Re: Finding new home for our builds and other security sensitive stuff
On Mon, Mar 07, 2022 at 07:38:50AM -0800, Noah Meyerhans wrote:
> On Mon, Mar 07, 2022 at 12:11:37PM +0100, Bastian Blank wrote:
> > I was talking about a Vault for our secrets. That's the priority now.
> At the moment, yes, but earlier in the thread was discussion of needing
> ~50 GB of storage and a private Gitlab instance. That's the scenario I
> want to avoid. It's bad enough that Debian owns one Gitlab
> installation. A second one isn't going to reduce the burden of doing
> so.
You can even side track a thread in two e-mails. And we talked about
using another instance, not necessarily our own. Debian even got
several Jenkins installation.
What do we need?
> > But yes, I know that none of the issues with Salsa have been addressed
> > in any way. They did an upgrade to Bullseye, so the database version is
> > new enough now. But even this problem will show up again and again.
> And why would that not be the case with a team managed Gitlab instance?
Because we are able to actually embrace that not only Debian tries to do
work. Debian tries to re-do everything. But sometimes it just needs a
well meant unattended-upgrades.
> We as a team don't have experience running Gitlab, and it's really not
> in our collective area of interest or expertise. *You* may be
> interested in running a private Gitlab instance, but that just makes you
> a single point of failure for such an instance and sets us for having to
> deal with an unmaintained or poorly maintained instance in the future
> should your involvement with the team change for any reason.
Sadly, Debian is full of SPOF, that's nothing new.
Bastian
--
Hailing frequencies open, Captain.
Reply to: