| 1 |
On Sun, Feb 15, 2015 at 07:04:54AM +0100, Michał Górny wrote: |
| 2 |
> Dnia 2015-02-14, o godz. 21:48:22 |
| 3 |
> "Andreas K. Huettel" <dilfridge@g.o> napisał(a): |
| 4 |
> |
| 5 |
> > whenever the suggestion comes up to enable contributions to Gentoo via Github |
| 6 |
> > pull requests, we also encounter discussion of the Gentoo Social Contract. |
| 7 |
> > |
| 8 |
> > The two points that are seen as conflicting are |
| 9 |
> > |
| 10 |
> > * The software running Github is closed source, proprietary. |
| 11 |
> > |
| 12 |
> > * The Gentoo Social Contract states [1]: |
| 13 |
> > "Gentoo will never depend upon a piece of software or metadata unless it |
| 14 |
> > conforms to the GNU General Public License, the GNU Lesser General Public |
| 15 |
> > License, the Creative Commons - Attribution/Share Alike or some other license |
| 16 |
> > approved by the Open Source Initiative (OSI)." |
| 17 |
> Maybe you should start by providing an alternative conforming to this. |
| 18 |
> For a start, Infra should stop running proprietary software. However, |
| 19 |
> so far they have been openly refusing to publish their scripts. |
| 20 |
> In fact, I've been recently asked to put my open source overlay QA |
| 21 |
> scripts [1] in a restricted-access repository. |
| 22 |
The only reason most Infra scripts AREN'T directly public, is that they |
| 23 |
are in the long-standing cfengine/puppet repos, and those repos contain |
| 24 |
scatterings of passwords. Next week, the cfengine history will be a full |
| 25 |
decade old (Earliest commit is 2005/02/22). |
| 26 |
|
| 27 |
Using Wikimedia (who run Wikipedia) as an example, go and read this: |
| 28 |
http://blog.wikimedia.org/2011/09/19/ever-wondered-how-the-wikimedia-servers-are-configured/ |
| 29 |
|
| 30 |
It took WikiMedia a few weeks of fulltime work multiple by several |
| 31 |
people, to get the stuff into a state with split public/private repos. |
| 32 |
|
| 33 |
Infra would love to have our stuff more open, but as it stands, there is |
| 34 |
a LOT of historical password junk in the scripts. |
| 35 |
|
| 36 |
If you look at recent package additions, you'll see I added |
| 37 |
dev-ruby/hiera-eyaml-gpg, to extract more of the passwords out of the |
| 38 |
core Puppet tree. For passwords beyond puppet, look at |
| 39 |
https://github.com/robbat2/pwstore, not presently packaged because I'm |
| 40 |
waiting for a response from upstream to see about how it diverged. |
| 41 |
|
| 42 |
If I could afford to spend the more than just volunteer time on Infra, |
| 43 |
yes, I'd love to have few full 40 hour weeks to put into cleaning up our |
| 44 |
cfengine and puppet to where it's significantly easier to manage. I've |
| 45 |
been doing that for my dayjob already: |
| 46 |
https://github.com/BCLibCoop/?query=puppet |
| 47 |
And I'm borrowing where possible in both directions: both for work from |
| 48 |
Gentoo infra, and for Gentoo from my work stuff. |
| 49 |
|
| 50 |
At the present rate it's going, it's mostly: |
| 51 |
- new services are built in puppet |
| 52 |
- old services are deprecated and removed from cfengine |
| 53 |
|
| 54 |
Nothing that infra runs explicitly depends on GitHub. |
| 55 |
|
| 56 |
-- |
| 57 |
Robin Hugh Johnson |
| 58 |
Gentoo Linux: Developer, Infrastructure Lead |
| 59 |
E-Mail : robbat2@g.o |
| 60 |
GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85 |
Archives