-
Notifications
You must be signed in to change notification settings - Fork 515
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Transition plan for moving Hyperledger Aries Cloud Agent Python to OpenWallet Foundation acapy #3250
Comments
@WadeBarnes and @ryjones -- love to get your input on the plan. Same with new maintainers @thiagoromanos and @ff137, and any other deployers. Does this make it as easy as possible? For those at the meeting today (@esune @jamshale @dbluhm @mepeltier @PatStLouis) -- note the subtle change I made to the repo that is to be kept at Hyperledger to be able to publish LTS releases. We'll create the fork immediately after the OWF move, but we'll only rename the repo to the current name when we have to publish an LTS release. That will allow the GitHub automatic redirect to work until that point -- which may be forever. 🤞 Feedback welcome! |
I don't think a rename back to |
Awesome! We were thinking that it would be needed for the GHCR namespace. If not — all the better! I’ve updated the plan in the issue description. |
Couple of housekeeping issues:
|
Thanks, @SeanBohan. Oh boy, a mission statement. :-). We’ll work on that. Can you direct me to some other Mission Statements of projects so we see the style of what is expected. We have the bi-weekly ACA-Pug meeting tomorrow and will check in with the community on all three issues. |
One of the trickier things is the LTS. When we fork the That's all good, but forking won't maintain any of the tags or releases. We'll need to manually create the tags and releases by commit id after forking. The existing images are still available after moving the repo. This is only to create new images and pypi packages. All the existing github secrets will also be lost. They'll also need to be re-made after forking for publishing workflows. We should make sure the forked repo no longer allows PR's except from a few users that will create patch releases. |
Can pypi packages be pushed like it is possible with Docker images? If so, we could just manually push the relevant packages/images to the ghcr for the forked repo - this is only advisable if we expect the LTS releases to be replaced by new ones in the relatively near future and therefore we'd have to manually push only a limited amount of times.
+1 to this. Also issue creation (at least from external contributors) should be prevented and redirected to the new repo? |
You can manually publish both the pypi package and the ghrc.io images. For pypi you need the publishing account username/password and for ghrc.io you need a repo PAT with package:read,write,delete privileges. Getting the github actions to work again and manually tagging the commits wouldn't be too hard with the correct repo rights either, but there is a few steps to do. Renaming the repo again after forking is critical for ghrc because that's how it decides the namespace. |
I've produced images for a repo where the image name doesn't exactly match the name of the repo. I think the org name must match but the repo name is not required to be in the image name. |
Another thing to consider is changing the project and package name will change the references in plugins. For the managed plugin repo we can do this ourselves but in unmanaged plugins like traction innkeeper they will break if they install the new package without updating the source code. |
I’m hoping this is not an issue:
The point of moving-and-forking-back before we merge the PRs that we’ve made for the move is that the forked version will not have changed from what was working in Hyperledger before the move. Is that not right? My hope is that the GHAs should still work, except for the repo name change from “aries-cloudagent-python” to “aries-cloudagent-python-lts”. |
I didn't describe this very well. The forking back will work yes if we do it before merging the PR's, but I'm pretty sure we lose the github secrets and the tags/releases after forking back. The existing artifacts for the releases will still work via redirects but to create new LTS releases via github actions I'm pretty sure we need to recreate the pypi secrets and the tags. |
@jamshale correct. I will ask you all to reconsider any plan to fork it back to Hyperledger. |
We don’t need all the tags — we just need the two (or perhaps 5) we already have, and we know where they belong. Can we not add back or get new secrets? And the tags we need are on branches. @ryjones — if we don’t have a hyperledger-based repo, how will we produce the needed PyPi and GHCR artifacts for LTS releases. We’re not doing the fork for fun — we think it is necessary. |
It might be possible to publish the releases from the repo in OWF. The PyPi packages for sure. As far as the images in the GHCR are concerned, provided the correct permissions are used it might be possible to publish an image to the Hyperledger repos from and OWF repo. Have not tried, but technically it could work. |
I think @ryjones has a point, we should try to do everything from the repo in OWF and then figure out what to do from there if we find something is not possible. |
Talking to @WadeBarnes and based on what @ryjones has said, here is what we now think is possible, without having to do a link:
Please review/confirm/adjust this and I'll update the description of this issue with the latest thinking. |
I think this is a good approach. It makes things a lot simpler. We could possibly generate the 0.11.lts and 0.12.lts artifacts for the new package and image names as well. Then someone on the hyperledger artifacts could move to the OWF artifacts without needing to upgrade. As mentioned before. It is possible to do both the pypi publish and image uploads via command line for the old locations if someone has the correct account credentials. This really shouldn't happen very often. |
@jamshale For GHCR, it looks like we add a token (not using the runtime token) with access. https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-container-registry I added ACAPY_PUB to OWF's secrets. the user is hyperledger-bot. You should be able to publish to Hyperledger's GHCR with that combination |
Hello guys, the ACA-Py demo link does not work: https://aca-py.org/latest/gettingStarted/AriesDeveloperDemos/ |
@claudiotorrens where did you find that link? |
@claudiotorrens it exists in 0.12.2 and 1.0.1? the correct link is https://aca-py.org/main/gettingStarted/ACA-PyDeveloperDemos/ as it was renamed |
Latest Update: 2024.10.09
This description will evolve as the transition of ACA-Py into the [OpenWallet Foundation] (OWF) and the transfer of the repo (now done) is made operational. Bookmark this issue to learn about the approach, the progress, the timeline, and guidance on what you should do in updating your deployment to reference the new home for the repository.
Goals/Decisions
acapy
— https://github.com/openwallet-foundation/acapyacapy_agent
(the name "acapy" is already taken at PyPi).acapy-plugins
(which has already been moved).Details
acapy_to_owf.md
that will contain updated information about the best practices in updating deployments to the new OWF home of the project/repository.aries-cloudagent
PyPi project.The text was updated successfully, but these errors were encountered: