[katello-devel] Bundler vs rpm-gems
Dmitri Dolguikh
dmitri at redhat.com
Wed Aug 22 08:54:06 UTC 2012
On 22/08/12 09:39 AM, Petr Chalupa wrote:
> Hi,
>
> as Ivan and Lukas said on mail-list, I had some ideas how to solve our
> bundler/rpm issues. Then I had discussion with Ivan and Mirek and here
> is the proposed solution.
>
> == Requirements
>
> When installing on fedora/rhel in production. Do not mess with the
> production setup, rpm gems are used, 'bundle install' wont install
> anything else.
>
> When installing on fedora/rhel in development. 'bundle install'
> prefers rpm-gems even if there is a newer gem in our gem-repo [2].
> Additional development dependencies are installed.
>
> When installing on any other system (Debian, Ubuntu, Mac, ...) in
> development. 'bundle install' installs the same versions of gems as
> would be installed on fedora. Optionally (at least made it possible in
> the future) 'bundle install' installs not only the same versions but
> also gems including security fixes included in rpm-gems.
>
> == Proposal
>
> I'll add monkey patch to katello/master for bundler which will ensure
> that rpm-gems are preferred (even if they are older than gems in a
> gem-repo). It's based on bkabrda's patch [1].
>
> I'll ensure that our gem repo [2] contains all gems needed for katello
> development (some are still missing). This enables katello (rails app)
> to be installed on any system without rubygems.org.
>
> I would like to work on this in the next iteration. Also I would like
> to explore how difficult would be to create gem versions with security
> patches (which is important for non fedora development - me).
>
> We also discussed it would be nice to move our gem-repo to github a
> publish it on pages.github. The repo would be more visible. It would
> allow us to use pull-requests for tracking new gem-dependencies. It
> would be on one place.
I'm going to suggest that we stop maintaining katello-specific gem
repository, and for a few reasons:
- it's redundant
- we should make more effort to work with upstream, esp. if this
concerns security issues
- current katello gem repository is not sufficient to be used with
bundler, as it lacks some of the gems
-d
>
> Petr
>
> [1] https://gist.github.com/2875212
> [2] http://repos.fedorapeople.org/repos/katello/gems/
>
> _______________________________________________
> katello-devel mailing list
> katello-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/katello-devel
More information about the katello-devel
mailing list