diff options
author | Lars Wirzenius <liw@liw.fi> | 2018-09-28 15:36:00 +0300 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2018-09-28 15:36:00 +0300 |
commit | 0c1ee47f0cb18093f5d620b7d3602dd11ea689bb (patch) | |
tree | aceb399ce59dddedcc008298d6f85439ba06a1e3 | |
parent | e53ef7bab4ba066f71ebceae1a87058ca20b96da (diff) | |
download | ick.liw.fi-0c1ee47f0cb18093f5d620b7d3602dd11ea689bb.tar.gz |
Publish log entry
-rw-r--r-- | blog/2018/09/28/planning_meeting_iteration_30.mdwn | 94 |
1 files changed, 94 insertions, 0 deletions
diff --git a/blog/2018/09/28/planning_meeting_iteration_30.mdwn b/blog/2018/09/28/planning_meeting_iteration_30.mdwn new file mode 100644 index 0000000..8aebe91 --- /dev/null +++ b/blog/2018/09/28/planning_meeting_iteration_30.mdwn @@ -0,0 +1,94 @@ +[[!meta title="Planning meeting (iteration 30)"]] +[[!tag draft meeting]] +[[!meta date="2018-09-28 15:12"]] +[[!meta author="liw"]] + +THIS IS A DRAFT + +People +============================================================================= + +* [[people/liw]] +* [[people/dsilvers]] +* Ivan + +Agenda +============================================================================= + +* Discuss and decide goals for this iteration. + +Notes +============================================================================= + +* This iteration is about advancing the ick web UI that Ivan is + working on: we want to add a facade, which runs between the frontend + (Javascript in the browser) and the backend (controller and other + ick components with and API). The facade is necessary for + authentication security. + +Tasks for this week +============================================================================= + +Tasks may be part of a project or be random small ones (max an hour) +that just need doing. + +[[!table data=""" +what | Who | estimate(h) + +Update arch doc about OIDC authentication | Lars | 2 +Review updated arch doc | Daniel | ? +Give Ivan access to ickui server | Lars | 0 +Write trivial facade for ickui | Ivan | ? +Create ick pipeline to deploy ickui facade | Ivan | ? + +Total | Lars | ? +Total | Daniel | ? +Total | Ivan | ? +"""]] + +Task descriptions +------------------------------------------------------------------------------ + +* **Update arch doc about OIDC authentication:** The [[architecture]] + document currently claims only OAuth2 authetication is used. Update + it to explain how OpenID Connect if used to authenticate end-users, + and why a separate facade is needed. + + _Acceptance criteria:_ Daniel says OK. + +* **Review updated arch doc:** Review changes to the [[ərchitecture]] + document and either say they're OK, or provide feedback on what + needs improvement. Repeat with Lars until OK. + + _Acceptance criteria:_ Daniel says OK. + +* **Give Ivan access to ickui server:** Ivan will need to deploy the + ickui facade on the ickui server. For this, he needs to log in and + have root access. Make it so. + + _Acceptance criteria:_ Ivan confirms he can do `ssh + ivan@ick-ui.vm.liw.fi sudo id` and have it report the root user. No + password is needed. + +* **Write trivial facade for ickui:** Write a facade that provides a + trivial `/version` endpoint, which reports the facade's version, + without requiring a login. + + _Acceptance criteria:_ Facade `/version` can be tested manually with + curl. The output includes the git commit, if the facade is running + from a git clone. + +* **Create ick pipeline to deploy ickui facade:** Set up a project on + the demo ick instance, which deploys the ickui facade on the ickui + server, on an empty freshly installed one, or upgrading an existing + server. + + This can be done by cloning the facade git repo to a suitable + location on the server. Additionally, any systemd units, haproxy, + etc, need to be set up, and any missing dependencies installed, by + the ick project. + + _Acceptance criteria:_ When the facade git repo is updated, the ick + CD project is triggered, and after it's done, the running facade + reports a new version. This works even if the ickui server has been + deleted and a new one created. |