[ 
https://issues.apache.org/jira/browse/THRIFT-4802?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Thibault Piana updated THRIFT-4802:
-----------------------------------
    Attachment:     (was: Thrift-deployment-workflow.png)

> Automatic library deployment on online CDN/Repository services
> --------------------------------------------------------------
>
>                 Key: THRIFT-4802
>                 URL: https://issues.apache.org/jira/browse/THRIFT-4802
>             Project: Thrift
>          Issue Type: Improvement
>          Components: Deployment
>    Affects Versions: 0.12.0
>            Reporter: Thibault Piana
>            Priority: Critical
>              Labels: cdn, deploy,deployment, library
>         Attachments: Workflow.png
>
>
> Hello everyone,
> This thread follows some other threads dealing with concerns about online 
> libraries (THRIFT-4688, THRIFT-4687), as well as emails being sent to the 
> user mailing list about the Docker container on DockerHub.
> If I understand the situation correctly, at the moment, with each new version 
> of the software, you must prepare and update each library on each website 
> independently.
> In addition, each of those libraries is managed by different people, with 
> whom contact is not always easy.
> Also, I would like to propose here a system that would offer the following 
> advantages:
> - No more worrying about who is maintaining each platform
> - No more manual uploading on each platform at each release
> - Allow anyone to develop an extension to put a Thrift package online on a 
> particular site (For example, a version for Yocto as I requested in a recent 
> email), and be sure this package will be updated at each new release.
> I will try to explain my idea in the following.
> h2. Vocabulary
>  * *CDN :* Content delivery network
>  * *Manager :* An algorithm to upload content to a CDN/online repository
>  * *Orchestrator :* The algorithm that orchestrates the execution of 
> managers, provides credentials, manages manager feedback, and generates the 
> final report
>  * *Package* : The library/component we want to upload on the CDN
> In the following, all online resources providers/repositories (like Pypi, 
> NPMJs, DockerHub ...) will be called "CDN"
> h2. General principle
> The idea would be to develop a single interface for module deployment, with 
> an orchestrator to automatically configure and perform these deployments. 
> The organization would be like this :
>  * A Keepass database will store all passwords/identifiers required for each 
> platform (NPMJS, Pypi, DockerHub, ...) :
>  ** Each module will specify what credentials it needs from this database.
>  ** This database could be committed directly on the repo, to be sure each 
> committers have the most recent version.
>  ** The master password of this database will only be known by committers (or 
> project chair).
>  
> I think KeePass is quite perfect for this, Keepass databases are very 
> lightweight, highly secure, and almost impossible to brute-force.
>  * For each CDN, a manager is in charge of bundling (create the package to 
> upload from Thrift current release sources), uploading and checking the 
> package on the CDN :
>  ** First, the orchestrator load required IDs from the KeePass database
>  ** The orchestrator creates a temporary directory where the manager will be 
> able to bundle everything it needs.
>  *** The manager receives credentials, a path to a temporary directory and a 
> path to Thrift sources
>  *** The manager checks online if the current version of the package already 
> exists online. If not, it will upload it
>  *** The manager prepares the bundled package, upload it and check if 
> everything went well.
> All these steps could be executed in a dedicated Docker/Vagrant environment 
> containing all needed libraries to bundle the package (So that the 
> person/commiter executing the script does not have to download 500 
> dependencies).
> The algorithm diagram is provided in attached (it's a draft)
> The directory structure of this solution could be something like this (I 
> chose Python arbitrarily here):
> {code:java}
> root
> └── deployment/
> ├── access.kdbx
> ├── deploy.py
> ├── libraries # Some managers
> │   ├── javascript
> │   │   ├── npm.py
> │   │   ├── bower.py
> │   │   └── a_random_cdn.py
> │   ├── nodejs
> │   │   └── npm.py
> │   └── python
> │   └── pypi.js
> │   └── ...
> └── miscellaneous # Some other managers
> ├── docker
> │   └── docker.py
> └── yocto
> └── yocto.py
> └── ...{code}
> I am not a regular contributor on open source projects. So I don't know if 
> I'm making my proposal in the best way. But I really like this project and I 
> would like to help improve it
> I had this idea based on what had been put in place in a project I was 
> recently leading. It is not perfect but does the job properly, and it's a 
> solution I find quite elegant because we don't have to worry about the 
> credentials of each site.
> If you find this idea interesting, I could propose a prototype in a personal 
> repository with some examples of managers for Npm, Pypi, and DockerHub (for 
> example) in several weeks.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to