├── .github └── ISSUE_TEMPLATE │ ├── artifactory_remote_repo.md │ ├── config.yml │ ├── github_remove_user_access_request.md │ ├── new_request_type.md │ ├── ocp4_restore_persistent_volume_request.md │ ├── sonarcloud_request.md │ └── vault_restore.md └── README.md /.github/ISSUE_TEMPLATE/artifactory_remote_repo.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Request for Remote Repo to be Added to Artifactory Project 3 | about: To create a remote Maven repository in your Artifactory Project. 4 | title: '' 5 | labels: artifactory-remote-repo 6 | assignees: caggles, ShellyXueHan 7 | 8 | --- 9 | 10 | ## Step 0 11 | This request is ONLY to add one or more Maven remote repositories to your team's Artifactory Project. This is only necessary if you have a local Maven repository in your Artifactory Project and must use both it and another remote repository as a source for your Maven artifacts. 12 | 13 | If you are looking to have a remote repository added to Artifactory so that you may use that repository exclusively (or in combination with the other remote repos), please contact the platform team on the #devops-artifactory channel on RocketChat. 14 | 15 | Please outline why your team requires this remote repository added to your Project as part of this step. **If no explanation is given, this ticket will not be actioned.** 16 | 17 | ## Step 1 18 | Make sure no duplicated request exists, search here: 19 | https://github.com/bcgov/devops-requests/issues 20 | 21 | ## Step 2 22 | Provide the name of your Artifactory Project: 23 | (this will be the name of the Openshift namespace in which you requested the ArtifactoryProject with the name of the ArtProj object, like `a1b2c3-tools-myproj`) 24 | 25 | ## Step 3 26 | Provide the following details about all the remote repos to be added: 27 | 28 | - **Repo name**: (this is the name the repo will have in Artifactory, please give it the form `[name]-maven-remote`) 29 | - **Repo URL**: (please ensure this is the URL from which the objects are pulled) 30 | - **Maven Layout**: (does this repo use maven layout version 1 or version 2?) 31 | 32 | Please ensure that your provide all three pieces of information for each of the repositories being requested. 33 | 34 | ## Step 4 35 | If any of the remote repos in question are private and require authentication, please provide your RocketChat username here so a member of the Platform Team can contact you to discuss a way to share the authenticaton information. 36 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/config.yml: -------------------------------------------------------------------------------- 1 | blank_issues_enabled: false 2 | contact_links: 3 | - name: Request user membership to the public bcgov GitHub org and access to create a public GitHub repo 4 | url: https://developer.gov.bc.ca/docs/default/component/bc-developer-guide/use-github-in-bcgov/bc-government-organizations-in-github/#directions-to-sign-up-and-link-your-account-for-bcgov 5 | about: You can now join the public bcgov GitHub org on your own. More info at the link! 6 | - name: Request user membership to the private bcgov-c GitHub org 7 | url: https://developer.gov.bc.ca/docs/default/component/bc-developer-guide/use-github-in-bcgov/bc-government-organizations-in-github/#directions-to-sign-up-and-link-your-account-for-bcgov-c 8 | about: You can now join the private bcgov-c GitHub org on your own. More info at the link! 9 | - name: Request for a private repository in the bcgov-c GitHub organization 10 | url: https://citz-do.atlassian.net/servicedesk/customer/portal/2/group/9/create/60 11 | about: Please submit a request using the link above to make your request for a private repository in the bcgov-c GitHub organization. 12 | - name: Reclaim a repository with no admin 13 | url: https://citz-do.atlassian.net/servicedesk/customer/portal/2/group/9/create/22 14 | about: If you require access to a GitHub repository that has no administrators in a BC gov-managed GitHub organization, please submit a request via the link above. 15 | - name: Request to have a GitHub Application added to a repository in a BC gov-managed GitHub organization 16 | url: https://citz-do.atlassian.net/servicedesk/customer/portal/2/group/9/create/10 17 | about: Please submit a request using the link above to request having a GitHub Application added to a repository within a BC gov-managed GitHub organization. 18 | - name: Request to transfer repo into bcgov-c 19 | url: https://citz-do.atlassian.net/servicedesk/customer/portal/2/group/9/create/294 20 | about: Please submit a request using the link above to request transferring a repository into the bcgov-c GitHub organization. 21 | - name: OCP4 Project Set Requests, Annotation Updates, and Quota Changes. 