Dear Go Team, I hope this email finds you well.
I'm excited to introduce Flight Deck, a new centralized infrastructure-as-code solution that I've been developing to address the growing challenges of managing our extensive repository ecosystem. Just like an airplane's cockpit provides centralized control for the entire aircraft, Flight Deck serves as our single source of truth for controlling and configuring all repositories within our Salsa instance. https://salsa.debian.org/go-team/flight-deck *THE CHALLENGE WE FACE* As our team has grown, so has the complexity of managing our repositories. Currently, the packages subgroup alone contains approximately 3,300 repositories, each requiring consistent configuration for: - Branch protection rules - Webhook integrations (tagpending, IRC notifications) - Repository badges and metadata - CI/CD pipeline configurations - Access controls and permissions Maintaining this scale manually or through custom scripts leads to: - Significant time investment in development and maintenance - Configuration drift across repositories - Inconsistent setups that can impact our workflow - Manual errors when creating or updating repositories Why Flight Deck? Flight Deck leverages *OpenTofu (Terraform) *and *Terragrunt* with GitLab's provider to manage our Salsa infrastructure as code. Benefits: - Automated Repository Creation: Interactive tools for creating repositories with consistent configuration - Standardized Branch Protection: Automatic setup for debian/*, upstream/*, upstream, pristine-tar, and master branches - Integrated Webhook Management: Default webhooks for tagpending notifications and IRC integration - Consistent Badges: Automatic Contributors and Debian unstable badges - Infrastructure as Code: All configurations version-controlled and reviewable - Bulk Operations: Import and manage multiple repositories efficiently - State Management: Remote state with automatic locking prevents conflicts Flight Deck uses a safe, pipeline-driven approach during deployment process: 1. Development: Create/modify configurations in merge requests 2. Validation: Automatic planning and validation in MR pipelines 3. Deployment: Manual approval required for applying changes 4. Rollback: Simple revert process for emergency situations *FEATURE PARITY WITH PKG-GO-TOOLS* We're actively working to bring feature parity with our existing pkg-go-tools infrastructure: https://salsa.debian.org/go-team/infra/pkg-go-tools Our progress is being tracked in: https://salsa.debian.org/go-team/flight-deck/-/issues/1 *CURRENT FEATURES UNDER DISCUSSION* We're currently implementing several key features and would appreciate team input on: 1. Webhook Management (MR #13): https://salsa.debian.org/go-team/flight-deck/-/merge_requests/13 Flight Deck automatically configures two essential webhooks for every repository: - Tagpending Webhook: *https://webhook.salsa.debian.org/tagpending/{repository-name} <https://webhook.salsa.debian.org/tagpending/{repository-name}>* for package tagging notifications - KGB IRC Webhook: *http://kgb.debian.net:9418/webhook/?channel=%23debian-golang <http://kgb.debian.net:9418/webhook/?channel=%23debian-golang>* for real-time team updates The system supports: - Disabling default webhooks with enable_default_webhooks = false - Adding custom webhooks via additional_webhooks variable - Bulk importing existing webhook configurations 2. Master Branch Protection (MR #14): https://salsa.debian.org/go-team/flight-deck/-/merge_requests/14 Adding protection for the master branch alongside our existing protections for Debian-specific branches, ensuring consistent access controls across all critical branches. *CURRENT STATUS* Flight Deck is currently in an opt-in phase. We have successfully imported and are managing repositories from myself (arthurbd@) and otto@, demonstrating the system's capability. I believe Flight Deck will significantly improve our team's efficiency and repository consistency. Your feedback on the current merge requests would be invaluable as we finalize these core features. Thank you for your time and consideration. I look forward to your feedback and collaboration as we continue to improve our team's infrastructure. Best regards, Arthur Diniz
