Internal Task Listing

[0x4007]

Objective

List private tasks for organization collaborators.

1. fork devpool-directory to be devpool-directory-private
2. modify the code of private to get all our private repositories.
3. check if the user is a member of the organization by querying the user profile details when they log in.
4. if they are a member, then display the private issues from devpool-directory-private

Original Spec

I want to start a brief discussion/brainstorm around how we should handle this scenario:

Due to a tremendous amount of non-disclosure agreements signed related to card issuance, the card issuance repository has been made private for core team only.

We have a new task which is of high priority (should be functional in time for fundraising in March) ubiquity/card-issuance#34

I think that the work.ubq.fi interface is the best for our team to find new tasks to work on, but it can only see public issues, as it loads all of them from the devpool-directory's issues.

work.ubq.fi/src/home/fetch-github/fetch-issues-preview.ts

Line 16 in 69ca27e

const freshIssues: GitHubIssue[] = await octokit.paginate("GET /repos/ubiquity/devpool-directory/issues", {

Perhaps the directory can load every issue, including private issues? I'm not sure if its a privacy concern because it exposes the issue title, but without the issue body! Seems like a suboptimal solution but it is the most direct solution.

The issue body in the devpool-directory (mirror) is only a link to the source issue (which requires the user to have permission to view) however from our work.ubq.fi UI, we can use the user's authentication to fetch the issue contents.

[0x4007]

rfc @ubiquity/software-development

[rndquu]

I think that the work.ubq.fi interface is the best for our team to find new tasks to work on, but it can only see public issues, as it loads all of them from the devpool-directory's issues.

The core team already sees all of the issues in github's private repos.

This issue seems to be mission critical so it makes sense to assign it to somebody from the core team hence it's ok to hide it from https://work.ubq.fi/. You've already stated that we need public issues as a sort of triage while high priority features should be implemented by the core team.

Overall I don't see any NDA violations here. If the API provider is worried about exposing its API docs or routes then here we could:

1. Remove all API provider mentions
2. Remove all URL to docs or routes
3. Make an issue description very general and provide details only on demand (like API docs, routes, etc...)

If we "generalize" issue descriptions at https://github.com/ubiquity/card-issuance we can simply make the whole repo public.

[0x4007]

The core team already sees all of the issues in github's private repos.

I don't believe that every individual on the team goes through the repositories manually to find new tasks. I do think there is a better chance to make it a habit to have the core team use the work.ubq.fi interface regularly when incentives are implemented and aligned correctly (particularly when compensation is handled entirely by the DevPool system vs base pay/salary.)

If we "generalize" issue descriptions at https://github.com/ubiquity/card-issuance we can simply make the whole repo public.

I agree but in practice I don't like the idea of tiptoeing around what we can and can not discuss. If its private we don't need to spend extra time or energy worrying about non-disclosure in the form of new tasks, code, documents, or conversation.

[molecula451]

it might take a bit but the integration sounds like a bit straightforward for anyone from the core team, btw I am no sure how the idea comes to hide/unhide tasks if we're planning to keep relevancy of the work on work.ubq.fi i still think critical tasks fits best in private over here

[0x4007]

i still think critical tasks fits best in private over here

You think its best to manually check the private repositories on GitHub for new, high priority tasks?

[molecula451]

perhaps a subdomain does it! core.work.ubq.fi

[0x4007]

Okay so you're suggesting an entirely new approach from the UI where the flow is:

1. Authenticate with GitHub (mandatory to proceed to next step)
2. Load the issues across all of our private repositories

This makes sense but unfortunately seems work intensive (it sort of makes the existing logic, and the existing devpool-directory issues redundant.)

[molecula451]

Crypto Top-Up Card + Ubiquity (Dollar) Staking Shares Enable + Github issues to be tackled in proportional + Super Pull request reviewing 🤑 let it come

[gitcoindev]

Or create a private devpool-directory-private-repositories / devpool-directory-restricted or a similar named GitHub repository which would collect tasks from private repositories and would be accessible only to the core team.

