Title slide Subtitle Add speaker name here Title slide Drupal - PowerPoint PPT Presentation

Title slide Subtitle Add speaker name here

Title slide Drupal Core Auto-Update Architecture Subtitle Peter Wolanin David Strauss Add speaker name here Mike Baynton

Background ● Drupal Core has no way to update itself, automatically or with human attendance. ○ Site operators must decide on an approach using some third-party tool Title slide Subtitle Add speaker name here

Recap: State of the Initiative Through DrupalCon Nashville ● January 2018 : Automatic updates Initiative Roadmap created on drupal.org 1 ○ Initially sparse on architectural approaches Title slide ● August 2018 : Milestone planning at Midwest Drupal Summit Subtitle ● April 2018 : Various architectural proposals at DrupalCon Nashville 2 ● April 2019 : Initiative BOF at DrupalCon Seattle Add speaker name here 1 https://www.drupal.org/project/ideas/issues/2940731 2 https://events.drupal.org/nashville2018/sessions/drupal-core-auto-update-architecture

In the past year, we've ... ● Met at Midwest Drupal Summit and completed the Initiative Roadmap ○ Three parallel efforts in mid/long-term track ○ Preparatory UI & UX tasks also identified Title slide ● Secured funding to accelerate development Subtitle ○ Sponsored by The European Commission 1 ○ Ran RFP and selected Tag1 Consulting ○ Preparatory task development in-progress Add speaker name here 1 https://www.drupal.org/european-commission

In the past year, we've ... ● Developed 7.x module for one-click core updates ○ https://www.drupal.org/project/core_update ● Developed several Proof-of-concepts Title slide ○ php-rot: amortizes the work of converging a source tree to a lockfile-defined Subtitle state, isolates active vs. writable partitions (David Strauss) 1 ○ Request filtering for highly critical security issues (Axel Rutz, Miro Dietiker) 2 ○ Opcache-aware digital signature verification during autoloading 3 , Composer memory reduction 4 (Mike Baynton) Add speaker name here 1 https://github.com/php-rot/rot 3 https://github.com/curator-wik/composer-signature-verified-autoloader 2 https://www.drupal.org/project/drupal/issues/2999453 4 https://github.com/composer/composer/pull/8053

The Roadmap Today From the official issue (node/2940731) ● Many ideas, long. ● High-level overview: two halves Title slide ○ Foundational Support in the (relatively) short term ○ Three parallel efforts in a mid/long term track Subtitle Add speaker name here

The Roadmap Today From the official issue (node/2940731) Foundational Support in the (relatively) short term: ● Show Public Service Announcements in Drupal and alert site owners that new PSAs are available. ○ In progress Title slide ● Add a “pre-flight check” to evaluate whether a site can be automatically Subtitle updated safely ○ In planning, development starting late April ● In-place, automated core update (with limitations) Add speaker name here ○ In planning, development mid June through November

The Roadmap Today From the official issue (node/2940731) Three parallel efforts mid/long term 1. Improving the manual update process by making Update Manager able to update D7 core Title slide 2. Restructuring Drupal to better support Subtitle Composerized management of the codebase. 3. Creating an unattended auto-update installer and a small immutable Add speaker name here “bootloader.”

The Roadmap Today From the official issue (node/2940731) Three parallel efforts mid/long term 1. Improving the manual update process ● There is a module that does this now by making Update Manager able to ● Drupal 7’s EOL approaches update D7 core Title slide 2. Restructuring Drupal to better support How about we drop this? The roadmap Subtitle Composerized management of the looks more achievable that way. codebase. 3. Creating an unattended auto-update installer and a small immutable Add speaker name here “bootloader.”

The Roadmap Today From the official issue (node/2940731) Three parallel efforts mid/long term 1. Improving the manual update process by making Update Manager able to update D7 core ● Yes! Title slide ● But, it’s not necessarily a hard 2. Restructuring Drupal to better dependency to continued progress on Subtitle support Composerized management automatic updates. of the codebase. 3. Creating an unattended auto-update How about we refocus our immediate installer and a small immutable efforts on delivering a minimum viable Add speaker name here “bootloader.” product.

