Skip to content

Commit 79be941

Browse files
committed
add "Infrastructure Team 2025 Q3 Recap and Q4 Plan"
1 parent 31454ee commit 79be941

File tree

1 file changed

+152
-0
lines changed

1 file changed

+152
-0
lines changed
Lines changed: 152 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,152 @@
1+
+++
2+
path = "inside-rust/9999/12/31/infrastructure-team-q3-recap-and-q4-plan"
3+
title = "Infrastructure Team 2025 Q3 Recap and Q4 Plan"
4+
authors = ["Marco Ieni"]
5+
6+
[extra]
7+
team = "The Rust Infrastructure Team"
8+
team_url = "https://www.rust-lang.org/governance/teams/infra#team-infra"
9+
+++
10+
11+
As we wrap up the third quarter of 2025, the Infrastructure Team is excited to share what we've accomplished and what's coming next.
12+
13+
## Q3 2025 Accomplishments
14+
15+
### crates-io-auth-action
16+
17+
We created the [`crates-io-auth-action`](https://github.com/rust-lang/crates-io-auth-action), which can be used to obtain publish tokens for `crates.io`
18+
using [trusted publishing](https://crates.io/docs/trusted-publishing).
19+
20+
### Critical data asset backup
21+
22+
One of our most important security improvements this quarter was establishing an out-of-band backup system for Rust's critical data assets.
23+
Previously, all of Rust's releases and crates were stored exclusively on AWS.
24+
We've now created a backup in Google Cloud Platform that includes all Rust
25+
releases and crates, with daily incremental updates.
26+
27+
The GCP account is owned by two Rust Foundation staff members who are not AWS administrators
28+
(i.e. they aren't admins of the Infrastructure team).
29+
This makes it significantly more difficult for an attacker to compromise or delete both the primary and backup data, as they would need to breach at least two separate accounts.
30+
31+
Learn more about this initiative in our
32+
[docs](https://github.com/rust-lang/infra-team/blob/3292c4614889ac7427dc4729bd0ad3ee97ab5be7/service-catalog/rust-assets-backup/README.md).
33+
34+
### CDNs alerts
35+
36+
The CDNs for Rust releases and crates are critically important for users of Rust. If either suffers a service disruption, it has a direct impact on the ability of users to install Rust and build their projects.
37+
38+
In the past, we had set up integrations for AWS CloudFront and Fastly, our Content Delivery Networks, with Datadog, our monitoring platform. While we had metrics coming into Datadog in real-time, we had not set up alerts on top of them.
39+
40+
In Q3, we created multiple alerts that monitor our CDNs and report when traffic falls below pre-defined thresholds. These alerts ping the engineering team at the Rust Foundation, which has a runbook for incidents that includes notifying the community.
41+
42+
GitHub issue: [rust-lang/infra-team#179](https://github.com/rust-lang/infra-team/issues/179).
43+
44+
### `rust-lang.org` is now a static website
45+
46+
We converted [`rust-lang.org`](http://rust-lang.org) from a Rust webserver deployed on Heroku to a static website hosted on GitHub Pages.
47+
This change eliminates several security and operational concerns:
48+
49+
- **Enhanced security**: Static sites are inherently more secure and less vulnerable to DDoS attacks.
50+
- **Simplified infrastructure**: Removes the complexity of managing a web server, which is unnecessary
51+
to serve static content.
52+
- **Cost reduction**: GitHub Pages hosting is free, while the Foundation was paying for the previous
53+
Heroku deployment.
54+
- **Improved robustness**: Static hosting is generally more reliable and performant.
55+
56+
Thanks to [Manishearth](https://github.com/Manishearth) and [senekor](https://github.com/senekor) from the website team for their reviews and support.
57+
58+
GitHub PR: [rust-lang/www.rust-lang.org#2174](https://github.com/rust-lang/www.rust-lang.org/issues/2174).
59+
60+
### GitHub organization members cleanup
61+
62+
The Infra Team created an automation to clean up all GitHub organizations managed by the Rust Project by removing members who are not part of any team within those organizations.
63+
You can learn more in the Inside Rust Blog [post](https://blog.rust-lang.org/inside-rust/2025/08/26/removing-inactive-members-from-github-organizations/).
64+
65+
Thanks to [me-diru](https://github.com/me-diru) for starting the implementation work.
66+
67+
### The new Bors runs Rust CI try builds
68+
69+
The infra and [bors](https://rust-lang.org/governance/teams/infra/#team-infra-bors)
70+
teams continued working on migrating the Rust CI from the legacy bors ([homu](https://github.com/rust-lang/homu))
71+
to the new [bors](https://github.com/rust-lang/bors), written in Rust.
72+
73+
Starting from July, all try builds (`@bors try`) run exclusively through the new bors.
74+
This is a significant step forward in improving the reliability of our continuous integration infrastructure.
75+
76+
GitHub PR: [rust-lang/bors#352](https://github.com/rust-lang/bors/pull/352)
77+
78+
### Support optional CI jobs
79+
80+
So far, CI only had jobs that ran on PRs or when a merge to the default branch was attempted (i.e. the auto build).
81+
