Shoulder session at WOLFcon scheduled. Will be used for previously mentioned retrospective
There was interest in revisiting existing Folio auth mechanisms and creating a proposal/RFC for adopting OAuth/OIDC. A placeholder spike has been created, but not assigned yet.
The intent was to create the board now so cards can be added while this is fresh in our heads, but schedule the RFC sometime after WOLFcon. We just had an RFC retro and are still working on the action items which came out of it.
Jenn Colt provided an update during the meeting on the progress of the documentation. The content from a lengthy GitHub document has been successfully migrated to a draft page on the Wiki, specifically under the "GitHub documentation" subpage of the RFC process. The migration involved moving the background narrative into the Wiki while retaining the specific steps about branching in GitHub. According to Jenn, this approach seems to have worked well, as the first three narrative sections blend seamlessly with the existing content. She mentioned leaving the Lifecycle section in the Wiki to serve as a useful reference for GitHub tags, although it may be subject to changes. Jenn noted that they have not made any changes to the process pieces yet, as they await finalization of updates, especially with the new draft branching strategy. She indicated that Craig is also involved in the process-oriented updates, and both will collaborate to address that aspect. Jenn expressed readiness for the changes to be reviewed but realized that it might be best to hold off merging until the draft branching strategy receives approval. She concluded that once the approval is secured, the Wiki pages and the pull request will provide sufficient guidance for anyone to get started with their RFC.
Whether vote on RFC/DR should be independent
Breaking changes needs communication to team leads
How breaking changes should be communicated has been deferred but outcome of subgroup ADR is intended to be announced in channels and maybe meeting
Subgroup was just defining what the breaking changes are, need another group to define communication guidelines and to communicate further about breaking changes
ADR mentions channels where it (the DR) needs to be announced
Craig and Jenn will keep working on doc and process update
Could we move the TC shoulder meeting to a time during conference when there's not much of interest to TC, use that for face-to-face meeting? Will need to look more closely at schedule.
Craig McNally - not much window to carry on the shoulder meeting during WolfCon, till now 7 people will be attending WolfCon in person
Jenn Colt - also couldn't find a suitable time for a f2f meeting
Maccabee Levine - if shoulder meeting on the Friday of Wolfson week is happening needs to be known soon.
Jeremy Huff I'll be leaving on Friday. So I could do a Friday meeting if it was at eight or nine in the morning.
Jeremy Huff asked about the topics to talk about at the Friday meeting.
Jeremy Huff : I will pursue this in the TC internal channel for an early Friday shoulder meeting. Maybe I will do a doodle poll or something like that.
Today:
Shoulder session for TC scheduled for 9:00 - 10:00 AM CT
No updates.
Tod Olson is looking for a room for the TC and Sec sessions.
A from VBar : it's the latter, implementing policies on top of the existing model
Maccabee Levine: Do the backend and frontend modules still check for *permissions* before doing X operation, or do they ever check for capabilities?
VBar : it's a management layer on top of the assignment of. Make use of permissions as-is so that the existing code can function.
Jenn Colt: Are capabilities equivalent to "hidden permissions"?
VBar : No, it's a management abstraction. Capabilities would account for both hidden and visible permissions. There would be a concept of hidden capabilities.
Anything else?
Marc Johnson : Hidden permissions are in FOLIO so that too granular permissions are not visible and that the permissions shown make sense to users, what's the purpose of hidden capabilities?
VBar : Hidden capabilities would be used to hide low/system-level ones, that similarly to hidden permissions, make no sense to the user
* (wrap up by 11:55)
Process Concerns in the wake of Vince's presentations
All
Questions/concerns were raised in #tc-internal about what the next steps are (after WOLFcon) for the topics recently presented by Vince...
Craig McNally : the presentation is not viewed as a formal proposal (yet). So far it has been presented to the Council chairs (during the Chicago "summit"). There is an expectation that the presentation will be turned into a formal proposal/RFC.
Marc Johnson : not clear what is the TC role until a formal proposal is available. It makes more sense to discuss the next steps.
Owen Stephens : the proposal is too abstract to let the PC and people responsible for the product understand what the impact is. For any approvals it is essential to understand what the impact on the product is and what the work entails, etc.
Tod Olson : operational and sys-ops related concerts.
Jakub Skoczen : can we split the proposal into two parts/phases: 1. Proposal regarding new functionality for managing permissions/capabilities. 2. Architecture/design to support the needed functionality. Part 1. to be reviewed by the parties responsible for product.
Tod Olson: sys-ops mentioned permission-management challenges. Concepts similar to "capabilities" are being implemented? back at Chicago.
