What is it?
Patches submitted to PuppetSWAT will be looked at by Operations Engineers (opsen) twice a week. Similar to MediaWiki SWAT in structure/cadence. The patches will be reviewed and, if approved, merged. The goal is to encourage more people to write patches for operations/puppet.git, and have a Service Level Agreement (SLA) of sorts for patches to be looked at and/or merged.
The time slot of the PuppetSWAT is typically twice weekly, but this can shift (in advance) to accommodate other deployments. Two operations team members are typically signed up per window. During (or before) the SWAT, those (and other) operations team members should review listed patches and provide feedback.
How to get a patch in PuppetSWAT
- Add it to the designated PuppetSWAT window on the Deployments page.
- This is intentionally 'fast and loose'. As long as a patch is on the listing before the PuppetSWAT window, Operations will do what we can to review and merge these. Due to the repetition of the PuppetSWAT windows, any patches submitted too close to the window (and unable to be properly reviewed) may be pushed to the next PuppetSWAT window.
- Be present during the PuppetSWAT window for real-time conversations regarding the patch and testing/deployment/reverting. (This will take place on Freenode, in
What kind of patches can go through SWAT?
PuppetSWAT patches should be:
- Trivial in complexity.
- Easy to verify and test for people who are not in the Operations team.
- (Preferred) At least one Code-Review +1 from someone familiar with the area of code the patch is changing.
Patches that have potentially far reaching impact (ssh, varnish, apaches, hhvm) will likely be rejected from PuppetSWAT. Changes to the HHVM or Apache configuration for the MediaWiki application server cluster are not eligible for SWAT, due to the potentially far reaching impact / unavailability. These need extensive testing and should be scheduled with Ops outside PuppetSWAT. This guideline is still evolving.
The ops person doing the SWAT has final discretion on which patches they merge, since they are ultimately responsible for the stability of the cluster. Also, do not use PuppetSWAT as a way to speed up work if you're already collaborating with any opsen on a specific project. If patches are lagging behind there, there is a specific reason and you should refer to the person you're working with, or escalate this.
Examples (from Giuseppe):
Good patches for PuppetSWAT:
- https://gerrit.wikimedia.org/r/230382 - This was -2'd by me because I was already on a better solution. But, it is limited in scope, easy to understand, and works on something already existing.
Changes that cannot go through PuppetSWAT:
- https://gerrit.wikimedia.org/r/221827 - Lots of code changes to review, will need some Opsen to follow the deployment with the author.
- https://gerrit.wikimedia.org/r/229727 - Large patch introducing new functions, part of work being followed by multiple opsens already
The ideal PuppetSWAT patch has...
- The author / someone involved with the patch around on IRC during PuppetSWAT
- A +1 on the patch from someone.
- Puppet Compiler has been run on the patch and it has given a go ahead
- Rebases cleanly to master
- For patches that can be tested on the Beta Cluster, they should be by being cherry-picked to the beta cluster puppetmaster.
The ideal PuppetSWAT patch does *not* have...
- Any sudo / access rights changes
- Any outstanding -1s / unaddressed concerns
Who is going to do it?
The operations team allocates two members for PuppetSWAT during their weekly operations meetings. These members are designated in advance of their assigned weeks. Those members then must update the Deployments page to list them for those allotted SWAT windows.