Cloud 2020-10-21 Tracking issue

[tsenart]

Plan

1. Cloud: @ryanslade and @quinnkeast will be working on an RFC to define information architecture and implementation plan to support private code owned by users and orgs. Additionally, we'll implement a work-around to allow us to dogfood user added repos easily (i.e. a dynamic "my" repos repogroup).

2. RFC 167 — Product license tiers: We didn't finish this last cycle, so @flying-robot and @unknwon will wrap this up first before focusing on auth work.

3. Auth: A lot of loose ends, chores, small bugs and quality of life improvements that have been stacking for a while. @unknwon and @flying-robot are working on this after RFC 167.

4. Tech debt: @asdine is concluding migrating the repo-updater Store to use the shared basestore package and other simplifications that were identified throughout the course of the recent work in that area.

Availability

If you have planned unavailability this iteration (e.g., vacation), you can note that here.

• @asdine: November 29 and 30 (2d)

Tracked issues

@unassigned: 1.00d

• [ ] sourcegraph/customer (#117; PRs: ~#14983~) 👩

Completed: 1.00d

• [x] (🏁 8 days ago) Add an index to the repository creation timestamp (~#14796~) 0.50d
• [x] (🏁 8 days ago) Be more graceful in handling a missing private key when generating licenses (~#14908~) 0.50d

@artemruts: 1.50d

• [ ] Impossible to copy errors out of code host status indicator (#14643; PRs: #15290) 🐛
• [ ] ~Make password reset link duration configurable by site admins~ (#13999) 1.00d 🔒

Completed: 0.50d

• [x] (🏁 today) Deploy to a cluster link in search performance warning notice is relative, not absolute (~#13745~) 0.50d 🐛

@arussellsaw: 1.00d

Completed: 1.00d

• [x] (🏁 today) Account update email should mention the instance URL (~#14751~) 1.00d 🐛

@asdine: 3.50d

• [ ] Replace calls to repo-updater store (#15082) :shipit:

Completed: 3.50d

• [x] (🏁 13 days ago) SetClonedRepos takes forever on Cloud (~#14938~; PRs: ~#14944~) 🐛
• [x] (🏁 12 days ago) Simpler SetClonedRepos query (~#14981~) :shipit:
• [x] (🏁 6 days ago) repo-store: Convert the repos store to use basestore (~#14754~; PRs: ~#15051~) 2.00d 🧶
• [x] (🏁 6 days ago) repo-store: Add Create method (~#14708~; PRs: ~#15081~) 0.50d 🧶
• [x] (🏁 1 day ago) external service store: Add an Upsert method (~#14713~; PRs: ~#15104~) 1.00d 🧶

@flying-robot: 7.00d

• [x] RFC 167: Enforce campaigns (#14029; PRs: #15068) 1.00d
• [ ] Permissions Grafana alert should not include public repos (#14894) 1.00d
• [ ] ~Make password reset link duration configurable by site admins~ (#13999) 1.00d 🔒

Completed: 4.00d

• [x] (🏁 130 days ago) Bigdata customer Tracking issue (~#11717~)
• [x] (🏁 12 days ago) Handle clone situations where HEAD is invalid (~#14962~) :shipit:🐛
• [x] (🏁 11 days ago) Don't use truncate in gitserver tests (~#14986~) :shipit:🐛
• [x] (🏁 5 days ago) RFC 167: Enforce monitoring (~#14030~; PRs: ~#15085~) 2.00d
• [x] (🏁 1 day ago) RFC 167: Enforce number of code host (~#14024~; PRs: ~#14916~, ~#15172~) 1.00d
• [x] (🏁 1 day ago) Provide a debug endpoint to list current authz providers (~#14891~; PRs: ~#15119~) 1.00d

@quinnkeast: 3.00d

Completed: 3.00d

• [x] (🏁 today) Cloud: Write RFC that clarifies cloud information architecture and implementation (~#14918~) 3.00d

@ryanslade: 7.00d

Completed: 7.00d

• [x] (🏁 13 days ago) Drop language column on repo (~#14760~; PRs: ~#14942~) 0.50d 🧶
• [x] (🏁 12 days ago) repo-updater: Use config value repoListUpdateInterval (~#14983~) :shipit:
• [x] (🏁 6 days ago) db: Use basestore.ScanStrings in repo store (~#15096~) :shipit:
• [x] (🏁 5 days ago) search: Create the "my" repo group (~#15093~) :shipit:
• [x] (🏁 5 days ago) search: Only show "my" repogroup if user has added repos (~#15143~) :shipit:
• [x] (🏁 4 days ago) (Spike) Investigate exactly how code host connection works (~#14853~) 1.00d 🕵️
• [x] (🏁 today) schema: Fix typo (~#15315~) :shipit:
• [x] (🏁 today) Cloud: Write RFC that clarifies cloud information architecture and implementation (~#14918~) 3.00d
• [x] (🏁 today) RFC 211 Tracking issue (~#14163~) 2.50d

