2024-10-14 Meeting notes

Maccabee Levine is next, followed by Craig McNally

Reminder:  Please copy/paste the Zoom chat into the notes.  If you miss it, this is saved along with the meeting recording, but having it here has benefits.

Maccabee Levine

Tod Olson

Jakub Skoczen

Craig McNally

Jenn Colt 

• CC: Maccabee Levine
  • Developer Advocate: CC wants to continue position, but Patrick Pace has decided not to continue for personal reasons. PP will write up refections, CC will look to fill the position.
  • Next Tricouncil meeting 2025-01-13 10am ET
  • AWS: CC decided dev teams to fund their own environments, currently looks like AWS costs are under target of $30K, but not clear how will be affected by any decisions around Eureka. Expect a statement from CC about this.
  • Suggestion about TC role in advocating for developers, and potential for self-hosting institutions to host dev environments at lower cost then AWS.
• PC: Marc Johnson (covering for Tod Olson)
  • Looking at how to standardize prioritization across SIGS and teams, and bring that back to PC
• RMS Group:
  • Jakub not here
• Security Team: 
  • Business as usual (triaging automated vulnerability reports), nothing relevant to report
• Tri-council Application Formalization:  
  • Want community affirmation of Eureka at next Tri-council meeting, working out what to bring to that meeting for the affirmation to happen.
  • Want to sunset current group (working for > 1 year) and hand off to whatever next group is needed.

• 14 Oct 2024 -  Regular TC meeting
• 16 Oct 2024 - Dedicated discussion: TCR-43
• 21 Oct 2024  - Regular TC meeting
• 23 Oct 2024 - Dedicated discussion: TCR 44

Today:

TCR-43 mod-marc-migrations

Some failures

• API criteria failed in self-eval, passing that forward. This is a very soft requirement, Jeremy Huff has found this to be a stumbling block in every review. Craig McNally thinks trend is towards Cypress end-to-end testing and away from Karate API tests. This seems to be managed by Yogesh and QA team and not by the FOLIO governance.
  • Discussion of whether to remove integration testing from criteria; if there are tests wish to use consistent technology to reduce load on dev ops and CI/CD process.
  • Future discussion: whether to remove API test criteria
• Schema access:
  • design uses views into other schemata, seems to violate spirit of the constraint.
• Dependencies other than in module descriptor declared in the README.md:
  • The schema references seem to be a dependency, though not an API dependency.
  • Assertion that schema refs not covered by this requirement, TC deferred that decision.
  • Still, there are hard dependencies between this module and other modules that are not expressed in any way. This is a serious consideration for operations staff trying to run the system.
  • Do not want to mix two things together: (1) whether the dependencies are documented, and (2) whether direct schema access is an acceptable integration technique.
  • Decision accepting mod-fqm-manager: https://folio-org.atlassian.net/browse/TCR-29?focusedCommentId=88302
  • Original discussion: https://folio-org.atlassian.net/wiki/spaces/TC/pages/5057321/2023-09-11+-+mod-fqm-manager
  • Approval (conditional) of mod-fqm-manager in Sept. 2023 was predicated on an RFC which has not been submitted.
  • VBar suggests this is different from FQM in that this is very closely aligned to SRS and has a legitimate interest in access to access the db schema; could be an example of a place to bind modules together in an application and consider the application to be the microservice boundary. There are legitimate questions about applicability.
  • This approach would be dependent upon applications and Eureka, though RFCs for these have not been submitted or accepted.
  • Exception was made for FQM as a product imperative and was a limited exception.
• To be continued: due to time constraints will continue this discussion Wednesday

____

TCR-43: mod-marc-migrations

• Jeremy Huff told Jenn Colt offline that he expects to have it ready by Wednesday.

TCR-45 mod-record-specifications

• Ingolf Kuss Finished the review, all criteria fulfilled except snapshot version dependence.  Dev lead said they will change that dependency before flower release.
• There is a pull request #76 to change that TCR criteria.   
  • Marc Johnson We currently have a disagreement on whether/what to change in the criteria.  Ingolf recommends we approve the TCR regardless.  Marc recalls TC preferring that we decide on the PR first.
    • Maccabee Levine Agree we should decide the PR before the TCR.  Started the conversation several times, there may be disagreement, but need to make a decision.
  • Julian Ladisch disagrees with softening the criterion, prefers to remove it entirely.
  • Marc Johnson it's there because it was originally desired.
  • Jenn Colt Criteria that requires the reviewer to make a subjective judgement are difficult, would rather remove the criterion.
  • Marc Johnson Given that using snapshot dependencies is common practice, does anyone feel strongly enough to oppose ditching the criteria entirely?
    • No objections raised.
  • Change accepted without disagreement.  Ingolf Kuss merged the PR and will change the other related file as well.
• Back to TCR-45.  Ingolf recommends acceptance.  No objections.
  • Approved by lazy consensus.

TCR-44

• Craig McNally First part is deciding about Go lang.  Second is approval of mod-reporting.
• Maccabee Levine Jakub suggested "I think there should be a presentation to the TC from DevOps regarding issues (or lack thereof) related to supporting Go in CI/CD and FOLIO deployments.", and then ok to to the TCR in parallel.
  • No disagreement on process.
  • Marc Johnson Should review this decision next time we review processes.
• Julian Ladisch will do the TCR review of TCR-44.
• Need presentation from DevOps.
  • Jakub Skoczen Maybe we should structure discussion about the criteria.
  • Craig McNally Agree.  Ask Julian to go through criteria, identify which items require discussion.
  • Marc Johnson Agree but suggest we say beforehand things that we know will fail.  Some gaps already known.
• Jenn Colt Let Julian get started on this, then note in Slack when we want to use a Wednesday discussion to talk about it.  Or schedule now.
  • Craig McNally We should schedule now, within timebox for initial review.  Wed 10/23 for review.

Last time:

mod-reporting, a Go rewrite of mod-ldp, has been submitted. As Go is not yet supported it requires work regarding static code checks, code coverage automation, etc.

We should first complete the existing TCR requests.

Should we merge the PR that removes the snapshot criterium from our module acceptance criterium? This will solve the issue with the TCR.

Depending on a SNAPSHOT version is bad practice. Maven rejects a release when trying to release a module with SNAPSHOT dependency. It is also bad practice during development because the build is not reproducible. However, as FOLIO libraries are provided as SNAPSHOT version only the modules are forced to use SNAPSHOT versions during development.

When merging the PR we can appove the submitted module without explaining why we overwrite the SNAPSHOT criterium.

Instead of removing the SNAPSHOT criterium it should be a requirement that can be ignored if reasonably justified.

A warning not to use a SNAPSHOT dependency is in the module release documentation for maven based modules: https://dev.folio.org/guidelines/release-procedures/#prepare-and-perform-the-source-release

We don't know how non-maven modules prevent SNAPSHOT dependencies.

It's up to the development teams how to prevent SNAPSHOT dependencies.

Go modul mod-reporting:

When accepted as a module we indirectly adopt Go as a language.

Should we first accept Go as a language including specific criteria regarding static code analysis, security, etc.?

In the past PoCs have been used to add new stuff to FOLIO without evaluation/approval.

We had been discussing the Go RfC for months.

Regarding adding the Go stack we need more feedback from the community.

All

Need to log decisions for the following:  (see above)

Last week:

Check Recurring Calendar...

We still need to transition the Sunflower page from DRAFT → ACCEPTED... ASAP.  What is preventing this from happening? 

Review decisions that are in progress.  Can any of them be accepted?  rejected?

Currently there is a PoC, developed by Maccabee Levine, of a utility to catalog Github PRs that have been labeled with the "breaking change" label. We would like to get developer feedback on the feasibility of this label being used more often, and the usefulness of this utility. 

Previous Notes:

• A workflow for these pages. When do they transition from one state to another. Do we even need statuses at all ?

Stripes architecture group has some questions about the Poppy release.

Zak: A handshake between developers, dev ops and the TC. Who makes that decision and how do we pass along that knowledge ? E.g. changes in Nodes and in the UI boxes. How to communicate this ? We have a large number of teams, all have to be aware of it.  TC should be alerted that changes are happening. We have a couple of dedicated channels for that. Most dev ops have subscribed to these channels. How can dev ops folk raise issues to the next level of community awareness ? There hasn't been a specific piece of TC to move that along.

Craig: There is a fourth group, "Capacity Planning" or "Release Planning". Slack is the de facto communication channel.  There are no objections to using Slack. An example is the Java 17 RFC. 

Craig: The TC gets it on the agenda and we will discuss it. The TC gets the final say.

Marc Johnson: We shouldn’t use the DevOps Channel. The dev ops folks have made it clear that it should only be used for support requests made to them.

Jakub: Our responsibility is to avoid piling up technical debt.

Marc: Some set of people have to actually make the call. Who lowers the chequered flag ?

Craig: It needs to ultimately come to the TC at least for awareness. There is a missing piece. Capacity Planning needs to provide input here. 

Marc: Stakeholders / Capacity Planning could make that decision. Who makes the decision ? Is it the government or is it some parts of the body ?

Marc: the developers community, the dev ops community and sys ops are involved. For example the Spring Framework discussion or the Java 17 discussion. But it was completely separate to the TC decision. It is a coordination and communication effort.

Marc: Maybe the TC needs to let go that they are the decision makers so that they be a moderating group.

Jakub: I agree with Marc. But we are not a system operating group. Dependency management should be in the responsibility of Release management. There are structures in the project for that.

Jason Root: I agree with Jakub and with Marc also. Policies should drive operational/release/support aspects of Folio.

Jason Root: If the idea of “support” is that frameworks are supported, then of course the project should meet that.

Marc Johnson
Some group needs to inform OleksAii when a relevant policy event occurs.
These documents effectively ARE the manifestation of the policy.

Craig: This is a topic for the next Monday session.

Craig to see if Oleksii Petrenko could join us to discuss the process for updating the officially supported technologies lists.

Possible topic/activity for a Wednesday session:

Discuss/brainstorm:

• Ideas for the type of developer-facing documentation we think would be most helpful for new developers
• How we might bring existing documentation up to date and ensure it's consistent 
• etc.