We are running a multitude of services.
Our usual approach to these services is that we fix things when they
break, test our client code against the live instance (with perhaps a
special area of the database - eg the `experimental' suite). I have
found writing server-side software in this environment is awkward. My
own service has a test suite which sets up a stunt environment, but
inevitably stunt environments in test suites are much less like the
real thing than a staging instance.
Should we not have public test instances of all these things ?
I suggest we should declare (perhaps as a DEP?) a systematic scheme
which recommends to infrastructure operators answers to the following
questions:
- how to address the test instance of each service
- relationships between test instances of different services
- access control
- availability policy
- usual contents of a test instance
- hosting arrangements
My starting points for answers to these questions are something like
this:
* Most of our services are addressed via domain names,
*.debian.org or *.debian.net. Test instance of a service are
correspondingly at *.infratest.debian.{org,net}.
* Test instances should talk to the test instances of other
services. For example bugs.infratest.debian.org should track
package data from ftp.infratest.debian.org.
* Access control should be identical to the live service by default,
but enhanced access will be available on a much more relaxed basis
(depending on the service). Passwords to access, and secret keys
held by, test instances will be different.
* Test instances should normally be up, but may be down or broken
or something when they are being worked on.
* Test instances will get a copy of the corresponding real instance
copied to them on a monthly basis. We will filter the data to make
it more manageable, on the basis of package names and/or dates.
Any confidential data will not be copied.
* I don't know about hosting arrangements. We should ask DSA's
opinion. I think that test instances should run on a different
host to the live instance, so that security bugs in test instances
are not so much of a concern.
If we wrote some of this down then infrastructure operators (like me,
wrt the dgit git server) can start to think about implement it. I
think it will be work at first but make a lot of things easier.
Ian.
--
Ian Jackson <ijack...@chiark.greenend.org.uk> These opinions are my own.
If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.
