hestenet (he/him) |
The source document to copy from is: https://docs.google.com/document/d/18VOCpmDRljM2845Fz0nFFWbR8xL4IDMtDIH-... |
larowlan |
Shared to #australia-nz as gitlab initiative came up a lot at last week's sprint |
tim |
Lots of questions.Not sure yet but interested.There might technical limits on my end.I don't have permissions to create new issues or edit existing. (Figure that is easily fixed) I was able to put in comment with markdown, bold....Couple more questions about purpose etcPossibly interested in moving it all. Also great for some help as am still new to gitlab, but figure what better way to learn!! :dancerbanana: (edited) |
hestenet (he/him) |
Sure! I've been trying to fiddle with permissions. If you refresh that link do you now get any 'request access' button or something? |
tim |
Worse now get 404 error. :) |
hestenet (he/him) |
Try again? |
hestenet (he/him) |
(I'm twiddling settings boxes..) |
tim |
In. Can create new issues. But not add labels or anything on right side |
hestenet (he/him) |
Interesting... Hmm... |
tim |
Or should i be able to? Need.... |
hestenet (he/him) |
You should be able to select existing labels and add them to the issues you are creating... |
tim |
Looking again |
hestenet (he/him) |
Going to invite your user to 'reporter' role and see if that helps. |
tim |
Yes just got email..... |
tim |
Ok looking good now |
tim |
Some sort of voice call @hestenet (he/him)? Or dm better? |
hestenet (he/him) |
DM - I'm in another call atm |
tim |
@hestenet (he/him) I got 1 done - couple questions/updates, good time for dm? (edited) |
hestenet (he/him) |
In and out of meetings all day really - but feel free to DM notes and I'll try to get back to you in the gaps. |
hestenet (he/him) |
I've pinged the SecWG on this in case of concerns |
hestenet (he/him) |
@drumm any red (or other colored) flags? |
drumm |
The security team does like the explicit affirming that you will work with them. |
drumm |
The “only GPL” requirement is a bit weird. People should know somehow. I’m ambivalent for how that works exactly. |
drumm |
https://www.drupal.org/docs/develop/git/setting-up-git-for-drupal/drupal... is the opposite of a CLA, so not missing anything there. |
drumm |
Maybe put some words on project node add pages |
drumm |
And if this removing the step to pick a Git username (which is a good idea), that’ll need some thinking. We probably can support changing Git usernames now. |
drumm |
Depending on how GitLab counts “active” users, back-filling to give everyone an automatic GitLab account might blow through our license. |
drumm |
Yep, definitely would https://git.drupalcode.org/help/subscriptions/self_managed/index#billabl... |
hestenet (he/him) |
Yeah - we'd probably only want to 'create' that the first time they actually go to interact with GitLab.. Hm.. |
hestenet (he/him) |
This thread should probably be captured into an issue |
drumm |
And with more ways to interact with GitLab, in particular, commenting on things, that’s tough. |
drumm |
Might be able to slot it into the JWT exchange for that |
greggles |
I've seen some sites where there's a TOS and then there's some bonus explicit things that are pulled up in "plain language" to remind people of stuff that is in the TOS. I think some things like "must be GPL" should ideally be pulled up to plain language in a context appropriate place where people need to see it. |
greggles |
Same for security type topics. |
drumm |
When creating a project is actually better for those. Informing closer to when you’ll be pushing code. Doesn’t proactively inform co-maintainers though. |
mlhess |
I would rather not merge this with the TOS. |
hestenet (he/him) |
If I take the imagined scenario:You can now create an account on d.o with your GitLab.com credentialsSomeone swings by to open a PR on some module in ContribThey get to the repository in our GitLab instance - click create accountGet redirected/popup for SSO D.O account creation How minimal could we make that pop-up so that when we redirect them back to that repo they can immediately start on that PR? |
hestenet (he/him) |
Might it be possible in the same authentication window to have a separate optional checkbox for git access + field? |
hestenet (he/him) |
@moshe Raised this last time.I think the Decoupled Menus Initiative is doing some of this already with once.js and their other projects.We enabled GitLab Pipelines for them, for example, and their next request was GitLab PagesShould we chat with them about issues also? |
moshe |
Yeah, I think that would be good. As mentioned last time, I have a scoped label setup in Spoons that might help with issue setup |
hestenet (he/him) |
Right! Is there a link to a place we can see that config? |
hestenet (he/him) |
And/or a screenshot or documentation of it? |
webchick |
This general approach does make sense to me... provides us a built-in list of people who are interesting in "beta testing" and can be used as a sounding board for different decisions if necessary |
moshe |
https://gitlab.com/drupalspoons/devel/-/issues |
hestenet (he/him) |
So category, component, priority, state, and version are each scoped? That makes total sense.. |
webchick |
Oh, I see... so "version", "category", etc. |
hestenet (he/him) |
And I see you have kanban boards with lanes for each scope step of the 'state' label for example. Cool stuff |
moshe |
If you login and are a member of spoons you can create a test issue if desired. to play with the labels |
moshe |
New projects get the default scoped labels automatically in Spoons. We would presumably do same for drupalcode. |
hestenet (he/him) |
Would you add my @hestenet-drupal account as a member? |
moshe |
Any chance you could you create an issue as per https://gitlab.com/drupalspoons/webmasters/-/blob/master/docs/onboarding...? There are a few steps and I'd rather the automation handle it. Sorry. |
moshe |
Its cool that Decoupled Menus is using Gitlab. Yet they arent a great test case IMO. I'd love to see a few contrib projects so they can PR their own code, run own tests, manage issues, etc. |
mixologic |
GitlabCI isnt fully setup right now, but if people are willing to bring their own runners, that would accelerate things |
bradjones1 |
Is there a centralized location for info on what is and isn't enabled on Drupal's gitlab? I stumbled across Decoupled's use of runners and (wrongly) assumed this was more enabled than it is, after reading this thread |
hestenet (he/him) |
Not at this time - partly because it's not as simple as a selection of feature toggles - GitLab matches up a lot of things onto big monolithic configuration pages, so we're doing some stuff by block paths and things. Hmm.. |
bradjones1 |
It's self-hosted CE? |
drumm |
EE, or I think they changed the tier names. We get the top one. (edited) |
drumm |
Self-hosted Ultimate |
mixologic |
We hope to upgrade to optimus prime someday. |
drumm |
Omnibus prime? |
larowlan |
As with last week, happy to be guinea pig |
hestenet (he/him) |
Thanks @larowlan I think we'll take you up on that relatively early in this process. |
hestenet (he/him) |
I'm not yet sure we have the clear ability to selectively turn on/off some of those things just yet - but will get closer |
hestenet (he/him) |
per @dww |
mixologic |
I think that we should still open infrastructure issues with the current system, as I dont think theres necessarily a rule of thumb we can apply that determines whether something is or isnt worth doing, except on a case by case basis |
bradjones1 |
+1 on changing target branch.. maybe it's tied to the branch on the d.o. issue? |
mixologic |
ie. the specific issue @dww mentioned sounds like something we need to do |
dww |
@bradjones1 The problem with that approach is that (part of) the point of this initiative is to kill off d.o issue nodes entirely. So that'd only be a very temporary solution to the bigger problem. (edited) |
dww |
@mixologic Makes sense. We have to decide case-by-case. Just wondering if such chatter is a distraction from this initiative and should be handled separately, or if the "scope" of this would include short-term bandaids and the like... |
mixologic |
Granted, this issue is the same whether we’re using d.o. issues or gitlab issues. |
mixologic |
if your MR is against 9.2.x, and then we move to 9.3.x, you still need to rebase your MR against the new branch. Now, Its unclear if there is a clean way to do that en-masse |
mixologic |
or if theres something we can try that catches 80% of the use case, and the other 20% will have to be a manual action by interested contributors. |
bradjones1 |
Similar but not necessarily the same; the current integration makes for a rather cluttered issue when the integration prints out 100's off commits from the diff on a wrong branch - in native GitLab it just collapses more gracefully (edited) |
hestenet (he/him) |
If that's not captured here: https://docs.google.com/document/d/18VOCpmDRljM2845Fz0nFFWbR8xL4IDMtDIH-... ideally here: https://gitlab.com/drupal-infrastructure/gitlab-acceleration/user-storie... should make sure we capture it even in brief |
mixologic |
One potential solution is to fundamentally alter branch management of core development. Its a huge change, but it might be better in the end. |
mixologic |
instead of ‘developing on whatever the highest branch’ is, we always develop on main , and its not until a certain point in the release cycle that the release branch is created. |
mixologic |
(be that alpha/beta etc) |
mixologic |
It certainly has all kinds of other implications, but really we treat whatever branch happens to be most recent as “main” until we open the next branch. Then that becomes ‘main’ etc.. |
markdorison |
I think this issue would fall under this “rough edges” category: Gitlab MRs are unsuitable for use with Composer Patches - need a way to make a branch stableAt the very least maybe it should be addressed within the context of this effort. I am not sure if a move to “kill off” Drupal.org issues would make this issue more or less relevant. (edited) |
dww |
