Wikipedia:RedWarn/Documentation/Operations

The RedWarn userscript is configure to automatically test (as of RedWarn 17) and build itself from the RedWarn GitLab repository. This enables trusted team members to push updates to the English Wikipedia version of RedWarn seamlessly.

Continuous deployment
Due to the lack of an interface administrator team member, and since the user account is under the sole control of, the RedWarn team has developed a policy-compliant way of pushing automatic updates to the RedWarn userscript. We understand the implications of security and user safety, and thus we've formed the following process in deploying updates to the RedWarn userscript.
 * 1) Updates to the master branch are first run through merge requests. No team member is able to directly push to the master branch. Merge requests may only be accepted by a Maintainer-level team member.
 * 2) The deployment script is manually triggered in the pipeline created by a merge to the master branch. Only one user can trigger the script:.
 * 3) Once the script has been triggered, User:RedWarn/Commit Approval will be updated with the relevant information. A table will be generated at the bottom of the page where either of the aforementioned members can sign in order to approve the commit. This extra step is for compliance with the bot policy.
 * 4) Once a user signs the box, the signature is compared with their MediaWiki-set signature (as provided by signatures.toolforge.org). If this signature matches, the commit is approved.
 * 5) User:RedWarn/.js is updated, and User:RedWarn/Commit Approval/latest.json will be filled with details of the latest commit.

The deployment script is freely accessible and can be checked or scrutinized by other users. If you've found a security issue, please report them by emailing redwarn.issue@toolforge.org.