[#241] - Proposed workflow
- Closed
- 7 Aug 2015
- Medium
- Build: master
- # 241
I'm a firm believer in the principle that the issue tracker is just a different way of viewing the data that is already on Github. Ideally, someone could use the tracker and use Github and they more or less both marry up at the end of the day. To that end, I think it's worth describing what the workflow would be like on Github so that we can translate it to the issue tracker.
It is also important to remember that Github separates resolving issues (an issues like we'd have on JoomlaCode) from evaluating patches. In JoomlaCode we'd attach a patch to an issue. In Github we create a pull request and Github has a special interface to evaluating the submitted code in detail, something which is not possible at all with JoomlaCode. This also allows a clear separation of the workflow between a description of a problem and the coded solution for a problem.
Here's my proposed paradigm:
Use labels to show a blended priority and impact setting:
- P1-Urgent (Software stops working, bad security issues)
- P2-High (Software working but seriously impeded, less-bad security issues)
- P3-Normal
- P4-Low
The issue tracker would have a mapping table for Github label to "list" (in this case priority).
Use labels to show category
For example:
- /Administator
- /Installation
The principle here is to use a common prefix to group lists in Github. The mapping table mentioned previously takes care of how that looks in the Issue Tracker. We don't even need a UI for this, just update the db mapping table by hand "for now".
Use milestones and the natural separation of Issues and Pull Requests to map the workflow.
To this end I'd suggest the following:
- New issues are Open with no milestone.
- A confirmed issue (comment with #confirmed) moves to a "Confirmed" milestone
- All pull requests are automatically considered ready for testing. PR's must link to an issue they fix or address if one exists.
- Anyone who tests a PR and it passes comments with a #test or #tested.
- A PR that is tests moves to a "Review Ready" milestone where it awaits the commit team to review.
We can create a very simple Joomla-Jenkins job to change the milestones when it detects those special hash tags in comments.
Change the testing requirements
- Unless specified otherwise, PR's require 2 good tests.
- Changes to non-code text (DocBlocks, language strings, etc) do not need any testers and go straight to "Review Ready"
- The pull team may ask for more testers where the degree of change or impact warrants it.
Cookie jars and backlogs
- Optionally use labels to show a degree of complexity, more so people can identify easy bugs to fix. I work with a Fabonacci sequence and prefix with a tidle, so it goes like ~1, ~2, ~3, ~5, ~8 ... and it would roughly translate into hours but it really means that a ~8 bug is 8 times more difficult or time consuming that a ~1.
- Use special labels for backlog (things we should have done but didn't get around to) and new tasks or wish lists (things we could or should do).
Manage teams on Github
We should be managing the teams using the Github teams system so that both the Github org and the Issue Tracker share the same access control groups (no need to have any UI to manage groups in the Issue Tracker).
On Github you do need pull rights to be able to assign milestones and labels. This is where the Issue Tracker steps in to bridge that gap. Nevertheless, all of the above is possible now to do just in Github if we wanted to. But in the mean time I think it's important to discuss and finalise the workflow.
That's why, IMO, there has to be a finer ACL and tuning of that in the tracker versus GitHub. Out of the box, all the permissions should match what you can do with GitHub at the various levels (guest, logged in, elevated permissions, etc.).
Yes that's right, but what I was saying is manage the "teams" through Github itself. So manage the JBS members on Github; they would have pull request rights only on Github itself, but the Issue Tracker would let them do more via the interface. Maybe one day Github adds a few extra layers of access control and you can just move the JBS team on Github into that new level and viola, you are golden.
Just to clarify, you have the option of making a team within and org "Pull Only".
And pull only is the same as "merge pull requests". If they had any level of ACL that was lesser (manage labels, milestones, assign individuals, close issues) it would be a totally different discussion. Until that happens, I'm not comfortable assigning everyone to that "lowest access" group.
Pull only does not have merge. See https://github.com/blog/674-introducing-organizations
Pull Only - This new permission level is useful when you want to give people access to see the code, participate in private issues/wikis, or work in their private fork. These members may not push to the organization owned repository.
That level is no better than someone not being on any teams. I moved my @jissues-bot account out of CMS maintainers and into a pull only team on the CMS repo. No ability to work with labels, milestones, etc.
No, no, you mis-understand. Use the pull-only teams as the point of truth for the "members of the groups". Use the Issue Tracker and its API to supplement the actual access control itself.
OK, that could be done. Without a UI though in the tracker to manage those mappings, that equates to hard coding it somewhere. Or am I missing another piece of this?
Regarding the rest of the proposal:
The labels could theoretically be done. The issue becomes how to distinguish between a label that is for priority, a label that is for category, and a label like PR-master to make filtering a little easier on GitHub? It would have to be a future friendly system too.
The milestone management could be within the application. Why would we need Jenkins to do something we can handle natively?
Testing requirements is a discussion outside the application IMO. Totally agree on that proposal though, far too much gets stuck in the system because we have a one size fits all ruleset with regards to patches. Technically, even unit test patches have to get tested before commit in the current workflow!
Cookie jar and backlog - That's a funny thing to think about. Do we let the tracker have a glorified TODO list built into it or continue using it for active reporting of issues or working out feature requests? Not something I think should be decided based solely on the application, but it can certainly be supported with ease. Remember also, the roadmap calls for eventual merging of the ideas pool into this thing.
Without a UI though in the tracker to manage those mappings, that equates to hard coding it somewhere.
Yes, you'd need some admin UI to make those mappings, but you don't have to add UI to manage the members of the groups themselves. I'm proposing just leave that up to Github.
The issue becomes how to distinguish between a label that is for priority, a label that is for category,
I use prefixes. Slash for a category (aka namespace, and you could nest them like /administator/com_articles). I use tilde to denote estimates of time/difficulty, etc.
Why would we need Jenkins to do something we can handle natively?
I'm proposing that people use hash tags for confirm (#confirm or #confirmed) or test (#test or #tested). If someone confirms an issue in a comment it can automatically move from no milestone to the "Confirmed" milestone. Similarly when a PR gets two #tested tags, it could move to "Review Ready".
Testing requirements is a discussion outside the application IMO.
Well I tried to bring it up on list and that was a dead-end discussion. Whatever the case, it's still part of the workflow that that we need to address.
Do we let the tracker have a glorified TODO list built into it or continue using it for active reporting of issues or working out feature requests?
I don't see why not. That would be my preference just as we've one with the Framework.
I would like the application to be able to manage trackers that are not managed on GitHub. E.g. a Joomla! security tracker, a feature tracker, etc.
So I think we need some form of "basic ACL"
Using the GitHub labels to implement things like priorities, categories etc sounds very good.
Maybe we can define some common prefixes (maybe / for categories, Pn- for priorities etc) that are just hard coded ?
I can not really see the advantage of using milestones. I think that's where our "statuses" come in - but yes, they are very project specific and there is currently no way to define them on a project level. Should we also use labels here ?
It will be interesting to see how a script intelligently parses the comments, if we go with the hash tag parsing thingy.
Don't try to be too smart - never trust the machines 
In the end, the first thing to do IMHO is to shut down JCode and move to the GitHub tracker. When this is done we will see what's missing.
has not been implemented.
| Status | New | ⇒ | Closed |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2015-08-07 00:46:23 |
| Closed_By | ⇒ | elkuku |
On the manage teams piece, if we give anyone any level of access, they will have the ability to merge pull requests. Do we want to have the entire JBS able to do that? No offense intended to anyone who may read this, but I would not trust having that many people (or some of the people in that group) having merge permissions on our projects.
That's why, IMO, there has to be a finer ACL and tuning of that in the tracker versus GitHub. Out of the box, all the permissions should match what you can do with GitHub at the various levels (guest, logged in, elevated permissions, etc.).