search

revelrylabs / tracing

Contact Tracing Prototype
1 stars 0 forks source link

[WIP] Assumptions and Questions: Initial Infrastructure and Application Setup #1

Open iamjoshfrank opened 4 years ago

iamjoshfrank commented 4 years ago

Background

This is planned to be an Open Source project that is worked very transparently with the public.

Here's the Google Doc with a very raw project description for more context re: what we hope to build as a Proof of Concept (POC).

We're in the process of shaping this doc up into a solid Project Brief for this repo's README file as well as to start splitting out user stories into workable Issues.

Basic Core Loop

  1. No user accounts / sign-ins
  2. User approves significant-location-change permissions
  3. Locations are stored locally (on the device) ONLY, until:
  4. User voluntarily updates their negative/positive status in the app if they test positive COVID-19
  5. When marked positive, user is shown the full list of their significant-location-change` locations from the past [today - n days].
  6. The user can choose to submit all locations to the server; submit none; or selectively remove individual locations they wish not to be submitted.
  7. Anonymized/sanitized location-only data is uploaded to the server including only the user-approved significant-location-change locations from the past [today - n days].
  8. For users that remain status: negative, their app will periodically query the server for location information while never sending their own location history.
  9. Locally, the app will process the query results against the user's locally-stored history.
  10. If contact with a matching status: positive location date/time is detected, the app alerts the user appropriately.

Goal for This Issue

During the shortened U.S. Memorial Day week (starting Tuesday, May 26, 2020), Revelry will lead a one-week effort to build a usable POC for a contact tracing application that can be tested and further iterated upon.

In order to maximize the available time next week, we want to try to have the necessary infrastructure and base app template(s) in place so that we can start executing against user-facing features ASAP on Tuesday.

Tools and Resources Assumptions

Infrastructure Resources

Application Resources

Product Development Resources

Maintainer

Questions and Risks

Security / Accessibility / Governance

We want to encourage public participation in this open, transparent project. To that end, we want contributors to have the same kind of visibility into Infrastructure and source code as possible.

  1. How Might We enable contributors to gain insights into the cluster infrastructure, deployments, and health?

    • Cluster Authentication needs / requirements
    • Enable Moondog Navigator and document steps to access

  2. What database decisions need made now, during initial infrastructure set-up, vs later, during our one-week Proof of Concept experiment?

  3. How Might We expediently manage mobile app store deployments in an open project?

    • Who needs access to what tools? Reporting?
bit-herder commented 4 years ago

So it would be super helpful since we have very little time here to know a subdomain we want this to live in so i can begin building it in conjunction with the cluster i am already building for a client.

unless there are objections im going to go with the subdomain covid.revelry.net

iamjoshfrank commented 4 years ago

@bit-herder can you assign subdomain post-build? leave it ugly for now?

will work to get an answer to that question. i have no objection to that subdomain but i also know that we'll be working on some kind of naming for this thing over the next day or so.

I'd say if it's truly a blocker, run with it unless you hear different in the next 30.

vaxinate commented 4 years ago

Hold on please. Can we talk about resourcing for this? Chris is in the middle of working on getting a cluster set up for a paying client (WSWD), and it would be better if he could stay focused on those tasks primarily. It would be better if we could pull either joel or jason in from Platform since they are proficient enough to get a cluster up and running.

We should nail down an internal hostname we want to use before we stand up the cluster. We can always use DNS to customize domain names for individual applications hosted in the cluster, but we need an internal name to use for setting up internal services. It's a non trivial amount of work to change it later as far as I know. We've never tried it before.

@iamjoshfrank I'd love to get on a call and talk thru some things. Let me know when you have some time. I'm mostly freed up from critical TSS support for the afternoon.

iamjoshfrank commented 4 years ago

I'm booking a meeting for 4pm. Those that can make it, can make it.

Gerard has the ultimate call on resourcing, timing, and support.

vaxinate commented 4 years ago

proposed cluster domain: nightingale.revelry.org

iamjoshfrank commented 4 years ago

Revelry Moondog to bootstrap a Kubernetes unique cluster (Moondog Engine) and provide a UI into the cluster for contributors (Moondog Navigator)

  • Put initial app deployments into an existing Revelry cluster so we can run right away Tuesday morning.
  • Then new cluster as part of next week's work.
  • At the end of the meeting, we reversed this decision. @jwietelmann and @grossvogel have full-time capacity to switch gears tomorrow and get a new cluster set up in the new org and AWS account. @vaxinate and @bit-herder will provide feedback and support on an as-needed basis without shifting their current main priorities. After talking things through a bit more, this was deemed more expedient than starting in existing and switching to a new one, especially across different orgs/owners.
  • New cluster belongs on different AWS account?
  • Yes-ish; and also TBD, b/c we should receive/apply some credits for this
  • Open to putting Moondog Engine on a Kubernetes cluster on a different cloud provider and inviting contributors in to help work out kinks on non-AWS provider

New topic: What GitHub org should all this live in?

New topic: Domain for the cluster

New topic: Repo names for Backend, Flux, Mobile, Marketing?

Revelry's Elixir/Phoenix base app template for the backend

  • Good assumption, but not necessary to decide at the moment
  • Might be some things that need ripped out (authentication)
  • Template is currently public; but the Generator isn't

Revelry's React Native mobile app template for the frontend

  • Yes
  • Is it public or private?

Limit scope of one-week POC to iOS in order to maximize execution capacity and reduce testing and App / Play Store complexities

  • Yes

Revelry Harmonium component library for design / styling (note/question: Harmonium for React Native??)

  • Uhhhh, nope. Doesn't exist.

New Topic: Geolocation stuff?

  • Will we need a separate, cross-platform library
  • Or can we do significant-location-change and focus on best iOS tracking and leave Android for future equivalent, even if it means building a separate table?
  • Yes, probably
  • Can we ingest the history as opposed to "tracking" and "storing" in the app itself?
  • Will need to be careful about local storage amounts

Biggest Risk: Not being able to access Significant Change Location History the way we want.

Revelry Lintron for static code analysis at the Pull Request Level

  • Yes.

Revelry Kanban for managing priorities and Issues' statuses

  • Yes.

New Topic: Other Revelry Tools (IssueBot, PokerBot, etc.)

Revelry will be the official maintainers for this OSS project

  • Yes, slight tweak: Revelry Foundation will be the maintainers

  1. How Might We enable contributors to gain insights into the cluster infrastructure, deployments, and health?

    • eg Moondog Navigator
    • We can tie permissions to a Team w/in the Revelry Foundation org; and anyone that is authed as a Team member can log in to Moondog Navigator and what we do right now.
    • Will need to audit for any security concerns/exceptions.
    • [ ] @jwietelmann to own or delegate

  2. What database decisions need made now, during initial infrastructure set-up, vs later, during our one-week Proof of Concept experiment?

    • Do we have PostGIS on our KubeDBs?
    • Yes, there's exactly 1 version we can deploy currently.
    • Can we deploy an arbitrary number of replicas?
    • Yes, read-only; but not clustering them
    • Should we just go straight to RDS?
    • Yes, probably.
    • TimescaleDB? Does RDS support it?
    • We think no. But checking...
    • Set up a read-replica sort of schema for prod?
    • Needed up-front or wait and...see what happens?
    • A: we can hang back and upsize and replicate when needed in the future

  3. How Might We expediently manage mobile app store deployments in an open project?

    • [ ] Get the right people from Revelry to validate and/or answer this question - @iamjoshfrank (probably Nick and/or Harley)

How are we getting (app template) (cluster) (tooling (CI, Lintron, Travis)) set-up done so the team can hit the ground running on Tuesday?