22 | url: https://registry.developer.gov.bc.ca 23 | about: All of these tasks are now performed in the Project Registry - make sure to update your bookmarks! 24 | - name: Request access to RocketChat 25 | url: https://developer.gov.bc.ca/docs/default/component/bc-developer-guide/rocketchat/steps-to-join-rocketchat/ 26 | about: Did you know that most employees and contractors don't need to an invite to join Rocketchat? You can log straight in! More info at the link! 27 | - name: Request for an Pathfinder SSO Client in a standard realm 28 | url: https://bcgov.github.io/sso-requests/ 29 | about: To create a set of Pathfinder SSO clients (in KeyCloak DEV, TEST, PROD). 30 | - name: Get support 31 | url: https://digital.gov.bc.ca/cloud/services/private/support/ 32 | about: View different support resources and channels. 33 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/github_remove_user_access_request.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Request to remove Openshift Access and or BCGOV GitHub Organization Membership 3 | about: To remove access for a team member to BCGOV GitHub repositories and Openshift. 4 | title: '' 5 | labels: github-membership, openshift-access 6 | assignees: MonicaG, oomIRL, SHIHO-I 7 | 8 | --- 9 | 10 | ## Removing Access 11 | 12 | If you are removing access please **provide responses to all the steps below**. All questions are mandatory. 13 | 14 | ### Step 1 15 | 16 | **Are you the Technical Lead?** 17 | If not, you need to ask your team's Technical Lead role to make this request on your behalf. 18 | This person must already be a member of the bcgov GitHub Organization in order for us to process this request. 19 | 20 | If you are a technical lead and you've come here to request access for yourself, please go ahead and create this ticket, and then 21 | email Developer.Experience@gov.bc.ca with a link to the ticket so the team can approve it. 22 | 23 | ### Step 2 24 | Fill out the following fields 25 | 26 | * Project Name: 27 | * Technical Lead Github ID: 28 | * GitHub Org: bcgov or bcgov-c 29 | * GitHub ID: @ 30 | * Reason for removal: 31 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/new_request_type.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: New Request Type 3 | about: Request a missing request type to be added to the devops-requests list of issue 4 | templates. 5 | title: '' 6 | labels: new-request-type 7 | assignees: MonicaG, oomIRL, SHIHO-I 8 | 9 | --- 10 | 11 | ## Step 1 12 | Make sure no duplicated request exists, search here: 13 | https://github.com/bcgov/devops-requests/issues 14 | 15 | Make sure you have read the [FAQ](https://github.com/bcgov/devops-requests/). 16 | 17 | 18 | ## Step 2 19 | Please answer the following questions about the new request type: 20 | 21 | 1. **What is it?** Please provide an overview of what the request should do. 22 | 2. **Why should this be a new request type?** A good rule of thumb: Does this involve something you don't have the permissions to do? If the answer yes, you're probably good to go ahead! 23 | 3. **What information is required to fulfill this request?** Do your best here - the Developer Experience team can help if you're not sure! 24 | 4. **What is the end result?** Please provide plenty of details about what the end result should look like. 25 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/ocp4_restore_persistent_volume_request.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Request to restore a backup Persistent Volume (PV) from OpenShift 3 | about: To have a netapp-file-backup type of Persistent Volume (PV) restored 4 | title: '' 5 | labels: '' 6 | assignees: StevenBarre, tbaker1313, wmhutchison 7 | 8 | --- 9 | 10 | ## Restore a backup Persistent Volume (PV) 11 | Please read through the documentation about [OCP4 Backup and Restore](https://developer.gov.bc.ca/docs/default/component/platform-developer-docs/docs/automation-and-resiliency/netapp-backup-restore/) before proceeding with this request! 12 | 13 | > Note that only the `netapp-file-backup` type of Persistent Volume can be restored from OpenShift. 14 | 15 | ### Step 1 16 | Fill out the following fields 17 | 18 | * Date: the date you need restored from 19 | * Cluster: Silver/Gold/GoldDR 20 | * Source PV: the source PV you need restored 21 | * Destination PV: the destination path 22 | 23 | > Note that the Source and destination can be the same PVC or separate. You can specify sub-folders instead of the whole volume. 24 | 25 | > Note: both PVC source and destination must be a netapp-file-backup PVC on the same cluster. 26 | 27 | > Note that we need the PV not the PVC name. ie: `pvc-` 28 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/sonarcloud_request.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Request for import GitHub repository on SonarCloud 3 | about: To import GitHub repository on SonarCloud. 