| 1 |
On Thu, Jun 14, 2018 at 5:47 AM, James Le Cuirot <chewi@g.o> wrote: |
| 2 |
|
| 3 |
> On Mon, 11 Jun 2018 09:28:37 -0400 |
| 4 |
> Rich Freeman <rich0@g.o> wrote: |
| 5 |
> |
| 6 |
> > All that said, I haven't used the gitlab core functionality |
| 7 |
> > personally, so I can't vouch for how it stands up on its own against |
| 8 |
> > github. I might go deploy it in a container or something to try it |
| 9 |
> > out. |
| 10 |
> |
| 11 |
> I used our own self-hosted instance at work. I think it is perfectly |
| 12 |
> adequate. I haven't dug in but it seems to have quite a rich API so |
| 13 |
> there's lots of potential. |
| 14 |
> |
| 15 |
> > My understanding is that the main barrier to having Gentoo infra host |
| 16 |
> > gitlab is ruby - they don't like ruby (I don't know all the reasons - |
| 17 |
> > they're probably good ones). If github.com is offering free hosting |
| 18 |
> > that would be a way to get out of that problem. On the other hand, if |
| 19 |
> > something bad does happen down the road, there is always the chance |
| 20 |
> > that we'll have to move to self-hosting without a lot of warning, and |
| 21 |
> > that means having to deal with ruby whether we like it or not (or lose |
| 22 |
> > stuff like issues/PRs/etc that aren't in git itself). |
| 23 |
> |
| 24 |
> There are more than two options available here. |
| 25 |
> |
| 26 |
> There are various cloud options including Docker, Kubernetes, and |
| 27 |
> OpenShift. I don't know much about that. |
| 28 |
> |
| 29 |
> GitLab's preferred method of installation is their Omnibus packages for |
| 30 |
> various distributions but obviously not Gentoo. This is basically |
| 31 |
> uber-bundling where they bundle just about everything including |
| 32 |
> PostgreSQL. I have not tried this method. I don't know how feasible or |
| 33 |
> even desirable it would be to try and use these. |
| 34 |
> |
| 35 |
> There is a Chef cookbook for installing the Omnibus packages but this |
| 36 |
> is limited to the same set of distributions. |
| 37 |
> |
| 38 |
> There is also an unofficial Chef cookbook for installing "from source" |
| 39 |
> that I currently maintain, somewhat minimally. Unfortunately it only |
| 40 |
> supports RHEL (and derivatives) and Debian, and I only test on CentOS. |
| 41 |
> Their own documentation for installing from source is fairly |
| 42 |
> comprehensive but the cookbook gives a good indication of how you can |
| 43 |
> script it up. |
| 44 |
> |
| 45 |
> https://github.com/atomic-penguin/cookbook-gitlab-deprecated |
| 46 |
> |
| 47 |
> When we say "from source", what we actually mean is that the various |
| 48 |
> dependencies, apart from the Ruby gems and JavaScript libraries, are |
| 49 |
> installed from distro packages where possible or from source when the |
| 50 |
> packages are too old. This includes Ruby itself, Go, NodeJS, |
| 51 |
> PostgreSQL, Redis, nginx, and obviously git. I expect Gentoo would have |
| 52 |
> no trouble providing recent enough versions of these. You then clone |
| 53 |
> the various GitLab repositories (currently 4, could be worse), build |
| 54 |
> the Go code, and install further dependencies with Bundler and YARD, |
| 55 |
> before doing some final setup tasks and firing it up. |
| 56 |
> |
| 57 |
> Using Bundler and YARD goes against Gentoo packaging but the list of |
| 58 |
> dependencies for both sides is extremely long. I very much doubt we |
| 59 |
> could keep on top of that and I understand this kind of pain because |
| 60 |
> this is the same situation that the Java team finds itself in. At least |
| 61 |
> in this case, there are most likely no pre-compiled binaries involved |
| 62 |
> so the benefits of packaging are limited anyway. Ruby gems that include |
| 63 |
> native code typically build from source on installation. |
| 64 |
> |
| 65 |
> I can't comment much about the JavaScript side but on the Ruby side, |
| 66 |
> there are Gemfile.lock files present that lock the Ruby gem |
| 67 |
> dependencies down to specific versions. If we did want to package the |
| 68 |
> gems, we would probably not want to be tied to such specific versions. |
| 69 |
> You could possibly delete these and fall back to the looser constraints |
| 70 |
> in the Gemfiles but you may run into unexpected issues. You could argue |
| 71 |
> that we may want to do this even if we don't package the gems in order |
| 72 |
> to benefit from fixes (including security) but GitLab is very actively |
| 73 |
> maintained and the lock files are frequently updated. |
| 74 |
> |
| 75 |
> Keep in mind that GitLab is a very fast-moving project. Security issues |
| 76 |
> are frequently found but these are fixed quickly. This is not the sort |
| 77 |
> of project we could install once and then maybe patch up just once a |
| 78 |
> year or so. |
| 79 |
> |
| 80 |
> |
| 81 |
They seem to offer docker packages, so we could just nab those and run them |
| 82 |
in containers on hosts. I'm not too keen on doing a bunch of (really what I |
| 83 |
consider busywork) to try to 'get it working on Gentoo.' We already use |
| 84 |
upstream provided containers and I expect that to continue as upstreams |
| 85 |
continue to abandon the 'release packages' model and move to 'release sets |
| 86 |
of containers' model. |
| 87 |
|
| 88 |
-A |
| 89 |
|
| 90 |
|
| 91 |
> I hope you found this informative! |
| 92 |
> |
| 93 |
> Regards, |
| 94 |
> -- |
| 95 |
> James Le Cuirot (chewi) |
| 96 |
> Gentoo Linux Developer |
| 97 |
> |
| 98 |
> |
Archives