2021-03-24T09:06:02  *** ldevulder__ is now known as ldevulder
2021-03-24T09:45:07  <kl_eisbaer> asmorodskyi_: I invited you now to become a Developer inside the infra team in Gitlab. Might be that you need to re-login to see the effects.
2021-03-24T09:45:30  <asmorodskyi_> kl_eisbaer: thanks , I will try now
2021-03-24T09:46:27  <kl_eisbaer> cboltz: welcome, new "Owner" of the infra group. (not that I was an owner before - but knowing how to hack things sometimes helps ;-)
2021-03-24T09:47:30  <asmorodskyi_> kl_eisbaer: confirming that I can see all repos now
2021-03-24T09:47:31  <kl_eisbaer> and I checked darix account: at least I see nothing blocked or deactivated in Gitlab
2021-03-24T09:47:42  <kl_eisbaer> asmorodskyi_: perfect :-)
2021-03-24T09:48:44  <kl_eisbaer> but regarding darix Gitlab account: it might be that the missing 2nd factor results in some restrictions. I'm not sure if this could be a thing...
2021-03-24T09:49:14  <kl_eisbaer> I just remember that Karol pinged all of us in the past to enable 2FA for Gitlab...
2021-03-24T09:50:59  <kl_eisbaer> Some statistics from our internal Gitlab: 47 projects, 58 users (41 active), 579 merge requests, 3661 notes, 9 open issues
2021-03-24T09:51:19  <kl_eisbaer> oh, sorry, typo: 679 merge requests
2021-03-24T09:53:36  <asmorodskyi_> kl_eisbaer: if you go to https://gitlab.infra.opensuse.org/infra/pass/-/project_members you will see that quite few people have "2FA" so I would doubt that all others are blocked now
2021-03-24T09:54:09  <kl_eisbaer> asmorodskyi_: yeah - I guess Karol only checked the owners or maintainers in the past, not the developers
2021-03-24T09:54:19  <kl_eisbaer> but it's long, long time ago...
2021-03-24T09:55:01  <asmorodskyi_> ah yeah actually all users with admin privileges has this sign actually
2021-03-24T09:55:51  <kl_eisbaer> all but Christian (who is "new") and darix, as far as I can see. So it might be that cboltz can now no longer work :-/
2021-03-24T09:56:06  <kl_eisbaer> But in that case we know the reason and can fix it.
2021-03-24T11:41:46  <cboltz> kl_eisbaer: thanks!
2021-03-24T11:41:54  <cboltz> for the records - I still can log in
2021-03-24T11:43:33  <kl_eisbaer> cboltz: but in this case: please activate 2FA for your account in Gitlab :-)
2021-03-24T11:44:11  <cboltz> I'd call that 3FA (don't forget to count the VPN ;-)  - but yes, I'll enable it tonight
2021-03-24T11:44:39  <kl_eisbaer> cboltz: well, as someone added an entry in our haproxy setup, it's not really behind VPN any longer...
2021-03-24T11:45:09  <cboltz> oh, nice ;-)
2021-03-24T11:45:20  <kl_eisbaer> maybe we should discuss to either remove the haproxy entry or make it officially (gitlab.opensuse.org, anyone?) ...
2021-03-24T11:48:27  <cboltz> I'd be ok with both options - they are both better than "it's public if you apply $trick" ;-)
2021-03-24T12:26:38  <Eighth_Doctor> cboltz: well, we are moving heroes repos to code.opensuse.org :)
2021-03-24T12:26:54  <Eighth_Doctor> so gitlab.i.o.o will matter a ton less
2021-03-24T12:27:37  <cboltz> yes, I know ;-) - but still, having it "public if you know $trick" is probably the worst-possible state we can have
2021-03-24T12:28:24  <Eighth_Doctor> well, I could just remove the private bit on heroes/salt :)
2021-03-24T12:30:15  <cboltz> that would still keep gitlab half-public ;-)
2021-03-24T12:44:48  <Eighth_Doctor> I just upgraded pagure to 5.13.2
2021-03-24T12:48:58  <Eighth_Doctor> now that my VPN access is working again, I've synced gitlab.i.o.o to code.o.o
2021-03-24T13:23:24  <kl_eisbaer> cboltz: looks like Gitlab can either be gitlab.opensuse.org OR gitlab.infra.opensuse.org to me. At least the documentation states this - especially for git checkouts, Runner access and accessing the WebUI and so on.
2021-03-24T13:24:12  <kl_eisbaer> So while adding a DNS entry and adjusting haproxy is easy, it's not so easy if you want to keep the gitlab.infra.opensuse.org DNS entry as well.
2021-03-24T13:26:17  <kl_eisbaer> Eighth_Doctor: regarding pagure, isn't it true that Fedora started to move from pagure towards gitlab ?
