1<!-- 2Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. 3 4SPDX-License-Identifier: curl 5--> 6 7# Infrastructure in the curl project 8 9Overview of infrastructure we maintain, host and run in the project for the 10project. 11 12## git repository 13 14Since 2010, the main curl git repository has been hosted by GitHub, available 15at https://github.com/curl/curl. 16 17We also use the issue tracker, pull requests and discussions on GitHub. 18 19curl has an "enterprise account" on GitHub and is an "organization" on the 20site. 21 22We accept sponsorship via GitHub Sponsors. 23 24## CI services 25 26For every pull request and git push to the master repository, a number of 27build and testing jobs are run on a set of different CI services. The exact 28services vary over time. GitHub Actions and AppVeyor are the primary ones 29these days. 30 31## Test Clutch 32 33A [Test Clutch](https://github.com/dfandrich/testclutch) instance generates 34regular reports on curl CI test results at https://testclutch.curl.se/ as well 35as writing comments on curl pull requests whose tests have failed. The jobs 36are hosted on a Virtuozzo Application Platform PaaS instance and is managed by 37Dan Fandrich. The configuration code is is available and managed at 38https://github.com/dfandrich/testclutch-curl-web 39 40## Autobuilds 41 42The curl autobuild system is a set of scripts that build and test curl and 43send all output logs back to the autobuild server. The results are 44continuously collected and visualized on the curl website at 45<https://curl.se/dev/builds.html>. 46 47The autobuild system and server is maintained by Daniel Stenberg. 48 49## OSS-Fuzz 50 51Google runs the [OSS-Fuzz](https://google.github.io/oss-fuzz/) project which 52also runs fuzzing on curl code, non-stop, in their infrastructure and they 53send us emails in the rare instances they actually find something. 54 55OSS-Fuzz notifies those that are members in the "curl team". Any curl 56maintainer who wants to is welcome to participate. It requires a Google 57account. 58 59## Coverity 60 61We regularly run our code through the [Coverity static code 62analyzer](https://scan.coverity.com/) thanks to them offering this service to 63us for free. 64 65## CodeSonar 66 67[CodeSonar](https://codesecure.com/our-products/codesonar/) analyzes the curl 68source code daily and emails Daniel Stenberg whenever it finds suspected 69problems in the source code. I hope and expect that we can invite other 70maintainers to access these reports soon. 71 72## Domain names 73 74The project runs services and website using a few different curl related 75domain names, including `curl.se` and `curl.dev`. Daniel Stenberg owns these 76domain names. 77 78Until a few years ago, the curl website was present at `curl.haxx.se`. The 79`haxx.se` domain is owned by Haxx AB, administrated by Daniel Stenberg. The 80curl.haxx.se name is meant to keep working and be redirecting to curl.se for 81the foreseeable future. 82 83## Websites 84 85The main curl website at `curl.se` is maintained by curl maintainers and the 86content is available and managed at https://github.com/curl/curl-www. The site 87updates from git and runs make every 20 minutes. Any change pushed to git can 88thus take up to 20 minutes until it takes effect on the origin server. 89 90The content on `curl.dev` is available and managed at 91https://github.com/curl/curl.dev/ 92 93The content on `everything-curl.dev` is available and managed at 94https://github.com/curl/everything-curl/ 95 96The machine hosting the website contents for these three sites is owned by 97Haxx AB and is primarily managed by Daniel Stenberg (co-owner of the Haxx 98company). The machine is physically located in Sweden. 99 100curl release tarballs are hosted on https://curl.se/download.html. They are 101uploaded there at release-time by the release manager. 102 103curl-for-win downloads are hosted on https://curl.se/windows and are uploaded 104to the server by Viktor Szakats. 105 106curl-for-QNX downloads are hosted on <https://curl.se/qnx> and are uploaded to 107the server by Daniel Stenberg. 108 109Daily release tarball-like snapshots are generated automatically and are 110provided for download at <https://curl.se/snapshots/>. 111 112CA certificate bundles are extracted from the Firefox source code, hosted by 113Mozilla and converted to PEM file format and is offered for download. The 114conversion checks for updates daily. The bundle is provided for download at 115<https://curl.se/docs/caextract.html>. 116 117There is an automated "download check bot" that runs twice daily to scan for 118available curl downloads to populate the curl download page appropriately with 119the correct updated information. The bot uses URLs and patterns for all 120download packages and is maintained in a database, maintained by Daniel 121Stenberg and Dan Fandrich. 122 123The TLS certificate for the origin curl web server is automatically updated 124from Let's Encrypt. 125 126## CDN 127 128Fastly runs the Content Delivery Network (CDN) that fronts all the curl 129websites. The CDN caches content that it gets from the origin server. 130Recently, roughly 99.99% of web requests are satisfied by the CDN without 131having to reach the origin. 132 133The CDN caches different content at different lengths depending on the 134content-type. The caching thus adds to the time for a change to have an effect 135on the site from the moment it gets pushed to the git repository. 136 137Using this setup, we provide four IPv4 addresses and eight IPv6 addresses for 138anycast access to the site. Should be snappy from virtually everywhere across 139the globe. 140 141The CDN servers support HTTP/1, HTTP/2 and HTTP/3. They set HSTS for a year. 142The `HTTP://` version of the site redirects to `HTTPS://`. 143 144Fastly manages the TLS certificates from Let's Encrypt for the servers they 145run on the behalf of curl. 146 147## Containers 148 149The curl project offer container builds of curl. The source repository for 150them is located at <https://github.com/curl/curl-container>. 151 152Container images are hosted at <https://quay.io/repository/curl/curl> and 153<https://hub.docker.com/r/curlimages/curl> 154 155## DNS 156 157The primary domain name, `curl.se` is managed by Kirei and is offered over 158fault-tolerant anycast servers. High availability and fast access for 159everyone. 160 161The actual physical DNS files and origin bind instance is managed by Daniel 162Stenberg. 163 164## Mailing lists 165 166The curl related mailing lists are hosted by Haxx AB on `lists.haxx.se` and 167are maintained by Daniel Stenberg. This includes the mailman2 and Postfix 168instances used for this. 169 170## Email 171 172We use a few rare additional curl related email aliases in the curl domains. 173They go through the mail server `mail.haxx.se` maintained by Daniel Stenberg 174 175## Bug-bounty 176 177We run a [bug-bounty](https://curl.se/docs/bugbounty.html) on HackerOne. The 178setup runs entirely at https://hackerone.com/curl. 179 180The money part for the bug bounty is sponsored by the [Internet Bug 181Bounty](https://hackerone.com/ibb). 182 183## Open Collective 184 185We use [Open Collective](https://opencollective.com/curl) as our "fiscal 186host". All money sent to and received by the curl project is managed by Open 187Collective. 188 189## Merchandise 190 191We have stickers, coffee mugs and coasters. They are managed by Daniel who 192sits on the inventory. The best way to get your hands on curl merchandise is 193to attend events where Daniel is physically. 194