first draft of tenets #14
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,113 @@ | ||
| # Repository Management Tenets and Goals | ||
|
|
||
| ## What this document is | ||
|
|
||
| The purpose of this document is to define our tenets and goals | ||
| for how we will manage our repositories. | ||
| This will serve as the point of reference for all other documents | ||
| that discuss how to achieve those goals. | ||
|
|
||
| ## What this document is not | ||
|
|
||
| This document does *not* discuss how we will achieve any of these goals. | ||
| Implementation requirements and approaches are discussed in other documents. | ||
|
|
||
| ## Definitions | ||
|
|
||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL | ||
| NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and | ||
| "OPTIONAL" in this document are to be interpreted as described in | ||
| [RFC 2119](https://tools.ietf.org/html/rfc2119). | ||
|
|
||
| * **Requirement** : A requirement is something that MUST be true. | ||
| An example of this could be that secrets MUST NOT be committed in code. | ||
| * **Preference** : A preference is something that SHOULD be true, | ||
| but that we will not force to be true. | ||
| An example of this could be design patterns or code formatting. | ||
|
|
||
| ## Tenets | ||
|
|
||
| 1. [Mechanisms, not good intentions.](#Mechanisms) | ||
| 1. [If it's not written down, it doesn't exist.](#Written Rules) | ||
| 1. [Rules must be machine-enforceable.](#Enforceable Rules) | ||
| 1. [Minimal human involvement.](#Human Involvement) | ||
| 1. [Simple human intervention.](#Human Intervention) | ||
| 1. [Be Consistent.](#Consistency) | ||
|
|
||
| ### Mechanisms | ||
|
|
||
| Requirements MUST NOT depend on the good intentions of humans. | ||
| They MUST be enforceable without direct human action. | ||
|
|
||
| ### Written Rules | ||
|
|
||
| Requirements MUST be defined in written documentation. | ||
|
|
||
| This is important because: | ||
|
|
||
| 1. We MUST efficiently communicate our requirements to all maintainers. | ||
| The only way that we can do this is by writing them down. | ||
| 1. We MUST communicate our requirements to our users and contributors. | ||
| The only way that we can do this is by writing them down. | ||
| 1. We cannot enforce undefined requirements. | ||
| 1. We cannot know when/if/how requirements change if they are not recorded. | ||
|
|
||
|
Comment on lines
+48
to
+54
There was a problem hiding this comment. Is the the correct location to also mention that having written requirements also makes it easier to plan and track progress against the requirements?
Member
Author
There was a problem hiding this comment. Yes, absolutely! :) I'll add that in. |
||
| ### Enforceable Rules | ||
|
|
||
| All requirements MUST be machine enforceable. | ||
| If a machine cannot enforce a requirement | ||
| then that requirement is not sufficiently well defined. | ||
|
|
||
| For a requirement to be enforceable, it MUST NOT be ambiguous. | ||
|
|
||
| For example, if we want to require that unit tests pass, | ||
| we can enforce that by defining branch protection rules | ||
| that will block a merge if the unit tests have not passed. | ||
|
|
||
| This is important because: | ||
|
|
||
| 1. If we have not defined our requirements well enough for a machine to enforce them, | ||
| then we have not defined them well enough for all humans to understand them. | ||
| 1. If a rule requires human judgment to be applied, | ||
|
There was a problem hiding this comment. Some teams might, under time pressure, be willing to take calculated risks and might ask for andon cord type exceptions to machine enforceable rules. Maybe some kind of call-out that Intermittent human over-rides mean the rule also needs refinement and review.
Member
Author
There was a problem hiding this comment. I like the idea of "if the cord gets pulled on the same rule with frequency greater than X". I'm going to think on how/where best to incorporate that, but that'll be a subject for future PRs I think. |
||
| then that rule is incomplete. | ||
|
|
||
| Ambiguity in life is unavoidable, but ambiguity MUST be the exception. | ||
|
|
||
| For example, it is reasonable to have a rule that states clearly when a human MUST be engaged | ||
| but it is not reasonable to have a rule that states that a human MUST always be engaged. | ||
|
|
||
| #### Enforced Rules | ||
|
|
||
| All requirements SHOULD be machine enforced. | ||
|
There was a problem hiding this comment. How does this jive with line 57 where we state that all requirements MUST be machine enforceable?
Member
Author
There was a problem hiding this comment. Target vs reality. Requirements MUST be machine enforceable, but only SHOULD be machine enforced. The goal is that everything will be machine enforced, but the reality is that as we get started and as we add further requirements, there will be a period of time when humans need to enforce them. Subsequent docs will delve into what our requirements are and how we plan to enforce them. |
||
|
|
||
| Any preferences that can be machine enforced | ||
| SHOULD be machine enforced, | ||
| and SHOULD then be made into requirements. | ||
|
Comment on lines
+83
to
+85
There was a problem hiding this comment. Why not have preferences that can be machine enforced MUST be required to be machine enforced but SHOULD become requirements? It would mean that any preferences are permanently fixed until a change is needed and are easy to replicate in other projects. If we didn't want to make the suggested change I would like to change the text so that it encourages users to machine enforce as much as they can.
Member
Author
There was a problem hiding this comment. I would actually be inclined to go the other direction:
See previous comment for why ^ is not MUST. |
||
|
|
||
| ### Human Involvement | ||
|
|
||
| Humans SHOULD NOT need to engage with automation unless something has gone wrong | ||
| or a situation is too ambiguous for the automation to understand. | ||
|
|
||
| When a situation passes a defined ambiguity threshold | ||
| our automation MUST halt and request human intervention. | ||
|
There was a problem hiding this comment. Ok, this sort of addresses my previous comment. |
||
|
|
||
| ### Human Intervention | ||
|
|
||
| Anyone with write access to a repository MUST be able to stop any automation | ||
mattsb42-aws marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| if they think something has gone wrong, will go wrong, | ||
| or that a situation is sufficiently ambiguous. | ||
|
|
||
| ### Consistency | ||
|
|
||
| > Special cases aren't special enough to break the rules. | ||
| > | ||
| > -- The Zen of Python | ||
|
|
||
| Requirements and preferences SHOULD be consistent with relevant community norms. | ||
| Where they diverge, that divergence MUST be to raise the bar | ||
| and the reasons for that divergence MUST be clearly documented. | ||
|
|
||
| Requirements and preferences MUST be consistent across projects | ||
| governed by this document that share common characteristics | ||
| (ex: language, build system, etc). | ||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These tenets & goals apply equally to private/internal and public/external repositories?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes.
The extent to which we can apply them to different scopes and locations is an implementation detail and out of scope for this document (ex: GitHub Actions doesn't work on private repos yet.)