| 1 |
once we move to git, the workflow for proxy maintainers is going to be |
| 2 |
a lot smoother. the question is how to handle signing with proxy |
| 3 |
maintainers. |
| 4 |
|
| 5 |
it would be nice if said proxied maintainers would sign things and |
| 6 |
that would be preserved all the way to the push to the common server. |
| 7 |
pros: |
| 8 |
- Gentoo dev doing the proxy can pull, look at the commits, and then push |
| 9 |
cons: |
| 10 |
- proxied maintainers need to set up pgp too |
| 11 |
- we need to have another list of keys to accept outside of the |
| 12 |
existing Gentoo dev list |
| 13 |
- easy to miss if commit was made through repoman, or on an older tree |
| 14 |
|
| 15 |
the other method would be that a Gentoo dev pulls the changesets and |
| 16 |
then runs `repoman commit` himself. |
| 17 |
pros: |
| 18 |
- proxied maintainers need not think of pgp at all |
| 19 |
- we only need the original Gentoo dev key list |
| 20 |
- the Gentoo dev knows immediately if there's a repoman problem |
| 21 |
cons: |
| 22 |
- workflow not as smooth |
| 23 |
|
| 24 |
i thinking about this last bit, i wonder if that could simply be |
| 25 |
addressed in repoman itself ? we could add a "repoman push" command |
| 26 |
that compared the remote branch to the local one to find out all the |
| 27 |
packages that have been updated, go into each one and rebuild just the |
| 28 |
Manifest, and then do the `git push`. |
| 29 |
-mike |
Archives