From nobody Wed Apr 23 16:47:01 2025 X-Original-To: dev-commits-doc-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4ZjQ4Q74shz5tccF for ; Wed, 23 Apr 2025 16:47:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4ZjQ4P6sXNz3QmM; Wed, 23 Apr 2025 16:47:01 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1745426822; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=URQV0jVKzKyZUFdWNhYkA8xbeBFiPlTilKeSlgJwDu4=; b=lyi1Dkd8D84vHqslS8N1mR5qQFg7WkIM4lxJHMlqgItCvQI9JG5PfPcjVW3yQnCKNDRTv9 sfnYvc35KfxKOi+qp6OdkI07sWKFivD741TtxTacfTzlE54ibqCWNiLnVHDpjoE/sztcY8 fD4DNeHMOpy+dHL6fQf5iWAiD8UxvvTmUKg3oVPjvcnPWclt18hAEPG0wiOZmvuewYSJqN B3m7tjfOqEc/5JvqnalW+YNgccPy5eYQcgsvHxauN/Fgdzi+CKCJzT6VbbEKm0ntVxM3Z/ nt2i+4ggjm6Oux35rLVapHeEP2/KQL2DAVPhUPVeu90guuS0qVmDqGOaRyYPlw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1745426822; a=rsa-sha256; cv=none; b=gTfVoqfHEqu+a50QCUxwrA5L17u8BC0qK9BVTGHVXUyH21DRGa3oDy+rL9EbmSW+GvXa1d Fmd4Wn0oG1GE53CGpOBptP0ewy+pfJZYK4qSERz7jfMxek92SUavA8IcWbpr2N59aybYfe jx9CaG1e+iVgdUw/0Z7byozH6ZTgCCHUy0vyu+kFSDQRyTwoEyBJWGqc8NWPeK2MfWAtmI bMKGDRI5xUjXDxAgQCmLhCWk+TgO3UaAMZVXrA+6H3gnT93XPDrs7ua8Xio+4eV5+01LIU BOpHKJ3BO0fhElzklxIWoCULqEs5yJj8MamxH8YWxsm2CrcXaWz7q269UXxLyA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1745426822; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=URQV0jVKzKyZUFdWNhYkA8xbeBFiPlTilKeSlgJwDu4=; b=g3FUWB/fUv+Vb9XbIhkffR1tswnMqsPsgiP9/PsUpaFz+7U4hjBkBgjXJnvWKcB2RquHfQ k79iaxOTB4WcIVRR3Cb/AWECP3OE5l5DLFcvXT+bdA7F2uing4bPrucIeuX1xp+jnQY2ru 49X40IBzgsLjwedOsI443Qo250XBBzy0SGDqZuSUeBvrYWbINP2UI4VVTG5SPQIyEAPYsB Y/0Z2YPDmwbzz6EPyMa/9ikQH/rO9TOKwAlSAOGVsZPKle7iyUziwBKhfkNzeCsZCek6IQ I9gZdT6+u0Nd3910suvqHBgwjkOM60zurVzwEPPXhyUCjUq7re2Nk5n8qNWbMA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4ZjQ4P6F6Wz1BMk; Wed, 23 Apr 2025 16:47:01 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 53NGl1tj021789; Wed, 23 Apr 2025 16:47:01 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 53NGl1rU021786; Wed, 23 Apr 2025 16:47:01 GMT (envelope-from git) Date: Wed, 23 Apr 2025 16:47:01 GMT Message-Id: <202504231647.53NGl1rU021786@gitrepo.freebsd.org> To: doc-committers@FreeBSD.org, dev-commits-doc-all@FreeBSD.org From: Joseph Mingrone Subject: git: c1977b930e - main - status: Add 2025q1 Infrastructure Modernization report entry List-Id: Commit messages for all branches of the doc repository List-Archive: https://lists.freebsd.org/archives/dev-commits-doc-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-doc-all@freebsd.org Sender: owner-dev-commits-doc-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: jrm X-Git-Repository: doc X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: c1977b930e4147c197143667e381cef80b5468de Auto-Submitted: auto-generated The branch main has been updated by jrm: URL: https://cgit.FreeBSD.org/doc/commit/?id=c1977b930e4147c197143667e381cef80b5468de commit c1977b930e4147c197143667e381cef80b5468de Author: Alice Sowerby AuthorDate: 2025-04-21 18:05:17 +0000 Commit: Joseph Mingrone CommitDate: 2025-04-23 16:44:42 +0000 status: Add 2025q1 Infrastructure Modernization report entry Reviewed by: salvadore Sponsored by: The FreeBSD Foundation Pull Request: https://github.com/freebsd/freebsd-doc/pull/490 --- .../foundation-infrastructure_modernization.adoc | 41 ++++++++++++++++++++++ 1 file changed, 41 insertions(+) diff --git a/website/content/en/status/report-2025-01-2025-03/foundation-infrastructure_modernization.adoc b/website/content/en/status/report-2025-01-2025-03/foundation-infrastructure_modernization.adoc