Page MenuHomePhabricator

Create projects for Ops goals
Closed, ResolvedPublic

Description

#https-by-default exists already.

We need:

Wikis-in-CODFW
Interdatacenter-IPSEC

Event Timeline

chasemp raised the priority of this task from to Medium.
chasemp updated the task description. (Show Details)
chasemp added a project: HTTPS-by-default.
chasemp added a subscriber: chasemp.
Krenair added a subscriber: Krenair.

This broke the policy at https://www.mediawiki.org/wiki/Phabricator/Creating_and_renaming_projects#New_projects that all project creations must go through discussion under Project-Admins first.

Also, https://phabricator.wikimedia.org/tag/Interdatacenter-IPSEC/ is marked as visibility restricted, but this is not allowed. So we either have to make it visible to public or delete it. Creation with this visibility would have been declined if it had gone through the proper creation process.

Also, https://phabricator.wikimedia.org/tag/Interdatacenter-IPSEC/ is marked as visibility restricted, but this is not allowed. So we either have to make it visible to public or delete it. Creation with this visibility would have been declined if it had gone through the proper creation process.

Or change the policy to reflect the need for non-public projects if that is deemed warranted.

@Qgil, any thoughts?

@Gage, can you help explain why that project is hidden? I don't remember the specifics.

Also, https://phabricator.wikimedia.org/tag/Interdatacenter-IPSEC/ is marked as visibility restricted, but this is not allowed. So we either have to make it visible to public or delete it. Creation with this visibility would have been declined if it had gone through the proper creation process.

Or change the policy to reflect the need for non-public projects if that is deemed warranted.

What's the point in allowing restricted visibility projects like that? You'd still have to make a public Project-Admins ticket to get one.

What's the point in allowing restricted visibility projects like that? You'd still have to make a public Project-Admins ticket to get one.

If desirable that process doesn't leak the end projects description in full. Private and/or not yet public notations could exist if they were needed. Or there could be an exception to the Project-Admins process. It's all still very new. I think for cases like https://phabricator.wikimedia.org/tag/incident-20150205-siteoutage/ and https://phabricator.wikimedia.org/sprint/ we are kind of looking away as people create predictable projects based on a some still in progress conventions https://phabricator.wikimedia.org/sprint/view/947/.

It would be better if the policy reflected all of these cases explicitly.

Thanks for bringing this up so we can try to avoid such confusion in the future and/or improve our project creation guidelines.

This broke the policy at https://www.mediawiki.org/wiki/Phabricator/Creating_and_renaming_projects#New_projects that all project creations must go through discussion under Project-Admins first.

Maybe it was forgotten to add the Project-Admins tag (can happen as people make mistakes when they are in a rush) to this task, but it looks like this is the discussion. :)

Also, https://phabricator.wikimedia.org/tag/Interdatacenter-IPSEC/ is marked as visibility restricted, but this is not allowed.

https://www.mediawiki.org/wiki/Phabricator/Creating_and_renaming_projects#Policy says "there is no reason to protect Phabricator project pages by default." instead, and "All Wikimedia Phabricator projects should be Visible To Public".
Words might be interpreted differently in the scope of "should" and "must not".

If there are convincing reasons why a project should not (yet?) be public that we did not think about or didn't see coming when writing the current on-wiki documentation, they should be discussed and either the docs need updating or the policy for an existing project needs to be changed.
Personally I don't see a good reason to delete a project currently.

This wasn't a discussion until after the creation had already taken place, because I came here to object to the way it had been done.

Removing the requirement for these requests to go through Project-Admins entirely defeats the point of the process.

Please don't add this discussion to HTTPS-by-default. I watch that project to read about HTTPS by default, not about Phabricator processes, and there is no ignore flag in Phabricator.

This broke the policy at https://www.mediawiki.org/wiki/Phabricator/Creating_and_renaming_projects#New_projects that all project creations must go through discussion under Project-Admins first.

The policy is for everybody, yes. These projects are not sprints or releases, so they should go through the process.

Also, https://phabricator.wikimedia.org/tag/Interdatacenter-IPSEC/ is marked as visibility restricted, but this is not allowed. So we either have to make it visible to public or delete it. Creation with this visibility would have been declined if it had gone through the proper creation process.

Theoretically it is possible to have private projects, but there should be a reason for that. In this case, no reason has been presented so far. In general, I doubt any Wikimedia project needs to have private visibility.

Also, what is this button style with checkered flag and green background?

faidon added a subscriber: faidon.

Theoretically it is possible to have private projects, but there should be a reason for that. In this case, no reason has been presented so far. In general, I doubt any Wikimedia project needs to have private visibility.

Correction: no reason for the private visibility project has been presented in this public task. There's probably a reason for that :) I'd be fine with deleting that particular project altogether, though, it shouldn't have been created in the first place.

Also, what is this button style with checkered flag and green background?

HTTPS-by-default was discussed extensively in T86063 and I think @chasemp picked that particular combination of colors/icons there as a compromise between my two ideas. codfw-rollout-Apr-Jun-2015 probably followed that pattern as well. Please fix both to whatever you deem appropriate (and let's rename "CODFW" to "codfw" too please pretty please…).

Theoretically it is possible to have private projects, but there should be a reason for that. In this case, no reason has been presented so far. In general, I doubt any Wikimedia project needs to have private visibility.

Correction: no reason for the private visibility project has been presented in this public task.

Therein lies the problem. As far as everybody else is concerned, it doesn't exist. We should not allow such projects.

chasemp claimed this task.

Here is my take away:

  • Everyone, especially me, needs to be explicit and forward with project creation
  • I talked to the "owner" of the Interdatacenter-IPsec goal about confidentiality and since the relevant tasks are hidden the only real outcome of of this project being non-visible is to mask one description sentence. As things stand now I've just made the project landing page public. No harm, no foul.
  • Project stuff is still in its infancy and is a learning experience all the way around. We could probably use more docs and a bit of an update to the existing docs.

So I think the intention of this task is fulfilled and there is nothing controversial here at present.