Portal:Toolforge/Admin/Monthly meeting/2024-05-14
Agenda
- Bird's eye view of toolforge ideas: https://wikitech.wikimedia.org/wiki/User:David_Caro/Toolforge_high_view
Notes
David presents ‘Toolforge high view’
- Anything on the diagram not connected to another box can be worked on async
- Arturo suggests that we publish the consolidated API definition asap
- We don’t have authentication yet (sort of)
- Auth via certificates sort of works but isn’t very portable
- (debate ensues about releasing APIs now vs solidifying plans so we don’t have to announce and wait to make changes)
- We don’t have authentication yet (sort of)
- Andrew requests that release points be added to the plan so we can get some sort of push-to-deploy product out soon
- Arturo asks about current push-to-deploy auth
- Web hook w/token that bypasses the ssl cert
- API call to create web hook which generates the token
- (side discussion about benefits and risks of having a project manager – sounds like it isn’t happening anytime soon anyway)
- Trove may never be reliable enough to use as a first class dbaas solution. K8s might have provide a better solution in the long run, or self-managed things in persistent volumes.
Hackathon recap
- Some positive feedback about the k8s migration from a traditionally grumpy user
- No real outages or bottlenecks during the hackathon, users got what they needed
Can we stop requiring manual new toolforge account approval?
- Taavi says, not until there’s better visibility on what tools are doing
- Everyone wants this anyway
- We can partially audit via what buildpacks people are using
- Arturo says: there’s real DOS danger with people overwhelming e.g. maintainkubeusers
Action items
- [] Publish the toolforge high view doc
- [] Get visibility (via email?) about new tool/tool account creation
- [] Then plan an experimental period of automatic account creation w/out requiring manual approval