[ClusterLabs Developers] [RFC] Time to migrate authoritative source forge elsewhere?

Jan Pokorný jpokorny at redhat.com
Mon Jun 4 03:23:31 EDT 2018


Good Monday morning,

almost half a year ago, when I was writing the lines below in
a response to a tangential topic, I wouldn't have believed we are
going to be so close towards reconsidering the stay on GitHub (GH),
said proprietaty service [1]:

On 09/01/18 15:37 +0000, Adam Spiers wrote:
> Jan Pokorný <jpokorny at redhat.com> wrote:
>>    come on people, when the code base is to stand the test of time,
>>    is it more likely that the context survives in the proprietary
>>    free-of-charge service [as a comment at the pull request] without
>>    massive replication, or in the bits being indivisible part of the
>>    distributed repo?
> 
> +100.  This is mentioned here too:
> 
> https://wiki.openstack.org/wiki/GitCommitMessages#Information_in_commit_messages

But with the latest headlines on where that site is likely headed,
I think it's a great opportunity for us to possibly jump on the
bandwagon inclined more towards free (as in freedom) software
principles.

Possible options off the top of my head:
- GitLab, pagure: either their authoritative sites or self-hosted
- self-hosted cgit/whatever

It would also allow us to reconsider our workflows, e.g. using gerrit
for patch review queue (current silent force-pushes is a horrible
scheme!).

GitHub could stay as a mirror-only location, referring to the proper
location where all the activities take place.

Anyway, as a first step, pretty please, do not leave anything of an
information value as mere comment on the pull request, put it where it
belongs -- as mentioned above -- in the commit message proper.
Also referring to the project issue tracker at GH (e.g. for libqb)
should not be at the expense of omitting important points, again,
in the commit message.

As a second step, it might also be wise to start offering release
tarballs elsewhere, preferrably OpenPGP-signed proper releases
(as in "make dist" or the like) -- then it can be served practically
from whatever location without imminent risk of being tampered with.

Ideas/comments/feedback?


[1] https://lists.clusterlabs.org/pipermail/developers/2018-January/001183.html

-- 
Jan (Poki)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <https://lists.clusterlabs.org/pipermail/developers/attachments/20180604/994d3746/attachment.sig>


More information about the Developers mailing list