Yes, Gitlab + composer-patches is a whole other can of worms. That's only going to be worse moving forward. I think that's something definitely in scope for this initiative, and something we need to have a good answer for. |
hestenet (he/him) |
^^ Repeat the please capture on the doc - so we can move into the kanban board request for this one too |
greg-boggs |
One way to handle the patch difficulties (If we are still using the issue queue) would be to automatically post a patch file when a merge request is created or updated. Right now, that's done manually, and if a person doesn't do it manually, there's often no patch file for MRs. |
mixologic |
That also feels like an issue that exists in both workflows. But, also an issue that people have been doing mostly wrong the whole time. |
mixologic |
The design of ‘fetching the patch you need from somewhere else to build your codebase’ is flawed. |
mixologic |
its convenient to just have a url to a thing, but if you need something for your build, you should store it and not necessarily rely on it being served from a url. i.e. its also why composer has a cache etc.. |
dww |
We're getting off topic for this thread. :wink: I don't want to debate the philosophical points of where the patches should live in here. I think the main point is that we should be capturing the "rough edges" and pain points into issues now, and we can sort out / prioritize them as part of this initiative. In many cases, the pain will continue (if not get worse) once we move to full Gitlab. So we should definitely capture everything now and use it as part of our planning. |
markdorison |
Agreed. I think regardless of our best-practice recommendations for composer patch workflow, the inability to easily obtain a patch for an MR is a rough edge worthy of improvement. |
dww |
Another pain point for short and long term: It seems that only MR admins (aka the original author, or core committers can mark a review point comment thread as resolved. That seems like one of the primary things we need the community to be able to do, or Gitlab MRs are going to be extremely painful and time-sinky for core committers. :cry: If they have to personally review/resolve every review thread, it's going to be a huge drain on committer time/energy. It seems we need to find a solution for this so that "anyone" can resolve each other's review threads... |
moshe |
Agree, thats desireable for sure ... Just to push back on the need part - d.o. issues have never had resolved or unresolved or threads. And many open source projects dont bother to resolve threads on Github and Gitlab. It works out just fine. (edited) |
dww |
At least with d.o issues + dreditor reviews, we have a way to identify review points. E.g.:New patch: Fixes #43 points 1, 2 and 4. Still todo: 3 and 5I don't even know how to refer to review points in Gitlab other than via the threads. |
drumm |
Since that would be a GitLab change, it probably isn’t short term. |
dww |
So the only possible short term work-arounds are:Ignore the problem and let folks figure out what's resolved or notBug core committers about it if it's confusing and worth cleaning up? |
drumm |
Or grant everyone developer access, maybe put in some pre-push validation, see what happens when everyone maintains everything. |
moshe |
You can still refer to comment numbers and bullet points. Example: "https://gitlab.com/gitlab-org/gitlab/-/issues/1234#note_101075757", which is rendered as #1234 (comment 101075757) |
hestenet (he/him) |
Drumm's comment about elevating access and then restricting via GitLab 'policies' may be a possibility - however, they haven't created that feature yet - https://gitlab.com/groups/gitlab-org/-/epics/4168 |
moshe |
that issue looks unfocused and unlikely to proceed in my eye |
drumm |
I’ve seen more mentions of “policies” unblocking paying customers. Certainly more support than https://gitlab.com/gitlab-org/gitlab-foss/-/issues/12736. That said, yes, it’s a huge architectural change and will take awhile, if it happens at all. |
drumm |
Oh and magic words that trigger a bot are always an option. Then we’re back to special workflows and custom code in the bot. |
moshe |
Paging @morbus (they/them) :slightly_smiling_face: … I do think bots are part of the eventual solution for us. Gitlab has a simple API so the bot can be so useful. Triage https://medium.com/analytics-vidhya/gitlab-triage-bot-ba8afca4440a is a gitlab bot that they have made available. Bots arent so much code nowadays but yeah, its another thing |
neclimdul |
a name (534 kB)https://media1.giphy.com/media/VMgcrwq9imGHu/giphy.gif?cid=6104955edfb39... using /giphy |
drumm |
Yeah, bots are probably somewhat inevitable. Many projects have them to work within the confines of GitHub/Lab. A welcome bot with no UI is great. Needing to know what is needed to trigger an action is not ideal. |
webchick, hestenet, drumm, bradjones1, markdorison, Mixologic, dww, larowlan, moshe, tim, greggles, mlhess, greg-boggs, neclimdul
Comments
Comment #13
hestenetComment #14
hestenet