Skip to content

Sprint Planning Meeting 2020 07 23

Jump to bottom
Erik Moeller edited this page Jul 23, 2020 · 1 revision

Sprint Planning Meeting, SecureDrop, July 23, 2020

Sprint timeframe: Beginning of Day (PDT) 2020-07-23 to Beginning of Day (PDT) 2020-08-05

0) SecureDrop 1.5.0 Check-In

Issues found in QA:

Docs strategy check-in

1) Retrospective

What we said we would do:

  1. Land key changes for SecureDrop 1.5.0 and begin QA
  • Journalist Interface Warning for v2 deprecation
  • Kernel update

Sprint goal fully met. Above changes and others landed, QA well underway.

  1. SecureDrop Workstation component releases
  • securedrop-workstation-grsec: 4.14.169 -> 4.14.186
  • securedrop-workstation: 0.3.1 -> 0.4.0 (single-stage updater)
  • securedrop-client: 0.2.0 -> 0.2.1 (deletion fixes, CSS refactoring, no duplicate jobs)

Sprint goal fully met. Above releases landed, followed by a kernel metapackage release to fix an issue only found in production.

  1. Complete read/unread research and scope first iteration

Sprint goal partially met. High fidelity interactive prototype completed, and first user interview and report-back completed. 2-4 additional interviews in the pipeline.

Additional accomplishments:

Other team comments

What went well

  • Released client, workstation kernels, workstation RPM and most of release work securedrop-core this sprint
  • Delivered on the branch-renames after much discussion, great to see!
  • Weblate updated, reducing reviewer work
  • Release docs continue to improve
  • Did some backlog grooming (discovered that we have some code cleanup and refactor opportunities)
    • Nice to take the time to read stale issues and push them forward (+1 +1)
  • Knowledge transfer on different release roles is great
  • Erik caught us up on Weblate comments/communications, resulting in a bunch of source string improvements.

What can be improved

  • Docs maintenance remains a pain point. Great strategies such as forking already discussed, looking forward to revisiting
    • +1 there might also be some amount of duplication
  • [ro] A small thing: when I filed my QA issue yesterday I was very confused by other successful QA reports and spent several extra hours redoing the steps--if there are extra steps or notes for QA, please document them in the test plan even if they seem “obvious”
    • [john] Yeah, I should have copied/improved the test plan from the PR for that.
    • +1, I find even a passing mention of “and then I did x” to be super helpful when referring back. Great QA this release, Ro!
  • I know we say it a lot but if we could make releases faster we could focus more on development. One thing that takes a lot of time is developing the changelog and verifying checksums (tarballs and debs)
    • Also backporting PR’s, there was a redshiftzerobot at some point to backport
      • That would be great; the cherrypicking is tedious and error prone.
    • Or making more of an effort to squash commits that don’t add much to the history. (+1)
      • Squashing should be done manually via git rebase -i, squash and merge in github may result in missed changes if we grep for merge commits in git logs
      • ACTION: Mickael will investigate disabling squash/merge feature in GitHub
      • ACTION: Generally agreed that maintainers will pay more attention to # of commits on PRs before merging, squash or remind contributor to do so
    • +3! (especially checksum stuff)
    • Also got close with testinfra, but we still ended up doing all the manual basic testing again. It would be awesome to get that done.
  • Didn’t leave enough time for translation + feedback

What’s still a mystery

  • Long-term docs maintenance still unclear (separate repo seems to be the favored option)
  • Workstation kernel QA
    • Why was the graphics issue not reproducible? Several testers didn’t hit it, then post-release several folks did
    • Why was the DKMS autoinstall failure not sufficient to cause apt/dpkg to error out? Can we make such a failure louder?
  • Whither redshiftzerobot?

Learning time debrief:

  • Erik: Cont'd PyQt4 lessons, aiming to poke at bugfix for "text cutoff" issue in SecureDrop Workstation updater soon.
  • Kev: zero progress on pals :(

2) Review key dates and time commitments

2020-07-24              : FPF holiday
2020-07-28              : SecureDrop 1.5.0 Release
                          Tails 4.9 Release
2020-07-25 to 2020-08-02: HOPE (virtual)
2020-08-01              : Mickael's HOPE talk
                          https://scheduler.hope.net/hope2020/talk/GK3CR3/
2020-08-03 to 2020-08-07: PTO: Ro, John

After this sprint:

2020-08-06 to 2020-08-09: DEFCON (virtual)
2020-08-12              : SecureDrop Fundraising Event
2020-08-13 to 2020-08-14: FPF-internal unconference
TBD                     : Pilot ends, decision point on SecureDrop Workstation

Time check: https://docs.google.com/spreadsheets/d/1Jx2juUy_vxNxkuYOQpssnSYgFPlTkLPbRMGhqIwYWlE/edit#gid=0

3) Agree upon top 3 priorities for the next two weeks

  1. Release SecureDrop 1.5.0
  2. Complete template consolidation investigation, document implementation plan
  3. Complete read/unread research, decide scope of first iteration and begin implementation

Ubuntu 18.04/20.04 work will continue with a planning mtg focused on build strategy during this sprint, so we can start implementing an Ubuntu 20.04 build branch in the next sprint.

Learning time: Keeping previous commitments.

4) Select and estimate tasks

https://docs.google.com/spreadsheets/d/1xbz1rBo7nPhvjPA-Lw3STXM0GllvCoK6SJRQIuLQME0/edit#gid=0

Clone this wiki locally