Isso Project Infrastructure¶
Conceived initially as Martin Zimmermann (@posativ)’s nimble personal project, Isso has grown to encompass a larger community of users and maintainers. With a transition away from being controlled solely by Martin, the project infrastructure is now largely community-owned.
This page documents the parts that make up the project and who is responsible for them, in order for new or potential maintainers to get a better overview.
Attention
We realize that many of our processes could use an overhaul and would benefit from much more automation. If you know how, please open a Pull Request or offer your help in an issue!
Website¶
The project website used to be hosted at posativ.org/isso, but now lives at its own domain isso-comments.de.
The domain isso-comments.de is registered by @ix5 through German registrar netcup.de. Costs exactly 1.44€ each year so quite sustainable, but makes @ix5 a potential bus factor.
Website content is served by GitHub Pages. The sphinx-doc-built site is auto-deployed to isso-comments.github.io via a GitHub Action on every push to the Isso main repository. Requires appropriate
A
andCNAME
records to GitHub’s servers:$ dig www.isso-comments.de www.isso-comments.de. 300 IN CNAME isso-comments.github.io. isso-comments.github.io. 3600 IN A 185.199.108.153 isso-comments.github.io. 3600 IN A 185.199.109.153 isso-comments.github.io. 3600 IN A 185.199.110.153 isso-comments.github.io. 3600 IN A 185.199.111.153
The demo instance of the comment form (on the homepage) lives on @ix5’s server at comments.isso-comments.de and consists of the latest
isso
package fromPyPI
, deployed viagunicorn
. The ansible role to set this up is available at ansible-role-isso. The simple auto-reset feature to curtail vandalism is documented at isso-demo-config.
Development¶
Development happens under the isso-comments GitHub organisation, with the main isso-comments/isso repository serving as the source for the Python parts, Javascript client, website and documentation, API documentation as well as CI/CD configuration.
The master
branch has branch protections set up, requiring an approving
maintainer review before merging.
Packaging¶
Isso is released “officially” as an installable Python package on PyPI and as a docker image. Other distributors may package releases of Isso natively for operating systems (e.g. for the Arch User repository or formerly Debian), but support for these releases should be given by the packager.
PyPI (Python Package Index)¶
Release rights for the isso PyPI project are held by @jelmer, @posativ, @blatinier and @ix5.
Docker image¶
The ghcr.io/isso-comments/isso docker image is rebuilt on every push to
master
. Push rights for manually created tags (e.g. :release
) are
inherited from the main isso-comments/isso
GitHub repository (toggle
Inherit access from source repository
turned on).
The ghcr.io/isso-comments/isso-js-testbed image for running Jest
- and
puppet
-based unit and integration tests is rebuilt and pushed every week by
a GitHub Action.
Secrets¶
There are some “secrets” needed to make the auto-deploy feature for GitHub Pages work.
The main
isso-comments/isso
repository holds a private key in the variableACTIONS_DEPLOY_KEY
(link to action secrets).The deploy repository
isso-comments/isso-comments.github.io
for GitHub Pages is set up with a public deploy key (link to deploy keys) corresponding to the action secrets private key, allowing actions running in the source repository to deploy code (the newly generated website) in this repository.
(The direct links only work for maintainers with full repository access).
The docker actions do not need to be outfitted with any special secrets since the main repository is already set up as a source for “Actions access” with write access (link to package settings).
Social¶
There exists an IRC channel (
#isso
) on Libera.chat but it is seldomly active and not used for coordination between maintainers. Most discussion happens in public on GitHub Issues; for private communication among each other regarding handover of project resources/keys (very rare) the maintainers have so far used E-mail.