[ ] Have an admin add you to the CISA Github organization and Dotgov Team.
[ ] Ensure you can login to your cloud.gov account via the CLI
cf login -a api.fr.cloud.gov --sso
[ ] Have an admin add you to cloud.gov org and set up your sandbox developer space. Ensure you can deploy to your sandbox space.
[ ] Have an admin add you to our login.gov sandbox team (.gov registrar poc) via the dashboard.
Note: As mentioned in the Login documentation, the sandbox Login account is different account from your regular, production Login account. If you have not created a Login account for the sandbox before, you will need to create a new account first.
[ ] Optional- add yourself as a codeowner if desired. See the Developer readme for how to do this and what it does.
Steps for the onboarder
[ ] Add the onboardee to cloud.gov org (cisa-getgov-prototyping)
Where your key is the thing you generated to run the command
gpg --armor --export <YOUR KEY>
when setting up your key in Github.
Now test commit signing is working by checking out a branch (yourname/test-commit-signing) and making some small change to a file. Commit the change (it should prompt you for your GPG credential) and push it to Github. Look on Github at your branch and ensure the commit is verified.
Note: if you are on a mac and not able to successfully create a signed commit, getting the following error:
error: gpg failed to sign the data
fatal: failed to write commit object
You may need to add these two lines to your shell's rc file (e.g. .bashrc or .zshrc)
GPG_TTY=$(tty)
export GPG_TTY
and then
source ~/.bashrc
or
source ~/.zshrc
Setting up developer sandbox
We have three types of environments: stable, staging, and sandbox. Stable (production)and staging (pre-prod) get deployed via tagged release, and developer sandboxes are given to get.gov developers to mess around in a production-like environment without disrupting stable or staging. Each sandbox is namespaced and will automatically be deployed too when the appropriate branch syntax is used for that space in an open pull request. There are several things you need to setup to make the sandbox work for a developer.
All automation for setting up a developer sandbox is documented in the scripts for creating a developer sandbox and removing a developer sandbox. A Cloud.gov organization administrator will have to perform the script in order to create the sandbox.
Developer Onboarding
Installation
There are several tools we use locally that you will need to have.
gpg
>2.1.7. Rungpg --version
to check. If not, install gnupgAccess
Steps for the onboardee
[ ] Setup commit signing in Github and with git locally.
[ ] Create a cloud.gov account
[ ] Have an admin add you to the CISA Github organization and Dotgov Team.
[ ] Ensure you can login to your cloud.gov account via the CLI
[ ] Have an admin add you to cloud.gov org and set up your sandbox developer space. Ensure you can deploy to your sandbox space.
[ ] Have an admin add you to our login.gov sandbox team (
.gov registrar poc
) via the dashboard.Note: As mentioned in the Login documentation, the sandbox Login account is different account from your regular, production Login account. If you have not created a Login account for the sandbox before, you will need to create a new account first.
[ ] Optional- add yourself as a codeowner if desired. See the Developer readme for how to do this and what it does.
Steps for the onboarder
.gov registrar poc
) via the dashboardDocuments to Review
Setting up commit signing
Follow the instructions here to generate a new GPG key (default configurations are okay) and add it to your GPG keys on Github.
Configure your key locally:
Where your key is the thing you generated to run the command
when setting up your key in Github.
Now test commit signing is working by checking out a branch (
yourname/test-commit-signing
) and making some small change to a file. Commit the change (it should prompt you for your GPG credential) and push it to Github. Look on Github at your branch and ensure the commit isverified
.Note: if you are on a mac and not able to successfully create a signed commit, getting the following error:
You may need to add these two lines to your shell's rc file (e.g.
.bashrc
or.zshrc
)and then
or
Setting up developer sandbox
We have three types of environments: stable, staging, and sandbox. Stable (production)and staging (pre-prod) get deployed via tagged release, and developer sandboxes are given to get.gov developers to mess around in a production-like environment without disrupting stable or staging. Each sandbox is namespaced and will automatically be deployed too when the appropriate branch syntax is used for that space in an open pull request. There are several things you need to setup to make the sandbox work for a developer.
All automation for setting up a developer sandbox is documented in the scripts for creating a developer sandbox and removing a developer sandbox. A Cloud.gov organization administrator will have to perform the script in order to create the sandbox.