@tsenart

Completed

• [x] (🏁 today) repo-updater: Faster counting of user added repos (~#15316~) :shipit:

@unknwon: 7.00d

• [ ] ~Pure-SQL authz approach~ (#11767) 1.50d 🎩🧶
• [ ] ~RFC 167: Not allowed to apply license with unknown plan~ (#14031)

Completed: 5.50d

• [x] (🏁 13 days ago) secret: remove abandoned secret key file on start (~#14895~; PRs: ~#14948~) 0.50d 🔒
• [x] (🏁 13 days ago) secret: only turn on encryption when the env var is explicitly specified (~#14898~; PRs: ~#14947~) 0.50d 🔒
• [x] (🏁 13 days ago) RFC 167: Enforce repository permissions (~#14025~; PRs: ~#14943~) 0.50d
• [x] (🏁 12 days ago) GitHub organization membership is not enforced when configured multiple auth providers (~#14204~; PRs: ~#14949~) 1.00d 🐛
• [x] (🏁 12 days ago) Investigate why our dogfood instance stops syncing perms from Bitbucket Server (~#14893~) 1.00d
• [x] (🏁 12 days ago) authz: add a test case to cover no updated user pending permissions (~#14761~; PRs: ~#14973~) 0.50d
• [x] (🏁 11 days ago) licensing: make product name recognize new plan tags (~#14946~) :shipit:
• [x] (🏁 8 days ago) authz: add TouchRepoPermissions API (~#14701~; PRs: ~#14972~) 0.50d
• [x] (🏁 8 days ago) RFC 167: Enforce branding (~#14028~; PRs: ~#14945~) 0.50d
• [x] (🏁 8 days ago) RFC 167: Enforce user limit (~#14611~) 0.50d

Legend

• 👩 Customer issue
• 🐛 Bug
• 🧶 Technical debt
• 🎩 Quality of life
• 🛠️ Roadmap
• 🕵️ Spike
• 🔒 Security issue
• :shipit: Pull Request

[github-actions[bot]]

Heads up @tsenart - the "team/cloud" label was applied to this issue.

[ryanslade]

Week ending 23rd October

• First half of the week was finishing off work from the previous cycle
• Second half was working together with @quinnkeast to understand how we're going to proceed with supporting private code and organisations on Cloud. Initially we'd like feedback on our overall "Information Architecture" ideas

Next week

• Assuming no major changes required to information architecture, work on a RFC going into the details of how we're going to implement it.

[unknwon]

Last week

Mainly Worked on RFC 167 items and finished prototyping pure-SQL authz.

This week

Pair with @eseliger to validate pure-SQL authz design with campaigns and finish RFC 167 with @flying-robot.

[asdine]

Last week

• First half of the week was finishing off work from the previous cycle
• Second half of the week, fixed SetClonedRepos behaviour with @tsenart
• Worked on turning the repos store to use basestore

This week

• Work on repo store and repo-updater store

[ryanslade]

Week ending 30th October

• RFC 255 is ready for review:
• Implemented the "my" repo group: https://github.com/sourcegraph/sourcegraph/pull/15093

Next week

• Respond to RFC feedback
• Start breaking out tasks for next cycle

[unknwon]

Last week

• Paired with @eseliger on pure-SQL authz.
• Paired with @flying-robot on various items of RFC 167.

This week

• Tidy up pure-SQL authz and RFC 167 PRs for review.
• Next cycle planning and kick off.

[asdine]

Last week

• Worked on moving repo-updater store logic to the shared Repo Store and replacing all code to use the new store.
• Was off thursday and friday

This week

• Keep working on repo-updater tech debt
• Review RFC 255

[artemruts]

Last week

• Onboarding + teams sync meetings + dev setup.

This week

• Wrap up #13745 and #14643
• Start working on #13999 @flying-robot
• Work with the team to plan for RFC 261 related work

[flying-robot]

Last Week

• (hopefully) fix an issue with empty repos: https://github.com/sourcegraph/sourcegraph/pull/14962
• RFC-167 tier support: https://github.com/sourcegraph/sourcegraph/issues/14030, https://github.com/sourcegraph/sourcegraph/issues/14024, https://github.com/sourcegraph/sourcegraph/issues/14029
• make debugging external services a bit easier: https://github.com/sourcegraph/sourcegraph/issues/14891

This Week

• draft RFC for authz webhooks: https://github.com/sourcegraph/sourcegraph/issues/14917
• draft RFC for 2FA: https://github.com/sourcegraph/sourcegraph/issues/436