The Contributor Summit Project Month was a resounding success! Eight projects were started and six hit their goals and made releases. I'll tell you more about those in a moment, but for now — just what the heck is this project month anyway?
Transitioning from the PuppetConf format to Puppetize Live meant that we had an opportunity to take a fresh look at how Contributor Summit was run. In previous years we hosted all day summits, with short and intensive hack sessions. These were great fun and good for getting one's hands dirty with new technologies, but one major problem was how transient they were. They encouraged quick and experimental proof-of-concept projects that often didn't ever see the light of the next day.
The community team at Puppet was challenged to do better, and to that end we turned to the model of NaNoWriMo, or National Novel Writing Month — a framework encouraging authors or aspiring authors to jumpstart their creativity by sprinting through the composition of a full novel. What if we could do the same, but for projects contributing to the world of DevOps? What if Puppet could chip in resources to support it, and what if we could foster sustainability and maintainability of these projects? What if?
We got to work and built a project template and we secured commitments to help out from engineers and project managers and tech writers and others across the company. We put together a plan for checking in with participants and making sure they had everything they needed. We assembled some documentation. And then at Puppetize Live, we kicked off the project month.
Right from the start it was clear that we'd hit on something special. Three of the participants had never created a Puppet module before, and a handful of others personally thanked us for prompting them to actually start the project they'd been thinking of for a while. A couple participants were even long-time users who were just glad to have an excuse to build something fun again.
We hosted some topic-focused webinars and provided a forum for participants to chat with one another or to request help. We checked in to see how the projects were going, and offered help as needed — like pull request reviews, information on becoming part of the Vox Pupuli collective, help troubleshooting issues, etc. And most importantly, we learned a lot about how to run events like this in the future.
In the end, we came out with six great projects that each provided genuine value to the world of DevOps, and a couple more are still incubating. I'd like to tell you about these now.
Basic Auth Puppet module
Basic auth is, like its name suggests, a rudimentary but easy to use way for providing a small amount of security on content in a website. It's commonly configured via small
.basicauth files. Patrick Pepels and Edwin Koster built a module that manages these in a robust way. Their plan for the near future is incorporating Deferred functions (new in Puppet 6) to allow for client side password lookups from Vault or other providers and contributing their module to Vox Pupuli. They found that feedback and code reviews not only helped advance the project, but helped them improve by seeing how others might have solved a problem.
See more or get involved: https://github.com/kaliber-puppetmodules/basicauth
vRealize Log Insight Agent module
vRealize Log Insight is an enterprise log management and analysis application. It's extensible and provides a dashboard and deep operational visibility. It's not something that you can install with yum or apt, however, and so there hasn’t been a Puppet module for it. Colin Cowell decided to change that and built a module to manage its agent. With no system packages available, it requires you to provide the installation files, and allows you to configure many aspects of the agent's configuration.
See more or get involved: https://github.com/belfast77/liagent
EJBCA External CA module
Puppet 6 now fully supports external and chained certificate authorities. It's relatively easy to configure, but standing up the external CA is its own beast. Romke van Dijk stepped in to write a module for managing the EJBCA PKI infrastructure. This is one of the more popular, high performance, and robust of the freely available enterprise solutions and now thanks to Romke, you can manage it with Puppet.
See more or get involved: https://github.com/zyronix/puppet-ejbca
Improved acceptance testing for the puppet/openvpn module
Vox Pupuli has been maintaining this module for quite some time. Fabian Combernous added a client/server acceptance test using Beaker to verify that managed VPN connections are actually established between the server and an agent, and pass network traffic appropriately. In this endeavour, he learned a lot about less common usages of Beaker and immediately turned those skills towards improving tests in other modules.
See the test he contributed: https://github.com/voxpupuli/puppet-openvpn/pull/310
RPM Metadata Types
RPM maintains a database of package metadata and includes a lot of functionality around that metadata. This allows you to use the rpm command to do things such as ensure that files installed by packages have the proper permissions and have not been corrupted. Sean Millichamp wrote a new group of Puppet types that allow you to harness those capabilities to do things like protect RPM-installed files from purging with a
tidy resource, or to raise an error if files installed by a package have been altered.
See more or get involved: https://github.com/seanmil/rpm_metadata_types
Webhook Server module
At Puppet Hack last year, David Hollinger built an r10k code deployment webhook server. This responds to update notifications from your control repository and triggers r10k deploys on your master and any compile masters. If you set it up, it will even handily notify you of this action in your Slack ChatOps channel! This year for our Project Month, he built and released a Puppet module to manage and configure the webhook server.
See more or get involved:
Project Month was a hit and gave us plenty of opportunities to learn and improve for next year. It turns out that a lot of us prefer to work on our own schedule! This year we had a suggested schedule with milestones and did a lot of outreach. But in reality, most of the participants were more comfortable asking for help when they needed it. Our next iteration will adapt to that preference. For example, here are a couple of the changes we've got slotted in for next time:
- Add a calendar with a few more webinar or workshop type events
- Create a more complete portfolio of independent resources for the event
- Make it easier to request specific on-demand assistance
- Share a couple starter projects showing you how to integrate with new products and technology
- Make it a little easier to request a code review on a PR by @mentioning the Puppet community team and describing what sort of review you need.
And finally, we'll further streamline the process to get involved.
We hope to see you there. This was a fun experiment and we're excited to apply what we learned to make it even more fun next year! Thanks to all the amazing people who participated and made this such a great event, and thanks for adding value to this wild world we're building together.
Ben Ford is a developer advocate at Puppet.
Check out any of the projects or learn more at their repositories.
- Basic Auth module
- vRealize Log Insight Agent module
- EJBCA External CA module
- Improved OpenVPN module testing
- RPM Metadata Types
- Puppet WebHook and module
Read more about Contributor Summit Online.