On Saturday, 8 February 2020 1:49:20 PM AEDT Paul Wise wrote: > There is one attribute of how Debian does things that clashes with > being able to do this; service maintainers need to be able to update > code on a different schedule to Debian stable and even backports > time-frames.
When service maintainers build their services from upstream repositories
there is no concern for "stable" release schedule. They could use packages
from "testing" or "unstable", especially those like Golang ones that almost
always safe to install even to stable systems due to their statically linked
nature and few run-time dependencies.
The problem is rather curious one. What would the Debian be without packages?
Would there be anything left? When the whole project is largely about good
packaging as a form of delivery of free software with added value in regards
to integration, build-ability, consistency, respect to FHS and DFSG,
continuous testing, etc., as a project we are projecting the idea that
deploying and maintaining services installed from the package repository is
good. Certainly sometimes it is much easier to deploy and upgrade software
when it is installed from the official packages. But when service maintainers
refuse to use packaged software for no good reason the message is not clear.
Is package maintainer does not do a good enough job or is the whole concept
is wrong? It is like we are saying, here, use the packages we have prepared
for you but mind that they are not good enough for us (ourselves) to use...
In case of Gitlab I recognise that Salsa could not be maintained from the
official packages. They are too fragile, often uninstallable even in
"unstable" and depend on unofficial "fasttrack" repository. There are too
many dependencies and things get broken far to often in too many places.
In theory Gitlab could be in a better shape with larger team, but in the
current situation I see why Salsa operates from vendor container image and it
is reasonable.
But case of Gitlab-Runner is different. The packaged version is mature
enough. It is trivial to incorporate it into container image. I've been
running it in production for 3.5 years ever since I've packaged it.
It appears to me that Salsa admins don't use packaged Gitlab-Runner simply
because they don't want to, and I don't understand why.
I think ideally service maintainers should be package co-maintainers. But
when there is a large burden to maintain either (the service and the
package), I understand how people might focus just on one thing.
But again, if everything we do here is about providing packaged software,
when it is ever the right thing not to use our own packages?
Certainly we don't trust upstream more than our fellow developers, right?
--
All the best,
Dmitry Smirnov.
---
If liberty means anything at all, it means the right to tell people what
they do not want to hear.
-- George Orwell
signature.asc
Description: This is a digitally signed message part.
