[katello-devel] Own gem repo
Justin Sherrill
jsherril at redhat.com
Mon Jul 11 14:28:38 UTC 2011
On 07/11/2011 05:41 AM, Lukas Zapletal wrote:
> Hello,
>
> what is the reason for having our own gem repo for katello dependencies?
>
> http://repos.fedorapeople.org/repos/katello/gems/
>
> Is it protection against having rubygems.org down or is there any
> other reason?
>
> Today I saw "Could not find uuidtools-2.1.1 in any of the sources" and
> I solved it by switching back to rubygems.org and doing
>
> # bundle install
>
The reason was to keep the gems listed in Gemfile.lock in sync with the
gems we had packaged. Generally when you do a bundle install the
Gemfile.lock file will be updated with all of the newest gems from the
repo. So if rubygems.org releases an updated gem 'foo' with version
1.2, the Gemfile.lock will be updated automatically to use foo-1.2,
regardless of whether we have packaged it or not. Basically bundle
install will update the Gemfile.lock with the NEWEST versions in the
remote gem repo, updating our product dependencies without intention to
do so.
So if you were to commit your updated gemfile.lock, the next time the
katello rpm was built & installed, rails would refuse to start because
we haven't built foo-1.2 as an rpm.
Prior to using our own gem repo we were having to chase down updated
dependencies all the time. It would take about half a day to a day to
figure out how to fix the broken the katello rpm by someone unknowingly
updating the Gemfile.lock file.
If a bundle install is broken we need to fix/update our gem repo and not
point to rubygems.org.
-Justin
More information about the katello-devel
mailing list