Decomission the org-ops/ repository
#4
Comments
|
Looking through our docs, I don't see anything about So I think that the only things to do next here are to:
That's it. Does anybody think there's something else to do here? If not, I'll quickly do all of this so we can remove this extra bit of complexity from our repos :-) |
|
I think (I might be wrong about it) there is still a migration needed:
Pretty sure @yuvipanda and @sgibson91 can add more info 😉 |
|
I think there's a misunderstanding around the word state here. Our terraform code lives here: https://github.com/2i2c-org/pilot-hubs/tree/master/terraform When you run terraform code, it outputs a The reason this is important is because terraform usually outputs the state locally, but that's not helpful when a distributed team is interacting with the same infrastructure as code 😉 Does this make sense @choldgraf? |
|
I think the buckets for the Also, the terraform code that is in this repo is not in If the terraform code here moves to |
|
Thanks for this explanation, it helps a lot! I will try to incorporate this into PR in the pilot-hubs/ repo and perhaps you can set me straight there with whatever I get wrong, and we can use that as a step to close this issue. Is it correct, then, that the terraform in this repository is not relevant at all for our current infrastructure, because it primarily concerns itself with setting up new projects, and this is not something that we plan on doing? In that case, I feel like we should just:
|
I'm not sure. I think we need to define a few scenarios:
Are we saying we're explicitly no longer supporting scenario 2? |
|
Reflecting and reading the linked issue, I think you are right @choldgraf. I don't think anything needs to be migrated to pilot-hubs from here, instead we grant access manually as per the onboarding issue template. I think the backend or state is documented in the terraform docs you linked to as well, though I'm happy to review any clarifications you'd like to make. |
I think that is still a relevant question for this repo. Btw, looking at https://pilot-hubs.2i2c.org/en/latest/howto/operate/setup-new-project.html#client-organization-provides-billing-account, how do manage billing without this repo in that scenario? Do we do it manually somehow? |
It's certainly possible to do it non-programmatically https://cloud.google.com/billing/docs/how-to/modify-project I think the question is who needs what permissions on what resource to make the connection |
|
Thanks for this discussion - I'm definitely not saying we shouldn't support option 2...but I'm wondering if we can track this as an ongoing issue. I worry that the existence of this repository gives us false confidence that we have a solution here, even though we know that this repo isn't actually up-to-date with our practices. So my thinking would be:
I think we definitely do need a story for deploying into projects we create for other communities (I don't know how else we can cap the cloud spend for a specific community, or easily keep track of exactly what their costs are). I just think that's a longer-term question, and this issue makes me think it is dis-entangled from this repository which is outdated. Does that sound right? |
|
I got pulled into doing some more work for the Columbia sub-award, so I am going to remove this one from the Sprint and add the sub-award bit |
When doing #2 we realized that managing auth access via terraform is complex and often doesn't work, since cloud providers want access to be manually done. We should just archive this repo, and remove references to it from our documentation.
TODO:
The text was updated successfully, but these errors were encountered: