arm4b
commented
2 years ago git+https://github.com/StackStorm/orquesta.git@v1.5.0#egg=orquesta
git+https://github.com/StackStorm/st2-auth-backend-flat-file.git@master#egg=st2-auth-backend-flat-file
git+https://github.com/StackStorm/st2-auth-ldap.git@master#egg=st2-auth-ldap
git+https://github.com/StackStorm/st2-rbac-backend.git@master#egg=st2-rbac-backendwe have orquesta, st2-auth-backend-flat-file, st2-auth-ldap and st2-rbac-backend affected by this.
I'm including Orquesta in the list, because its version is bumped manually once in several months or before the st2 release, but not on every change which results in the same result. So doing a version bump/release in these repos might be one solution, but really just increases the overhead and maintenance burden as for every PR you want to do a repo release and then go to st2 repo requirements, updating the tag.
The fundamental solution to me looks like fully moving both https://github.com/StackStorm/st2-rbac-backend and https://github.com/StackStorm/st2-auth-ldap codebase into the st2 repository. LDAP & RBAC have dedicated repositories just because these modules were enterprise and private before. Now both are core non-optional components of st2.
This would really reduce the maintenance burden, rather than increase it. The downside might be losing some modularity?
In a 3rd view, everything is about tradeoffs. Is it really a problem considering how frequently these repos change?
For st2 master, on every next push or merge the rebuild would already happen by automatically picking up the latest code. And we do update st2 frequently. On release, the changes will be picked up in any way as automation creates a vX.Y stable branch for every repo.
cognifloyd
ST2 packages are re-built on a merge on st2-packages or st2 repo.
But as ST2 just refers to master branch of st2-auth-ldap and st2-rbac-backend, then a new package won't be built on a merge to either of these repos.