The internal devpool for private repositories could also be integrated with https://work.ubq.fi/ after login by adding a button 'Core team tasks for private repos'. Visible for core team only, would fetch issues from devpool-directory-private-repositories. But I would see this only as a nice to have feature.

[0x4007]

This approach is interesting because it's basically forking the "backend" which means it should be quick to set up!

ubiquity-internal-directory

On the UI we can probably make an extra network request based on if the logged in user is a collaborator on the organization.

I see how it can scale to other partners from the front end but not sure on the backend.

[kamaalsultan]

Is it core-team only issue? @pavlovcik

[0x4007]

It can be done by external contributors but it would be significantly more burdensome to set up. I do not recommend you take on this task.

You would need to set up all of the infrastructure, which includes 1. a new organization 2. fork the devpool directory for your organization 3. private repositories with mock issues and the correct labels to work with the devpool directory.

[kamaalsultan]

It can be done by external contributors but it would be significantly more burdensome to set up. I do not recommend you take on this task.

You would need to set up all of the infrastructure, which includes 1. a new organization 2. fork the devpool directory for your organization 3. private repositories with mock issues and the correct labels to work with the devpool directory.

Is it complicated?

[devpanther]

@pavlovcik since there is a sign-in with GitHub on work.ubq.fi, I think we can display ard issuance issues if the signed-in user has access to it.

is this up for the taking or has anything changed?

[0x4007]

@pavlovcik since there is a sign-in with GitHub on work.ubq.fi, I think we can display ard issuance issues if the signed-in user has access to it.

is this up for the taking or has anything changed?

If it is that simple then let's do it. I assumed we had to make custom accommodations beyond just authenticating one request?

[0x4007]

You can try your approach if that works but I'm skeptical

[devpanther]

You can try your approach if that works but I'm skeptical

It's going to work but more than 2 hours.. the bot is going to get the authenticated user PAT to fetch the private repos (if it does not fetch then they don't have access, I picture a checkForAccess type of function so it skips fetching if they don't have access

The only problem is we have to list the private repos somewhere because they aren't sent to one place like the devpool-directory

[rndquu]

Or create a private devpool-directory-private-repositories / devpool-directory-restricted or a similar named GitHub repository which would collect tasks from private repositories and would be accessible only to the core team.

The internal devpool for private repositories could also be integrated with https://work.ubq.fi/ after login by adding a button 'Core team tasks for private repos'. Visible for core team only, would fetch issues from devpool-directory-private-repositories. But I would see this only as a nice to have feature.

That's a good idea.

I assume https://work.ubq.fi/ works this way:

1. If user is not authorized then use some public PAT to fetch issues from https://github.com/ubiquity/devpool-directory
2. Otherwise use the user's github's PAT to fetch from https://github.com/ubiquity/devpool-directory

We could:

1. Fork https://github.com/ubiquity/devpool-directory into https://github.com/ubiquity/devpool-directory-private and set only private repos there
2. Update https://work.ubq.fi/ to fetch issues from https://github.com/ubiquity/devpool-directory and https://github.com/ubiquity/devpool-directory-private (if repo is available for the authorized user)

[0x4007]

Or create a private devpool-directory-private-repositories / devpool-directory-restricted or a similar named GitHub repository which would collect tasks from private repositories and would be accessible only to the core team.
The internal devpool for private repositories could also be integrated with https://work.ubq.fi/ after login by adding a button 'Core team tasks for private repos'. Visible for core team only, would fetch issues from devpool-directory-private-repositories. But I would see this only as a nice to have feature.

That's a good idea.

I assume https://work.ubq.fi/ works this way:

1. If user is not authorized then use some public PAT to fetch issues from https://github.com/ubiquity/devpool-directory
2. Otherwise use the user's github's PAT to fetch from https://github.com/ubiquity/devpool-directory

We could:

1. Fork https://github.com/ubiquity/devpool-directory into https://github.com/ubiquity/devpool-directory-private and set only private repos there
2. Update https://work.ubq.fi/ to fetch issues from https://github.com/ubiquity/devpool-directory and https://github.com/ubiquity/devpool-directory-private (if repo is available for the authorized user)

My concern with this idea is that this approach doesn't work for partner organizations. Perhaps its a premature objective but it would have been preferred to find a solution that we can implement once and can add value for everyone.

