development workflow

[Robert]

Dear List,

Puppet started out as a PoC for us, to see if it's worth the investment in time and energy. The answer is definitely yes, and we'd like to take some sort of next step.

Which would be cooperation with smaller teams, versioning & review of code and stuff.

So I'd like to hear your thoughts on how this could be achieved best. (I read several articles etc. but they may or may not work IRL.)

Requirements and nice-to-haves:

1. we use a single PE server

2. we have a git server, one repository per puppet module

3. I'd like to be able to control the access to the repositories, like: the linux admins have all rights; the jboss team has only access to the jboss module + 1-2 smaller modules; the network team to other modules etc.

4. every team should be able to change its modules freely - but not the production branch

5. in order to change the production branch, somebody from the linux admins has to review the commit and accept/deny it

6. changes in the repositories should be propagated automatically to the PE
7. we need some sort of a web repository browser

For 7, I have already set up cgit... but I'm not addicted to it if there is something better.

As of 6, automatic propagation could be done either by r10k or Code Manager. Which one is recommended nowadays?

5 would be an importand one; my first idea would be Gerrit. Does someone use it?

For 3 and 4 would be probably gitolite the best tool, but access control may be included in other software?

Or, alternatively, should I use something heavy-weight all-in-one juggernaut like Bitbucket?

I'd be happy to read about your setup and best practices.

Best

Rp

[Paul Seward]

Hi,

An in-house gitlab server will let you do 2,3,4,5 and 7, gitlab supports webhooks to r10k/code manager which will do 6 for you.

It's easy to set up (and there are puppet modules that will help you do that) and you don't have to persuade your compliance/governance dept to let you keep everything in a 3rd party service like bitbucket.

Some workflow related features (eg mandating a minimum number of approvals on a merge request before it being accepted) are only available in the enterprise edition, but you can get a loooong way with the free version.

-Paul

--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CANwwCtxUCHnHhB7xSWqb66oT9tGitv_nEtN_Q86UCWN9bC23rQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

--

----------------------------------------------------------------------

Paul Seward,    Senior Systems Administrator,    University of Bristol

Paul....@bristol.ac.uk  +44 (0)117 39 41148    GPG Key ID: E24DA8A2

GPG Fingerprint:    7210 4E4A B5FC 7D9C 39F8  5C3C 6759 3937 E24D A8A2

[Robert]

Thanks!

When I said Bitbucket I meant the in-house Bitbucket instance as well - storing anything outside our infrastructure is not really an option.

Actually we compared Bitbucket and Git_Hub_ earlier and chose Bitbucket, but kind of abandoned the whole evaluation since it wasn't really needed yet. I'm reluctant to use something as bloated if I could use cgit for web view, and probably gitolite for access control. But I have to say these products have their charm as well...

Gerrit is bloated *and* ugly, so after all a one-in-all product might work best. What I don't like with Bitbucket is that 1.) the "free" (10$) version is limited to 10 users and that might be scarce 2.) it seems that you can't control the access on a per-repository but on a per-project basis and this would mean I have to create bunch of projects (which isn't a blocker, actually...).

Gitlab would be another option, the enterprise features are quite promising, but it's not cheap.

Anyway, if others have experiences and suggestions, they're welcome.

Best

Rp

To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAKzNK-Y-312SPaeibm1xESS5%2BBCTLSOqE7TDt3HsHkv%2BUZCtBQ%40mail.gmail.com.

[R.I.Pienaar]

On 7 Nov 2016, at 14:22, Robert <robp...@gmail.com> wrote:

Thanks!

When I said Bitbucket I meant the in-house Bitbucket instance as well - storing anything outside our infrastructure is not really an option.

Actually we compared Bitbucket and Git_Hub_ earlier and chose Bitbucket, but kind of abandoned the whole evaluation since it wasn't really needed yet. I'm reluctant to use something as bloated if I could use cgit for web view, and probably gitolite for access control. But I have to say these products have their charm as well...

Gerrit is bloated *and* ugly, so after all a one-in-all product might work best. What I don't like with Bitbucket is that 1.) the "free" (10$) version is limited to 10 users and that might be scarce 2.) it seems that you can't control the access on a per-repository but on a per-project basis and this would mean I have to create bunch of projects (which isn't a blocker, actually...).

Gitlab would be another option, the enterprise features are quite promising, but it's not cheap.

Anyway, if others have experiences and suggestions, they're welcome.

Check out gogs.io. Doesn't have CI built in but it's so light and easy to deploy and run it's well worth a consideration over gitlab 

To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CANwwCtzvjcJ1b9f_%3D%2BXnTjgOAhqw9eM%3DP9cuMd01X%2B--S%3DfT8Q%40mail.gmail.com.

[Craig Dunn]

On Mon, Nov 7, 2016 at 2:47 PM, R.I.Pienaar <r...@devco.net> wrote:

Anyway, if others have experiences and suggestions, they're welcome.

Check out gogs.io. Doesn't have CI built in but it's so light and easy to deploy and run it's well worth a consideration over gitlab 

Gogs is very good, especially if you are already familiar with Github, it's very much a clone UX wise.... Note that some time ago several contributors forked Gogs to a project called Gitea (https://github.com/go-gitea/gitea) to get more traction on PR's...etc, they later reversed this decision when the original maintainer got back involved, but it looks as if the maintainer has gone AWOL again and the fork is now active - this time it looks more permanent so the project will probably continue there.

[Rob Nelson]

Code Manager is PE only, so if you're using opensource then r10k it is. I still use r10k with PE, though, because CM is missing the equivalent of 'r10k deploy module'. Both work very well.

Rob Nelson
rnel...@gmail.com

--