We added the ability to add CI jobs that only run on-demand, so that contributors can run these tests on PRs whenever they are worried that they might break certain parts of the codebase. This is useful to test tier 2 and tier 3 targets in CI, whose tests don’t always run on CI by default.
82+
83+
This feature was requested in [\#t-infra \> Testing for T2/T3 targets](https://rust-lang.zulipchat.com/#narrow/channel/242791-t-infra/topic/Testing.20for.20T2.2FT3.20targets/with/526715751) and documented in [rust-lang/rust#143283](https://github.com/rust-lang/rust/pull/143283).
84+
85+
### Repositories default branch rename
86+
87+
We're updating our repositories to use more inclusive naming conventions. This quarter, we renamed the default branches from `master` to `main` in the [`rustc-dev-guide`](https://github.com/rust-lang/rustc-dev-guide) ([PR](https://github.com/rust-lang/rustc-dev-guide/pull/2570)), [`www.rust-lang.org`](https://github.com/rust-lang/www.rust-lang.org) ([PR](https://github.com/rust-lang/www.rust-lang.org/pull/2205)) and [`blog.rust-lang.org`](https://github.com/rust-lang/blog.rust-lang.org) ([PR](https://github.com/rust-lang/blog.rust-lang.org/pull/1689/)) repositories.
88+
89+
Thanks to [senekor](https://github.com/senekor), [tshepang](https://github.com/tshepang), [carols10cents](https://github.com/carols10cents) and all the other people involved.
90+
91+
### Talks and interviews
92+
93+
At RustConf 2025:
94+
95+
- [JD](https://github.com/jdno) was interviewed about the Rust Infrastructure team. You can find the video [here](https://www.youtube.com/watch?v=r7i-2wHtNjw).
96+
- [Marco](https://github.com/marcoieni) presented the talk *"How We Made the Rust CI 75% Cheaper"*. The video will be published soon in the [Rust Foundation YouTube channel](https://www.youtube.com/@rustfoundation).
97+
98+
## Q4 2025 Plans
99+
100+
Looking ahead to the fourth quarter of Q4, we planned the following initiatives:
101+
102+
### Hire a new Rust Foundation infrastructure engineer
103+
104+
[JD](https://github.com/jdno), one of the two Infrastructure Engineers employed full time at the Rust Foundation resigned to start his own company.
105+
JD is staying in the team as a volunteer, but the amount of time he can dedicate to the team will be lower than before.
106+
This quarter, we want to hire a new Infrastructure Engineer to restore the previous capacity of the team.
107+
Follow the Foundation's social media and [careers page](https://rustfoundation.org/careers/) if you want to know when the position is posted.
108+
109+
We would like to take this opportunity to thank JD for his 3 years of
110+
invaluable contributions and support to the Rust Infrastructure team and the Rust community.
111+
To learn more about his transition, you can read his [blog post](https://www.jdno.dev/leaving-the-rust-foundation/).
112+
113+
### docs.rs infrastructure modernization
114+
115+
[docs.rs](https://docs.rs) is still deployed to a single, manually provisioned and managed EC2 instance.
116+
We want to collaborate with the [docs.rs](http://docs.rs) team to understand what kind of infrastructure would fit [docs.rs](http://docs.rs) better and provision it, to make [docs.rs](http://docs.rs) more robust and scalable.
117+
118+
### External hardware CI policy
119+
120+
Today, we run CI only on AWS and GitHub-hosted runners, which are operated by us.
121+
Unfortunately, these cloud providers don't support all Rust [targets](https://doc.rust-lang.org/rustc/platform-support.html), and emulation has limitations.
122+
To raise the tier of some of these targets,
123+
some organizations have offered to run the Rust CI on their own hardware.
124+
125+
We want to write a policy to define the requirements that the external hardware and the entity operating it must satisfy.
126+
E.g. if the hardware has an uptime of 50%, we can't run CI jobs on it, because it would block the development of Rust.
127+
128+
GitHub issue: [rust-lang/infra-team\#201](https://github.com/rust-lang/infra-team/issues/201)
129+
130+
### GCP Dev Desktops
131+
132+
Google donated the Rust Foundation some GCP credits for next year.
133+
We want to use part of the credits to spin up one or two dev desktops in GCP to give more VMs to contributors working on Rust.
134+
135+
Note that these machines can be discontinued in the future based on funding.
136+
137+
Learn more about Dev Desktops in the [Rust Forge](https://forge.rust-lang.org/infra/docs/dev-desktop.html).
138+
139+
### Conferences
140+
141+
Some members of the Infrastructure team will attend [EuroRust](https://www.eurorust.eu/) and [RustLab](https://rustlab.org/).
142+
Feel free to reach out to us if you want to meet in person!
143+
144+
In particular, on November 4th, [Marco](https://github.com/marcoieni) is giving a talk at RustLab named *“1.5 years in the infra team: what we cooked and what’s next”*.
145+
146+
## Join us!
147+
148+
If you're interested in contributing to Rust's infrastructure, have a look at the
149+
[infra-team](https://github.com/rust-lang/infra-team) repository to learn more about us
150+
and reach out on [Zulip](https://rust-lang.zulipchat.com/#narrow/channel/242791-t-infra).
151+
152+
We are always looking for new contributors!

0 commit comments

Comments
 (0)