Merge branch 'master' of https://github.com/magento/architecture into my-promises

Author: Oleksandr Gorkun

.github/ISSUE_TEMPLATE/custom.md

@@ -1,6 +1,9 @@
 ---
 name: Custom issue template
 about: Just an empty template for any kind of issue
+title: ''
+labels: ''
+assignees: ''
 
 ---
 

.github/ISSUE_TEMPLATE/meeting-notes.md

@@ -1,14 +1,13 @@
 ---
 name: Meeting Notes
 about: Topic requests and meeting notes from meetings
+title: ''
+labels: meeting notes
+assignees: ''
 
 ---
 
 _Please add your topic as a comment to the issue. Use following format:_
 Topic description and link to PR, if any (duration in min)
 
-## Meeting Notes
-
-* _note one..._
-
 Recording: TBD

design-documents/cookies.md

@@ -5,28 +5,30 @@ Original document: https://docs.magento.com/m2/ce/user_guide/stores/cookie-refer
 The goal of this document is to align cookies existing in Magento to features relying on them, so a customer may choose to disable a feature and not populate a specific cookie.
 
 
-| Cookie  | Module |
-| ------- | -------- |
-| `guest-view` | `Magento_Sales` |
-| `login_redirect` | `Magento_Customer`, `Magento_Checkout`  |
-| `mage-messages` | `Magento_Theme` |
-| `mage-translation-storage`  | `Magento_Translation` |
-| `mage-translation-file-version` | `Magento_Translation`. Description: Tracks version of translations in local storage. |
-| `product_data_storage`  | `Magento_Catalog` |
-| `recently_compared_product`  | `Magento_Catalog` |
-| `recently_compared_product_previous`  | `Magento_Catalog` |
-| `recently_viewed_product`  | `Magento_Catalog` |
-| `recently_viewed_product_previous`  | `Magento_Catalog` |
-| `stf`  | `Magento_SendFriend` |
-| `X-Magento-Vary` (note: original document has typo)  | `Magento_PageCache` |
-| `amz_auth_err`  | Amazon Pay CBE |
-| `amz_auth_logout`  | Amazon Pay CBE |
-| `form_key`  | Multiple modules. Any module that has forms should use it. |
-| `mage-cache-sessid` | `Magento_Customer`, `Magento_Persistent` |
-| `mage-cache-storage`  | `Magento_Customer`, `Magento_Persistent`, `Magento_NegotiableQuote` |
-| `mage-cache-storage-section-invalidation`  | `Magento_Customer` |
-| `persistent_shopping_cart`  | `Magento_Persistent` |
-| `private_content_version`  | `Magento_PageCache`, `Magento_Customer` |
-| `section_data_ids`  | `Magento_Customer` |
-| `store`  | `Magento_Store` |
-| `mage-banners-cache-storage` | `Magento_Banner` (Magento Commerce). Description: Local storage for Banner functionality. |
+| Cookie  | Is Secure | HTTP Only | Expiration Policy | Module | Related configuration |
+| ------- | --------- | --------- | ----------------- | -------- | ------------- |
+| `guest-view` | No | Yes | Session | `Magento_Sales` | Guest orders view. Used in "Orders and Returns" widget. |
+| `login_redirect` | No | No | Session | `Magento_Customer`, `Magento_Checkout`  | Used in minicart for logged in customers if "Shopping Cart Sidebar" > "Display Shopping Cart Sidebar" is set to "Yes" |
+| `mage-messages` | No | No | Duration: 1 year. Cleared on frontend when the message is displayed to the user. | `Magento_Theme` | No option to disable |
+| `mage-translation-storage` (local storage) | No | No | Per local storage rules | `Magento_Translation` | Used when "Translation Strategy" configured as "Dictionary (Translation on Storefront side)". |
+| `mage-translation-file-version` (local storage) | No | No | Per local storage rules | `Magento_Translation`. | Tracks version of translations in local storage. Used when "Translation Strategy" configured as "Dictionary (Translation on Storefront side)". |
+| `product_data_storage` (local storage) | No | No | Per local storage rules | `Magento_Catalog` | |
+| `recently_compared_product` (local storage) | No | No | Per local storage rules | `Magento_Catalog` | |
+| `recently_compared_product_previous` (local storage) | No | No | Per local storage rules | `Magento_Catalog` | |
+| `recently_viewed_product` (local storage) | No | No | Per local storage rules | `Magento_Catalog` | |
+| `recently_viewed_product_previous` (local storage) | No | No | Per local storage rules | `Magento_Catalog` | |
+| `stf` | Yes | Yes | Session | `Magento_SendFriend` | |
+| `X-Magento-Vary` (note: original document has typo) | Yes | Yes | Based on PHP setting `session.cookie_lifetime` | `Magento_PageCache` | |
+| `amz_auth_err` | No | No | 1 year | Amazon Pay CBE | Used if "Enable Login with Amazon" is enabled. |
+| `amz_auth_logout` | No | No | 86400s (24h) | Amazon Pay CBE | Used if "Enable Login with Amazon" is enabled. |
+| `form_key` | No | No | PHP: based on PHP setting `session.cookie_lifetime`. JS: session | Page Cache | |
+| `mage-cache-sessid` | No | No | Session | `Magento_Customer`, `Magento_Persistent` | |
+| `mage-cache-storage` (local storage) | No | No | Per local storage rules | `Magento_Customer`, `Magento_Persistent`, `Magento_NegotiableQuote` | |
+| `mage-cache-storage-section-invalidation` (local storage) | No | No | Per local storage rules | `Magento_Customer` | |
+| `section_data_ids` | No | No | Session | `Magento_Customer` | |
+| `persistent_shopping_cart` | Yes | Yes | Based on Admin configuration in `Persistent Shopping Cart > General Options > Persistence Lifetime (seconds)` | `Magento_Persistent` | |
+| `private_content_version` | Yes (based on the request)/No | No | PHP: 1 year/315360000s (10 years); JS: 1 day; JS local storage: per local storage rules (forever) | `Magento_PageCache`, `Magento_Customer` | It is set in multiple places: in PHP, in JS as a cookie, and in JS to local storate |
+| `store` | No | Yes | 1 year | `Magento_Store` | |
+| `mage-banners-cache-storage` (local storage) | No | No | Per local storage rules | `Magento_Banner` (Magento Commerce). Description: Local storage for Banner functionality. | |
+
+HTTP Only = "Yes (based on the request)" means that the cookie is secure if set during HTTPS request, and unsecure if set during HTTP request.

