Jon, I think you're misunderstanding the point of the "No Deployment on
Friday" policy.
Let's look from far, Why is a work day a no-deploy day? Why are we limiting
ourselves to a four-day week while we can use our full potential? The
reason is that if we deploy something to production on Friday and if it
breaks production, then there is no one around to fix the issue over the
weekend. So far it's rather obvious.
In other words, the requirement for having a time to deploy changes is to
have some buffer until the weekend *to fix issues caused by changes
deployed*. That buffer is Friday. It's made a no deployment day so you
could push urgent fixes (including train blockers). Of course, the fix
should not be too big to cause issues later.
Fridays are not "no deployment day" in the same of sense Sunday is a "no
deployment day". It's the buffer to fix UBN issues, not a long weekend. If
you're fixing an UBN issue, then please go ahead and deploy on Friday. The
ultimate goal of RelEng policies is to have major issues live in production
for the shortest possible time. Refusing to deploy a major fix on a Friday
does the exact opposite of that.
Regarding Catalan and Hebrew Wikipedia, the other Amir said it well, I
don't think I have much to add beside the fact that I have personally seen
them finding major issues before they hit all Wikipedia languages many
times, more than I can count.
HTH
On Tue, Jun 22, 2021 at 11:11 PM Scott Bassett <sbassett(a)wikimedia.org>
wrote:
On Tue, Jun 22, 2021 at 3:03 PM Jon Robson
<jrobson(a)wikimedia.org> wrote:
A few questions to provoke discussion/share
knowledge better:
* Why does the train run Tue,Wed, Thur rather than Mon,Tue,Wed
I'd note here that the standard security deployment window is Monday
between 21:00 and 23:00 UTC. That date and time is not a hard requirement
by any means, but having such a window exist early in the week, prior to
the start of the train, has worked out well for a few reasons. It's both
convenient and less risky to only deploy security patches to a single wmf
production branch, which is the case most Mondays. It's also less risky
having the space to monitor patches and roll them back or re-patch during
the week, as opposed to say, on a Friday, with substantially reduced
coverage going into most weekends. Of course there are times when critical
security issues need to be dealt with on a Friday or even over the weekend,
but in general, the Security Team likes to avoid this. Moving the train to
a Mon, Tue, Wed cadence would imply the security window be moved to the
previous Friday or possibly Thursday, which is doable, but not desired for
the aforementioned reasons.
--
Scott Bassett
sbassett(a)wikimedia.org
_______________________________________________
Wikitech-l mailing list -- wikitech-l(a)lists.wikimedia.org
To unsubscribe send an email to wikitech-l-leave(a)lists.wikimedia.org
https://lists.wikimedia.org/postorius/lists/wikitech-l.lists.wikimedia.org/
--
Amir (he/him)