ALP: Build Service Git-Packaging Workflow

Meeting Wednesdays at 08:00 UTC in

https://meet.opensuse.org/alp-git-packaging-workflow

Attendees

• Dirk Mueller
• Dominique Leuenberger
• Adrian Schröter
• Alex Lau
• Ludwig Nussel
• Marcus Meissner
• Stephan Barth
• Jan Zerebecki ,

Discussion Items

• https://en.opensuse.org/openSUSE:ALP/Workgroups/Git-Packaging-Workflow/WorkPackages/TriggerAndScheduling
  • Jan looked into Concourse as a CI job scheduler and it appeared to work well
  • Suggested to use this instead of implementing a custom webserver / web hook
• Security Supply Chain Discussion with Marcus and Marco Varlese
  • The Github Enterprise task by IT was halted for now, so evaluating that would not be urgent at this point
  • We will wait until we have a final proposal for “Phase 2” (Staging/CI in a git project)
    • Main need is to ensure that we have two person review on merges and 2fa is enforced.
    • Documentation of the workflow needs to be written up for the certification team/auditor review
• Next week off / next meeting March 1st

Action Items

• Jan will talk to Dan about Concourse

Old Action Items

• AI: dirk: write up status of prototype and share it with the group
• AI: snbarth: talk to the supply chain WG to address potential overlap
• AI all: review proposal from maintenance architect:
  • https://confluence.suse.com/display/PkgL3Staff/Draft%3A+ALP+Maintenance+Technical+Details
• AI adamm: look at how a git signature policy evaluation could be implemented based on adam’s multi-signature signing approach