4 | title: '' 5 | labels: sonarcloud-repo 6 | assignees: MonicaG, oomIRL, SHIHO-I 7 | 8 | --- 9 | 10 | ## Step 0 11 | **Is your repository on `bcgov` GitHub Organization?** 12 | We have installed SonarCloud on `bcgov` GitHub Organization for application teams to use. Only repositories inside the bcgov GitHub Organization are supported through this request. 13 | 14 | **Are you the admin user of the GitHub repositories?** 15 | The request requires a repository administrator to make the request. The requestor will be assigned as the SonarCloud repository admin. Requests from a non-admin user will be closed. 16 | 17 | ## Step 1 18 | Login to SonarCloud console with your GitHub account https://sonarcloud.io/organizations/bcgov-sonarcloud/projects. Double check at https://sonarcloud.io/account/organizations to make sure `bcgov` GitHub organization is the current org. For debugging, please check if you are a member of bcgov GitHub Organization. 19 | 20 | ***Note:*** Find out more details and instructions here: https://github.com/bcgov/sonarqube/tree/master#sonarcloud 21 | 22 | 23 | ## Step 2 24 | Fill out the following fields 25 | 26 | * Project Name: 27 | * GitHub repositories to add to SonarCloud: 28 | * New Code Definition: (Refer to [SonarCloud's documentation on the possible values for this field](https://docs.sonarcloud.io/improving/new-code-definition/)) 29 | 30 | 31 | 32 | ## Step 3 33 | To invite other team members onto sonarcloud, make sure the users have completed Step 1. The SonarCloud repository admin user could further assign roles. 34 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/vault_restore.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Request for selective recovery of Vault secrets 3 | about: To recover individual Vault secrets from a backup, as opposed to a full system restore 4 | title: '' 5 | labels: '' 6 | assignees: ShellyXueHan, caggles, IanKWatts, w8896699 7 | --- 8 | 9 | ## Recover secrets from Vault 10 | **Emergencies Only** 11 | 12 | In the case of an emergency, it is possible to recover individual secrets from a Vault backup. 13 | 14 | Did you know that **Vault secrets are version controlled**? Updates to Vault secrets involve the creation of a new version. Vault keeps up to ten versions, so if a secret has merely been changed, you can access the previous values by viewing the older version of the secret. 15 | 16 | You must already have access to Vault. Authentication to the temporary instance is the same as for the production instance. 17 | 18 | ### Checklist: 19 | * Are you sure that the values you need are not available in a previous version of the secret? 20 | * Is there no other way to recover the secret? 21 | * Is this an emergency? 22 | * Did the change happen less than a week ago? 23 | * Do you have access to the Vault role in question? 24 | 25 | ### Request recovery 26 | If you answered 'yes' to all of the questions in the checklist, then please provide the following information: 27 | 28 | * Date: The date and time to restore from 29 | * Project ID (License Plate): e.g. abc123 30 | * Explanation: Tell us what happened and why you think you need this 31 | 32 | 33 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | ## DevOps Requests 2 | 3 | We aim to empower teams to fulfill their own requirements and solve their own problems as much as possible! 4 | However, practically speaking, there are always going to be certain tasks that require elevated privileges to perform. 5 | That's where DevOps Requests comes in! Click on `Issues` above to get started! 6 | 7 | These tickets are templated and quite formal, because the vast majority of such requests are going to be a very normal part of 8 | our every-day work. Because of this, many of these permissions-related tasks have been automated. 9 | If you came here expecting to find a ticket to perform a certain task and that task is missing, that might be because the task 10 | has been automated by a tool! We've added links to those relevant tools as part of the list of templates where possible. 11 | 12 | If you cannot find a ticket or automated tool relevant to your needs, check the FAQ below. 13 | If that doesn't answer your question, head back over to the list of Issue Templates. There, you'll find a template called 14 | `New Request Type`. That is a ticket where you can request that we add a template for the type of request you're looking for. 15 | 16 | ## Request FAQs 17 | 18 | ### How do I get access to Artifactory? 19 | 20 | Every new project set comes with an automatically created Artifactory account, which you can use right away to access the caching repositories. 21 | Find out more about your account and how to use it on the [DevHub](https://developer.gov.bc.ca/Artifact-Repositories) 22 | 23 | 24 | --------------------------------------------------------------------------------