Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Review build process for ldap and rbac #716

Open
cognifloyd opened this issue Apr 6, 2022 · 2 comments
Open

Review build process for ldap and rbac #716

cognifloyd opened this issue Apr 6, 2022 · 2 comments
Labels
Milestone

Comments

@cognifloyd
Copy link
Member

ST2 packages are re-built on a merge on st2-packages or st2 repo.

But as ST2 just refers to master branch of st2-auth-ldap and st2-rbac-backend, then a new package won't be built on a merge to either of these repos.

@cognifloyd cognifloyd added this to the 3.7.0 milestone Apr 6, 2022
@arm4b
Copy link
Member

arm4b commented Apr 7, 2022

Based on https://github.com/StackStorm/st2/blob/e2e4e26381841e57193129a8b5beeefbe1c256aa/requirements.txt#L21-L25

git+https://github.com/StackStorm/[email protected]#egg=orquesta
git+https://github.com/StackStorm/st2-auth-backend-flat-file.git@master#egg=st2-auth-backend-flat-file
git+https://github.com/StackStorm/st2-auth-ldap.git@master#egg=st2-auth-ldap
git+https://github.com/StackStorm/st2-rbac-backend.git@master#egg=st2-rbac-backend

we have orquesta, st2-auth-backend-flat-file, st2-auth-ldap and st2-rbac-backend affected by this.

I'm including Orquesta in the list, because its version is bumped manually once in several months or before the st2 release, but not on every change which results in the same result.
So doing a version bump/release in these repos might be one solution, but really just increases the overhead and maintenance burden as for every PR you want to do a repo release and then go to st2 repo requirements, updating the tag.


The fundamental solution to me looks like fully moving both https://github.com/StackStorm/st2-rbac-backend and https://github.com/StackStorm/st2-auth-ldap codebase into the st2 repository. LDAP & RBAC have dedicated repositories just because these modules were enterprise and private before. Now both are core non-optional components of st2.

This would really reduce the maintenance burden, rather than increase it. The downside might be losing some modularity?


In a 3rd view, everything is about tradeoffs. Is it really a problem considering how frequently these repos change?

For st2 master, on every next push or merge the rebuild would already happen by automatically picking up the latest code. And we do update st2 frequently. On release, the changes will be picked up in any way as automation creates a vX.Y stable branch for every repo.

@arm4b arm4b added the refactor label Apr 7, 2022
@cognifloyd
Copy link
Member Author

We are already publishing st2client wheels in the st2cd pack:
https://github.com/StackStorm/st2cd/blob/0e7b5760a9163aedf486a071514e1d787392f444/actions/workflows/st2_finalize_release.yaml#L83-L87

So, we should be able to do something similar with st2-auth-backend-flat-file, st2-auth-ldap, st2-rbac-backend, and orquesta.

Of these 4, only orquesta has been released on pypi before, but the release is out-of-date: https://pypi.org/project/orquesta/#history

I'm going to punt releasing these on pypi, or merging them into our st2 monorepo for a future release, not 3.7.0.

@cognifloyd cognifloyd modified the milestones: 3.7.0, 3.8.0 Apr 28, 2022
@cognifloyd cognifloyd moved this to To do in StackStorm v3.8.0 Jul 10, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
No open projects
Status: To do
Development

No branches or pull requests

2 participants