/
2025-02-17 Meeting notes

2025-02-17 Meeting notes

Owned by Jenn Colt
Last updated: Feb 17, 2025 by Maccabee LevineVersion comment

Date

Attendees 

Discussion items

TimeItemWhoNotes
1 minScribeAllMaccabee Levine is next, followed by Craig McNally

Reminder:  Please copy/paste the Zoom chat into the notes.  If you miss it, this is saved along with the meeting recording, but having it here has benefits.

5-10 minLiaison Updates

Maccabee Levine

Tod Olson

Jakub Skoczen

Craig McNally

  • CC: Maccabee Levine
    • No meeting this week
  • PC: Tod Olson:
    • Main item: update on prioritization process.
    • Led to discussion of getting more active SIG involvement from broader range of people, and fatigue from the most common contributors. Also some related tensions between larger and smaller institutions.
  • RMS Group: Jakub Skoczen
    • Jakub not present
  • Security Team: Craig McNally:
    • No updates.
  • Eureka Early Adopters:  Craig McNally:
    • Met last Wednesday as usual, some updates in the spreadsheet.  Some questions from GBV, provided links.
    • May meet more frequently than weekly.
    • Charlotte Whitt: Support SIG discussed permissions documentation.  Are TestRail tests to be rewritten?
      • Craig McNally New Roles Management test cases are being introduced, for Eureka.  Being executed now.  Tests specific to permissions are no longer relevant, will be deprecated when switch to Eureka.  Lots of tests have pre-conditions with display name for permissions; QA has a tool to map permission name to capability name.
      • Charlotte Whitt will reach out to Thomas Trutt.
      • Craig working on documentation.
5 minUpcoming MeetingsAll
  • - Regular TC meeting
  • - Dedicated Discussion: Eureka (TC-internal topics)
  • - Regular TC meeting
  • - Dedicated Discussion: Eureka with other councils if needed?  Or maybe do this in a PC timeslot, if they are interested.
  • - Tri-council meeting - follow-up on Eureka Adoption?
  • Dedicated Discussion Topics:
    • Eureka after Trillium OST
    • Developer Documentation
    • Voting rules
      • Jenn and Craig did meet on Friday to review action items, one was to touch base with CC.  Are they dictating all voting rules, or setting basics and then councils can go further.
    • Evaluation of the Eureka Components
    • Developer Advocate
    • Communication after recent TCR process changes
    • Evaluating existing modules
    • OST issues with Java21 and Gradle
5-10 minTCR Board ReviewAll

TCR-52 ui-claims

  • Joshua not present
5 min

Technical Council Sub-Groups Updates

All
1 min

GitHub RFCs

Wiki RFCs

All

  • Craig will flesh out evaluations and adoption of Eureka platform. Will work with Jenn.
    • Action item from prior meeting... I think some clarification would be helpful.


1 minDecision LogAll

No changes

Need to colocate all in a single place. Craig will work w/ Jenn 

--

  • This is done!  Confluence will redirect bookmarks.
15 min

Officially Supported Technologies (OST)

All

Check Recurring Calendar...

Wrap up Trillium OST

  • Kong and Keycloak: 
    • Craig McNally For OSS release, only current version is supported.  Craig extrapolated / predicted dates for upcoming releases.  We're currently on 3.7 which is an LTS for the enterprise version.  Can estimate and say 3.12.  Or can just say "the most recent version" whatever it ends up being.
    • Marc Johnson Last time Craig said that Eureka doesn't use Kong or Keycloak directly, it uses custom FOLIO things that use Keycloak and Kong internally, so thought we agreed we'd only bother versioning the FOLIO-specific stuff and not the underlying software.
      • Craig McNally Our libraries use the base images, and then add some things on top of it.  I.e. Keycloak adds our FOLIO login page theme.  With Kong, adds some declarative language for startup.  So base image plus extensions.  FOLIO versioning policy uses underlying major & minor versions; uses patch version for the local customizations.
      • Marc Johnson These are fist-party things now.  So we should version them later, we do those way later in the OST process.
      • Tod Olson The rough predictions are useful as a reminder.  Relate to Marc's point, it would be useful to have a one-sentence explanation here of that relationship of FOLIO Kong to underlying library.  And useful to link to support policy for enterprise and OSS versions.  All useful info because it's complicated.
      • Marc Johnson Governance interest for those distributing without an enterprise agreement, it will be impossible for them to be supported for a whole flower release.  People will have to be used to the idea that they're not deploying Kong and Keycloak, they're deploying derivations.   No value in locking down versions now since they are first-party dependencies now.
    • Charlotte Whitt NL Sweden uses Keycloak for other things, will they need to use both that and this FOLIO-specific version?
      • Craig McNally Depends how they're using it, would need more info.
    • Craig McNally This is applicable to third-party discussion because what we add is pretty thin.  We'll likely have to upgrade during a CSP, i.e. there may be security vulns found. 
      • Also, Keycloak Admin Client libraries are now being released separately.  Release cadence not clear yet.  Easiest thing to say is just "latest version".
      • Marc Johnson All comes back to the policy stuff, how specific (or not) we want to be in this document.  Gap in our governance model.  At some point, we may want to reflect if this model is working as useful info.  For CSP stuff, that should be taken up with RSMG, some upgrades would not be "critical", although that policy isn't consistently applied.
      • Craig McNally Comes down to reactive or proactive.  May not know about vulns.  Depends how proactive we want to be.
    • Consensus to list both as "latest version" for now.
  • Trillium marked as accepted.
  • Java21 issue (Sunflower) – Owen posted in #tech-council.
    • Marc Johnson We went to Java 21 because Spring libraries required it, and for some reason didn't do dual-support.  Can change the docs to do dual support.  17 has plenty of time left on support.  We should also come back to a discussion of how we communicate OCR changes – these things are only useful if people know about it.
    • Jenn Colt Yes Zak asked how it was communicated.  WRT Sunflower Java 17, fine changing it if no objection.
    • Tod Olson Compiled Java bytecode knows what version it was compiled to, and JVMs contain internal backward compatibility.  So one would expect something compiled on 17 to run on 21.  Not saying if written for 17 to compile for 21.
    • Marc Johnson We version the JDK and JVM.  If we were confident in Tod's point, we could say we support JDK17 but only JVM 21. 
    • Tod Olson Julian suggested in the chat to only make this exception for Grails.
    • Marc Johnson This might not be the only team that has this problem with 21.  If we make this restriction, might have to change that later.  But ok if it makes people more comfortable.  And nobody is validating this.
    • Craig McNally Indirectly validating, i.e. older version of Spring Boot would be found by tooling if it has a vuln.  Where is Spring Boot requirement for Java 21?
    • Jenn Colt Another option is to not update the doc, and just have someone breaking the policy.
    • Craig McNally We can version Grails 6, and have a sub-bullet acknowledging that it conflicts with the JVM requirement.
    • Decision was to write the exception under the Java 21 note, specifically for Grails modules.



END OF MEETING
*Voting RulesAll

Straw vote about whether we should require at least 6 yes votes to accept a proposal: 4 yes, 4 no.

Last week's notes:

  • Review options around quorum and whether we use majority of members present or votes cast.

Straw poll (non-binding): do we accept majority of cast (yes) or majority of TC members present (no):

  • Yes: 3
  • No: 6
  • Abstentions: 2

Next step: define a set of straw polls we want to ask, then we can execute those all at once and hopefully narrow in on a decision.

Discussion today:

Marc Johnson problem with straw polls when the number of votes minus abstentions is less than 6

Ingolf Kuss we should think about deciding first weather we want to have slack votes or not

Jenn Colt should we enable slack voting by request before the conduction of a vote?


3 straw polls (see Voting Rule Comparisons)

  • Straw Poll: Slack yes/no: Result 3 for yes, 5 for no
  • Quorum for making a decision which may involve a vote: Result Over 1/2 or over 2/3? 6 for Over 1/2, 3 for over 2/3
  • Minimum number of ‘Yes’ votes to pass a motion

  1. Majority of votes cast

  2. Majority of those present

Result 4 to 4

Some members think about changing the votes for the last straw poll.

Marc Johnson if you have a higher quorum, then majority of votes would fix low vote decisions. On the other hand, on low quorum and option 2 fixes it too.

Today:

  • ...
NAZoom Chat



Topic Backlog

Decision Log ReviewAll

Review decisions that are in progress.  Can any of them be accepted?  rejected?

Translation SubgroupAllSince we're having trouble finding volunteers for a subgroup, maybe we can make progress during a dedicated discussion session?
Communicating Breaking ChangesAll

Currently there is a PoC, developed by Maccabee Levine, of a utility to catalog Github PRs that have been labeled with the "breaking change" label. We would like to get developer feedback on the feasibility of this label being used more often, and the usefulness of this utility. 

Officially Supported Technologies - UpkeepAll

Previous Notes:

  • A workflow for these pages. When do they transition from one state to another. Do we even need statuses at all ?

Stripes architecture group has some questions about the Poppy release.

Zak: A handshake between developers, dev ops and the TC. Who makes that decision and how do we pass along that knowledge ? E.g. changes in Nodes and in the UI boxes. How to communicate this ? We have a large number of teams, all have to be aware of it.  TC should be alerted that changes are happening. We have a couple of dedicated channels for that. Most dev ops have subscribed to these channels. How can dev ops folk raise issues to the next level of community awareness ? There hasn't been a specific piece of TC to move that along.

