Add: roadmap to hosted ick

1 files changed, 156 insertions, 0 deletions

diff --git a/roadmap.mdwn b/roadmap.mdwn
index 7c7ed42..6b5366f 100644
--- a/roadmap.mdwn
+++ b/roadmap.mdwn
@@ -21,3 +21,159 @@ gather experience on using ick.
 The long-term goal is to develp ick into a hosted service, which can
 be run on a commercial basis, without compromising on software
 freedom.
+
+# Roadmap towards hosted ick
+
+    @startroadmap
+    hosted_demo:
+      label: |
+        Lars run a hosted
+        demo service for
+        himself and users
+      depends:
+        - user_friendly
+        - secure_from_users
+        - secure_for_users
+        - on_demand_workers
+        - trigger_service
+        - multiarch
+
+    user_friendly:
+      label: |
+        Ick is reasonably
+        user friendly to
+        techies.
+      depends:
+        - webui
+        - self_registration
+
+    multiarch:
+      label: |
+        Ick supports building
+        for multiple
+        architecturs.
+      depends:
+        - worker_tags
+        - concurrency
+
+    secure_from_users:
+      label: |
+        Ick is safe and
+        secure from users
+        doing silly things.
+      depends:
+        - networkless_containers
+
+    secure_for_users:
+      label: |
+        Ick is secure for
+        users to use.
+      depends:
+        - isolation
+        - secrets
+
+    secrets:
+      label: |
+        Ick provides a way to
+        securely use secrets:
+        ssh keys, pgp keys,
+        Qvisqve access
+        tokens.
+      depends:
+        - owned_resources
+
+    networkless_containers:
+      label: |
+        Containers have, by
+        default, no network
+        access. Trusted users
+        can allow specific
+        builds to have
+        network access in
+        containers.
+      depends:
+        - owned_resources
+
+    concurrency:
+      label: |
+        Ick can execute
+        several actions in
+        the same build
+        concurrently.
+      depends:
+        - worker_tags
+
+    worker_tags:
+      label: |
+        Ick allows projects
+        and workers to have
+        tags, and can choose
+        which worker to give
+        an action to, based
+        on tags
+
+    on_demand_workers:
+      label: |
+        Ick can create
+        and destroy
+        workers on demand
+      depends:
+        - worker_tags
+
+    trigger_service:
+      label: |
+        Ick can trigger
+        multiple builds when
+        a git repo changes,
+        or when an ick build
+        finishes, or after
+        some time has psssed
+
+    qvisqve_user_auth:
+      label: |
+        Qvisqve can authenticate
+        end users interactively
+
+    qvisqve_user_mgmt_api:
+      label: |
+        Qvisqve can manage
+        users (create, etc)
+        via API
+      depends:
+        - qvisqve_user_auth
+
+    isolation:
+      label: |
+        Users can only see,
+        manipulate their own
+        data
+      depends:
+        - qvisqve_user_mgmt_api
+        - owned_resources
+
+    owned_resources:
+      label: |
+        Each resource is
+        owned by its creator
+      depends:
+        - qvisqve_user_auth
+
+    self_registration:
+      label: |
+        Users can create
+        an account by themselves
+        via a web browser
+      depends:
+        - qvisqve_user_mgmt_api
+        - webui
+
+    webui:
+      label: |
+        Ick has a web UI
+        that allows creation,
+        updating, triggering
+        of projects, builds,
+        viewing status, logs
+      depends:
+        - qvisqve_user_auth
+    @endroadmap