Use bundler to install Omnibus gems
What does this MR do?
This backports !7362 (merged) to 16-2-stable
to prevent a floating dependency on ffi
. ffi
1.17 ships with precompiled native gems for aarch64, which causes build failures on older glibc platforms as AmazonLinux 2: #8570 (closed).
Instead of calling gem install <x>
many times, let's define the
Gemfile
and Gemfile.lock
and run bundle install
. This ensures
dependencies are pinned and don't quietly move with a new invocation
of gem install
. There is also a side benefit to using bundler
: we
can later use the newly-introduced feature to include and verify
checksums (https://github.com/rubygems/rubygems/pull/6374).
bundler
generally installs everything in the expected gem directory
that is used by ruby
, but for gems installed from a Git source,
bundler
puts those gems in a special bundler/gems
directory.
We don't use any gems from Git sources now.
Also, note that if we want to ensure gitlab-ctl
doesn't try to pull
in gems from GitLab Rails, we could invoke bundler
, but this is a
slightly riskier change.
Relates to #8368
Related issues
QA test fixes have been split into !7695 (merged)
Testing issue: https://gitlab.com/gitlab-org/distribution/team-tasks/-/issues/1545
Checklist
See Definition of done.
For anything in this list which will not be completed, please provide a reason in the MR discussion.
Required
-
MR title and description are up to date, accurate, and descriptive. -
MR targeting the appropriate branch. -
Latest Merge Result pipeline is green. -
When ready for review, MR is labeled "~workflow::ready for review" per the Distribution MR workflow.
For GitLab team members
If you don't have access to this, the reviewer should trigger these jobs for you during the review process.
-
The manual Trigger:ee-package
jobs have a green pipeline running against latest commit. -
If config/software
orconfig/patches
directories are changed, make sure thebuild-package-on-all-os
job within theTrigger:ee-package
downstream pipeline succeeded. -
If you are changing anything SSL related, then the Trigger:package:fips
manual job within theTrigger:ee-package
downstream pipeline must succeed. -
If CI configuration is changed, the branch must be pushed to dev.gitlab.org
to confirm regular branch builds aren't broken.
Expected (please provide an explanation if not completing)
-
Test plan indicating conditions for success has been posted and passes. -
Documentation created/updated. -
Tests added. -
Integration tests added to GitLab QA. -
Equivalent MR/issue for the GitLab Chart opened. -
Validate potential values for new configuration settings. Formats such as integer 10
, duration10s
, URIscheme://user:passwd@host:port
may require quotation or other special handling when rendered in a template and written to a configuration file.