Read our roadmap to understand how this work falls into priorities set by the Drupal Association with direction and collaboration from the Board and community. You can also review the Drupal project roadmap.
We kicked off Q2 by getting back to our first in-person DrupalCon in several years. For those of you who were able to join us in Portland, I hope you enjoyed an event that felt like a true community homecoming. And I hope you’re thinking of joining us for DrupalCon Prague in a few weeks.
If you missed the event, it’s not too late to catch up on some of the excitement. You can review the Drupal.org update panel where we talk about the engineering work we’re doing in support of the community. You can also read our recap blog, which includes some excellent highlights, as well as a link to the #Driesnote and some other amazing content from the event.
At the time of this writing we’re only a few weeks away from DrupalCon Prague 2022, where you can join us to see where this work has gone since Portland!
One of our key milestones in the GitLab acceleration initiative is moving project testing from DrupalCI to GitLabCI. In the second quarter of 2022 we focused on engaging community volunteers to help us understand their needs and the best strategy for this transition process.
GitLabCI is going to provide more flexible testing options, and put more control in the hands of maintainers.
But even as we give the community more tools, we need to make sure we manage our testing budget carefully, and maximize the resources provided by our members and supporters.
We have approximately 20 contrib projects who have opted in to help us test the tools, but before we roll this out to every project, we’re working with the GitLab team to add per-project CI limits. A merge request is in progress!
At DrupalCon Prague we’re going to be previewing the next phase of this project – the migration of Drupal.org issues to GitLab issues!
Secure signing for Automatic Updates
We’re now standing up the infrastructure to host this signing server and integrate it with Drupal.org’s packaging pipeline.
This effort to provide secure signing for php packages has seen collaboration across the Cloud Native Computing Foundation, TUF, OpenSSF, Drupal, Typo3, Joomla, and others.
Once in production, the Automatic Updates initiative will be able to enable fully unattended automatic updates.
If you or your organization is interested in supporting supply chain security for the PHP ecosystem, consider reaching out to: [email protected]
Drupal.org Sub-site updates
Drupal.org is not only the home of the community and the source of key tools for contribution, but it is also in and of itself a showcase of what Drupal can do.
Making sure that each of our properties is on the latest and greatest version of Drupal is part of showing of the power of Drupal.
In parallel with our development tooling initiatives, we’ve also been working on upgrades to some of the drupal.org subsites. Api.Drupal.org and Events.Drupal.org have both had significant overhauls – to be launched before the end of the year. The community has also made massive progress on localize.drupal.org.
Something many community members may not know is how much infrastructure is involved in each new release of Drupal.
Cutting a new release of Drupal Core involves running the CI suite against multiple environments, as well as packaging releases for multiple supported branches with their composer dependencies.
In Q2 we optimized the order of packaging operations, and the dependency resolution steps to improve packaging performance and prepare for integrating the signing process for automatic updates.
Release packaging is a behind the scenes element of managing the Drupal project, where there is a very close collaboration between the Drupal core release managers and Drupal Association staff.
Making this process as efficient as possible reaps benefits for our regular releases, and is also crucial for security release windows when we often need to make multiple versions available in quick succession.
Publishing non-Drupal PHP projects to Packagist
Fairly recently Drupal.org added a ‘general project’ content type.
Drupal.org now publishes these more general PHP libraries to packagist when relevant.
This capability is important as we build more generic components that can be used within Drupal and to bridge Drupal with other technologies.
It’s also important to the new ‘starter kit’ initiative where we want to publish ‘recipes’ directly to Packagist, that will install Drupal with a predefined stack of extensions and configuration.
More features for organizing community events
Drupal.org/community/events allows anyone in the Drupal ecosystem to submit their Camp, Training, Contribution Event, etc.
Working closely with the Events Organizer Working Group we’ve made a variety of improvements to this community event portal, including filtering and categories, improvements to the map, etc.
Especially as we come out of the pandemic – revitalizing these community events is going to be a key part of Drupal’s growth.
Drupal has always been made up of these grass-roots meet-ups, and regional events, and then culminating as people come together at DrupalCon.
User Database Clean-up prior to SSO solution launch
Drupal.org will shortly be implementing a new Single-Sign-On solution based on Keycloak.
As a precursor to this change, we need to do some maintenance and clean up to our user database. We’ve had a continues Drupal user table for nearly 20 years, and we’ve had to rationalize some data to fit the model for the new SSO solution.
A new SSO solution is part of our Drupal.org D9 upgrade strategy, but also gives us new tools to use to accommodate third-party services the community might want to use – such as new chat services, or even using Drupal.org identity for camp websites.
Membership system migration
We’ve upgraded the Drupal Association’s individual membership management system, and are now using Classy, a non-profit membership tool suite. This provides greater integration with Salesforce, and some new options for membership campaigns.
Improvements to our individual membership system are part of the road to greater recognition of individual partners, and to connect the dots between the individual contributors and the organizational partners they work for.
Drupal Steward invoicing improvements
Are you a Drupal Steward customer?
Drupal Steward is a web application firewall used by the DA and security team to provide protection for customer sites in the event of highly critical releases.
In Q2 we updated the invoicing format to better accommodate the common requirements of finance departments, making it easier for agencies and end-users to manage their Steward participation.
Drupal Steward is both a tool to provide peace of mind to site owners, and a tool to give agency teams more time to respond to a newly released highly critical update.
More options for understanding organization contribution history
We know many organizations are passionate about their contributions to Drupal.
That’s why we’ve added more filters to the ‘all credit view’ on each organization profile, to make it easier to understand an organization’s contribution history over time.
Contribution is the lifeblood of the project, and we want to equip organizations with all the tools they need to be successful.
We have another big improvement for organizational credit coming at the end of Q3, so keep an eye out!
See you in Prague!
Members of the Drupal Association engineering team will be on the ground at DrupalCon Prague from September 20-23 of this year. There’s still time to join us and chat about these and other updates on the horizon. We’d love to see you there!
As always, we’d like to thank all the volunteers who work with us and the Drupal Association Supporters who make it possible for us to work on these projects. In particular, we want to thank:
If you would like to support our work as an individual or an organization, consider becoming a member of the Drupal Association.