I assume https://work.ubq.fi/ works this way:

GitHub allows for 60 public requests per IP address per minute. The UI is adaptive and makes use of this limitation by making requests only to the essential "preview" information from the client. With increased limits, it will go on and fetch all the issue details etc.

[devpanther]

This is obviously not true

@pavlovcik this setup worked.. i think the previous implementation already pulled in those repo and it cannot delete them so it just closes them

[devpanther]

Or can it delete them?

The issues its showing right now are private issues only: https://github.com/ubiquity/devpool-directory-private/issues

This task is closed (for example) because its not part of the privates and it could not delete it: https://github.com/ubiquity/devpool-directory-private/issues/52

[devpanther]

@pavlovcik can you confirm this

[rndquu]

@devpanther I think you can set the out array to be empty since it doesn't have any effect with the current in setup

[devpanther]

@devpanther I think you can set the out array to be empty since it doesn't have any effect with the current in setup

Yes

[devpanther]

I emptied it

[devpanther]

I think https://work.ubq.fi/ shows private now, or is there anything else?

[rndquu]

I think https://work.ubq.fi/ shows private now, or is there anything else?

I can see private issues at https://work.ubq.fi/, works as expected

[0x4007]

[ 1524.3 WXDAI ]

@devpanther

[rndquu]

Reopening this one because https://github.com/ubiquity/devpool-directory-private can't fetch the latest code from https://github.com/ubiquity/devpool-directory

Possible solutions:

• https://gist.github.com/0xjac/85097472043b697ab57ba1b1c7530274
• https://docs.github.com/en/repositories/creating-and-managing-repositories/duplicating-a-repository#mirroring-a-repository-in-another-location

@devpanther pls fix

[devpanther]

Mirroring the repo wasn't part of the original spec, we tried to fork and it failed..

Could've implemented a quick fix without reopening this

[rndquu]

Could've implemented a quick fix without reopening this

It would be really appreciated

[devpanther]

@rndquu it is done

[devpanther]

They can fetch upstream now on private

[rndquu]

They can fetch upstream now on private

I don't understand, what exactly did you do?

[devpanther]

They can fetch upstream now on private

I don't understand, what exactly did you do?

I followed the steps in the link you sent, what else?

It works by adding an upstream so once the main repo is updated, someone needs to pull in the upstream using CMD

[rndquu]

It works by adding an upstream so once the main repo is updated, someone needs to pull in the upstream using CMD

Can't we do it with github UI ?

[0x4007]

It works by adding an upstream so once the main repo is updated, someone needs to pull in the upstream using CMD

Can't we do it with github UI ?

Because this is a private repo we couldn't officially fork the public repo so there isn't a sync button in the GitHub UI

[rndquu]

It works by adding an upstream so once the main repo is updated, someone needs to pull in the upstream using CMD

Can't we do it with github UI ?

Because this is a private repo we couldn't officially fork the public repo so there isn't a sync button in the GitHub UI

But we could:

1. Setup CI to sync files from ubiquity/devpool-directory#development to ubiquity/devpool-directory-private#upstream
2. Apply all necessary changes to ubiquity/devpool-directory-private#development (like updating opt.json)
3. From time to time merge ubiquity/devpool-directory-private#upstream to ubiquity/devpool-directory-private#development via Github UI

[ubiquibot]

+ Evaluating results. Please wait...

[ubiquibot]

[ 280.8 WXDAI ]

@0x4007

Contributions Overview

View	Contribution	Count	Reward
Issue	Specification	1	61.8
Issue	Comment	23	167.2
Review	Comment	11	51.8

