`chainloop org member invite create` does not send emails to recipient

[anoncam]

When invoking a chainloop org member invite create the identified --recipient, which does not send out an invite to join the organization.

SMTP could be configured to enable the Chainloop hosted control plane to issue invites, or the client could print an invitation URL to bind a user to an organization via browser.

There are also other ways to handle this feature as well, but I don't hold a strong opinion on implementation. I am just noting the application behavior.

[migmartri]

Thanks, @anoncam, for reporting this issue. As you have found, chainloop invitations do not send out emails nor require explicit acceptance. Basically, the receiver of the invitation will join the organization the next time they chainloop auth login

I think email notification and explicit acceptance make sense since it seems a ubiquitous pattern, but I'd split this feature into two phases. I personally would be happy if we just implement the first part for now, but I'd like to get your take.

• Send an email to the receiver telling them that they have been invited and that they need to login in to chainloop to join them.
• Include in the email a unique invitation link, and potentially also output it in the terminal as you suggested.

re: smtp. we already have some code in one of our plugins that could serve as inspiration https://github.com/chainloop-dev/chainloop/blob/8568ca437e2b77b60a374fb43acee41dd5e3153e/app/controlplane/plugins/core/smtp/v1/extension.go#L196

[anoncam]

So I am interpreting this from the hosted control plane perspective @migmartri. In the Chainloop hosted cp it looks like the only thing to do is set up smtp using something like Amazon SES etc.

For self-hosted control planes, it makes sense to let the configuration be the deployer's concern.

Does that make sense? I'm not sure this is an issue given the context now.

[migmartri]

Sounds good to me, so basically what I think a first version of this feature could be

• Add support to configure an SMTP interface per Chainloop instance.
• When a user is invited, send an email letting them know about the fact. The email should contain a configurable link that could point to the Web User Interface login page or in its absence mention chainloop auth login command.