2021-03-24T13:26:41  <openSUSEBot> <LCP> they didn't
2021-03-24T13:26:44  <Eighth_Doctor> nope
2021-03-24T13:27:04  <Eighth_Doctor> CentOS Stream 9 is on gitlab.com because "reasons"
2021-03-24T13:27:16  <Eighth_Doctor> but src.fedoraproject.org is still pagure
2021-03-24T13:27:18  <Eighth_Doctor> and git.centos.org is still pagure
2021-03-24T13:27:26  <Eighth_Doctor> and pagure.io is sticking around for the foreseeable future
2021-03-24T13:28:24  <kl_eisbaer> I'm asking because the first hits when searching https://www.google.com/search?q=pagure+vs+gitlab points me https://communityblog.fedoraproject.org/making-a-git-forge-decision/ for example
2021-03-24T13:28:43  <kl_eisbaer> "After evaluating over 300 user stories from multiple stakeholders, the Community Platform Engineering  (CPE) team have aligned on a decision for the git forge that CPE will  operate for the coming years. We are opting for GitLab for our dist git  and project hosting and will continue to run pagure.io with community assistance."
2021-03-24T13:29:31  <Eighth_Doctor> yeah, there wasn't a further announcement, but the mailing list threads were gigantic and the internal discussions basically caused that decision to stall out
2021-03-24T13:29:51  <Eighth_Doctor> so CentOS Stream 9 is on GitLab for integration with CKI
2021-03-24T13:29:54  <Eighth_Doctor> and ARK
2021-03-24T13:29:59  <Eighth_Doctor> but the rest of it has been left as-is
2021-03-24T13:30:34  <kl_eisbaer> I just don't want to set on something that might see not so much support in the near future, if the main (Fedora) admins walk away as their own distro switched to Gitlab ...
2021-03-24T13:31:21  <openSUSEBot> <LCP> Fedora admins love pagure
2021-03-24T13:31:29  <openSUSEBot> <LCP> Red Hat management hates it >:D
2021-03-24T13:31:58  <openSUSEBot> <LCP> management knows best what the developers want though, right?
2021-03-24T13:32:02  <Eighth_Doctor> it probably helps that my horror stories of GitLab at scale have worried the CPE team :)
2021-03-24T13:32:40  * Eighth_Doctor is actually currently dealing with a broken GitLab upgrade for $dayjob
2021-03-24T13:32:55  <kl_eisbaer> Eighth_Doctor: which horror stories ?
2021-03-24T13:33:06  <Eighth_Doctor> mine :D
2021-03-24T13:33:25  <Eighth_Doctor> I maintain two GitLab instances for work, one GitLab EE one and one GitLab CE one
2021-03-24T13:33:33  <Eighth_Doctor> I have 4 years of horror stories :)
2021-03-24T13:33:42  <Eighth_Doctor> and a new one that's currently developing :)
2021-03-24T13:34:04  <kl_eisbaer> are they somewhere documented?
2021-03-24T13:34:52  <Eighth_Doctor> not publicly
2021-03-24T13:35:01  <Eighth_Doctor> I think my employer would be mad if I did that :)
2021-03-24T13:35:12  <Eighth_Doctor> I did allude to one in my talk about Pagure two years ago
2021-03-24T13:35:20  <kl_eisbaer> Well: in that case your stories do not count... ;-)
2021-03-24T13:35:48  <Eighth_Doctor> the joys of private deployments, eh?
2021-03-24T13:35:56  <Eighth_Doctor> there are plenty of private deployments of pagure too :)
2021-03-24T13:36:09  <Eighth_Doctor> some of those private admins have contributed to pagure too
2021-03-24T13:36:29  <kl_eisbaer> I guess that also applies to Gilab...
2021-03-24T13:36:42  <kl_eisbaer> But I don't want to start a flamewar about the one tool or the other
2021-03-24T13:37:05  <kl_eisbaer> I just want us to focus on one - preferred - solution and not wasting time of maintaining too many tools.
2021-03-24T13:37:49  <Eighth_Doctor> sure
2021-03-24T13:37:51  <kl_eisbaer> So I would like to understand why Gitlab is currently seen as "horror story" while pagure is the way to go
2021-03-24T13:38:39  <Eighth_Doctor> well one of the reasons why pagure is that Sasi Olin and I are big on supporting more decentralized development workflows
2021-03-24T13:39:16  <Eighth_Doctor> pagure is the only git forge that supports submitting pull requests with source repos being from any git server (even if the server doesn't run pagure)
2021-03-24T13:39:53  <Eighth_Doctor> and there's work going on right now to add forgefed protocol support as a pagure extension
2021-03-24T13:40:08  <kl_eisbaer> Why do we need that "from any git server" feature in our installation ?
