From cd70330274dd6bae99d39b74d305d04d56026c8d Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Sun, 29 Jul 2018 14:22:25 +0300 Subject: Add: roadmap to hosted ick --- roadmap.mdwn | 156 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 156 insertions(+) (limited to 'roadmap.mdwn') diff --git a/roadmap.mdwn b/roadmap.mdwn index 7c7ed42..6b5366f 100644 --- a/roadmap.mdwn +++ b/roadmap.mdwn @@ -21,3 +21,159 @@ gather experience on using ick. The long-term goal is to develp ick into a hosted service, which can be run on a commercial basis, without compromising on software freedom. + +# Roadmap towards hosted ick + + @startroadmap + hosted_demo: + label: | + Lars run a hosted + demo service for + himself and users + depends: + - user_friendly + - secure_from_users + - secure_for_users + - on_demand_workers + - trigger_service + - multiarch + + user_friendly: + label: | + Ick is reasonably + user friendly to + techies. + depends: + - webui + - self_registration + + multiarch: + label: | + Ick supports building + for multiple + architecturs. + depends: + - worker_tags + - concurrency + + secure_from_users: + label: | + Ick is safe and + secure from users + doing silly things. + depends: + - networkless_containers + + secure_for_users: + label: | + Ick is secure for + users to use. + depends: + - isolation + - secrets + + secrets: + label: | + Ick provides a way to + securely use secrets: + ssh keys, pgp keys, + Qvisqve access + tokens. + depends: + - owned_resources + + networkless_containers: + label: | + Containers have, by + default, no network + access. Trusted users + can allow specific + builds to have + network access in + containers. + depends: + - owned_resources + + concurrency: + label: | + Ick can execute + several actions in + the same build + concurrently. + depends: + - worker_tags + + worker_tags: + label: | + Ick allows projects + and workers to have + tags, and can choose + which worker to give + an action to, based + on tags + + on_demand_workers: + label: | + Ick can create + and destroy + workers on demand + depends: + - worker_tags + + trigger_service: + label: | + Ick can trigger + multiple builds when + a git repo changes, + or when an ick build + finishes, or after + some time has psssed + + qvisqve_user_auth: + label: | + Qvisqve can authenticate + end users interactively + + qvisqve_user_mgmt_api: + label: | + Qvisqve can manage + users (create, etc) + via API + depends: + - qvisqve_user_auth + + isolation: + label: | + Users can only see, + manipulate their own + data + depends: + - qvisqve_user_mgmt_api + - owned_resources + + owned_resources: + label: | + Each resource is + owned by its creator + depends: + - qvisqve_user_auth + + self_registration: + label: | + Users can create + an account by themselves + via a web browser + depends: + - qvisqve_user_mgmt_api + - webui + + webui: + label: | + Ick has a web UI + that allows creation, + updating, triggering + of projects, builds, + viewing status, logs + depends: + - qvisqve_user_auth + @endroadmap -- cgit v1.2.1