Conversation Incentives

Comment	Formatting	Relevance	Reward
### Objective List private tasks for organization collaborato...	61.8 h3: count: 2 score: "2" words: 3 a: count: 1 score: "1" words: 4 li: count: 4 score: "4" words: 53	1	61.8
rfc @ubiquity/software-development ...	0.8	-	0.8
> The core team already sees all of the issues in github's priva...	22.6	-	22.6
> i still think critical tasks fits best in private over here ...	3.4	-	3.4
Okay so you're suggesting an entirely new approach from the UI w...	14.2 a: count: 1 score: "1" words: 3 li: count: 2 score: "2" words: 18	-	14.2
This approach is interesting because it's basically forking the ...	14.2 code: count: 1 score: "1" words: 3	-	14.2
It can be done by external contributors but it would be signific...	13.2	-	13.2
> @pavlovcik since there is a sign-in with GitHub on work.ubq.fi...	4.6	-	4.6
You can try your approach if that works but I'm skeptical ...	2.4	-	2.4
> > Or create a private `devpool-directory-private-repositories`...	23.6 li: count: 4 score: "4" words: 89 code: count: 2 score: "2" words: 7	-	23.6
Updated the spec @devpanther will need to add you to the org so ...	4.2	-	4.2
Just follow the spec and don't worry about accommodating other o...	5	-	5
You can make a new repo and push the code to make your own copy...	3	-	3
You don't need Twitter keys for this feature just do a workaroun...	4.6	-	4.6
> > You don't need Twitter keys for this feature just do a worka...	10.6	-	10.6
I already added @devpanther to the team for this project...	2	-	2
> @pavlovcik is a tag showing `private` on the card and a toggle...	7.8 code: count: 1 score: "1" words: 1	-	7.8
@devpanther the behavior of [opt.json](https://github.com/ubiqui...	8.4 a: count: 2 score: "2" words: 4	-	8.4
I spent some time configuring this but unfortunately it doesn't ...	3	-	3
Let's do all the private repos ...	1.4	-	1.4
> > @devpanther the behavior of [opt.json](https://github.com/ub...	5.8 a: count: 2 score: "2" words: 4 code: count: 1 score: "1" words: 1	-	5.8
> just 3 private repos: https://github.com/ubiquity/devpool-dire...	3.2	-	3.2
> > It works by adding an upstream so once the main repo is upda...	5	-	5
I added it to devpool-directory-private ...	1.4	-	1.4
Before addressing the tag comment make sure it displays the issu...	2.4	-	2.4
I think just display the issues without a switch or anything for...	2.6	-	2.6
> Mine on the same code: https://github.com/devpanther/devpool-...	1.8	-	1.8
> @pavlovcik its ready for test, I tried to log in on the test U...	8.8	-	8.8
I just cleared the cache and it doesn't work....	2	-	2
> Can you install the github application used for login to the `...	10.8 code: count: 2 score: "4" words: 6	-	10.8
https://fce6fc9c.devpool-directory-ui.pages.dev/#access_token=ey...	5	-	5
That's an oauth app. That inherits user permissions and has noth...	4	-	4
Please help me resolve this @rndquu I keep going back to GitHu...	5	-	5

[ 11.9 WXDAI ]

@molecula451

Contributions Overview

View	Contribution	Count	Reward
Issue	Comment	5	11.9

Conversation Incentives

Comment	Formatting	Relevance	Reward
it might take a bit but the integration sounds like a bit straig...	5.7	-	5.7
perhaps a subdomain does it! core.work.ubq.fi...	0.9	-	0.9
Crypto Top-Up Card + Ubiquity (Dollar) Staking Shares Enable + G...	2.3	-	2.3
i think it's getting this limitation then the task should be mov...	2.3	-	2.3
> > i think it's getting this limitation then the task should be...	0.7	-	0.7

[ 210.45 WXDAI ]

@devpanther

Contributions Overview

View	Contribution	Count	Reward
Issue	Comment	30	81.6
Review	Comment	34	128.85

Conversation Incentives

Comment	Formatting	Relevance	Reward
@pavlovcik since there is a sign-in with GitHub on work.ubq.fi, ...	4	-	4
> You can try your approach if that works but I'm skeptical I...	8.2 code: count: 2 score: "0.5" words: 3	-	8.2
> My concern with this idea is that this approach doesn't work f...	7.35 code: count: 1 score: "0.25" words: 8	-	7.35
I don't know how well this would work...	0.9	-	0.9
I forked the repository but i don't think forked repos can be ma...	1.6	-	1.6
> You can make a new repo and push the code to make your own cop...	3.1	-	3.1
Can you help me delete [this](https://github.com/ubiquity/devpoo...	0.85 a: count: 1 score: "0.25" words: 1	-	0.85
I'd also need the secrets here: https://github.com/ubiquity/devp...	3.9	-	3.9
> You don't need Twitter keys for this feature just do a workaro...	1.8	-	1.8
> > > You don't need Twitter keys for this feature just do a wor...	5.5	-	5.5
> i think it's getting this limitation then the task should be m...	2.5	-	2.5
@pavlovcik is a tag showing `private` on the card and a toggle t...	2.05 code: count: 1 score: "0.25" words: 1	-	2.05
> > @pavlovcik is a tag showing `private` on the card and a togg...	1.05 code: count: 1 score: "0.25" words: 1	-	1.05
> @devpanther the behavior of [opt.json](https://github.com/ubiq...	4.05 a: count: 2 score: "0.5" words: 4 code: count: 1 score: "0.25" words: 1	-	4.05
@pavlovcik with the new opt.json config, it now shows the public...	3.65 code: count: 1 score: "0.25" words: 1	-	3.65
I would go set it up again, just let me know the repos you want ...	2	-	2
	-	4.85
@pavlovcik It should be set now.. i refactored [`fetchAndMergeOp...	2.4 a: count: 1 score: "0.25" words: 3 code: count: 1 score: "0.25" words: 1	-	2.4
just 3 private repos: https://github.com/ubiquity/devpool-direct...	1.5	-	1.5
> This is obviously not true @pavlovcik this setup worked.. i...	2.4	-	2.4
Or can it delete them? The issues its showing right now are p...	5.1	-	5.1
@pavlovcik can you confirm this...	0.5	-	0.5
> @devpanther I think you can set the [out array](https://github...	0.85 a: count: 2 score: "0.5" words: 3 code: count: 1 score: "0.25" words: 1	-	0.85
I emptied it...	0.3	-	0.3
I think https://work.ubq.fi/ shows private now, or is there anyt...	1.4	-	1.4
Mirroring the repo wasn't part of the original spec, we tried to...	2.6	-	2.6
@rndquu it is done...	0.4	-	0.4
They can fetch upstream now on private...	0.7	-	0.7
> > They can fetch upstream now on private > > I don't understa...	3.3	-	3.3
> Before addressing the tag comment make sure it displays the is...	4.5	-	4.5
Once that's done, it'd begin to fetch the private repos...	1.2	-	1.2
Oops, this commit also contains the toggle in progress. and I do...	2.3	-	2.3
> I think just display the issues without a switch or anything f...	2.9	-	2.9
The ubiquity private devpool isn't working yet because of the se...	2.9	-	2.9
@pavlovcik can we move the secrets to `devpool-private` repo so ...	2.65 code: count: 1 score: "0.25" words: 2	-	2.65
For the TWITTER secrets, I'd use placeholders.. I cannot use min...	2.6	-	2.6
https://stackoverflow.com/questions/63567888/using-secrets-in-gi...	6.6	-	6.6
![Screenshot 2024-03-05 at 6 51 37 PM](https://github.com/ubiqui...	1.2	-	1.2
@pavlovcik its ready for test, I tried to log in on the test URL...	2.7	-	2.7
> It doesn't work. You need to intercept the auth hash in the UR...	2.7	-	2.7
> I just cleared the cache and it doesn't work. Its the local...	1.95 code: count: 1 score: "0.25" words: 1	-	1.95
Can you install the github application used for login to the `de...	5.3 code: count: 2 score: "0.5" words: 6	-	5.3
> Yes its the only repo i authorized as soon as you made the req...	5.2	-	5.2
@pavlovcik It should clear the cache now when there is a new log...	4.7	-	4.7
> > Yes its the only repo i authorized as soon as you made the r...	6.05 code: count: 1 score: "0.25" words: 3	-	6.05
> That's an oauth app. That inherits user permissions and has no...	4.8	-	4.8
Maybe i'm getting it wrong, i'd create a new app and try to set ...	4.2	-	4.2
	11.05 code: count: 1 score: "0.25" words: 3	-	11.05
	3.7	-	3.7
> > Please help me resolve this @rndquu > > I keep going back t...	0.7	-	0.7
> Correct? We have somethings that needs to be done so we can...	3.35 code: count: 1 score: "0.25" words: 3	-	3.35
And then the bot needs to be given the permissions i listed abov...	4.6	-	4.6
> @devpanther How can I QA this PR? > > 1. Run work.ubq.fi fr...	2.15 li: count: 3 score: "0.75" words: 32	-	2.15
![Screenshot 2024-03-06 at 1 59 15 PM](https://github.com/ubiqui...	2.8	-	2.8
> You sure that OAuth apps can be added directly to repositories...	5.7	-	5.7
@rndquu If it's going to be too tasking. I can create the bot, r...	4.4	-	4.4
> I guess we should check that authenticated user is either a co...	7.05 code: count: 1 score: "0.25" words: 1	-	7.05
> if you are authenticated via github and your PAT has access fo...	4.4	-	4.4
I'v tried to create an OAuth app too and trust me, it doesn't wo...	1.6	-	1.6
	6.2	-	6.2
It should work now, you'd have to send a request with the OAuth ...	3.2	-	3.2
Btw, I see there is a PR to remove this Cypress run failing.. wh...	2.5	-	2.5
@pavlovcik I think this is done, except the failing test...	1	-	1