new file mode 100644 index 0000000000..45d0b7d592 --- /dev/null +++ b/website/content/en/status/report-2025-01-2025-03/foundation-infrastructure_modernization.adoc @@ -0,0 +1,41 @@ +=== Infrastructure Modernization + +Contact: Ed Maste +Contact: Alice Sowerby + +The project started in Q3 of 2024 and was commissioned by the Sovereign Tech Agency with a budget of $745,000, to be spent over about one year. +The main goals are to improve security tools for the base system, ports, and packages, update the project's infrastructure to speed up development, enhance build security, and make it easier for new developers to get started. + +==== Q1 update +Three of the five work packages are now in progress, with the remaining two to start in April. +The overall schedule has been re-planned to run through to December 2025, allowing for a more sustainable pace of work. + +===== Work Package A: Technical Debt reduction +The Foundation and the FreeBSD Project's Source Management team is working together to make bug management easier and more sustainable. +There is now a link:https://grimoire.freebsd.org[bug backlog dashboard], which helps make the backlog easier to understand during "bug busting" sessions, and is already showing that more bugs are being closed than being opened. +This is hosted on FreeBSD and link:https://github.com/chaoss/grimoirelab/blob/main/FreeBSD.md[documentation] has been submitted upstream to the GrimoireLab project so others can do the same. + +One way to learn more about the project is to listen to the link:https://podcast.chaoss.community/103[CHAOSScast episode] where we talked about this work package. + +We have also been upgrading Bugzilla by applying patches from 2023 onward and improving the upgrade process to ensure smoother future updates. + +===== Work Package B: Zero Trust Builds +Much of the foundational work has been completed to standardize all source release build cases using no-root for creation of release artifacts. +We are formalizing and documenting make world and [.filename]#release.sh# to provide joined-up documentation for users. +In order to get src to build reproducibly we are creating CI tests and are working with link:https://reproducible-builds.org[Reproducible-Builds.org] to restore the link:https://tests.reproducible-builds.org/freebsd/freebsd.html[FreeBSD reproducible CI]. +Read their link:https://reproducible-builds.org/reports/2025-02/[February report]. + +===== Work Package C: CI/CD Automation +The high-level goal is to improve CI/CD automation to streamline software delivery and operations for new and existing software. +Work so far is focusing on: + +* Improving the quality of incoming commits by providing system-agnostic tooling and documentation so that maintainers and developers can run CI without requiring a 3rd-party service (link:https://reviews.freebsd.org/D48015). +* Making it possible to run pre-merge CI on proposed submissions (e.g. Pull Requests) (link:https://reviews.freebsd.org/D36257). +* Documenting the CI management process to make it easier to keep tooling up to date and patched. +* Updating the Source and Ports tests to include standard linters and other relevant automated analysis tools. + +===== Work Package D: Security Controls in Ports and Packages and Work Package E: Improve Software Bill of Materials (SBOM) +These work packages are scheduled to start in April. +The Foundation has been collaborating with FreeBSD Project teams to scope the projects appropriately. + +Commissioning body: Sovereign Tech Agency