preparing docs for 0.6.x release

ROADMAP.md

@@ -1,45 +1,55 @@
-Bastille Roadmap
-================
-This is the general roadmap for the next nine months. I would like the
-near-term done by the end of 2018. The mid-term should be done by March 2019.
-The long-term by summer 2019.
+2020 Bastille Roadmap
+=====================
 
-At that point, if the templating is mature, and the top 50 is complete, the
-platform is ready for general purpose use. 
+1. Virtual Networking
+1. Bastille CI/CD
+1. Template Maturity & Consolidation
+1. Container Monitoring
+1. Bastille API
 
+Rough timeline and description below.
 
-near-term
----------
-1. zfs support (configurable)
-2. bastille-dev template (see below):
-```shell
-## jail -c name=foo host.hostname=foo allow.raw_sockets children.max=99 
-## ip4.addr=10.20.12.68 persist
-## jexec foo /bin/csh
-## foo# jail -c name=bar host.hostname=bar allow.raw_sockets 
-## ip4.addr=10.20.12.68 persist
-## foo# jexec bar /bin/csh
-## bar# ping gritton.org
-```
-3. branding
+Virtual Networking (Jan-Feb) ~ 0.6.x-beta
+-----------------------------------------
+VNET (Virtual Networking) will allow fully virtualized network stacks. This
+would bring the total network options to three (loopback, LAN, VNET). The
+anticipated design would use a bridge device connected to containers via epair
+interfaces.
 
+Bastille CI/CD (March-May) ~ 0.7.x-beta
+---------------------------------------
+While we have many of the templates validated by automatic CI/CD, we are not
+validating updates to Bastille itself. This automated validation of Pull
+Requests should be a priority early in the year with a full test suite designed
+to validate all expected uses of Bastille sub-commands.
 
-mid-term
---------
-1. templating
-2. ssh-to-jail demo (ie; ldap + .authorized_keys + command)
-```shell
-## TODO: .ssh/authorized_keys auto-launch into user jail
-## jail_create_login_hook() {
-##     echo "permit nopass ${user} cmd /usr/sbin/jexec args ${name} /usr/bin/login -f ${user}" >> /usr/local/etc/doas.conf
-##     echo "command='/usr/local/bin/doas /usr/sbin/jexec ${name} /usr/bin/login -f ${user}' ${pubkey}" >> $HOME/.ssh/authorized_keys
-## }
-```
-3. additional modules: ps, sockstat, pf, fstab.
+Template Maturity & Consolidation (June-Aug) ~ 0.8.x-beta
+---------------------------------------------------------
+Put the 101 templates found in GitHub's BastilleBSD-Templates repository into
+GitLab CI/CD pipeline until fully covered. This is a great place for community
+contribution. Templates are easy to create and verify and we'd love to
+replicate as much of the FreeBSD ports tree as possible!
 
+In addition, it would be nice to create a consolidated repository of curated
+templates similar in design to the FreeBSD ports tree. This would contain all
+templates in a single repository and mimick ports behavior where appropriate.
 
-long-term
----------
-1. top 50
-2. monitoring
-3. rctl
+Container Monitoring (Sept-Oct) ~ 0.9.x-beta
+--------------------------------------------
+The ability to monitor processes, services, mounts, sockets, etc from the host.
+Auto-remediation would be simple enough to define. Notifications would probably
+require a plugin system for methods/endpoints.
+
+Possible monitoring modules: ps, sockstat, pf, fstab
+
+Possible notification modules: pagerduty, slack, splunk, ELK, etc.
+
+Bastille API (Nov-Dec) ~ 1.0.x-beta
+-----------------------------------
+I have thoughts about a lightweight API for Bastille that would accept (json?)
+payloads of Bastille commands. The API should be lightweight just as Bastille
+is.
+
+The API is scheduled later in the roadmap because I want to have the other
+components stable before we implement an API on top of it. The addition of the
+API should match up with Bastille 1.0-stable.