Info |
---|
These are playbooks for on-call tasks. Feel free to add more! |
...
Set the Account Name to the relevant Institution(2U/edx, OpenCraft, etc.)
The contributor's first and last name
The contributor's GitHub username (case sensitive - it should match what you see on their profile at
https://github.com/<username>
)Ideally, their email address
Locate the field Contributor Covered Under Entity and select it
Locate the Role field and add the
Entity Contributor
role to the user.
...
In Salesforce click the gear icon in the top right of the page and select setup.
From the right-hand menu select Administration > Users > Users
Click the “new user” link.
Add the users first name, last name, and canonical email, [first initial][last name]@axim.org, other required fields will be updated automatically
For the Role, User License, and Profile fields select: Axim Internal User, Salesforce, Standard User, or possibly System Administrator upon request.
Set user users “federation id” to be their canonical email address as above.
Save the record.
In Google Workspaces admin, https://admin.google.com, add the users to the “Salesforce Users Group.”
🎛️ Managing
...
AWS, Cloudflare, and Terraform
We manage our AWS account via Terraform at https://github.com/openedx/terraform-internal/ . At the moment, both AWS and Cloudflare access are required to plan & run that Terraform. If you need AWS access, follow these steps (on-call engineers: no action is required from you).How to give yourself AWS
Some of us at Axim have AWS & Cloudlare access, others don’t. If you’re on-call and need to run Terraform, reach out to the team chat, and either we will get you set up to run Terrarform, or run it for you. Feanil Patel is the most knowledgeable here; if unsure, ping him.
How to give yourself AWS access:
Make a terraform-internal PR. Here’s a template.
Have your manager give a thumbs-up on the PR to confirm that the access is warranted.Ping Feanil Patel to plan, run, & merge the PR.
📖 Add a Repository’s Docs to http://docs.openedx.org
...
In a python environment run,
pip install git+ssh://git@github.com/openedx/repo-tools.git
Export a github token into your environment that has
read:org
andrepo
access.Code Block export GITHBUGITHUB_TOKEN=ghp_....
Run the script:
audit_users
(no arguments needed). You should get an output of users that don’t have associated entries in our CLA database.You’ll need to investigate why they have access and either remove them from GitHub or add/update their records in salesforce.
...
Go to /wiki/spaces/~feanil/pages/3251372059 and add an entry for how to rotate the new secret.
Go to https://github.com/organizations/openedx/settings/secrets/actions
Add the new secret.
🐱 Managing the On-Call Slack integration
(This is defined as a webhook that posts a msg
payload to the #axim-engineering chat room, and could be added to other GitHub repos to post to our axim-engineering chatroom)
Webhook is defined in Slack - to view/manage:
Left sidebar, hover over More
Choose Automation
On-call Ticket Bot should be visible and editable to all eng team members
Defines a json payload with one key,
msg
, that the GH Action posts toHas a “web request URL”, https://hooks.slack.com/triggers/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, defined as
SLACK_WEBHOOK_URL
in our repo secrets
Integration code is here: https://github.com/openedx/axim-engineering/blob/main/.github/workflows/add-GHrequest-to-team-board.yml#L57-L67
For more: https://github.com/slackapi/slack-github-action?tab=readme-ov-file