Gentoo Archives: gentoo-dev

From: Rich Freeman <rich0@g.o>
To: gentoo-dev <gentoo-dev@l.g.o>
Subject: Re: [gentoo-dev] [RFC] Services and software which is critical for Gentoo should be developed/run in Gentoo namespace
Date: Wed, 16 Sep 2020 11:11:30
In Reply to: Re: [gentoo-dev] [RFC] Services and software which is critical for Gentoo should be developed/run in Gentoo namespace by Kent Fredric
1 On Wed, Sep 16, 2020 at 4:17 AM Kent Fredric <kentnl@g.o> wrote:
2 >
3 > On Mon, 14 Sep 2020 10:15:31 -0400
4 > Rich Freeman <rich0@g.o> wrote:
5 >
6 > > It might be easier to take smaller steps, such as having a policy that
7 > > "any call for devs to use/test a new tool/service, or any service that
8 > > automatically performs transactions on bugzilla, must be FOSS, and the
9 > > link to the source must be included in the initial communication, and
10 > > it must be clear what version of the code is operating at any time."
11 > > That is a pretty low barrier to those creating tools, though it
12 > > doesn't address the infra concern. However, it does mean that infra
13 > > is now free to fork the service at any time, and reduces the bus
14 > > factor greatly.
15 >
16 > For the situation of things that take life before being part of infra,
17 > I think the least we can do is recognize their utility and importance,
18 > and at least, have infra *offer* some sort of shared location to run a
19 > deployment.
20 >
21 > That I think helps everyone, gives people a place to remove their own
22 > bus factor, but without mandatory strongarming.
24 This might be one option. Another might be to try to have a more
25 "open infra" approach where core services like authentication are
26 provided by Gentoo, but available to 3rd parties. This could allow
27 more services to be externally hosted, ideally with redundancy (not
28 just at the host level, but at the maintainer/software level as well).
29 The obvious downside to this would be chaos - we might have 3 list
30 servers, 5 bug trackers, 10 git repos, and so on. However, if
31 anything did go down we'd have half a dozen potential replacements so
32 all anybody needs to do is migrate their own stuff to their chosen
33 copy.
35 The value add of Gentoo would be in central services like
36 identity/reputation and curation. There might be 14 git repos out
37 there but Gentoo would control which ones end up on the master rsync
38 server and which rsync mirrors get advertised as being genuine, and
39 which list servers are official.
41 I realize this is a bit more tangential. I just think that infra is
42 already a huge failure point, so having more stuff on infra actually
43 makes that failure point more critical. A Gentoo where little is
44 hosted on stuff we own is much more resilient in the face of
45 legal/money/etc issues. If Gentoo just becomes some blessed config
46 files, a website, and SAML then anybody could host the core from their
47 basement.
49 Maybe it is a good thing that core services aren't always hosted by infra?
51 --
52 Rich