Could the Wikimedia Deployment pipeline support deploying Toolforge tools?
Background: I’m an external volunteer developer working on some minor tool running on Toolforge Kubernetes. The tool happens to be written in Go, a compiled language. To deploy my tool, I’m currently cross-compiling my binaries for Linux on a Mac laptop (a random uncontrolled environment), then I use scp to copy the binary to the Toolforge bastion server, and finally I manually install the binary into the tool’s home directory. Nobody else can reproduce my compiles, or even just tell what version of which software went into my artifacts. From a release engineering (and also security) perspective, my current “process” is the exact opposite of good industry practice. Is there a better way? Glancing over the documentation for the Wikimedia Deployment pipeline, it sounds almost perfect, but it doesn’t seem to be available for Toolforge. Apologies if this has been discussed already, or if there’s other plans.
This came up, a little off-topic, in T277457#6925568 in reply to a question by @aborrero. Filing this as a separate ticket to split off the conversation.