ALBS docs updates (#523)

* ALBS docs updates
AlmaLinux · Nov 18, 2024 · 64fe75a · 64fe75a
1 parent 80bec14
commit 64fe75a
Show file tree

Hide file tree

Showing 4 changed files with 37 additions and 12 deletions.
diff --git a/docs/.vuepress/public/images/ALBS-structure.svg b/docs/.vuepress/public/images/ALBS-structure.svg
diff --git a/docs/development/AlmaLinux-Build-System.md b/docs/development/AlmaLinux-Build-System.md
@@ -2,7 +2,7 @@
 title: 'AlmaLinux Build System'
 ---
 
-###### last updated: 2024-09-10
+###### last updated: 2024-10-28
 
 # AlmaLinux Build System
 
@@ -22,6 +22,18 @@ AlmaLinux OS source code including [modified packages](/development/Modified-pac
 
 AlmaLinux OS Team and community work on these repositories to submit changes, fix bugs, and introduce new features. The AlmaLinux Build System is then used to pull the latest changes from these repositories and build the updated packages. 
 
+## AlmaLinux Build System Structure
+
+<img src=/images/ALBS-structure.svg width="60%" height="60%">
+
+* The Build System [Master Service](https://github.com/AlmaLinux/albs-web-server) provides an API that UI and CLI tools use to build, test, sign and release the packages.
+* The sources to build the AlmaLinux OS packages are taken from the AlmaLinux [git server](https://git.almalinux.org/), which are either synchronized directly from the CentOS git server, or updated manually by the AlmaLinux packagers. All the package sources that are used to build AlmaLinux OS packages are notarized commit by commit, and this information is stored in our [immudb](/documentation/sbom-guide) instance.
+* The [Build Node](https://github.com/AlmaLinux/albs-node) continuously asks the Master Service for new tasks to build packages from the provided git references. The built packages will be marked as verified only if the git references used to build the packages have been notarized. Built packages and build logs (or artifacts) are stored in the Artifact Storage (PULP), which only keeps notarized artifacts, this is, trusted and verified artifacts. 
+* [Test System](https://github.com/AlmaLinux/alts) receives Test Tasks to test built packages from Artifact Storage. The Test System tests packages via Test Nodes (eg. Docker or OpenNebula with different architectures) and store test artifacts (test logs) in Artifact Storage.
+* [Sign Server](https://github.com/AlmaLinux/albs-sign-node) receives sign tasks to sign packages with the corresponding PGP key. The Sign Server retrieves the unsigned packages, verifies that the packages are notarized, and signs them. Signed packages are then notarized again, storing this information in immudb and then saving the signed packages in the Artifact Storage.
+* Release System receives release tasks to upload signed packages to public repositories.
+* Each step involved in the build process is notarized and stored in immudb using a unique hash (immudb hash). This process ensures that traceability is guaranteed and that the information generated throughout the build process and stored in immudb can be used later on to generate SBOM documents.
+
 ## More guides and details
 
 If you are interested in learning how to build AlmaLinux OS packages, please check the [Packaging guidelines](/development/Packaging) and [Building packages guide](/documentation/building-packages-guide).

diff --git a/docs/documentation/sbom-guide.md b/docs/documentation/sbom-guide.md
@@ -2,7 +2,7 @@
 title: "User Guide: AlmaLinux *Software Bill of Materials (SBOM)*"
 ---
 
-###### Last updated: 2024-09-17
+###### Last updated: 2024-10-28
 
 # AlmaLinux SBOM User Guide 
 
@@ -65,7 +65,7 @@ Here is the command example of generating an SBOM record using the build ID opti
 ```bash
 python alma_sbom.py --output-file 17812.json --file-format cyclonedx-json --build-id 17812
 ```
-The command example with the CAS hash of the package:
+The command example with the immudb hash of the package:
 ```bash
 python alma_sbom.py --output-file 17812.json --file-format cyclonedx-json --rpm-package-hash 911945c71710c83cf6f760447c32d8d6cae737dc
 ```

diff --git a/docs/sigs/Build-System.md b/docs/sigs/Build-System.md
@@ -2,7 +2,7 @@
 title: 'Build System SIG'
 ---
 
-##### last modified: 2024-09-2026
+##### last modified: 2024-10-28
 
 # Build System SIG
 
@@ -23,7 +23,7 @@ Meetings are held regularly, including a daily standup. If you would like to joi
 ## Activities, projects, and deliverables
 
 * [AlmaLinux Build System](https://build.almalinux.org/)
-* [Build System project's documentation and issue tracker](https://github.com/AlmaLinux/build-system)
+* [Build System project's issue tracker](https://github.com/AlmaLinux/build-system/issues)
 * [Build System project's milestones](https://github.com/AlmaLinux/build-system/milestones)
 * [Build System Web-Server](https://github.com/AlmaLinux/albs-web-server)
 * [Build System Build Node](https://github.com/AlmaLinux/albs-node)
@@ -32,16 +32,25 @@ Meetings are held regularly, including a daily standup. If you would like to joi
 * [Build System Sign Node](https://github.com/AlmaLinux/albs-sign-node)
 * [Build System Sign File](https://github.com/AlmaLinux/albs-sign-file)
 * [Build System Tests Cacher](https://github.com/AlmaLinux/alma-tests-cacher)
+* Documentation:
+  * About AlmaLinux Build System and its structure - [AlmaLinux Build System](/development/AlmaLinux-Build-System).
+  * About SBOM - [SBOM guide](/documentation/sbom-guide).
+  * How to contribute to AlmaLinux Build System - [Contribute to AlmaLinux Build System](/Contribute-to-AlmaLinux-Build-System).
 
 ### Help wanted:
 
-* Python and JavaScript Developers are needed to improve UI/UX.
-* Add the ability to run test VMs in different clouds (AWS, Azure, etc.).
-* Add the ability to use external repositories for testing scenarios (e.g. LTP for kernel, CentOS tests for different packages, openQA, etc.).
-* Add OpenStack backend driver support.
-* Add Azure backend driver support.
-* Improve the ability to delete a build.
-* Add Kubevirt backend support.
+* Help on keeping our Build System SIG documentation up to date (READMEs in repos, wiki, docs, SIG wiki page, etc).
+* Testing (experience with pytest), we need help to:
+  * Increase our test coverage in repos that already have tests.
+  * Add tests to those that don't have tests at all.
+  * Design and implement integration/e2e tests that involve different services.
+* Familiar with Ansible? Help us in testing and improving our current ansible roles to deploy the AlmaLinux Build System.
+* Interested in supply-chain security and SBOM? Help us in defining the next steps toward providing and expanding the current SBOM data that AlmaLinux OS is generating.
+
+Our tech stack:
+* Backend: Python, FastAPI, SQLAlchemy, PostgreSQL, Redis.
+* Frontend: JavaScript, Vue.js, Quasar.
+* Tooling: Docker, Docker Compose, Ansible, Terraform.
 
 ## SIG Members: