Isso Project Infrastructure

Isso Project Infrastructure¶

Conceived initially as Martin Zimmermann (@posativ)’s nimble personal project, Isso has grown to encompass a larger community of users and maintainers. With a transition away from being controlled solely by Martin, the project infrastructure is now largely community-owned.

This page documents the parts that make up the project and who is responsible for them, in order for new or potential maintainers to get a better overview.

Attention

We realize that many of our processes could use an overhaul and would benefit from much more automation. If you know how, please open a Pull Request or offer your help in an issue!

Website¶

The project website used to be hosted at posativ.org/isso, but now lives at its own domain isso-comments.de.

The domain isso-comments.de is registered by @ix5 through German registrar netcup.de. Costs exactly 1.44€ each year so quite sustainable, but makes @ix5 a potential bus factor.

Website content is served by GitHub Pages. The sphinx-doc-built site is auto-deployed to isso-comments.github.io via a GitHub Action on every push to the Isso main repository. Requires appropriate A and CNAME records to GitHub’s servers:

$ dig www.isso-comments.de
www.isso-comments.de.     300     IN      CNAME   isso-comments.github.io.
isso-comments.github.io. 3600     IN      A       185.199.108.153
isso-comments.github.io. 3600     IN      A       185.199.109.153
isso-comments.github.io. 3600     IN      A       185.199.110.153
isso-comments.github.io. 3600     IN      A       185.199.111.153

The demo instance of the comment form (on the homepage) lives on @ix5’s server at comments.isso-comments.de and consists of the latest isso package from PyPI, deployed via gunicorn. The ansible role to set this up is available at ansible-role-isso. The simple auto-reset feature to curtail vandalism is documented at isso-demo-config.

Development¶

Development happens under the isso-comments GitHub organisation, with the main isso-comments/isso repository serving as the source for the Python parts, Javascript client, website and documentation, API documentation as well as CI/CD configuration.

The master branch has branch protections set up, requiring an approving maintainer review before merging.

Packaging¶

Isso is released “officially” to as an installable Python package on PyPI and as a docker image. Other distributors may package releases of Isso natively for operating systems (e.g. for the Arch User repository or formerly Debian), but support for these releases should be given by the packager.

PyPI (Python Package Index)¶

Release rights for the isso PyPI project are held by @jelmer, @posativ, @blatinier and @ix5.

Docker image¶

The ghcr.io/isso-comments/isso docker image is rebuilt on every push to master. Push rights for manually created tags (e.g. :release) are inherited from the main isso-comments/isso GitHub repository (toggle Inherit access from source repository turned on).

The ghcr.io/isso-comments/isso-js-testbed image for running Jest-based unit and integration tests is built and pushed manually by @ix5 so far.

Secrets¶

There are some “secrets” needed to make the auto-deploy feature for GitHub Pages work.

The main isso-comments/isso repository holds a private key in the variable ACTIONS_DEPLOY_KEY (link to action secrets).
The deploy repository isso-comments/isso-comments.github.io for GitHub Pages is set up with a public deploy key (link to deploy keys) corresponding to the action secrets private key, allowing actions running in the source repository to deploy code (the newly generated website) in this repository.

(The direct links only work for maintainers with full repository access).

The docker actions do not need to be outfitted with any special secrets since the main repository is already set up as a source for “Actions access” with write access (link to package settings).