Craig: There is a fourth group, "Capacity Planning" or "Release Planning". Slack is the de facto communication channel.  There are no objections to using Slack. An example is the Java 17 RFC. 

Craig: The TC gets it on the agenda and we will discuss it. The TC gets the final say.

Marc Johnson: We shouldn’t use the DevOps Channel. The dev ops folks have made it clear that it should only be used for support requests made to them.

Jakub: Our responsibility is to avoid piling up technical debt.

Marc: Some set of people have to actually make the call. Who lowers the chequered flag ?

Craig: It needs to ultimately come to the TC at least for awareness. There is a missing piece. Capacity Planning needs to provide input here. 

Marc: Stakeholders / Capacity Planning could make that decision. Who makes the decision ? Is it the government or is it some parts of the body ?

Marc: the developers community, the dev ops community and sys ops are involved. For example the Spring Framework discussion or the Java 17 discussion. But it was completely separate to the TC decision. It is a coordination and communication effort.

Marc: Maybe the TC needs to let go that they are the decision makers so that they be a moderating group.

Jakub: I agree with Marc. But we are not a system operating group. Dependency management should be in the responsibility of Release management. There are structures in the project for that.

Jason Root: I agree with Jakub and with Marc also. Policies should drive operational/release/support aspects of Folio.

Jason Root: If the idea of “support” is that frameworks are supported, then of course the project should meet that.

Marc Johnson
Some group needs to inform OleksAii when a relevant policy event occurs.
These documents effectively ARE the manifestation of the policy.

Craig: This is a topic for the next Monday session.

Craig to see if Oleksii Petrenko could join us to discuss the process for updating the officially supported technologies lists.


Dev Documentation VisibilityAll

Possible topic/activity for a Wednesday session:

Discuss/brainstorm:

  • Ideas for the type of developer-facing documentation we think would be most helpful for new developers
  • How we might bring existing documentation up to date and ensure it's consistent 
  • etc.
API linting within our backend modulesAll

https://folio-project.slack.com/archives/CAQ7L02PP/p1713343461518409


Hello team, I would like to discuss API linting within our backend modules. Some time ago, we transitioned our linting process from Jenkins to GitHub Actions as outlined in https://folio-org.atlassian.net/browse/FOLIO-3678. I am assuming that this move was done via some technical council decision. Please correct me if I'm wrong.
In my observations, I've found two problems:
  1. Schema linting does not occur if the schemas are in YAML format.
  2. There are issues with resolving some deeper references during API linting.
Although I'm unsure about how to improve the existing linting implementations within Folio, I propose to consider an open-source solution that handles OpenAPI linting effectively and allows us to define custom rules. For your reference: https://stoplight.io/open-source/spectral A test of this solution can be found in this PR: https://github.com/folio-org/mod-search/pull/567. The same PR also provides an example of custom rule definition: https://github.com/folio-org/mod-search/pull/567/files#diff-d5da7cb43c444434994b76f3b04aa6e702c09e938de09dbc09d72569d611d9ab.Also, by employing 'Spectral', I discovered AsyncAPI (https://www.asyncapi.com/en), an API design tool similar to OpenAPI but for asynchronous interactions. I suggest that we consider using AsyncAPI in FOLIO to generate documentation for Kafka interactions.


PR TemplatesAll

https://folio-project.slack.com/archives/CAQ7L02PP/p1713445649504769

Hello team, Small request to consider.
Regarding pr templates.
  1. From my perspective, pr template is not good idea. Even the biggest open source projects that are contributed by many people don't have any pr template. Currently what we have for acq modules https://github.com/folio-org/mod-orders-storage/blob/master/PULL_REQUEST_TEMPLATE.md
  2. These pr template is inconsistent in different teams.
What I suggest is that, pr template shouldn't be any instructions, because most developer who are creating pr have already understand the rules. If we put just two section into template, it will encourage developers to write more about their work and that lead to knowledge  sharing among developers.
Proposed Mod KafkaAll

https://folio-project.slack.com/archives/CAQ7L02PP/p1714471592534689

Mike Taylor

Proposal. If and only if a FOLIO instance is running Kafka, it should insert and enable a module called mod-kafka, which consists entirely of a module descriptor that says it provides the interface kafka. The purpose is so that other modules can use the standard <IfInterface> and similar tools to determine whether they should attempt Kafka operations. Rationale: the FOLIO ILS depends absolutely on Kafka, but other uses of the platform will not. One such example: a dev platform that includes only mod-users, used as a source of change events for Metadb.

Related content