TODO to fix in the documentation
Todo
Another possible idea is to use collections for the output of each task, either automatically or via a parameter to the task.
Todo
Document (and possibly fix) what happens when workers are restarted while running a task.
Todo
We should have a simpler way to manage signing keys: perhaps they should be stored in artifacts and referenced using lookups.
Todo
Add new explanation pages to cover:
architecture (server, worker, client)
Todo
Add new reference pages to cover:
debusine-client configuration file
debusine-server configuration file
debusine-worker configuration file
Todo
The definition of this category is not yet fully agreed. We’ll revisit it when we’re closer to being able to try out an implementation so that we can see how the lookup mechanisms will work.
Todo
The whole expiration point needs some redesign, tracked in issue #346
Todo
We’ll eventually need to deal with removing private keys from the signing service when they’re no longer referenced by anything in the debusine database, but it’s not clear exactly what the lifetime rules should be. See https://salsa.debian.org/freexian-team/debusine/-/merge_requests/616#note_497019.
Todo
Specify how to configure keys to be used with a YubiKey.
Todo
Add more precise details of how this is recorded.
Todo
This will need additional parameters once we start supporting HSMs.
Todo
Consider some of the steps that we expect to implement and double check that they can be implemented in such a framework.
Todo
architectures should be optional, but discovering the available
architectures without having to implement delicate GPG verification code
ourselves is hard; see message #49 in #848194.
Todo
Document exactly how transactional updates of collections work in general: tasks need to see a coherent state, and simple updates to collections can be done in a database transaction, but some longer update tasks where using a single database transaction is impractical may need more careful handling. See discussion in !517.