-
Notifications
You must be signed in to change notification settings - Fork 687
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Migrate docs to dedicated repo #5435
Comments
Should we start from a fork and then prune it down to docs-only? And if so, in that fork (e.g., a |
Would it be worth adding this repo as a submodule in securedrop core? Possibly more dev overhead, but it would help with associating a specific release with a specific docs version. |
I defer to others on the submodule question. I'm not sure more precision than "applies to the current stable release" is required, but in principle, if we have a dedicated docs repo, we could also use tags again in the way RTD supports -- pushing e.g. a 1.6.0 tag the moment SecureDrop 1.6.0 is released, while still being able to easily forward that tag in the event we want to deploy a docs change after the release has been cut. |
Just want to ask that translation be considered in the transition. See https://github.com/freedomofpress/securedrop/issues/2604 |
@joaedwar and @eloquence will collaborate on this during the 8/20-9/2 sprint. As noted above, there are still open questions around translation & the best way to couple docs to a specific production release, which we likely won't be able to fully answer yet, but we should be able to get to a test setup & repo we can experiment with. |
@joaedwar has done some initial research on use of https://github.com/newren/git-filter-repo and will provide step-by-step instructions for arriving at a docs-only repo history from a SecureDrop repo clone. If the result looks good, we'll push it up to https://github.com/freedomofpress/securedrop-docs-alpha and then aim to get a first build working at an independent RTD URL. |
For this migration effort, we can use git-filter-repo to set up a docs-only repo history. git-filter-repo is a single-file python script, so installation is straightforward and just requires copying it into $PATH. Prerequisites
Procedure
Summary:
We can use these for reference: |
Thanks @joaedwar! I've updated https://github.com/freedomofpress/securedrop-docs-alpha per the latest
I've also removed all non-release branches. Here's an outline of how I would envision next steps:
|
Took a look at the history of the new docs repo and it looks great to my eye. Talked through the proposed next steps with @eloquence just now, and those also sound great. The first PR into the new repo can includes a lot of the tracked follow-ups like build, CI, and README cleanup. Once we're in the "beta" stage, we can use the readthedocs.io/org URLs for testing changes. Let's hold off on using Thanks @joaedwar for driving on this! |
After discussion, we agreed that it'd make sense to switch this repo to LFS, given that the screenshots otherwise will continue to balloon it every time we update those. This is now done on https://github.com/freedomofpress/securedrop-docs-alpha . I've used the very nice
(SVG is debatable but I figured "all images" is the simplest rule of thumb to continue to enforce.) The I also removed all historical tags (we still have the release branches in case we want to continue to use the release branch model), and ensured that the LFS references are applied to all branches in this repo. As a result the non-LFS checked out size is now just under 7MB, and any checkout that includes the screenshots will only fetch the versions actually needed. We'll need to document this after the switchover but that should be done through a PR process, so I think we're close to promoting this to beta once we agree on the tagging/branching strategy we want to use for 1.6.0. |
If I'm reading the discussion in readthedocs/readthedocs.org#1846 correctly, the move to LFS may necessitate some changes to our RTD build logic. https://test-builds.readthedocs.io/en/git-lfs/ has an example configuration that installs LFS as part of the build. |
That largely matches what we're doing in e.g. https://github.com/freedomofpress/securedrop-debian-packaging/blob/05eedc6e2a5d9a1c53ebb6dda0a2188365063e05/.circleci/config.yml#L225-L232, just specific to RTD. It'd be nice to run that lfs logic only inside RTD, maybe via env var. |
@zenmonkeykstop and I discussed this a bit today. For now, we would propose a slight variation of the process used for https://github.com/freedomofpress/securedrop-workstation-docs for versioning the standalone docs repo:
This seems like the simplest model to start with -- we can switch to a model with two or more long-lived branches if the frequency of branching warrants it. Will discuss at standup tomorrow, and if this sounds like a reasonable plan, we may be ready to promote the |
In the case of hotfixing the docs, for example editing a typo immediately after release, we can use the postrelease syntax, e.g. |
I've now renamed the repo to https://github.com/freedomofpress/securedrop-docs-beta and will file an infra issue to finalize permissions. |
I've also renamed the default branch to |
For simplicity we've decided to forego the |
Update on current state:
|
Remove docs* and stable branch rules Towards #5435
Status update: We are now using the standalone repo to build the docs at https://docs.securedrop.org/ 🎉 . You can verify it by looking at this page: https://docs.securedrop.org/en/latest/development/journalist_api.html#get-a-list-of-all-users-get The documentation for the Next up, in order, are:
After that, still pending to close this issue:
|
This is now fully resolved. I'll file a follow-up issue to migrate docs issues over in a few weeks, assuming we stick with this setup. |
We currently manage docs in the main
securedrop
repo, which significantly complicates the docs maintenance story:We may want to make docs updates after a signed tag has been created. We now use a separate
stable
branch to track the current stable version of the documentation. To keep this branch up-to-date, we have to deal with potential for core-related merge-conflicts, and we are currently force-pushing this branch as part of the release process, which is not a great practice, esp. in a highly security-sensitive repo.We have to worry about side effects that docs merges have on journalists/admins, because Journalist and Admin Workstations hold a full git checkout of this repo and keep it up-to-date (we will eventually change this: Package Tails workstation code #3502). For example, forced updates to tags conflict with the current workstation updater logic, which is a big part of the reason we're using a
stable
branch instead of a tag.It's difficult to cleanly separate docs maintainership from SecureDrop core maintainership within a single repo, meaning that only folks who are trusted to merge code changes are currently able to merge docs changes.
In the context of the SecureDrop Workstation, we've already split out docs into a dedicated repo: https://github.com/freedomofpress/securedrop-workstation-docs
This has worked well in practice and maintainership of docs is more readily granted (e.g. @rocodes and I can merge there). The main complication is that we sometimes have to line up 2 PRs (a code change and its documentation) at the same time, e.g.: freedomofpress/securedrop-workstation#586 and freedomofpress/securedrop-workstation-docs#55 .
So let's do the same for SD Core. In previous discussions there seemed to be consensus towards this change, so the main questions are likely about the "how" not the "if".
The text was updated successfully, but these errors were encountered: