Page MenuHomePhabricator
Create Task
Maniphest T85008

Determine Trebuchet/git-deploy maintenance plan
Closed, ResolvedPublic
Actions

Description

It looks like trebuchet is not being maintained now that Ryan is at Lyft. See:

https://github.com/trebuchet-deploy/trigger/issues
https://github.com/trebuchet-deploy/trigger/pull/28  (potential security issue, not critical)

also, I've been working on

https://github.com/cscott/trigger/commit/296d4128e779c789d461efb8ffe3371e1b7a6a3b

and that might need to be merged someday.

What's the ownership plan for trebuchet? Do we want to have folks at
WMF added to the maintainers on github? Or do our own wikimedia fork?
Or start looking at using some other tool? I think we're only using
github-deploy for the node.js projects right now, and I wouldn't say
that we are in *love* with it. But on the other hand, I'm not sure it
makes sense to start *another* deployment software project from
scratch, just to abandon it if its maintainer loses interest..

--scott

Event Timeline

cscott created this task.Dec 19 2014, 5:21 PM
cscott updated the task description. (Show Details)
cscott subscribed.
Ciencia_Al_Poder updated the task description. (Show Details)Dec 19 2014, 5:36 PM
Ciencia_Al_Poder added a project: Deployments.
Ciencia_Al_Poder set Security to None.
greg renamed this task from Trebuchet/git-deploy maintenance to Determine Trebuchet/git-deploy maintenance plan.Jan 8 2015, 5:52 PM
greg triaged this task as High priority.
greg added a project: acl*sre-team.
greg added subscribers: mmodell, Reedy, GWicke.Jan 8 2015, 5:54 PM
greg subscribed.

Added SRE and some other people so we can figure out what to do here.

The Trebuchet/git-deploy use case is one that was primarily maintained by ops (aka Ryan) previously and thus their input here would be greatly appreciated.

Honest quick answer from the RelEng side: I'm not sure what the right short term solution is.

greg moved this task from To Triage to Backlog (Tech) on the Deployments board.Jan 8 2015, 5:56 PM
chasemp added a subscriber: Ryan_Lane.Jan 8 2015, 6:05 PM
Ryan_Lane added a comment.Jan 8 2015, 9:10 PM

I'm more than happy to add WMF as maintainers. It's not unmaintained, but no one has been bugging me about changes/fixes (I made a fix a month ago or so on request).

It's silly to start another deployment project. Let's just make improvements to trebuchet. The design of trebuchet isn't married to git, either. So, if you want some projects to do artifact deployment, or docker image deployment, or something along those lines we can just add more modules.

There's lots of improvements that can be done for execution flow and access controls, too. We could switch to using salt-api instead of peer calls. We can use async runner calls. We could use etcd or zookeeper to store the returner info and the deployment hash versions instead of using redis.

Of course, all of this requires WMF to solidify the decision to use trebuchet and to actively work on it. If that happens I'll dedicate some time to work on it as well.

greg added a project: Release-Engineering-Team.Jan 8 2015, 9:50 PM
greg moved this task from INBOX to Backlog (ARCHIVED) on the Release-Engineering-Team board.
chasemp assigned this task to greg.Jan 9 2015, 6:14 PM
chasemp subscribed.

Dear Greg,

You marked this as high which I think is reasonable :) But it seems like anything really high priority has to have an assignee or it should be busted down to normal. Please feel free to offload or whatever you need to do, just explaining my reasoning for tossing this your way.

Chase (Your friend and admirer)

greg reassigned this task from greg to demon.Apr 6 2015, 9:21 PM

Reassigning to Chad, he's going to talk with Ryan soon about this (spoiler alert to Ryan) :)

demon added a comment.Apr 8 2015, 5:33 PM
In T85008#964243, @Ryan_Lane wrote:

I'm more than happy to add WMF as maintainers. It's not unmaintained, but no one has been bugging me about changes/fixes (I made a fix a month ago or so on request).

It's silly to start another deployment project. Let's just make improvements to trebuchet. The design of trebuchet isn't married to git, either. So, if you want some projects to do artifact deployment, or docker image deployment, or something along those lines we can just add more modules.

There's lots of improvements that can be done for execution flow and access controls, too. We could switch to using salt-api instead of peer calls. We can use async runner calls. We could use etcd or zookeeper to store the returner info and the deployment hash versions instead of using redis.

We talked the other day on IRC. Everything you said here we repeated there.

@cscott: Maintainership can be granted to anyone who needs it and patches are certainly welcome.

Of course, all of this requires WMF to solidify the decision to use trebuchet and to actively work on it. If that happens I'll dedicate some time to work on it as well.

At least for scap replacement I think this is the current plan.

greg closed this task as Resolved.Apr 8 2015, 5:35 PM
In T85008#1190603, @demon wrote:
In T85008#964243, @Ryan_Lane wrote:

I'm more than happy to add WMF as maintainers. It's not unmaintained, but no one has been bugging me about changes/fixes (I made a fix a month ago or so on request).

It's silly to start another deployment project. Let's just make improvements to trebuchet. The design of trebuchet isn't married to git, either. So, if you want some projects to do artifact deployment, or docker image deployment, or something along those lines we can just add more modules.

There's lots of improvements that can be done for execution flow and access controls, too. We could switch to using salt-api instead of peer calls. We can use async runner calls. We could use etcd or zookeeper to store the returner info and the deployment hash versions instead of using redis.

We talked the other day on IRC. Everything you said here we repeated there.

@cscott: Maintainership can be granted to anyone who needs it and patches are certainly welcome.

Of course, all of this requires WMF to solidify the decision to use trebuchet and to actively work on it. If that happens I'll dedicate some time to work on it as well.

At least for scap replacement I think this is the current plan.

Given all this, I'm resolving this ticket now.

greg moved this task from Backlog (Tech) to Done on the Deployments board.Apr 8 2015, 10:10 PM
zeljkofilipin moved this task from Backlog (ARCHIVED) to Done on the Release-Engineering-Team board.Apr 14 2015, 3:29 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits