Good morning folks,
Here is my situation. The product my company is shipping is written in Ruby on Rails. There are several internal and external applications, with different versions of Ruby and different version of Rails, all of which need to exist behind a very restrictive firewall (ie. NAT and very restricted outbound access). Before I joined the company, the developers decided on using RVM for installing and managing ruby and it's dependencies.
I have tried using the RVM::FW project, and have written multiple patches to try and address it's numerous issues (RVM installer is broken etc) and determined that maintaining that package is more work than I as lone system admin have time for.
The other option I toyed with is using a forward proxy and having these systems use this proxy for all RVM / gem installations. This is not ideal, however, because I would have to, essentially, let all outbound access from this system. It would be a big glaring security hole, and probably a no-go from an auditing perspective.
What have you all used for managing external dependencies like this (RVM, rubygems, etc) that are really meant for use in a free and open web environment?
[link][14 comments]