2021-03-24T13:40:41  <lcp> it does make collaboration with other projects easier
2021-03-24T13:41:05  <lcp> you know, gnome, kde, fedora whathaveyou don't use github anymore
2021-03-24T13:41:30  <lcp> (with fedora that being a touch more complicated)
2021-03-24T13:42:32  <Eighth_Doctor> but another aspect is that pagure can also handle a ton more load with a single instance than gitlab can
2021-03-24T13:43:01  <Eighth_Doctor> src.fp.o has ~30K repos and ~6K active users daily on a relatively small single box
2021-03-24T13:43:06  <lcp> forgefed integration would also allow people to use one instance of pagure for all of their pagure contributions instead of creating an account per instance
2021-03-24T13:43:10  <Eighth_Doctor> (there's a failover box too)
2021-03-24T13:43:34  <kl_eisbaer> ok, understood.
2021-03-24T13:43:47  <kl_eisbaer> Does pagure support (include?) CI
2021-03-24T13:43:57  <Eighth_Doctor> it supports integration with Jenkins and Zuul CI systems
2021-03-24T13:44:23  <Eighth_Doctor> someday buildbot too (gotta get time or maybe gsoc for it or something)
2021-03-24T13:44:36  <kl_eisbaer> Ah! That's why you asked for ci.opensuse.org - now I start to understand :-)
2021-03-24T13:44:59  <kl_eisbaer> btw: is there any progress with ci.opensuse.org ?
2021-03-24T13:45:14  <Eighth_Doctor> dunno who to talk to about it :(
2021-03-24T13:45:39  <kl_eisbaer> IMHO it should be jdsn or bmwiedemann1
2021-03-24T13:58:03  <kl_eisbaer> Sorry for my stupid question: but when I look at code.opensuse.org , I found my packages. Some of them have their "home" currently in Github, as I found no better place. If I now want to move them (for example: monitoring-plugins-zypper or suse-online-update) under code.o.o, is there a "best practice" document to do this?
2021-03-24T13:58:58  <kl_eisbaer> can I simply add new projects in my home project for development and ignore the "package" group completely?
2021-03-24T14:01:08  <kl_eisbaer> ...and can we create an "infra" group and migrate the Salt repo from Gitlab into pagure ?
2021-03-24T14:09:48  <kl_eisbaer> BTW: can the default branch in pague set to "main" instead of "master" ?
2021-03-24T15:14:05  <openSUSEBot> <Sqx. Flann> Sasi Olin: out of curiosity: are you planning to enable the irc bridge for the other channels as well or are there more blockers for that?
2021-03-24T15:17:08  <openSUSEBot> <LCP> the blocker is: matrix <-> discord now looks like crap
2021-03-24T15:17:27  <openSUSEBot> <LCP> so I'm waiting for one more thing, which I *hope* happens soon
2021-03-24T16:17:38  <King_InuYasha> kl_eisbaer: yes to both
2021-03-24T16:17:53  <King_InuYasha> though we have a heroes/ group now in code.o.o
2021-03-24T16:18:08  <King_InuYasha> which is where I was currently planning to move everything too
2021-03-24T16:18:43  <King_InuYasha> kl_eisbaer: the package/ namespace is bmwiedemann1's ongoing effort to mirror OBS into Git for experimenting with Git-based package maintenance workflows
2021-03-24T16:19:27  <King_InuYasha> if you want to move stuff from github to code.opensuse.org, it's possible, though lcp and I haven't come up with a "best practice" for it yet
2021-03-24T16:51:15  <kl_eisbaer> ok, so let's wait for lcp ;-)
2021-03-24T16:51:34  <kl_eisbaer> until than, I can report that some of our productive infrastructure is already migrated to 15.3 :-)
2021-03-24T16:51:51  <kl_eisbaer> 6 machines and growing ;-)
2021-03-24T16:55:19  <openSUSEBot> <LCP> I don't have much to add to it
2021-03-24T16:55:44  <openSUSEBot> <Conan Kudo (ニール・ゴンパ)> I think something we might want to consider is disabling the global namespace in code.o.o
2021-03-24T16:56:02  <openSUSEBot> <LCP> what is currently being moved to code.o.o is stuff that doesn't require any effort
2021-03-24T16:56:35  <openSUSEBot> <LCP> that being: stuff that isn't migration, but creation, that was stalled by a lack of a public git forge before
2021-03-24T17:29:59  <darix> moin
2021-03-24T17:30:11  <darix> any volunteers who want to try out the powerdns admin webfrontend?
2021-03-24T20:06:37  <darix> any volunteers who want to try out the powerdns admin webfrontend?
2021-03-24T20:06:43  <darix> cboltz maybe?
2021-03-24T20:07:27  <cboltz> yes, why not ;-)
2021-03-24T20:07:49  <darix> and ICYMI https://twitter.com/darixzen/status/1374389231385120780
2021-03-24T20:08:22  <cboltz> :-)
2021-03-24T20:08:55  <darix> deploying a minimal leap or TW in 2 minutes onto a fresh hetzner machine
2021-03-24T20:09:44  <cboltz> using the Hetzner image installer, or something else?
2021-03-24T20:09:57  <darix> yes via hetzner imageinstaller
2021-03-24T20:10:04  <cboltz> nice :-)
2021-03-24T20:10:06  <darix> we have an image for TW leap