Hi Wei-Chu, Thanks for sharing your experience working on other projects. The Jira related suggestions sound very useful. The extra fields work very good for us in our internal Jira system at Yahoo. In addition to your suggestions, is it possible revisit the labels/components in Jira. If we can set a quick guide on how to label the most common types of Jiras, then this will be of a great help to browse the system.
Regarding the Webhook and GitHub related suggestions, I am a little bit concerned about the extra work it will add compared to their benefits. - Credit goes to all the contributors who work on maintaining Yetus and the CI/CD for the current branches. Do we have any bandwidth to support the new GitHub webhooks? - Just for discussion: is Integrating SonarQube worth the effort of supporting the GitHub webhooks. SonarQube is a double edge weapon and it needs dedicated man hours to weed out the way through the reports. On Mon, Jul 12, 2021 at 11:18 PM Wei-Chiu Chuang <weic...@apache.org> wrote: > Here's another one: > > We can update the JIRA workflow and add more state. For example, Cassandra > has "Review in Progress" and "Need Reviewer" states. INFRA-22049 > <https://issues.apache.org/jira/browse/INFRA-22049> > > On Tue, Jul 13, 2021 at 11:34 AM Wei-Chiu Chuang <weic...@apache.org> > wrote: > > > I work on multiple projects and learned a bunch from those projects.There > > are nice add-ons that help with productivity. There are things we can do > to > > help us manage the project better. > > > > 1. Add new issue types. > > We can add "Epic" jira type to organize a set of related jiras. This > could > > be easier to manage than using a regular JIRA and call it "umbrella". > > > > 2. GitHub Actions > > I am seeing more projects moving to GitHub Actions for precommits. We > > don't necessarily need to migrate off Jenkins, but there are nice add-ons > > that can perform static analysis, catching potential issues. For example, > > Ozone adds SonarQube to post-commit, and exports the report to > SonarCloud. > > Other add-ons are available to scan for docker images, vulnerabilities > > scans. > > > > 3. JIRA security > > It is possible to set up security level (public/private) in JIRA. This > can > > be used to track vulnerability issues and be made only visible to > > committers. Example: INFRA-15258 > > <https://issues.apache.org/jira/browse/INFRA-15258> > > > > 4. New JIRA fields > > It's possible to add new fields. For example, we can add a "Reviewer" > > field, which could help improve the attention to issues. > > > > 5. Doc update > > It is possible to set up automation such that the doc on the Hadoop > > website is refreshed for every commit, providing the latest doc to the > > public. > > > > 6. Webhook > > It's possible to set up webhook such that every commit in GitHub sends a > > notification to the ASF slack. It can be used for other kinds of > > automation. Sky's the limit. > > > > Thoughts? What else can do we? > > > -- Best Regards, *Ahmed Hussein, PhD*