The Roadmap Today From the official issue (node/2940731) Three parallel efforts mid/long term ● This gets to the meat of it! 1. Improving the manual update process ● Bootloader enables active/inactive by making Update Manager able to codebase & may compensate for update D7 core Title slide decreased security of writable files. ● Much of the work should hold up well 2. Creating an unattended auto-update Subtitle when comprehensive Composer installer and a small immutable support is added. “bootloader.” 3. Restructuring Drupal to better support Recommendation: Reformulate the Composerized management of the Add speaker name here roadmap and add a deliverable after this codebase. stage

The Roadmap Today From the official issue Sponsored Development 1. Improving the manual update process by making Update Manager able to update D7 core Title slide ● Drupal 7 & 8, but will not be committed 1. In-place, automated core update to 7 Core 2. Creating an unattended auto-update Subtitle ● Method in planning 1 installer and a small immutable “bootloader.” 3. Restructuring Drupal to better support Composerized management of the Add speaker name here codebase. 1 https://www.drupal.org/project/automatic_updates/issues/3043235

Proposed New Roadmap In-place Active/Inactive codebase, Automatic Updates bootloader Won’t support Composer Evolution of in-place updates Title slide ➲ Funded effort ➲ Gently introduce the ➲ Likely last part backported to Subtitle bootloader model & signing D7 ➲ Basic “smoke test” of new version before going live ➲ Rely on symlinks at this stage to defer complications Add speaker name here with serving static files

Proposed New Roadmap Partial Composer support Full Composer support With simple vendored updates Strive to support any code Title slide ➲ composer.lock updated update ➲ Composer used to make new ➲ Need Composer solver to fit Subtitle autoloader in web contexts ➲ Move active asset files into ➲ Try to retain Composer plugin docroot to stop requiring support symlinks Add speaker name here

Active/Inactive Codebase ...without restructuring Drupal? ( ) Complicating factors: ● How are assets dealt with? (css/js/images) Title slide ● Don’t we need to vendorize core first? Subtitle To run on every web server, yes. To run on most web servers, symlinks can be a stepping stone. Add speaker name here

Active/Inactive Codebase ...without affecting URLs? ( ) ● The symlink ./current controls which codebase is |-- current -> a |-- html active | |-- index.php (the bootloader) | |-- autoload.php ○ Used directly for served web assets | |-- core -> ../current/core | |-- sites | |-- modules/custom/ | |-- modules/contrib -> ../current/modules ● Things in the docroot mostly symlink through Title slide | |-- themes/custom/ ./current | |-- themes/contrib -> ../current/themes |-- a Subtitle ○ Uploaded files remain | |-- core | |-- index.php | |-- modules (contrib) | |-- themes (contrib) ● Composer can already be used to manage this | |-- vendor | `-- [...] ○ https://github.com/mbaynton/drupal-project-ab.git |-- b | |-- (same as a) |-- composer.json Add speaker name here |-- composer.lock

Auto Updater, Part Deux: Things we can do with the symlink layout In: Out: ● Some updates to vendored packages ● Composer’s dependency evaluation ○ When backwards-compatible without ● Signature verification of non-core Title slide dependency changes. PHP files ○ Directly update code & composer.lock, ● Support for multi-webserver Subtitle dump new autoloader with Composer. deployments ● Won’t break Composer CLI ● Validating autoloader “0.5” ○ Part of immutable “bootloader” ○ Drupal Core files protected from Add speaker name here tampering by verifying digital signatures.

How Can I Get Involved? Test things out Planning assistance ● Pre-flight checks 4 Kick the tires now on Title slide ● Issues in the Automatic Updates queue 1 Contributions welcome! Subtitle Symlink layout 2 ● ○ d.o/project/ideas/issues/2940731 ● Drupal 7 manual core update ○ #autoupdates on Slack, monthly module 3 meetings first Thursday at 3PM Central We need an Initiative Coordinator ○ And this week in Seattle! Add speaker name here 1 https://www.drupal.org/project/issues/automatic_updates?status=8 3 https://www.drupal.org/project/core_update/ 2 http://github.com/mbaynton/drupal-project-ab 4 https://www.drupal.org/project/automatic_updates/issues/3043521

Questions? Title slide Subtitle Add speaker name here

Join us for contribution opportunities Friday, April 12, 2019 Title slide Mentored First time General Core sprint sprinter workshop sprint Subtitle 9:00-18:00 9:00-12:00 9:00-18:00 Room: 602 Room: 606 Room: 6A #DrupalContributions Add speaker name here http://vuln.rocks/crackdru