Feature #27705

Gemify redmine plugins

Added by Sho HASHIMOTO 9 months ago. Updated 5 months ago.

Status:NewStart date:
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:Plugin API
Target version:-
Resolution:

Description

I want to install redmine plugins by adding gem name to Gemfile.local like redmine_github_hook plugin.

Current installing/updating method have below cautions for me.

  • Difficult to specify plugin version
    • Server maintainer should exec `$ git clone [--depth=1] -b <release version> https://github.com/foo/bar/`, but plugin README often describes installing master
  • Difficult to detect plugins vulnerability with using bundler-audit
    • We have to check each plugins by hand now

I'm happy if Redmine::Plugin.load requires gem's init.rb.

  • Pros
    • Easy to install plugin: only writing gem name to Gemfile.local
    • Easy to specify plugin version: only specifying gem version to Gemfile.local
    • Easy to update plugin: only executing `$ bundle update <plugin gem name>`
    • Easy to detect (only gemified) plugins vulnerability with using bundler-audit
  • Cons
    • Redmine should detect wheather redmine plugin or not from all bundle installed gem

For example, support_gem_plugin.patch can load gemified plugin.

Gemfile.local example is below(I fixed little existing sidebar_hide plugin).

gem 'sidebar_hide', github: 'sho-h/sidebar_hide', branch: 'redmine_support_gem_plugin_test'

This was gemified and specified directory in init.rb.

support_gem_plugin.patch Magnifier (1.22 KB) Sho HASHIMOTO, 2017-12-02 13:25

History

#1 Updated by Toshi MARUYAMA 8 months ago

+100

I have a question.
"require initializer" is called twice. Is it correct?
One is in this patch and another is in original code.

#2 Updated by Sho HASHIMOTO 8 months ago

+100

Thanks!

"require initializer" is called twice. Is it correct?
One is in this patch and another is in original code.

Oh... Maybe it's cause problem.

I left original code. Original code is for loading current structure plugins.

I think, there are below patterns.

  1. Same plugin and same version: Maybe, problem doesn't break to the surface.
  2. Same plugin and different version: Cause problems. Both require will success. Overwritten by plugin dir's one halfway.
  3. Different plugins and same ID: Cause problems. Both require will success. Each function will not be conflicted. But redmine will misunderstand only plugin dir's one was loaded.
  4. Different plugins and different IDs: No problem.

1., 2., 3. have same problem. @registered_plugins[id] was overwritten.
To fix this, for example, Redmine::Plugin.register(id) raises(or fails) if plugin was already installed.

 def self.register(id, &block)
+  raise ... if installed?(id) # or return
+
   p = new(id)
   p.instance_eval(&block)

I think, it is difficult to find 2. by administrator if only return.

#3 Updated by Akipii Oga 7 months ago

+1 .
I agree.
I want all plugin and installation of Redmine main body to change to Gem. Also, I would like the installation work to be easy.

#4 Updated by Toshi MARUYAMA 7 months ago

Sho HASHIMOTO wrote:

I think, it is difficult to find 2. by administrator if only return.

Can we raise exception if plugin name is duplicate?

#5 Updated by Sho HASHIMOTO 5 months ago

I think, it is difficult to find 2. by administrator if only return.

Can we raise exception if plugin name is duplicate?

OK. I created another ticket. #28412

#6 Updated by Go MAEDA 5 months ago

  • Category set to Plugin API

Also available in: Atom PDF