Jenn Colt : the problem is with the scope, the proposal is very high-fidelity and top-down. It would make sense to focus on smaller pieces.
VBar the goal was to inject the conversation with some "big ideas"
We need to find a time to discuss "Officially Supported Technologies - Upkeep". There's likely to be a desire to discuss various topics in more depth after WOLFcon. Should we try to squeeze this in before WOLFcon?
Zoom Chat
Tod Olson to Everyone 11:22 AM Something like shopping an idea around before formalizing.
Marc Johnson to Everyone 11:31 AM I imagine we’ll have less challenges with getting these ideas implemented given the source / sponsor of the ideas
Owen Stephens to Everyone 11:32 AM I think that’s perhaps an important point- perhaps we should consider “sponsorship” as an aspect of the proposals. I agree it makes a difference
Marc Johnson to Everyone 11:35 AM It would help me to understand what product needs / challenges these ideas are intended to address
Marc Johnson to Everyone 11:42 AM I think we need to be really careful about the capabilities idea. The way it was described on Monday, I got the sense it was a back end thing, and that won’t practically reduce the composition effort much
Jakub Skoczen to Everyone 11:52 AM The “big idea” approach makes sense to me. But does this mean that this should be considered a straw man proposal and a starting point for conversation? Or is the intention to put this design in development in the coming months?
Marc Johnson 11:57 AM Personally, I don’t find proposals to be the starting point for a conversation
Jenn Colt to Everyone 11:52 AM Yes this is what I was not getting across. This feels like a short circuit of the community conversation so now what?
Marc Johnson 11:58 AM I certainly don’t understand how they fit together
Tod Olson to Everyone 12:00 PM Yes, let’s hang on for a few more minutes.
Owen Stephens to Everyone 12:04 PM I’m going to have to go I’m afraid. I think it’s a big question. I think I’d say being clearer earlier in the process that a particular sponsor is going to be / is interested in pushing a particular issue forward would be good
Jenn Colt to Everyone 12:05 PM +1 to Jakub’s summation. I also have to go!
Owen Stephens to Everyone 12:06 PM From my perspective the development of the Serials app might be an example. There were discussions with sponsors but we tried to bring the knowledge this work was going to happen with sponsorship fromDuke & GBV as soon as we could (to PC in that case)
Topic Backlog
Discuss during a Monday session
Officially Supported Technologies - Upkeep
All
Previous Notes:
A workflow for these pages. When do they transition from one state to another. Do we even need statuses at all ?
Stripes architecture group has some questions about the Poppy release.
Zak: A handshake between developers, dev ops and the TC. Who makes that decision and how do we pass along that knowledge ? E.g. changes in Nodes and in the UI boxes. How to communicate this ? We have a large number of teams, all have to be aware of it. TC should be alerted that changes are happening. We have a couple of dedicated channels for that. Most dev ops have subscribed to these channels. How can dev ops folk raise issues to the next level of community awareness ? There hasn't been a specific piece of TC to move that along.
Craig: There is a fourth group, "Capacity Planning" or "Release Planning". Slack is the de facto communication channel. There are no objections to using Slack. An example is the Java 17 RFC.
Craig: The TC gets it on the agenda and we will discuss it. The TC gets the final say.
Marc Johnson: We shouldn’t use the DevOps Channel. The dev ops folks have made it clear that it should only be used for support requests made to them.
Jakub: Our responsibility is to avoid piling up technical debt.
Marc: Some set of people have to actually make the call. Who lowers the chequered flag ?
Craig: It needs to ultimately come to the TC at least for awareness. There is a missing piece. Capacity Planning needs to provide input here.
Marc: Stakeholders / Capacity Planning could make that decision. Who makes the decision ? Is it the government or is it some parts of the body ?
Marc: the developers community, the dev ops community and sys ops are involved. For example the Spring Framework discussion or the Java 17 discussion. But it was completely separate to the TC decision. It is a coordination and communication effort.
Marc: Maybe the TC needs to let go that they are the decision makers so that they be a moderating group.
Jakub: I agree with Marc. But we are not a system operating group. Dependency management should be in the responsibility of Release management. There are structures in the project for that.
Jason Root: I agree with Jakub and with Marc also. Policies should drive operational/release/support aspects of Folio.
Jason Root: If the idea of “support” is that frameworks are supported, then of course the project should meet that.
Marc Johnson Some group needs to inform OleksAii when a relevant policy event occurs. These documents effectively ARE the manifestation of the policy.
Craig: This is a topic for the next Monday session.
Craig to see if Oleksii Petrenko could join us to discuss the process for updating the officially supported technologies lists.