[katello-devel] Bundler vs rpm-gems

Dmitri Dolguikh dmitri at redhat.com
Wed Aug 22 08:54:06 UTC 2012 

On 22/08/12 09:39 AM, Petr Chalupa wrote:
> Hi,
>
> as Ivan and Lukas said on mail-list, I had some ideas how to solve our 
> bundler/rpm issues. Then I had discussion with Ivan and Mirek and here 
> is the proposed solution.
>
> == Requirements
>
> When installing on fedora/rhel in production. Do not mess with the 
> production setup, rpm gems are used, 'bundle install' wont install 
> anything else.
>
> When installing on fedora/rhel in development. 'bundle install' 
> prefers rpm-gems even if there is a newer gem in our gem-repo [2]. 
> Additional development dependencies are installed.
>
> When installing on any other system (Debian, Ubuntu, Mac, ...) in 
> development. 'bundle install' installs the same versions of gems as 
> would be installed on fedora. Optionally (at least made it possible in 
> the future) 'bundle install' installs not only the same versions but 
> also gems including security fixes included in rpm-gems.
>
> == Proposal
>
> I'll add monkey patch to katello/master for bundler which will ensure 
> that rpm-gems are preferred (even if they are older than gems in a 
> gem-repo). It's based on bkabrda's patch [1].
>
> I'll ensure that our gem repo [2] contains all gems needed for katello 
> development (some are still missing). This enables katello (rails app) 
> to be installed on any system without rubygems.org.
>
> I would like to work on this in the next iteration. Also I would like 
> to explore how difficult would be to create gem versions with security 
> patches (which is important for non fedora development - me).
>
> We also discussed it would be nice to move our gem-repo to github a 
> publish it on pages.github. The repo would be more visible. It would 
> allow us to use pull-requests for tracking new gem-dependencies. It 
> would be on one place.
I'm going to suggest that we stop maintaining katello-specific gem 
repository, and for a few reasons:
  - it's redundant
  - we should make more effort to work with upstream, esp. if this 
concerns security issues
  - current katello gem repository is not sufficient to be used with 
bundler, as it lacks some of the gems

-d

>
> Petr
>
> [1] https://gist.github.com/2875212
> [2] http://repos.fedorapeople.org/repos/katello/gems/
>
> _______________________________________________
> katello-devel mailing list
> katello-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/katello-devel

More information about the katello-devel mailing list