littledan
commented
6 years ago For deployment, why not Travis CI?
Open IgnoredAmbience opened 6 years ago
littledan
commented
6 years ago For deployment, why not Travis CI?
IgnoredAmbience
commented
6 years ago Apologies Dan, I had begun drafting a reply to this, but seem to have lost it.
Not Travis CI for a few reasons:
Downsides are of course that it requires an additional maintenance responsibility, but I was hoping to mitigate that with clear re-deployment instructions and granting multiple committee members admin rights to the app deployment on whatever cloud platform is chosen, in the event that the primary maintainer is unreachable.
littledan
commented
6 years ago How is development here going? I wanted to mention, it's possible to encrypt things and decrypt them with keys stored in Travis-CI environment variables, so 1) is a solvable problem. As you mention, 2) doesn't seem like a big risk. If you have ideas for tasks for 3), though, that sounds like the biggest factor.
We have another relevant data source: @patrickcharollais has sent me a list of member organizations of Ecma who have signed the RFTG agreement. Ideally, we could hook up these organizations' accounts to an automated system to say that individuals who belong to one of those organizations are able to write normative PRs (rather than making reference to the manually maintained Delegates group). @domenic or @annevk may be able to give more information about WHATWG's implementation of something similar.
IgnoredAmbience
commented
6 years ago For 1) even though it is possible to encrypt and decrypt things in TravisCI, it explicitly doesn't permit this during PR builds. Documentation on their policy
The member organizations seems like a good approach in addition to the delegates. Assuming the organizations have an official github org, and the user displays it publicly on their GH profile, then I hope that the membership information should be available through the API. I'll take a look into this.
I've had the various parts of the automation functioning separately, I just need to put them together now. I've been slow on progressing this for various reasons, that I won't go into further here.
littledan
commented
6 years ago For 1) even though it is possible to encrypt and decrypt things in TravisCI, it explicitly doesn't permit this during PR builds. Documentation on their policy
Of course, how could I not have realized that. OK, great, thanks for architecting this well.
I've had the various parts of the automation functioning separately, I just need to put them together now. I've been slow on progressing this for various reasons, that I won't go into further here.
Great to hear about this progress. Don't worry about it taking time; I can understanding that this is nobody's primary responsibility.
domenic
commented
6 years ago @domenic or @annevk may be able to give more information about WHATWG's implementation of something similar.
The code implementing this is in https://github.com/whatwg/participate.whatwg.org.
IgnoredAmbience
commented
6 years ago @domenic Thanks! I may borrow some parts of the code for normalization of GitHub IDs. It also confirms that public membership of member organisations is feasable. However, much of the GitHub webhook heavy lifting seems more suited to the @probot library that I'm already prototyping with.
On PR update:
User has signed, if one of the following applies:
@tc39/delegatesRelevant GitHub APIs:
Existing GH JS bot framework: Probot, sketch implementation.
Deployment options: (General assumption for prototyping/initial deployment is a free tier of a cloud service, resource usage should be low enough to fit within most free offerings).