<div dir="ltr">Chris, Kevin,<div>thank you for your support! I left several comments below. Let us now start working with App Catalog team and openstack-dev community and discuss next steps to implement the plan described in [0].</div><div><br></div><div>I also added couple of steps to [0] inspired by comments from Chris on QA and CI/CD process for apps.</div><div><br></div><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex"><div class=""><div class="h5"><br>
> We can have two workflows, one for Official/Supported/Curated apps which are<br>
> contributed using approach #2. At the same time for another category of<br>
> applications #1 will work just fine, ensuring that there are many<br>
> applications in the catalog and there are customers/consumers who'll benefit<br>
> from it.<br>
><br>
<br>
</div></div>I think this is helping make it clear that you are not proposing<br>
catalog content will be kept out if some committee does not deem it<br>
worthwhile - only that "official/supports" assets would face more<br>
scrutiny. I agree with this, and it matches what we've been talking<br>
about in the Community App Catalog for such things.<br></blockquote><div><br></div><div>Exactly. We can pursue two goals here. </div><div><br></div><div>One is to help to apps developers who want to invest some time and effort into QA, CI/CD, documentation process, helping their users to get support from apps developers should users have any questions/issues about these apps. This is somewhat more time/effort consuming process, but as a result users will get apps of more transparent and predictable quality. </div><div><br></div><div>Second is to help to apps developers who has some useful apps to share but don't have time/dedicated resources to follow official approach. Providing them an ability to share their apps using lightweight approach would allow to interested users to use these apps and hopefully to help developers to elaborate/improve them.</div><div><br></div><div>General idea is not to limit anyone with new frameworks/tools/guidance, but to have these tools in place for those in OpenStack community, apps developers and apps users who wants to use them. </div><div><br></div><div>Having a feedback loop between these three parts (OpenStack community, OpenStack apps developers and apps users) seems to be a benefit for all parts involved.</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex"><span class="">
><br>
> By the way, one of the open questions where Foundation can potentially help<br>
> here is HW infra for CI/CD for apps development. None of the apps published<br>
> in the catalog so far has CI/CD associated with it.<br>
<br>
</span>I think the issue here is that the apps do not have a defined testing<br>
framework. The existing OpenStack Infra could support checks for<br>
things like Murano apps, we would just need to work out how to test<br>
these applications.<br>
<br>
I am really glad you started this thread and am in full support of the<br>
initiative, but there's a huge piece lacking here around the testing.<br>
Providing a CI/CD pipeline to app developers would be great, and we<br>
already have an amazing pipeline available to us. The issue is that<br>
writing tests are hard, and coming up with a generic approach that<br>
works for anything in the app catalog is impossible (i.e. murano tests<br>
would look very different from glance tests).<br>
<br>
Are there some great documentation resources we can point Murano<br>
developers to for how to test Murano packages/apps? That seems like<br>
the place to start from my perspective, and that would better inform<br>
the conversation around creating this CI/CD environment.<br></blockquote><div><br></div><div>Chris,</div><div>good point, QA process for apps is a very important and complicated topic. I added several items to [0] about it. It'll require more discussions and work not only for N cycle but rather for O as well.</div><div><br></div><div>However, very generic and high level description of what we can start with could be split in five parts:</div><div><br></div><div>1. Documentation. Put together documentation and best practices of how to check the quality of software asset for Heat, Murano, Glance and TOSCA apps together with their teams. Each of the projects should have some internal/embedded ways of checking integrity of the image, syntax checks, unit tests, ... We can at least provide to apps users and apps developers information about these ways.</div><div><br></div><div>2. Internal/existing checks. Each of the Heat, Glance, Murano and TOSCA should already provide some internal/embedded checks allowing to verify integrity and quality of their apps. Checksums, syntax checks, package/image integrity, etc. - something should already exist in each of the projects. We can start with this, documenting these steps as a part of CI/CD pipeline for each kind of apps separately. </div><div><br></div><div>3. HW to run CI/CD (for now - #2) on. We in Murano have a team working on Murano apps for Community App Catalog. This team works now not only on apps but also on creation of CI/CD for Murano apps. As a first step we'll use our own HW as third-party CI. Next steps are to be discussed with involved parts, including core teams (Heat, Murano, Glance, TOSCA, ...) and apps developers.