On Tue, Mar 13, 2012 at 04:41, Paul Sokolovsky paul.sokolovsky@linaro.org wrote:
Now that Google itself doesn't use SSH interface to Gerrit (https://android-review.googlesource.com/ssh_info), does it mean that SSH interface is deprecated,
No, it isn't deprecated. The SSH interface is too useful for end-users, administrators, etc.
Google doesn't support SSH because of our networking infrastructure limitations. Gerrit Code Review at {android-review,gerrit-review}.googlesource.com runs in multiple Google data centers, similar to ones that run Google Web Search and GMail. The network devices between your ISPs peering connection with Google and the server running Gerrit Code Review only forward HTTP. Everything else gets blocked and dropped on the floor. Asking for something else to be tunneled through like GMail does for SMTP, IMAP or POP3 is a major engineering effort that my small team doesn't have the staffing to implement, and is very expensive for the company to perform relative to the small gain we might get in usability. :-(
So what this does mean is actions that are available over SSH will become more available over HTTP, because otherwise we lose them in this particular hosting environment.
i.e. should other parties consider moving away from it?
Only if you want to stop using SSH. :-)
That apparently would make maintenance schedule less flexible: previously, there were separate "Gerrit admin" role which didn't require "sysadmin" (filesystem-level) access for things like DB maintenance.
This "Gerrit admin" role still exists, and always will exist. Managing the configuration of the server through the web UI is a step above having direct file system access.
Another question, is there a replacement for "SSH API" like "gerrit review", "gerrit stream-events", etc.?
No. We are working on it. Specifically Conley Owens is being loaned to the project by Android for a short time to build a version of "gerrit review" on HTTP by refactoring the common code out of the SSH server and making ti available over both HTTP and SSH. This will also add a JSON input format for "gerrit review" so automated tools could add line-level comments on changes. For example, an automated lint analysis tool could place warnings directly on the line.
Well, what we'd need right now is analog of "gerrit ls-projects", i.e. a stable, machine-readable way to get a list of projects in AOSP Gerrit. Any hints?
AOSP maintains an additional manifest file that lists every project... because ls-projects isn't (yet) available over HTTP. ls-projects has to be one of the simpler SSH commands... and patches are always be appreciated. :-)