From bbb4f1106782f89c099cfed52258f0c004f2d74f Mon Sep 17 00:00:00 2001 From: James Cotter Date: Thu, 4 Apr 2024 14:44:42 +0100 Subject: [PATCH] msp: rollout --- .../managed-services/build-tracker.md | 38 ++-- .../engineering/managed-services/cloud-ops.md | 25 +-- .../managed-services/cloud-relay.md | 21 +-- .../managed-services/cody-analytics.md | 34 ++-- .../engineering/managed-services/entitler.md | 21 +-- .../managed-services/gatekeeper.md | 21 +-- .../engineering/managed-services/index.md | 4 +- .../managed-services/msp-testbed.md | 71 ++++---- .../engineering/managed-services/pings.md | 21 +-- .../managed-services/releaseregistry.md | 42 ++--- .../engineering/managed-services/sams.md | 58 +++--- .../managed-services/sourcegraph-accounts.md | 118 ++++++++---- .../managed-services/support-integration.md | 21 +-- .../managed-services/telemetry-gateway.md | 47 ++--- .../managed-services/platform.md | 1 + .../core-services/managed-services/rollout.md | 170 ++++++++++++++++++ 16 files changed, 477 insertions(+), 236 deletions(-) create mode 100644 content/departments/engineering/teams/core-services/managed-services/rollout.md diff --git a/content/departments/engineering/managed-services/build-tracker.md b/content/departments/engineering/managed-services/build-tracker.md index c7a517b70730..ebca18af1871 100644 --- a/content/departments/engineering/managed-services/build-tracker.md +++ b/content/departments/engineering/managed-services/build-tracker.md @@ -3,8 +3,8 @@ This document describes operational guidance for Build Tracker infrastructure. @@ -17,23 +17,25 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] ## Service overview -| PROPERTY | DETAILS | -| ------------ | ------------------------------------------------------------------------------------------------------------------------------------ | -| Service ID | `build-tracker` ([specification](https://github.com/sourcegraph/managed-services/blob/main/services/build-tracker/service.yaml)) | -| Owners | **dev-experience** | -| Service kind | Cloud Run service | -| Environments | [prod](#prod) | -| Docker image | `us.gcr.io/sourcegraph-dev/build-tracker` | -| Source code | [`github.com/sourcegraph/sourcegraph` - `dev/build-tracker`](https://github.com/sourcegraph/sourcegraph/tree/HEAD/dev/build-tracker) | +| PROPERTY | DETAILS | +|------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| Service ID | `build-tracker` ([specification](https://github.com/sourcegraph/managed-services/blob/main/services/build-tracker/service.yaml)) | +| Owners | **dev-experience** | +| Service kind | Cloud Run service | +| Environments | [prod](#prod) | +| Docker image | `us.gcr.io/sourcegraph-dev/build-tracker` | +| Source code | [`github.com/sourcegraph/sourcegraph` - `dev/build-tracker`](https://github.com/sourcegraph/sourcegraph/tree/HEAD/dev/build-tracker) | +| Rollout Pipeline | [build-tracker-us-central1-rollout](https://console.cloud.google.com/deploy/delivery-pipelines/us-central1/build-tracker-us-central1-rollout?project=build-tracker-prod-59bf) | ## Environments ### prod -| PROPERTY | DETAILS | -| ------------------- | ------------------------------------------------------------------------------------------------------ | +| PROPERTY | DETAILS | +|---------------------|--------------------------------------------------------------------------------------------------------| | Project ID | [`build-tracker-prod-59bf`](https://console.cloud.google.com/run?project=build-tracker-prod-59bf) | | Category | **test** | +| Deployment Type | rollout | | Resources | [prod Redis](#prod-redis) | | Slack notifications | [#alerts-build-tracker-prod](https://sourcegraph.slack.com/archives/alerts-build-tracker-prod) | | Alerts | [GCP monitoring](https://console.cloud.google.com/monitoring/alerting?project=build-tracker-prod-59bf) | @@ -43,8 +45,8 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] MSP infrastructure access needs to be requested using Entitle for time-bound privileges. Test environments may have less stringent requirements. -| ACCESS | ENTITLE REQUEST TEMPLATE | -| ------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| ACCESS | ENTITLE REQUEST TEMPLATE | +|--------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | GCP project read access | [Read-only Entitle request for the 'Engineering Projects' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjIxNjAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiZGY3NWJkNWMtYmUxOC00MjhmLWEzNjYtYzlhYTU1MGIwODIzIiwidGhyb3VnaCI6ImRmNzViZDVjLWJlMTgtNDI4Zi1hMzY2LWM5YWE1NTBiMDgyMyIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | | GCP project write access | [Write access Entitle request for the 'Engineering Projects' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjIxNjAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiYzJkMTUwOGEtMGQ0ZS00MjA1LWFiZWUtOGY1ODg1ZGY3ZDE4IiwidGhyb3VnaCI6ImMyZDE1MDhhLTBkNGUtNDIwNS1hYmVlLThmNTg4NWRmN2QxOCIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | @@ -54,8 +56,8 @@ For Terraform Cloud access, see [prod Terraform Cloud](#prod-terraform-cloud). The Build Tracker prod service implementation is deployed on [Google Cloud Run](https://cloud.google.com/run). -| PROPERTY | DETAILS | -| -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| PROPERTY | DETAILS | +|----------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | Console | [Cloud Run service](https://console.cloud.google.com/run?project=build-tracker-prod-59bf) | | Service logs | [GCP logging](https://console.cloud.google.com/logs/query;query=resource.type%20%3D%20%22cloud_run_revision%22%20-logName%3D~%22logs%2Frun.googleapis.com%252Frequests%22;summaryFields=jsonPayload%252FInstrumentationScope,jsonPayload%252FBody,jsonPayload%252FAttributes%252Ferror:false:32:end?project=build-tracker-prod-59bf) | | Service traces | [Cloud Trace](https://console.cloud.google.com/traces/list?project=build-tracker-prod-59bf) | @@ -69,8 +71,8 @@ sg msp logs build-tracker prod #### prod Redis -| PROPERTY | DETAILS | -| -------- | --------------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|----------|-----------------------------------------------------------------------------------------------------------------------------| | Console | [Memorystore Redis instances](https://console.cloud.google.com/memorystore/redis/instances?project=build-tracker-prod-59bf) | #### prod Terraform Cloud diff --git a/content/departments/engineering/managed-services/cloud-ops.md b/content/departments/engineering/managed-services/cloud-ops.md index bc3bb7f5fb58..d4e8f3c32c07 100644 --- a/content/departments/engineering/managed-services/cloud-ops.md +++ b/content/departments/engineering/managed-services/cloud-ops.md @@ -3,8 +3,8 @@ This document describes operational guidance for Cloud Ops Dashboard infrastructure. @@ -17,8 +17,8 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] ## Service overview -| PROPERTY | DETAILS | -| ------------ | -------------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|--------------|----------------------------------------------------------------------------------------------------------------------------| | Service ID | `cloud-ops` ([specification](https://github.com/sourcegraph/managed-services/blob/main/services/cloud-ops/service.yaml)) | | Owners | **cloud** | | Service kind | Cloud Run service | @@ -30,10 +30,11 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] ### prod -| PROPERTY | DETAILS | -| ------------------- | -------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|---------------------|----------------------------------------------------------------------------------------------------| | Project ID | [`cloud-ops-prod-dd32`](https://console.cloud.google.com/run?project=cloud-ops-prod-dd32) | | Category | **internal** | +| Deployment Type | subscription | | Resources | [prod Redis](#prod-redis) | | Slack notifications | [#alerts-cloud-ops-prod](https://sourcegraph.slack.com/archives/alerts-cloud-ops-prod) | | Alerts | [GCP monitoring](https://console.cloud.google.com/monitoring/alerting?project=cloud-ops-prod-dd32) | @@ -43,8 +44,8 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] MSP infrastructure access needs to be requested using Entitle for time-bound privileges. -| ACCESS | ENTITLE REQUEST TEMPLATE | -| ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| ACCESS | ENTITLE REQUEST TEMPLATE | +|--------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | GCP project read access | [Read-only Entitle request for the 'Internal Services' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjEwODAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiNzg0M2MxYWYtYzU2MS00ZDMyLWE3ZTAtYjZkNjY0NDM4MzAzIiwidGhyb3VnaCI6Ijc4NDNjMWFmLWM1NjEtNGQzMi1hN2UwLWI2ZDY2NDQzODMwMyIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | | GCP project write access | [Write access Entitle request for the 'Internal Services' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjEwODAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiZTEyYTJkZDktYzY1ZC00YzM0LTlmNDgtMzYzNTNkZmY0MDkyIiwidGhyb3VnaCI6ImUxMmEyZGQ5LWM2NWQtNGMzNC05ZjQ4LTM2MzUzZGZmNDA5MiIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | @@ -54,8 +55,8 @@ For Terraform Cloud access, see [prod Terraform Cloud](#prod-terraform-cloud). The Cloud Ops Dashboard prod service implementation is deployed on [Google Cloud Run](https://cloud.google.com/run). -| PROPERTY | DETAILS | -| -------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|----------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | Console | [Cloud Run service](https://console.cloud.google.com/run?project=cloud-ops-prod-dd32) | | Service logs | [GCP logging](https://console.cloud.google.com/logs/query;query=resource.type%20%3D%20%22cloud_run_revision%22%20-logName%3D~%22logs%2Frun.googleapis.com%252Frequests%22;summaryFields=jsonPayload%252FInstrumentationScope,jsonPayload%252FBody,jsonPayload%252FAttributes%252Ferror:false:32:end?project=cloud-ops-prod-dd32) | | Service traces | [Cloud Trace](https://console.cloud.google.com/traces/list?project=cloud-ops-prod-dd32) | @@ -69,8 +70,8 @@ sg msp logs cloud-ops prod #### prod Redis -| PROPERTY | DETAILS | -| -------- | ----------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|----------|-------------------------------------------------------------------------------------------------------------------------| | Console | [Memorystore Redis instances](https://console.cloud.google.com/memorystore/redis/instances?project=cloud-ops-prod-dd32) | #### prod Terraform Cloud diff --git a/content/departments/engineering/managed-services/cloud-relay.md b/content/departments/engineering/managed-services/cloud-relay.md index 8e187276c51d..8653e3caa7f6 100644 --- a/content/departments/engineering/managed-services/cloud-relay.md +++ b/content/departments/engineering/managed-services/cloud-relay.md @@ -3,8 +3,8 @@ This document describes operational guidance for Cloud Relay infrastructure. @@ -17,8 +17,8 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] ## Service overview -| PROPERTY | DETAILS | -| ------------ | ---------------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|--------------|------------------------------------------------------------------------------------------------------------------------------| | Service ID | `cloud-relay` ([specification](https://github.com/sourcegraph/managed-services/blob/main/services/cloud-relay/service.yaml)) | | Owners | **cloud** | | Service kind | Cloud Run service | @@ -30,10 +30,11 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] ### prod -| PROPERTY | DETAILS | -| ------------------- | ---------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|---------------------|------------------------------------------------------------------------------------------------------| | Project ID | [`cloud-relay-prod-bd4c`](https://console.cloud.google.com/run?project=cloud-relay-prod-bd4c) | | Category | **internal** | +| Deployment Type | manual | | Resources | | | Slack notifications | [#alerts-cloud-relay-prod](https://sourcegraph.slack.com/archives/alerts-cloud-relay-prod) | | Alerts | [GCP monitoring](https://console.cloud.google.com/monitoring/alerting?project=cloud-relay-prod-bd4c) | @@ -43,8 +44,8 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] MSP infrastructure access needs to be requested using