Projects
When evaluating possible solutions for the new Git Forge, we considered
pagure and gitlab. Based on a study of about
The requirements included features such as sending push requests over HTTPS, means to restrict access to branches, support for private branches, separation of access between external and internal users (for example, to work on fixing vulnerabilities during a disclosure embargo), familiarity interface, unification of subsystems for working with problem reports, code, documentation and planning for new features, the availability of tools for integration with the IDE, support for standard workflows.
Of the features of GitLab, which finally influenced the decision to choose this platform, they mentioned support for subgroups with selective access to repositories, the ability to use a bot for automatic merges (CentOS Stream is required to maintain packages with the kernel), the presence of built-in tools for planning development, the ability to use a ready-made SAAS service with a guaranteed level of availability (will free up resources to maintain the server infrastructure).
The solution is already
The intention to use the SAAS (application as a service) service provided by GitLab, instead of deploying GitLab on their servers, was also criticized, which takes the service out of control (for example, it is impossible to be sure that all vulnerabilities in the system are promptly fixed,
Meanwhile, GitLab
The following functions have been transferred to the number of free ones:
- Attaching related issue;
- Export issue from GitLab to CSV;
- The mode of planning, ordering and visualization of the development process of individual features or releases;
- Built-in service service for connecting project participants with third parties using email.
- Web terminal for Web IDE;
- The ability to synchronize files to test changes in the code in the web terminal;
- Design controls that allow layouts and resources to be loaded into an issue, using the issue as a single point of access to everything needed to develop a new feature;
- Code quality reports;
- Support for Conan (C/C++), Maven (Java), NPM (node.js) and NuGet (.NET) package managers;
- Support for canary deployments that allow you to install a new version of the application on a small part of the systems;
- Incremental distributions, allowing new versions to be delivered initially to only a small number of systems, gradually bringing coverage up to 100%;
- Functionality activation flags, which make it possible to deliver the project in various editions, dynamically activating certain features;
- Deployment overview mode, which allows you to assess the status of each Kubernetes-based continuous integration environment;
- Support for defining multiple Kubernetes clusters in the configurator (for example, you can use separate Kubernetes clusters for trial deployments and workloads);
- Support for defining container network security policies that allow you to restrict access between Kubernetes pods.
Additionally, it can be noted
Details about the vulnerability will be disclosed in 30 days.
Source: opennet.ru