114 lines
4.7 KiB
Markdown
114 lines
4.7 KiB
Markdown
---
|
|
title: "Governance"
|
|
linkTitle: "Governance"
|
|
weight: 100
|
|
description: >
|
|
Project history, architecture decisions, compliance, and audit information.
|
|
---
|
|
|
|
{{% alert title="Draft" color="warning" %}}
|
|
**Editorial Status**: This page is currently being developed.
|
|
|
|
* **Jira Ticket**: [TICKET-6737](https://jira.telekom-mms.com/browse/IPCEICIS-6737)
|
|
* **Assignee**: Sophie
|
|
* **Status**: Draft - Structure only
|
|
* **Last Updated**: 2025-11-16
|
|
* **TODO**:
|
|
* [ ] Migrate relevant ADRs from docs-old
|
|
* [ ] Document project history and phases
|
|
* [ ] Add deliverables mapping
|
|
* [ ] Include compliance documentation
|
|
{{% /alert %}}
|
|
|
|
## Governance Overview
|
|
|
|
This section provides information for auditors, governance teams, and stakeholders who need to understand the project's decision-making process, history, and compliance.
|
|
|
|
## Architecture Decision Records (ADRs)
|
|
|
|
Documentation of significant architectural decisions made during the project, including context, options considered, and rationale.
|
|
|
|
## Project History
|
|
|
|
### Development Process
|
|
|
|
The EDP was developed using collaborative approaches including mob programming and iterative development with regular user feedback.
|
|
|
|
### Project Phases
|
|
|
|
* Research & Design
|
|
* Proof of Concept
|
|
* Friendly User Phase
|
|
* Production Rollout
|
|
|
|
### Deliverables Mapping
|
|
|
|
Mapping to IPCEI-CIS deliverables and project milestones.
|
|
|
|
## Compliance & Audit
|
|
|
|
### Technology Choices
|
|
|
|
Documentation of technology evaluation and selection process for key components (e.g., VictoriaMetrics, GARM, Terraform, ArgoCD).
|
|
|
|
#### Forgejo
|
|
|
|
The internal service is officially designated as the [Edge Developer Platform (EDP)](../components/forgejo/_index.md). It is hosted at **[edp.buildth.ing](https://edp.buildth.ing)**. The domain selection followed a democratic team process to establish a unique identity distinct from standard corporate naming conventions.
|
|
|
|
**Solution selection:**
|
|
|
|
The decision to utilize **[Forgejo](https://forgejo.org/)** as the core self-hosted Git service was driven by specific strategic requirements:
|
|
|
|
* **EU-Based Stewardship:** Forgejo is stewarded by **[Codeberg e.V.](https://docs.codeberg.org/getting-started/what-is-codeberg/)**, a non-profit organization based in Berlin, Germany. This alignment ensures compliance with GDPR and data sovereignty requirements, placing governance under EU jurisdiction rather than US tech entities.
|
|
* **License Protection (GPL v3+):** Unlike "Open Core" models, Forgejo uses a copyleft license. This legally protects our custom extensions (such as GARM support) from being appropriated into proprietary software, ensuring the ecosystem remains open.
|
|
* **Open Source Strategy:** The platform aligns with the "Public Money, Public Code" philosophy, mandating that funded developments are returned to the community.
|
|
|
|
**Access Model:**
|
|
|
|
The platform operates on a hybrid visibility model:
|
|
|
|
* **Public Access:** The [`DEVFW-CICD`](https://edp.buildth.ing/DevFW-CICD) organization is publicly accessible, fostering transparency.
|
|
* **Private Access:** Sensitive development occurs in restricted organizations (e.g., [`DEVFW`](https://edp.buildth.ing/DevFW)).
|
|
* **User Base:** Primary users include the internal development team, with friendly user access granted to the IPCEI team and MMS BT.
|
|
|
|
### Security Controls
|
|
|
|
Overview of implemented security controls and compliance measures.
|
|
|
|
### Ticket References
|
|
|
|
Cross-references to Jira tickets, epics, and project tracking for audit trails.
|
|
|
|
## Community & External Relations
|
|
|
|
### Open Source Contributions
|
|
|
|
Contributions to the Forgejo community and other open-source projects.
|
|
|
|
#### Forgejo
|
|
|
|
We actively contributed our extensions back to the upstream Forgejo project on **[Codeberg.org](https://codeberg.org/)**.
|
|
|
|
**Key Pull Requests:**
|
|
|
|
* **API Compatibility:** Added GitHub-compatible endpoints for runner registration.
|
|
* [PR #9409: Feat: Add endpoints for GARM](https://codeberg.org/forgejo/forgejo/pulls/9409)
|
|
* **Webhook Support:** Implemented webhook triggers for workflow events.
|
|
* [PR #9803: Feat: Add webhook support for workflow events](https://codeberg.org/forgejo/forgejo/pulls/9803)
|
|
* **Ephemeral Runners:** Added support for runners that terminate after a single job.
|
|
* [PR #9962: Feat: Support for ephemeral runners](https://codeberg.org/forgejo/forgejo/pulls/9962)
|
|
|
|
### External Stakeholders
|
|
|
|
User experience research and feedback integration.
|
|
|
|
## Documentation Template
|
|
|
|
When creating governance documentation:
|
|
|
|
1. **Context**: Background and situation
|
|
2. **Decision/Event**: What was decided or what happened
|
|
3. **Rationale**: Why this decision was made
|
|
4. **Alternatives**: Other options considered
|
|
5. **Consequences**: Impact and outcomes
|
|
6. **References**: Links to tickets, discussions, external resources
|