[tor-bugs] #32025 [Internal Services/Service - git]: Stop using corpsvn and disable it as a service
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Feb 17 08:30:56 UTC 2020
#32025: Stop using corpsvn and disable it as a service
---------------------------------------------+----------------------------
Reporter: arma | Owner: tor-gitadm
Type: project | Status: new
Priority: Medium | Milestone:
Component: Internal Services/Service - git | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: #17202 | Points:
Reviewer: | Sponsor:
---------------------------------------------+----------------------------
Comment (by arma):
[I wrote this explanatory text for Gaba and Anarcat, and I'm posting it to
the ticket too for posterity.]
My rough outline for a way forward would be:
(1) Freeze corpsvn (i.e. make it read-only), and make a full checkout of
it somewhere, and have that accessible in case Sue needs to access it.
(2) Give Sue someplace temporary to put her new files. Maybe that's
Nextcloud. *Not* move all the old files there, or at least not by default.
(3) Put together a strike team to look at the frozen corpsvn checkout,
plus the frozen internalsvn checkout. Build a list of categories (HR,
finance, grantwriting, grant manager, etc), and sort the files into these
categories, discarding as many files as possible. Figure out where else
people are storing these files currently (granthub? google docs? their
hard drive?). Make a comprehensive plan for how files of each category
should be stored, and who should have read or write access per category.
For example, there's no reason that HR documents should go into the same
database, or even the same storage service, as grant proposals.
Step 3 is bigger than just svn, since it has to do with how we should
actually properly store our internal files. Anarcat gave a start to that
process in #32273.
(4) Get Sue and others to switch over to using the new process we develop
in '3'.
We could do (3) before we do (1), and then we would never need to do (2).
It depends how eager we are to shut down corpsvn. Any plan where we put
off (3) indefinitely is dangerous though. For example, we could be open to
gdpr messes in our current state -- plus actual security failures too.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32025#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list