
15 |
the other method would be that a Gentoo dev pulls the changesets and |
16 |
then runs `repoman commit` himself. |
17 |
pros: |
18 |
- proxied maintainers need not think of pgp at all |
19 |
- we only need the original Gentoo dev key list |
20 |
- the Gentoo dev knows immediately if there's a repoman problem |
21 |
cons: |
22 |
- workflow not as smooth |
23 |
|
24 |
i thinking about this last bit, i wonder if that could simply be |
25 |
addressed in repoman itself ? we could add a "repoman push" command |
26 |
that compared the remote branch to the local one to find out all the |
27 |
packages that have been updated, go into each one and rebuild just the |
28 |
Manifest, and then do the `git push`. |
29 |
-mike |