9:08 p.m.
Attendees:
Ivan, Roland, Leif, Chris, Heather, Christos
Absent:
Mike
Action items
1. The Dev team needs to come up with a few key points on change management and semantic
versioning first, which will apply to projects, and then inform and educate the Board on
what that all means
2. After Board agreement on the change management requirements, reach out to the
djangosaml2 maintainer and verify they will be willing to adhere to these requirements
Update since our last meeting (see https://github.com/IdentityPython/)
• Status of volunteer engagement - seeing largely the same people participating. Given we
always have the same people, we continued to be constrained in what we can do to improve
the projects over on
• Where are more resources required?
• Until we improve our documentation, we won’t be able to bring new people on to
participate.
• Documentation is happening at two levels, at the architecture level and at the code
level. Ivan is responsible for the architecture level, but it has not been as high a
priority as feature enhancement, security issues, etc. We do have volunteers helping with
some of the code-level documentation (Hannah Sebuliba). Not every project is in the same
place with regards to the available documentation; OIDC libraries are better off than the
other projects.
• We also need “how to” documentation, on top of documenting the code and documenting
the architecture.
• An interesting example is the Norwegian federation team where the developers wrote
the first pass of the documentation, but the group that did the implementation were
required to improve (and probably rewrite) the documentation.
• Our documentation needs at every level are very complex; this is powerful software
with many options for implementation. It would be best if we had a strategy to use our
resources most efficiently, but we’re limited by what volunteers we have and where their
skills/experience lay.
Proposal for a new project to be brought on board
(See https://dracc.commonsconservancy.org/0025/ for a reminder of how we add new projects
to idpy.)
• https://github.com/knaperek/djangosaml2 (see email to the board from 15 September,
subject line: "idpy 2020 board meeting and a new project")
• There is a concern about expanding the idpy product catalog without a proper way to
manage the whole catalog. Is this production grade? What is the release management
process?
• The Dev team needs to come up with a few key points on change management and
semantic versioning first, which will apply to projects, and then inform and educate the
Board on what that all means, then
Quality of the project and how we manage our projects overall
• We should be asking each idpy project to follow a consistent release management process
and a consistent testing process. The tools we use, how we use them and invoke them, as
well as the policies around them, whether we use docker images, etc.
• We do have templates for issues and PRs, but they are optional. Similarly, people do not
always include tests.
• Process is no guarantee of quality. If our ultimate goal is quality improvement, then we
need to figure out how to get there then determine what policy is need to keep us at that
level. We need the culture to evolve to overall improvements, so the team makes its own
rules.
• Review is how we manage quality. This ties back to the architecture documentation, so
that more people can do the review than just Ivan because they understand how it all
fits.
• Perhaps tag as “future” all items that are not 100% vetted.
• IdentityPython is not so much about turnkey solutions as it is about building tool
kits.
• The different idpy projects are very different in terms of scale - pySAML2 has been
around for 16 years and has an enormous following, whereas the OIDC libraries have a group
of 5 committers. There is unlikely to be one model that fits all.
• Can we at least get to an agreement to use semantic versioning across all projects?
Board nominations for 2021-2023
• 3 slots, currently filled by Leif, Christos, and myself, will be open
• Note that Heather’s role is also “At-Large Director of Identity Python"
Thanks! Heather
8:17 p.m.
Hello,
following up with a note related to the discussion we had; Pieter
Hintjens through the ZeroMQ project had created a spec with some
community guidelines that we may (or may not) find interesting
https://rfc.zeromq.org/spec/42/
Cheers,
On Tue, 13 Oct 2020 at 21:09, Heather Flanagan
<hlflanagan at sphericalcowgroup.com> wrote:
Attendees:
Ivan, Roland, Leif, Chris, Heather, Christos
Absent:
Mike
Action items
The Dev team needs to come up with a few key points on change management and semantic
versioning first, which will apply to projects, and then inform and educate the Board on
what that all means
After Board agreement on the change management requirements, reach out to the djangosaml2
maintainer and verify they will be willing to adhere to these requirements
Update since our last meeting (see https://github.com/IdentityPython/)
Status of volunteer engagement - seeing largely the same people participating. Given we
always have the same people, we continued to be constrained in what we can do to improve
the projects over on
Where are more resources required?
Until we improve our documentation, we won’t be able to bring new people on to
participate.
Documentation is happening at two levels, at the architecture level and at the code
level. Ivan is responsible for the architecture level, but it has not been as high a
priority as feature enhancement, security issues, etc. We do have volunteers helping with
some of the code-level documentation (Hannah Sebuliba). Not every project is in the same
place with regards to the available documentation; OIDC libraries are better off than the
other projects.
We also need “how to” documentation, on top of documenting the code and documenting the
architecture.
An interesting example is the Norwegian federation team where the developers wrote the
first pass of the documentation, but the group that did the implementation were required
to improve (and probably rewrite) the documentation.
Our documentation needs at every level are very complex; this is powerful software with
many options for implementation. It would be best if we had a strategy to use our
resources most efficiently, but we’re limited by what volunteers we have and where their
skills/experience lay.
Proposal for a new project to be brought on board (See
https://dracc.commonsconservancy.org/0025/ for a reminder of how we add new projects to
idpy.)
https://github.com/knaperek/djangosaml2 (see email to the board from 15 September,
subject line: "idpy 2020 board meeting and a new project")
There is a concern about expanding the idpy product catalog without a proper way to
manage the whole catalog. Is this production grade? What is the release management
process?
The Dev team needs to come up with a few key points on change management and semantic
versioning first, which will apply to projects, and then inform and educate the Board on
what that all means, then
Quality of the project and how we manage our projects overall
We should be asking each idpy project to follow a consistent release management process
and a consistent testing process. The tools we use, how we use them and invoke them, as
well as the policies around them, whether we use docker images, etc.
We do have templates for issues and PRs, but they are optional. Similarly, people do not
always include tests.
Process is no guarantee of quality. If our ultimate goal is quality improvement, then we
need to figure out how to get there then determine what policy is need to keep us at that
level. We need the culture to evolve to overall improvements, so the team makes its own
rules.
Review is how we manage quality. This ties back to the architecture documentation, so
that more people can do the review than just Ivan because they understand how it all
fits.
Perhaps tag as “future” all items that are not 100% vetted.
IdentityPython is not so much about turnkey solutions as it is about building tool kits.
The different idpy projects are very different in terms of scale - pySAML2 has been
around for 16 years and has an enormous following, whereas the OIDC libraries have a group
of 5 committers. There is unlikely to be one model that fits all.
Can we at least get to an agreement to use semantic versioning across all projects?
Board nominations for 2021-2023
3 slots, currently filled by Leif, Christos, and myself, will be open
Note that Heather’s role is also “At-Large Director of Identity Python"
Thanks! Heather
_______________________________________________
Idpy-board mailing list
Idpy-board at lists.sunet.se
https://lists.sunet.se/listinfo/idpy-board
--
Ivan c00kiemon5ter Kanakarakis >:3
1519
days inactive
1530
days old
1 comments
2 participants
participants (2)
-
hlflanagan@sphericalcowgroup.com -
ivan.kanak@gmail.com