Thanks indeed.
First of all, I think I agree the biggest thing is more of an organizational choice than a technical choice: do we want to.
I’ll also agree that a lot of the problems have been solved. Not by us, but by others. It does mean we need to adopt current best practices. https://12factor.net/ is now many years old and Foreman is far from compliant. Let alone even more modern best practices that have evolved in a containerized world.
That makes me think that other than wanting to, we also need to educate.
This is a large effort and various open source projects have taught us that you can do it in two ways.
The first is in separate branches. These branches have historically been very hard to maintain and I think it’ll be obvious to most that this is undesirable.
The second is incremental improvements. That’s what I’ve been trying to apply. One example is that in Foreman 2.1 we’re switching from Passenger to Puma. This slowly decouples us from Apache. It turns out that this breaks external authentication we currently use (#30535). In Foreman 2.0 we introduced Keycloak as a feature, but that may also be broken under Puma. Monitoring of it also hasn’t been solved yet. Consolidating The Console is another that’s been proposed about 2 years ago and has seen very little progress, but the current model is just broken in many setups.
That leads me to conclude while the best practices in the industry have been widely known for years, but there has been minimal effort on the Foreman project to actually follow those. The only solution I see is that people who actually care about this put the effort to make this happen. Sadly, I don’t see that happening so I’m willing to bet some beers that in 3 years we’ll be in largely the same position.