I've drafted sections for logical and functional architecture. @LWirzenius (WMF), @TCipriani (WMF), @JHuneidi (WMF), @GLavagetto (WMF), @AKosiaris (WMF), @CPettet (WMF), I would greatly appreciate your review of prose and diagrams if you have the time. Are there glaring omissions? Do the concepts make sense to people? Is the language/terms accessible to those without specific Argo knowledge?
Talk:Draft:Wikimedia Release Engineering Team/Seakeeper proposal (FY2019-20Q4 rework)
I've had a look. Some random, disorganised comments:
- I think this is good, overall. Good work!
- It may require a bit of understanding of how Argo works, which may be as inevitable as unfortunate, given Argo's own documentation.
- The architecture pictures have --++ logos that I don't understand. A textual label would be good. A textual label is generally a good idea to clarify logos.
- It's unclear to me how "git merge" is a report or where it gets performed. I believe we currently do that in Zuul, but we want to get rid of Zuul.
- If the workflow definition for how a project's build happens comes from a protected refs/meta/config branch, how can we allow our developers to improve the workflow definition? Can we cater to different branches of the same repo requiring different build recipes? That may be need while, say, switching from one version of PHP or a framework to another.
I hope this is helpful. Ask me to clarify if something is unclear.
I've defined an initial list of stakeholders, expanding on what @LarsWirzenius had defined in User:LarsWirzenius/NewCI.
Do the stakeholder descriptions seem accurate to corresponding teams? @JBranaa (WMF) for QTE, @Mark Bergsma (WMF) for SRE, @TCipriani (WMF) for RelEng, @CPettet (WMF) for Security.
Seems reasonable to me.
+1 I think you've covered all the stakeholders I can think of.
@LarsWirzenius, does the Statement of Need section summarize all primary needs? I'm thinking it may be missing our need for a more secure system.
Rephrased: Does the Statement of Need summarize the most primary need for CI system replacement?
Yeah, we've been told by SRE that they want a more secure CI where they can build their own Debian packages and Docker images. Maybe add a sentence like this: "On top of other issues, the current CI system runs all builds in the same environments (hosts), which means a later, security-sensitive build may be affected by an earlier build, which casts a doubt on the results and artifacts of the security-sensitive build. Seakeeper will need to avoid that."
There are no older topics