design-documents/dependabot-slack.md

@@ -0,0 +1,65 @@
+# Dependabot + Slack
+
+[Dependabot](https://dependabot.com/) provides a functionality to track dependencies from `composer.json` and create PRs to the tracked repositories.
+But it does not provide a notification mechanism. As [Slack](https://slack.com/) is the most popular corporate messenger and Magento uses it, and has a lot of customizations like bots and applications, it make sense to integrate a notification mechanism about newly created PRs.
+Fortunately, Github already has a [mechanism](https://slack.github.com/) for Slack notifications.
+
+In general this schema works like this:
+
+![Dependabot+Slack](img/dependabot_slack.png)
+
+Dependabot creates a PR with updated dependencies (one PR for one dependency), Github sends a notification to a Slack channel. As Dependabot and Slack are integrated with Github and don't depend on each other, they can be replaced/extended by other tools like [Greenkeeper](https://greenkeeper.io/) and
+[Jira](https://marketplace.atlassian.com/apps/1219592/github-for-jira?hosting=cloud&tab=overview).
+
+## General workflow
+
+The next diagram shows how the more detailed workflow looks like:
+
+![Dependabot+Slack Schema](img/dependabot_slack_schema.png)
+
+ - Dependabot tracks `composer.json` dependencies for a specified repository
+ - For a new versions of dependencies it creates a PR
+ - Github built-in mechanism tracks newly created PRs and send a notification to Slack app
+ - Github Slack app publishes a message in a channel according to the subscription rules (see Slack Integration section)
+ - Custom labels (the default label is `dependencies`) or review assignees
+ 
+## Dependabot Integration
+
+Dependabot requires Github authorization and permissions to the needed repositories. Each tracked repository has own configuration. The configuration settings include:
+
+ - Update schedule settings: live, daily, weekly, monthly
+ - Branch to track
+ - Filters, like security updates, top-level dependencies
+ - Different updating strategies for `composer.json`
+
+## Github Slack Integration
+
+Github Slack integration also requires authorization and permissions to tracked repositories. Also, Github app should be installed for Slack workspace. More installation details can be found in the [documentation](https://github.com/integrations/slack#installing-the-github-integration-for-slack).
+
+Github app provides the following commands to track interested repositories:
+
+ - issues - Opened or closed issues
+ - pulls - New or merged pull requests
+ - statuses - Statuses on pull requests
+ - commits - New commits on the default branch (usually master)
+ - deployments - Updated status on deployments
+ - public - A repository switching from private to public
+ - releases - Published releases
+ - reviews - Pull request reviews
+ - comments - New comments on issues and pull requests
+ - branches - Created or deleted branches
+ - commits:all - All commits pushed to any branch
+ 
+To track PRs with updated dependencies the following command might be used:
+
+```bash
+/github subscribe magento/magento pulls
+```
+
+Github app will notify about all newly created PRs in subscribed repository. Unfortunately, there is [no a possibility](https://github.com/integrations/slack/issues/384) to track PRs only with specific labels. A separate repository might be used as a temporal solution.
+
+## Summary
+
+Such schema covers tracking all dependencies from `composer.json`, automatically creates a PR with updated dependency and sends notification to a Slack channel. Also, this solution does not require custom tool or application and hardware resources. The solution does not cover indirect dependencies like MySql, ElasticSearch, etc. which are not specified in `composer.json`.
+
+As tracking and notification mechanisms are independent, the more sources can be added in the future (like npm dependencies) and notifications can be send to different sources (like Jira).