</div><div><br></div><div>4. Having discussed with core teams #1 and #2 we'll probably identify missing parts. We'll need to discuss with them addition of these missing parts to their roadmaps (integration tests, some tools for verification of software assets, ...)</div><div><br></div><div>5. Verification of functionality provided by workloads automated by corresponding apps in the catalog (databases, operating systems, k8s, gerrit, jenkins, web servers, ....). This is the most complicated part. I think that for apps which are developed in partnership with workloads providers such a verification could be developed together with their dev teams as it requires a lot of expertise in corresponding domain. To be discussed.</div><div><br></div><div>BTW, does App Catalog team have some HW resources available to add some jobs checking #2 or we need to start looking for such a hardware?</div><div><br></div><div>Let's start working on #1-#4 with App Catalog team, openstack-dev community and core teams of Heat, Murano, Glance and TOSCA. Meanwhile on a background we'll be figuring out how to approach #5, it seems it'll require a lot of time and discussions.</div><div><br></div><div>Does it make sense?</div><div><br></div><div>[0] <a href="https://etherpad.openstack.org/p/OpenStackAppsCommunity">https://etherpad.openstack.org/p/OpenStackAppsCommunity</a></div><div><br></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex">
<span class=""><font color="#888888"><br>
-Christopher<br>
</font></span><div class=""><div class="h5"><br>
><br>
> The way we can proceed with some of the applications can be that publisher<br>
> of the application builds CI/CD system on their own HW as a third party CI.<br>
> However, for some of the apps it can be beneficial to have some HW pool<br>
> managed by Apps Community, not by Apps Publishers.<br>
><br>
>><br>
>> > Finally, who is responsible for the application once it’s on<br>
>> > apps.openstack? The original developer. OpenStack should continue to<br>
>> > follow DockerHub’s example (or if you prefer, the Chef Supermarket<br>
>> > example) and link to source code elsewhere, and make it plain who<br>
>> > wrote & maintains the app. Let anyone submit applications for the<br>
>> > catalog with an OpenStackID – we should have less governance here,<br>
>> > not more.<br>
>><br>
>> We can discuss about the details... It's not a good idea to trust the<br>
>> crowd without filtering (the crowd voted Barabbas :), I've heard many<br>
>> times that there is too much junk in DockerHub or the Supermarket,<br>
>> making them less valuable to the unexperienced users.<br>
>><br>
>> An OpenStack Apps Catalog without a strong editorial control would be<br>
>> even less valuable to many popular use cases than it is now.<br>
>><br>
>> Maybe you're thinking of something more lightweight than the Apps<br>
>> Catalog, like a simple aggregator of resources/apps with a lightweight<br>
>> commenting/rating system and links... I'd go with that.<br>
><br>
><br>
> I agree again. As we discussed above, two approaches are possible here, #1<br>
> lightweight approach (register/login, push/update, done) and #2 official<br>
> (what we have now in Catalog actually) when an app is submitted for review,<br>
> reviewed by catalog team and finally gets accepted and published in the<br>
> catalog.<br>
><br>
> We can move from here incrementally, elaborating approach step by step,<br>
> namely:<br>
> 1. Elaborate existing official approach - formulating requirements to<br>
> official apps (how they are QA'd, documented, whether source code needs to<br>
> be published, where it should be published, ...)<br>
><br>
> 2. Start working on implementation of lightweight approach, keeping in mind<br>
> that we'll need a way to structure/rate applications for consumers so that<br>
> they don't get lost when there are too many of them. This is good to have<br>
> problem though, we are not yet there:)<br>
><br>
>><br>
>><br>
>> /stef<br>
>><br>
>> _______________________________________________<br>
>> User-committee mailing list<br>
>> <a href="mailto:User-committee@lists.openstack.org">User-committee@lists.openstack.org</a><br>
>> <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/user-committee" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/user-committee</a><br>
><br>
><br>
><br>
> _______________________________________________<br>
> User-committee mailing list<br>
> <a href="mailto:User-committee@lists.openstack.org">User-committee@lists.openstack.org</a><br>
> <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/user-committee" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/user-committee</a><br>
><br>
<br>
_______________________________________________<br>
User-committee mailing list<br>
<a href="mailto:User-committee@lists.openstack.org">User-committee@lists.openstack.org</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/user-committee" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/user-committee</a><br>
</div></div></blockquote></div><br></div></div>