[ 10.5 WXDAI ]

@gitcoindev

Contributions Overview

View	Contribution	Count	Reward
Issue	Comment	1	10.5

Conversation Incentives

Comment	Formatting	Relevance	Reward
Or create a private `devpool-directory-private-repositories` / `...	10.5 code: count: 2 score: "2" words: 7	-	10.5

[ 1 WXDAI ]

@kamaalsultan

Contributions Overview

View	Contribution	Count	Reward
Issue	Comment	2	1

Conversation Incentives

Comment	Formatting	Relevance	Reward
Is it core-team only issue? @pavlovcik ...	0.7	-	0.7
> It can be done by external contributors but it would be signif...	0.3	-	0.3

[ 94.9 WXDAI ]

@rndquu

Contributions Overview

View	Contribution	Count	Reward
Issue	Comment	10	69.8
Review	Comment	5	25.1

Conversation Incentives

Comment	Formatting	Relevance	Reward
> I think that the work.ubq.fi interface is the best for our tea...	21.6 a: count: 4 score: "4" words: 7 li: count: 3 score: "3" words: 29	-	21.6
> Or create a private `devpool-directory-private-repositories` /...	16.5 li: count: 4 score: "4" words: 89 code: count: 2 score: "2" words: 7	-	16.5
@devpanther Can you make it work with your own test organization...	1.2	-	1.2
@devpanther I think you can set the [out array](https://github.c...	5.4 a: count: 2 score: "2" words: 3 code: count: 1 score: "1" words: 1	-	5.4
> I think https://work.ubq.fi/ shows private now, or is there an...	1.3	-	1.3
Reopening this one because https://github.com/ubiquity/devpool-d...	7.4 li: count: 2 score: "2" words: 25	-	7.4
> Could've implemented a quick fix without reopening this It ...	0.5	-	0.5
> They can fetch upstream now on private I don't understand, ...	0.9	-	0.9
> It works by adding an upstream so once the main repo is update...	0.8	-	0.8
> > > It works by adding an upstream so once the main repo is up...	14.2 li: count: 3 score: "3" words: 61 code: count: 6 score: "6" words: 26	-	14.2
> Please help me resolve this @rndquu > > I keep going back t...	0.6	-	0.6
@devpanther How can I QA this PR? Run work.ubq.fi from th...	7 li: count: 3 score: "3" words: 32	-	7
@devpanther The 0Auth Bot used for signin on work.ubq.fi n...	4.8	-	4.8
@devpanther I don't understand why we need to add additional...	11.1	-	11.1
> I'v tried to create an OAuth app too and trust me, it doesn't ...	1.6	-	1.6