design-documents/distributed-deployment-configuration.md

@@ -0,0 +1,75 @@
+# Distributed deployment
+
+## Problem
+
+We want support distributed deployment of Magento: admin UI, cron, storefront UI, web API, and CLI.
+
+Benefits
+* Splitting modules decreases number of dependencies
+* When deploying area specific instances, unnecessary dependencies not loaded and it should improve performance
+* We don't have private interfaces (admin UI, cron) exposed, should improve security
+* It's a step towards splitting monolith into services
+
+This proposal solves problem of adding necessary configuration to allow distributed deployment.
+
+## Design
+
+To distinguish between different instances, we have these options
+
+1. Don't add any special information on instances, developer always knows which instance is which.
+2. Introduce marker component packages to mark instances (`magento/admin-ui`, `magento/storefront-ui`, `magento/cron`, etc).
+3. Use projects, if we publish different projects, we can just use them _recommended_.
+
+Approaches to specify where extension parts need to be installed
+1. Reuse existing type field in composer configuration. Will need to add more types (`magento2-admin-ui-module`, `magento2-storefront-ui-module`, `magento2-cron-module`, etc).
+    
+    Cons
+    * Will not work for specifying on which services extension parts need to be installed
+    * Might need require adding configuration on instances to track which extensions installed on the system
+    
+2. Extend composer configuration _recommended_
+
+    Modules would define on which instances they need to be installed.
+    
+    CatalogExtensionAdminUi/composer.json
+    ```
+    {
+        "name": "vendor/catalog-extension-admin-ui",
+        ...
+        "extra": {
+            "instances": [
+                "admin-ui"
+            ]
+        }
+    }
+    ```
+    
+    To track which extensions installed on distributedly deployed Magento, developer can add metapackage names in composer.json files on instances.
+    
+    admin-ui-instance/composer.json
+    ```
+    {
+        "name": "magento/admin-ui-project",
+        "type": "project",
+        "require": {
+            "vendor/catalog-extension-admin-ui": "*",
+            ...
+        },
+        ...
+        "extra": {
+            "extensions": [
+                "vendor/catalog-extension"
+            ]
+        }
+    }
+    ```
+    
+    Pros
+    * The same approach can be used later to define on which services which extension parts need to be installed.
+    
+3. If packages named by convention (`vendor/catalog-extension-admin-ui`, `vendor/catalog-extension-storefront-ui`, `vendor/catalog-extension-cron`, etc), developer can figure out where extension parts should be installed by package names.
+    
+    Cons
+    * Will not work for specifying on which services extension parts need to be installed
+    * Potentially not reliable
+    * Might need require adding configuration on instances to track which extensions installed on the system

design-documents/img/dependabot_slack.png

@@ -47,12 +47,12 @@ An approach of defining what each release should include was taken from [Semanti
 3. Introduce publication functionality for publishing `magento2-test-module` package type.
 4. Create metapackage with test packages only for each Magento edition.
 
-## Entity's id attributes
+## Entity's attributes
 Changing any of this attribute will cause Backward Incompatible change.
 
 **Test entity:**
 
-  |xPath|idAttribute|
+  |xPath|attribute|
   |---|---|
   |`/tests/test`|name|
   |`/tests/test/<ACTION> ⃰`|stepKey|
@@ -61,15 +61,16 @@ Changing any of this attribute will cause Backward Incompatible change.
 
 **Action Group entity:**
 
-  |xPath|idAttribute|
+  |xPath|attribute|
   |---|---|
   |`/actionGroups/actionGroup`|name|
   |`/actionGroups/actionGroup/arguments/argument`|name|
+  |`/actionGroups/actionGroup/arguments/argument`|type|
   |`/actionGroups/actionGroup/<ACTION> ⃰`|stepKey|
 
 **Data entity:**
 
-  |xPath|idAttribute|
+  |xPath|attribute|
   |---|---|
   |`/entities/entitie`|name|
   |`/entities/entitie/data`|key|
@@ -79,7 +80,7 @@ Changing any of this attribute will cause Backward Incompatible change.
 
 **Metadata entity:**
 
-  |xPath|idAttribute|
+  |xPath|attribute|
   |---|---|
   |`/operations/operation`|name|
   |`/operations/operation/field`|key|
@@ -91,14 +92,14 @@ Changing any of this attribute will cause Backward Incompatible change.
 
 **Page entity:**
 
-  |xPath|idAttribute|
+  |xPath|attribute|
   |---|---|
   |`/pages/page`|name|
   |`/pages/page/section`|name|
 
 **Section entity:**
 
-  |xPath|idAttribute|
+  |xPath|attribute|
   |---|---|
   |`/sections/section`|name|
   |`/sections/section/element`|name|