Closed thisandagain closed 9 years ago
In an ideal world, webmaker-desktop never uses a database :) I think we're required to use RDS because Heroku addons have not been reviewed by opsec.
Heroku postgres can be used provided there's no non-public PII (email addresses etc).
@jbuck @simonwex Looks like we should have no problem not using a DB for webmaker-desktop
.. just curious about the API. Sounds like we'll need to use RDS based on our requirements.
/cc @cadecairos
If I'm not mistaken, the user table will contain a username and most likely the OAuth token, so heroku postgre is probably not the place to host the DB
the API will definitely need to be hosted on RDS
The nightly builds are going to break, due to the id.wmo integration that removed the hard coded testing tokens. we're going to want to make sure that the app itself gets id.wmo integration before shipping one or the other.
Not sure I 100% understand. We'll need to have this up and running on either environment before the end of the sprint (beta ship date). What is blocking getting a production instance up and running?
the android app is using hard coded tokens that the api accepted before it was integrated with id.webmaker.org
if we put the two together before adding real logins to the android app, all requests to the api it makes right now are going to 403
Got it. Can we keep that token as acceptable just on the staging instance? That should keep existing stable and nightly releases from breaking while avoiding strange security loopholes in production.
we'll have to manually hmac it with the staging secret and insert in into the database
Working on "Dockerizing" the app in #65
Before I can set up a prod env, I need a PG database on AWS and connection string (ping @jbuck)
Fixed by #85
We should deploy the
develop
andmaster
branches to heroku on staging and production instances (respectively). I have this seutp on https://github.com/mozilla/webmaker-desktop for reference.@jbuck re: PGSQL did you want us to use RDS or should we use Heroku's Postgres options? To keep things light I think I'd prefer to just do all of this within Heroku. Thoughts?
/cc @simonwex