Entitle for time-bound privileges. -| ACCESS | ENTITLE REQUEST TEMPLATE | -| ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| ACCESS | ENTITLE REQUEST TEMPLATE | +|--------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | GCP project read access | [Read-only Entitle request for the 'Internal Services' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjEwODAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiNzg0M2MxYWYtYzU2MS00ZDMyLWE3ZTAtYjZkNjY0NDM4MzAzIiwidGhyb3VnaCI6Ijc4NDNjMWFmLWM1NjEtNGQzMi1hN2UwLWI2ZDY2NDQzODMwMyIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | | GCP project write access | [Write access Entitle request for the 'Internal Services' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjEwODAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiZTEyYTJkZDktYzY1ZC00YzM0LTlmNDgtMzYzNTNkZmY0MDkyIiwidGhyb3VnaCI6ImUxMmEyZGQ5LWM2NWQtNGMzNC05ZjQ4LTM2MzUzZGZmNDA5MiIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | @@ -54,8 +55,8 @@ For Terraform Cloud access, see [prod Terraform Cloud](#prod-terraform-cloud). The Cloud Relay prod service implementation is deployed on [Google Cloud Run](https://cloud.google.com/run). -| PROPERTY | DETAILS | -| -------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|----------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | Console | [Cloud Run service](https://console.cloud.google.com/run?project=cloud-relay-prod-bd4c) | | Service logs | [GCP logging](https://console.cloud.google.com/logs/query;query=resource.type%20%3D%20%22cloud_run_revision%22%20-logName%3D~%22logs%2Frun.googleapis.com%252Frequests%22;summaryFields=jsonPayload%252FInstrumentationScope,jsonPayload%252FBody,jsonPayload%252FAttributes%252Ferror:false:32:end?project=cloud-relay-prod-bd4c) | | Service traces | [Cloud Trace](https://console.cloud.google.com/traces/list?project=cloud-relay-prod-bd4c) | diff --git a/content/departments/engineering/managed-services/cody-analytics.md b/content/departments/engineering/managed-services/cody-analytics.md index 8443014797c7..a380a8c7ffe7 100644 --- a/content/departments/engineering/managed-services/cody-analytics.md +++ b/content/departments/engineering/managed-services/cody-analytics.md @@ -3,8 +3,8 @@ This document describes operational guidance for Cody Analytics infrastructure. @@ -17,8 +17,8 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] ## Service overview -| PROPERTY | DETAILS | -| ------------ | ---------------------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|--------------|------------------------------------------------------------------------------------------------------------------------------------| | Service ID | `cody-analytics` ([specification](https://github.com/sourcegraph/managed-services/blob/main/services/cody-analytics/service.yaml)) | | Owners | **cody-strat** | | Service kind | Cloud Run service | @@ -30,10 +30,11 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] ### dev -| PROPERTY | DETAILS | -| ------------------- | ------------------------------------------------------------------------------------------------------ | +| PROPERTY | DETAILS | +|---------------------|--------------------------------------------------------------------------------------------------------| | Project ID | [`cody-analytics-dev-bd34`](https://console.cloud.google.com/run?project=cody-analytics-dev-bd34) | | Category | **test** | +| Deployment Type | manual | | Resources | | | Slack notifications | [#alerts-cody-analytics-dev](https://sourcegraph.slack.com/archives/alerts-cody-analytics-dev) | | Alerts | [GCP monitoring](https://console.cloud.google.com/monitoring/alerting?project=cody-analytics-dev-bd34) | @@ -43,8 +44,8 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] MSP infrastructure access needs to be requested using Entitle for time-bound privileges. Test environments may have less stringent requirements. -| ACCESS | ENTITLE REQUEST TEMPLATE | -| ------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| ACCESS | ENTITLE REQUEST TEMPLATE | +|--------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | GCP project read access | [Read-only Entitle request for the 'Engineering Projects' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjIxNjAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiZGY3NWJkNWMtYmUxOC00MjhmLWEzNjYtYzlhYTU1MGIwODIzIiwidGhyb3VnaCI6ImRmNzViZDVjLWJlMTgtNDI4Zi1hMzY2LWM5YWE1NTBiMDgyMyIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | | GCP project write access | [Write access Entitle request for the 'Engineering Projects' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjIxNjAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiYzJkMTUwOGEtMGQ0ZS00MjA1LWFiZWUtOGY1ODg1ZGY3ZDE4IiwidGhyb3VnaCI6ImMyZDE1MDhhLTBkNGUtNDIwNS1hYmVlLThmNTg4NWRmN2QxOCIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | @@ -54,8 +55,8 @@ For Terraform Cloud access, see [dev Terraform Cloud](#dev-terraform-cloud). The Cody Analytics dev service implementation is deployed on [Google Cloud Run](https://cloud.google.com/run). -| PROPERTY | DETAILS | -| -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| PROPERTY | DETAILS | +|----------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | Console | [Cloud Run service](https://console.cloud.google.com/run?project=cody-analytics-dev-bd34) | | Service logs | [GCP logging](https://console.cloud.google.com/logs/query;query=resource.type%20%3D%20%22cloud_run_revision%22%20-logName%3D~%22logs%2Frun.googleapis.com%252Frequests%22;summaryFields=jsonPayload%252FInstrumentationScope,jsonPayload%252FBody,jsonPayload%252FAttributes%252Ferror:false:32:end?project=cody-analytics-dev-bd34) | | Service traces | [Cloud Trace](https://console.cloud.google.com/traces/list?project=cody-analytics-dev-bd34) | @@ -94,10 +95,11 @@ sg msp tfc view cody-analytics dev ### prod -| PROPERTY | DETAILS | -| ------------------- | ------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|---------------------|---------------------------------------------------------------------------------------------------------| | Project ID | [`cody-analytics-prod-da5a`](https://console.cloud.google.com/run?project=cody-analytics-prod-da5a) | | Category | **external** | +| Deployment Type | manual | | Resources | | | Slack notifications | [#alerts-cody-analytics-prod](https://sourcegraph.slack.com/archives/alerts-cody-analytics-prod) | | Alerts | [GCP monitoring](https://console.cloud.google.com/monitoring/alerting?project=cody-analytics-prod-da5a) | @@ -107,8 +109,8 @@ sg msp tfc view cody-analytics dev MSP infrastructure access needs to be requested using Entitle for time-bound privileges. -| ACCESS | ENTITLE REQUEST TEMPLATE | -| ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| ACCESS | ENTITLE REQUEST TEMPLATE | +|--------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | GCP project read access | [Read-only Entitle request for the 'Managed Services ' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjEwODAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiYTQ4OWM2MDktNTBlYy00ODAzLWIzZjItMzYzZGJhMTgwMWJhIiwidGhyb3VnaCI6ImE0ODljNjA5LTUwZWMtNDgwMy1iM2YyLTM2M2RiYTE4MDFiYSIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | | GCP project write access | [Write access Entitle request for the 'Managed Services' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjEwODAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiODQzNTYxNzktZjkwMi00MDVlLTlhMTQtNTY3YTY1NmM5MzdmIiwidGhyb3VnaCI6Ijg0MzU2MTc5LWY5MDItNDA1ZS05YTE0LTU2N2E2NTZjOTM3ZiIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | @@ -118,8 +120,8 @@ For Terraform Cloud access, see [prod Terraform Cloud](#prod-terraform-cloud). The Cody Analytics prod service implementation is deployed on [Google Cloud Run](https://cloud.google.com/run). -| PROPERTY | DETAILS | -| -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|----------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | Console | [Cloud Run service](https://console.cloud.google.com/run?project=cody-analytics-prod-da5a) | | Service logs | [GCP logging](https://console.cloud.google.com/logs/query;query=resource.type%20%3D%20%22cloud_run_revision%22%20-logName%3D~%22logs%2Frun.googleapis.com%252Frequests%22;summaryFields=jsonPayload%252FInstrumentationScope,jsonPayload%252FBody,jsonPayload%252FAttributes%252Ferror:false:32:end?project=cody-analytics-prod-da5a) | | Service traces | [Cloud Trace](https://console.cloud.google.com/traces/list?project=cody-analytics-prod-da5a) | diff --git a/content/departments/engineering/managed-services/entitler.md b/content/departments/engineering/managed-services/entitler.md index 24dc0564a899..dc4faeebf327 100644 --- a/content/departments/engineering/managed-services/entitler.md +++ b/content/departments/engineering/managed-services/entitler.md @@ -3,8 +3,8 @@ This document describes operational guidance for Entitler infrastructure. @@ -17,8 +17,8 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] ## Service overview -| PROPERTY | DETAILS | -| ------------ | --------------------------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|--------------|-----------------------------------------------------------------------------------------------------------------------------------------| | Service ID | `entitler` ([specification](https://github.com/sourcegraph/managed-services/blob/main/services/entitler/service.yaml)) | | Owners | **security** | | Service kind | Cloud Run service | @@ -30,10 +30,11 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] ### prod -| PROPERTY | DETAILS | -| ------------------- | ------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|---------------------|---------------------------------------------------------------------------------------------------| | Project ID | [`entitler-prod-0516`](https://console.cloud.google.com/run?project=entitler-prod-0516) | | Category | **internal** | +| Deployment Type | manual | | Resources | | | Slack notifications | [#alerts-entitler-prod](https://sourcegraph.slack.com/archives/alerts-entitler-prod) | | Alerts | [GCP monitoring](https://console.cloud.google.com/monitoring/alerting?project=entitler-prod-0516) | @@ -43,8 +44,8 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] MSP infrastructure access needs to be requested using Entitle for time-bound privileges. -| ACCESS | ENTITLE REQUEST TEMPLATE | -| ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| ACCESS | ENTITLE REQUEST TEMPLATE | +|--------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | GCP project read access | [Read-only Entitle request for the 'Internal Services' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjEwODAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiNzg0M2MxYWYtYzU2MS00ZDMyLWE3ZTAtYjZkNjY0NDM4MzAzIiwidGhyb3VnaCI6Ijc4NDNjMWFmLWM1NjEtNGQzMi1hN2UwLWI2ZDY2NDQzODMwMyIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | | GCP project write access | [Write access Entitle request for the 'Internal Services' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjEwODAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiZTEyYTJkZDktYzY1ZC00YzM0LTlmNDgtMzYzNTNkZmY0MDkyIiwidGhyb3VnaCI6ImUxMmEyZGQ5LWM2NWQtNGMzNC05ZjQ4LTM2MzUzZGZmNDA5MiIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | @@ -54,8 +55,8 @@ For Terraform Cloud access, see [prod Terraform Cloud](#prod-terraform-cloud). The Entitler prod service implementation is deployed on [Google Cloud Run](https://cloud.google.com/run). -| PROPERTY | DETAILS | -| -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|----------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | Console | [Cloud Run service](https://console.cloud.google.com/run?project=entitler-prod-0516) | | Service logs | [GCP logging](https://console.cloud.google.com/logs/query;query=resource.type%20%3D%20%22cloud_run_revision%22%20-logName%3D~%22logs%2Frun.googleapis.com%252Frequests%22;summaryFields=jsonPayload%252FInstrumentationScope,jsonPayload%252FBody,jsonPayload%252FAttributes%252Ferror:false:32:end?project=entitler-prod-0516) | | Service traces | [Cloud Trace](https://console.cloud.google.com/traces/list?project=entitler-prod-0516) | diff --git a/content/departments/engineering/managed-services/gatekeeper.md b/content/departments/engineering/managed-services/gatekeeper.md index d50edea56e0a..47d6d583eea5 100644 --- a/content/departments/engineering/managed-services/gatekeeper.md +++ b/content/departments/engineering/managed-services/gatekeeper.md @@ -3,8 +3,8 @@ This document describes operational guidance for Cody Gatekeeper infrastructure. @@ -17,8 +17,8 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] ## Service overview -| PROPERTY | DETAILS | -| ------------ | -------------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|--------------|----------------------------------------------------------------------------------------------------------------------------| | Service ID | `gatekeeper` ([specification](https://github.com/sourcegraph/managed-services/blob/main/services/gatekeeper/service.yaml)) | | Owners | **cody-services** | | Service kind | Cloud Run job | @@ -30,10 +30,11 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] ### prod -| PROPERTY | DETAILS | -| ------------------- | --------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|---------------------|-----------------------------------------------------------------------------------------------------| | Project ID | [`gatekeeper-prod-1c93`](https://console.cloud.google.com/run/jobs?project=gatekeeper-prod-1c93) | | Category | **internal** | +| Deployment Type | subscription | | Resources | | | Slack notifications | [#alerts-gatekeeper-prod](https://sourcegraph.slack.com/archives/alerts-gatekeeper-prod) | | Alerts | [GCP monitoring](https://console.cloud.google.com/monitoring/alerting?project=gatekeeper-prod-1c93) | @@ -41,8 +42,8 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] MSP infrastructure access needs to be requested using Entitle for time-bound privileges. -| ACCESS | ENTITLE REQUEST TEMPLATE | -| ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| ACCESS | ENTITLE REQUEST TEMPLATE | +|--------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | GCP project read access | [Read-only Entitle request for the 'Internal Services' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjEwODAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiNzg0M2MxYWYtYzU2MS00ZDMyLWE3ZTAtYjZkNjY0NDM4MzAzIiwidGhyb3VnaCI6Ijc4NDNjMWFmLWM1NjEtNGQzMi1hN2UwLWI2ZDY2NDQzODMwMyIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | | GCP project write access | [Write access Entitle request for the 'Internal Services' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjEwODAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiZTEyYTJkZDktYzY1ZC00YzM0LTlmNDgtMzYzNTNkZmY0MDkyIiwidGhyb3VnaCI6ImUxMmEyZGQ5LWM2NWQtNGMzNC05ZjQ4LTM2MzUzZGZmNDA5MiIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | @@ -52,8 +53,8 @@ For Terraform Cloud access, see [prod Terraform Cloud](#prod-terraform-cloud). The Cody Gatekeeper prod service implementation is deployed on [Google Cloud Run](https://cloud.google.com/run). -| PROPERTY | DETAILS | -| -------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|----------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | Console | [Cloud Run job](https://console.cloud.google.com/run/jobs?project=gatekeeper-prod-1c93) | | Service logs | [GCP logging](https://console.cloud.google.com/logs/query;query=resource.type%20%3D%20%22cloud_run_job%22;summaryFields=labels%252F%2522run.googleapis.com%252Fexecution_name%2522,jsonPayload%252FInstrumentationScope,jsonPayload%252FBody,jsonPayload%252FAttributes%252Ferror:false:32:end?project=gatekeeper-prod-1c93) | | Service traces | [Cloud Trace](https://console.cloud.google.com/traces/list?project=gatekeeper-prod-1c93) | diff --git a/content/departments/engineering/managed-services/index.md b/content/departments/engineering/managed-services/index.md index 06c7398229fb..3c1b051ac014 100644 --- a/content/departments/engineering/managed-services/index.md +++ b/content/departments/engineering/managed-services/index.md @@ -3,8 +3,8 @@ These pages contain generated operational guidance for the infrastructure of the 13 [Managed Services Platform (MSP)](../teams/core-services/managed-services/platform.md) services (across 19 environments) currently in operation at Sourcegraph. diff --git a/content/departments/engineering/managed-services/msp-testbed.md b/content/departments/engineering/managed-services/msp-testbed.md index 2ec6b2a92a51..01e4777de6a9 100644 --- a/content/departments/engineering/managed-services/msp-testbed.md +++ b/content/departments/engineering/managed-services/msp-testbed.md @@ -3,8 +3,8 @@ This document describes operational guidance for MSP Testbed infrastructure. @@ -17,14 +17,15 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] ## Service overview -| PROPERTY | DETAILS | -| ------------ | -------------------------------------------------------------------------------------------------------------------------------- | -| Service ID | `msp-testbed` ([specification](https://github.com/sourcegraph/managed-services/blob/main/services/msp-testbed/service.yaml)) | -| Owners | **core-services** | -| Service kind | Cloud Run service | -| Environments | [test](#test), [robert](#robert) | -| Docker image | `us.gcr.io/sourcegraph-dev/msp-example` | -| Source code | [`github.com/sourcegraph/sourcegraph` - `cmd/msp-example`](https://github.com/sourcegraph/sourcegraph/tree/HEAD/cmd/msp-example) | +| PROPERTY | DETAILS | +|------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| Service ID | `msp-testbed` ([specification](https://github.com/sourcegraph/managed-services/blob/main/services/msp-testbed/service.yaml)) | +| Owners | **core-services** | +| Service kind | Cloud Run service | +| Environments | [test](#test), [robert](#robert) | +| Docker image | `us.gcr.io/sourcegraph-dev/msp-example` | +| Source code | [`github.com/sourcegraph/sourcegraph` - `cmd/msp-example`](https://github.com/sourcegraph/sourcegraph/tree/HEAD/cmd/msp-example) | +| Rollout Pipeline | [msp-testbed-us-central1-rollout](https://console.cloud.google.com/deploy/delivery-pipelines/us-central1/msp-testbed-us-central1-rollout?project=msp-testbed-robert-7be9) | This document describes operational guidance for Pings Service infrastructure. @@ -17,8 +17,8 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] ## Service overview -| PROPERTY | DETAILS | -| ------------ | -------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|--------------|----------------------------------------------------------------------------------------------------------------------| | Service ID | `pings` ([specification](https://github.com/sourcegraph/managed-services/blob/main/services/pings/service.yaml)) | | Owners | **core-services** | | Service kind | Cloud Run service | @@ -30,10 +30,11 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] ### prod -| PROPERTY | DETAILS | -| ------------------- | ------------------------------------------------------------------------------------------------------ | +| PROPERTY | DETAILS | +|---------------------|--------------------------------------------------------------------------------------------------------| | Project ID | [`pings-prod-2f4f73edf1db`](https://console.cloud.google.com/run?project=pings-prod-2f4f73edf1db) | | Category | **external** | +| Deployment Type | subscription | | Resources | | | Slack notifications | [#alerts-pings-prod](https://sourcegraph.slack.com/archives/alerts-pings-prod) | | Alerts | [GCP monitoring](https://console.cloud.google.com/monitoring/alerting?project=pings-prod-2f4f73edf1db) | @@ -42,8 +43,8 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] MSP infrastructure access needs to be requested using Entitle for time-bound privileges. -| ACCESS | ENTITLE REQUEST TEMPLATE | -| ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| ACCESS | ENTITLE REQUEST TEMPLATE | +|--------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | GCP project read access | [Read-only Entitle request for the 'Managed Services ' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjEwODAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiYTQ4OWM2MDktNTBlYy00ODAzLWIzZjItMzYzZGJhMTgwMWJhIiwidGhyb3VnaCI6ImE0ODljNjA5LTUwZWMtNDgwMy1iM2YyLTM2M2RiYTE4MDFiYSIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | | GCP project write access | [Write access Entitle request for the 'Managed Services' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjEwODAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiODQzNTYxNzktZjkwMi00MDVlLTlhMTQtNTY3YTY1NmM5MzdmIiwidGhyb3VnaCI6Ijg0MzU2MTc5LWY5MDItNDA1ZS05YTE0LTU2N2E2NTZjOTM3ZiIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | @@ -53,8 +54,8 @@ For Terraform Cloud access, see [prod Terraform Cloud](#prod-terraform-cloud). The Pings Service prod service implementation is deployed on [Google Cloud Run](https://cloud.google.com/run). -| PROPERTY | DETAILS | -| -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| PROPERTY | DETAILS | +|----------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | Console | [Cloud Run service](https://console.cloud.google.com/run?project=pings-prod-2f4f73edf1db) | | Service logs | [GCP logging](https://console.cloud.google.com/logs/query;query=resource.type%20%3D%20%22cloud_run_revision%22%20-logName%3D~%22logs%2Frun.googleapis.com%252Frequests%22;summaryFields=jsonPayload%252FInstrumentationScope,jsonPayload%252FBody,jsonPayload%252FAttributes%252Ferror:false:32:end?project=pings-prod-2f4f73edf1db) | | Service traces | [Cloud Trace](https://console.cloud.google.com/traces/list?project=pings-prod-2f4f73edf1db) | diff --git a/content/departments/engineering/managed-services/releaseregistry.md b/content/departments/engineering/managed-services/releaseregistry.md index 2cc8ca4a6e31..1cc671ab35eb 100644 --- a/content/departments/engineering/managed-services/releaseregistry.md +++ b/content/departments/engineering/managed-services/releaseregistry.md @@ -3,8 +3,8 @@ This document describes operational guidance for Release Registry infrastructure. @@ -17,8 +17,8 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] ## Service overview -| PROPERTY | DETAILS | -| ------------ | ------------------------------------------------------------------------------------------------------------------------------------ | +| PROPERTY | DETAILS | +|--------------|--------------------------------------------------------------------------------------------------------------------------------------| | Service ID | `releaseregistry` ([specification](https://github.com/sourcegraph/managed-services/blob/main/services/releaseregistry/service.yaml)) | | Owners | **dev-experience** | | Service kind | Cloud Run service | @@ -30,10 +30,11 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] ### prod -| PROPERTY | DETAILS | -| ------------------- | -------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|---------------------|----------------------------------------------------------------------------------------------------------| | Project ID | [`releaseregistry-prod-5421`](https://console.cloud.google.com/run?project=releaseregistry-prod-5421) | | Category | **test** | +| Deployment Type | manual | | Resources | [prod PostgreSQL instance](#prod-postgresql-instance) | | Slack notifications | [#alerts-releaseregistry-prod](https://sourcegraph.slack.com/archives/alerts-releaseregistry-prod) | | Alerts | [GCP monitoring](https://console.cloud.google.com/monitoring/alerting?project=releaseregistry-prod-5421) | @@ -43,8 +44,8 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] MSP infrastructure access needs to be requested using Entitle for time-bound privileges. Test environments may have less stringent requirements. -| ACCESS | ENTITLE REQUEST TEMPLATE | -| ------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| ACCESS | ENTITLE REQUEST TEMPLATE | +|--------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | GCP project read access | [Read-only Entitle request for the 'Engineering Projects' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjIxNjAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiZGY3NWJkNWMtYmUxOC00MjhmLWEzNjYtYzlhYTU1MGIwODIzIiwidGhyb3VnaCI6ImRmNzViZDVjLWJlMTgtNDI4Zi1hMzY2LWM5YWE1NTBiMDgyMyIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | | GCP project write access | [Write access Entitle request for the 'Engineering Projects' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjIxNjAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiYzJkMTUwOGEtMGQ0ZS00MjA1LWFiZWUtOGY1ODg1ZGY3ZDE4IiwidGhyb3VnaCI6ImMyZDE1MDhhLTBkNGUtNDIwNS1hYmVlLThmNTg4NWRmN2QxOCIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | @@ -54,8 +55,8 @@ For Terraform Cloud access, see [prod Terraform Cloud](#prod-terraform-cloud). The Release Registry prod service implementation is deployed on [Google Cloud Run](https://cloud.google.com/run). -| PROPERTY | DETAILS | -| -------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|----------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | Console | [Cloud Run service](https://console.cloud.google.com/run?project=releaseregistry-prod-5421) | | Service logs | [GCP logging](https://console.cloud.google.com/logs/query;query=resource.type%20%3D%20%22cloud_run_revision%22%20-logName%3D~%22logs%2Frun.googleapis.com%252Frequests%22;summaryFields=jsonPayload%252FInstrumentationScope,jsonPayload%252FBody,jsonPayload%252FAttributes%252Ferror:false:32:end?project=releaseregistry-prod-5421) | | Service traces | [Cloud Trace](https://console.cloud.google.com/traces/list?project=releaseregistry-prod-5421) | @@ -69,8 +70,8 @@ sg msp logs releaseregistry prod #### prod PostgreSQL instance -| PROPERTY | DETAILS | -| --------- | ------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|-----------|---------------------------------------------------------------------------------------------------------| | Console | [Cloud SQL instances](https://console.cloud.google.com/sql/instances?project=releaseregistry-prod-5421) | | Databases | `releaseregistry` | @@ -114,10 +115,11 @@ sg msp tfc view releaseregistry prod ### dev -| PROPERTY | DETAILS | -| ------------------- | ------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|---------------------|---------------------------------------------------------------------------------------------------------| | Project ID | [`releaseregistry-dev-6bac`](https://console.cloud.google.com/run?project=releaseregistry-dev-6bac) | | Category | **test** | +| Deployment Type | subscription | | Resources | [dev PostgreSQL instance](#dev-postgresql-instance) | | Slack notifications | [#alerts-releaseregistry-dev](https://sourcegraph.slack.com/archives/alerts-releaseregistry-dev) | | Alerts | [GCP monitoring](https://console.cloud.google.com/monitoring/alerting?project=releaseregistry-dev-6bac) | @@ -127,8 +129,8 @@ sg msp tfc view releaseregistry prod MSP infrastructure access needs to be requested using Entitle for time-bound privileges. Test environments may have less stringent requirements. -| ACCESS | ENTITLE REQUEST TEMPLATE | -| ------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| ACCESS | ENTITLE REQUEST TEMPLATE | +|--------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | GCP project read access | [Read-only Entitle request for the 'Engineering Projects' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjIxNjAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiZGY3NWJkNWMtYmUxOC00MjhmLWEzNjYtYzlhYTU1MGIwODIzIiwidGhyb3VnaCI6ImRmNzViZDVjLWJlMTgtNDI4Zi1hMzY2LWM5YWE1NTBiMDgyMyIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | | GCP project write access | [Write access Entitle request for the 'Engineering Projects' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjIxNjAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiYzJkMTUwOGEtMGQ0ZS00MjA1LWFiZWUtOGY1ODg1ZGY3ZDE4IiwidGhyb3VnaCI6ImMyZDE1MDhhLTBkNGUtNDIwNS1hYmVlLThmNTg4NWRmN2QxOCIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | @@ -138,8 +140,8 @@ For Terraform Cloud access, see [dev Terraform Cloud](#dev-terraform-cloud). The Release Registry dev service implementation is deployed on [Google Cloud Run](https://cloud.google.com/run). -| PROPERTY | DETAILS | -| -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|----------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | Console | [Cloud Run service](https://console.cloud.google.com/run?project=releaseregistry-dev-6bac) | | Service logs | [GCP logging](https://console.cloud.google.com/logs/query;query=resource.type%20%3D%20%22cloud_run_revision%22%20-logName%3D~%22logs%2Frun.googleapis.com%252Frequests%22;summaryFields=jsonPayload%252FInstrumentationScope,jsonPayload%252FBody,jsonPayload%252FAttributes%252Ferror:false:32:end?project=releaseregistry-dev-6bac) | | Service traces | [Cloud Trace](https://console.cloud.google.com/traces/list?project=releaseregistry-dev-6bac) | @@ -153,8 +155,8 @@ sg msp logs releaseregistry dev #### dev PostgreSQL instance -| PROPERTY | DETAILS | -| --------- | ------------------------------------------------------------------------------------------------------ | +| PROPERTY | DETAILS | +|-----------|--------------------------------------------------------------------------------------------------------| | Console | [Cloud SQL instances](https://console.cloud.google.com/sql/instances?project=releaseregistry-dev-6bac) | | Databases | `releaseregistry` | diff --git a/content/departments/engineering/managed-services/sams.md b/content/departments/engineering/managed-services/sams.md index 40560585e248..f25c7dca843e 100644 --- a/content/departments/engineering/managed-services/sams.md +++ b/content/departments/engineering/managed-services/sams.md @@ -3,8 +3,8 @@ This document describes operational guidance for Self-Serve Cody infrastructure. @@ -17,8 +17,8 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] ## Service overview -| PROPERTY | DETAILS | -| ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------ | +| PROPERTY | DETAILS | +|--------------|--------------------------------------------------------------------------------------------------------------------------------------------------| | Service ID | `sams` ([specification](https://github.com/sourcegraph/managed-services/blob/main/services/sams/service.yaml)) | | Owners | **cody-plg** | | Service kind | Cloud Run service | @@ -30,10 +30,11 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] ### dev -| PROPERTY | DETAILS | -| ------------------- | --------------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|---------------------|-----------------------------------------------------------------------------------------------------------------------------| | Project ID | [`sams-dev-bfec`](https://console.cloud.google.com/run?project=sams-dev-bfec) | | Category | **test** | +| Deployment Type | subscription | | Resources | [dev Redis](#dev-redis), [dev PostgreSQL instance](#dev-postgresql-instance), [dev BigQuery dataset](#dev-bigquery-dataset) | | Slack notifications | [#alerts-sams-dev](https://sourcegraph.slack.com/archives/alerts-sams-dev) | | Alerts | [GCP monitoring](https://console.cloud.google.com/monitoring/alerting?project=sams-dev-bfec) | @@ -43,8 +44,8 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] MSP infrastructure access needs to be requested using Entitle for time-bound privileges. Test environments may have less stringent requirements. -| ACCESS | ENTITLE REQUEST TEMPLATE | -| ------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| ACCESS | ENTITLE REQUEST TEMPLATE | +|--------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | GCP project read access | [Read-only Entitle request for the 'Engineering Projects' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjIxNjAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiZGY3NWJkNWMtYmUxOC00MjhmLWEzNjYtYzlhYTU1MGIwODIzIiwidGhyb3VnaCI6ImRmNzViZDVjLWJlMTgtNDI4Zi1hMzY2LWM5YWE1NTBiMDgyMyIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | | GCP project write access | [Write access Entitle request for the 'Engineering Projects' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjIxNjAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiYzJkMTUwOGEtMGQ0ZS00MjA1LWFiZWUtOGY1ODg1ZGY3ZDE4IiwidGhyb3VnaCI6ImMyZDE1MDhhLTBkNGUtNDIwNS1hYmVlLThmNTg4NWRmN2QxOCIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | @@ -54,8 +55,8 @@ For Terraform Cloud access, see [dev Terraform Cloud](#dev-terraform-cloud). The Self-Serve Cody dev service implementation is deployed on [Google Cloud Run](https://cloud.google.com/run). -| PROPERTY | DETAILS | -| -------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|----------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | Console | [Cloud Run service](https://console.cloud.google.com/run?project=sams-dev-bfec) | | Service logs | [GCP logging](https://console.cloud.google.com/logs/query;query=resource.type%20%3D%20%22cloud_run_revision%22%20-logName%3D~%22logs%2Frun.googleapis.com%252Frequests%22;summaryFields=jsonPayload%252FInstrumentationScope,jsonPayload%252FBody,jsonPayload%252FAttributes%252Ferror:false:32:end?project=sams-dev-bfec) | | Service traces | [Cloud Trace](https://console.cloud.google.com/traces/list?project=sams-dev-bfec) | @@ -69,14 +70,14 @@ sg msp logs sams dev #### dev Redis -| PROPERTY | DETAILS | -| -------- | ----------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|----------|-------------------------------------------------------------------------------------------------------------------| | Console | [Memorystore Redis instances](https://console.cloud.google.com/memorystore/redis/instances?project=sams-dev-bfec) | #### dev PostgreSQL instance -| PROPERTY | DETAILS | -| --------- | ------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|-----------|---------------------------------------------------------------------------------------------| | Console | [Cloud SQL instances](https://console.cloud.google.com/sql/instances?project=sams-dev-bfec) | | Databases | `accounts`, `cody_management` | @@ -95,8 +96,8 @@ sg msp pg connect -write-access sams dev #### dev BigQuery dataset -| PROPERTY | DETAILS | -| --------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|-----------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | Dataset Project | `sams-dev-bfec` | | Dataset ID | `sams` | | Tables | [`user_emails`](https://github.com/sourcegraph/managed-services/blob/main/services/sams/user_emails.bigquerytable.json), [`events`](https://github.com/sourcegraph/managed-services/blob/main/services/sams/events.bigquerytable.json), [`cody_events`](https://github.com/sourcegraph/managed-services/blob/main/services/sams/cody_events.bigquerytable.json), [`subscription_events`](https://github.com/sourcegraph/managed-services/blob/main/services/sams/subscription_events.bigquerytable.json) | @@ -128,10 +129,11 @@ sg msp tfc view sams dev ### prod -| PROPERTY | DETAILS | -| ------------------- | --------------------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|---------------------|-----------------------------------------------------------------------------------------------------------------------------------| | Project ID | [`sams-prod-ywuz`](https://console.cloud.google.com/run?project=sams-prod-ywuz) | | Category | **external** | +| Deployment Type | manual | | Resources | [prod Redis](#prod-redis), [prod PostgreSQL instance](#prod-postgresql-instance), [prod BigQuery dataset](#prod-bigquery-dataset) | | Slack notifications | [#alerts-sams-prod](https://sourcegraph.slack.com/archives/alerts-sams-prod) | | Alerts | [GCP monitoring](https://console.cloud.google.com/monitoring/alerting?project=sams-prod-ywuz) | @@ -141,8 +143,8 @@ sg msp tfc view sams dev MSP infrastructure access needs to be requested using Entitle for time-bound privileges. -| ACCESS | ENTITLE REQUEST TEMPLATE | -| ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| ACCESS | ENTITLE REQUEST TEMPLATE | +|--------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | GCP project read access | [Read-only Entitle request for the 'Managed Services ' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjEwODAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiYTQ4OWM2MDktNTBlYy00ODAzLWIzZjItMzYzZGJhMTgwMWJhIiwidGhyb3VnaCI6ImE0ODljNjA5LTUwZWMtNDgwMy1iM2YyLTM2M2RiYTE4MDFiYSIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | | GCP project write access | [Write access Entitle request for the 'Managed Services' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjEwODAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiODQzNTYxNzktZjkwMi00MDVlLTlhMTQtNTY3YTY1NmM5MzdmIiwidGhyb3VnaCI6Ijg0MzU2MTc5LWY5MDItNDA1ZS05YTE0LTU2N2E2NTZjOTM3ZiIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | @@ -152,8 +154,8 @@ For Terraform Cloud access, see [prod Terraform Cloud](#prod-terraform-cloud). The Self-Serve Cody prod service implementation is deployed on [Google Cloud Run](https://cloud.google.com/run). -| PROPERTY | DETAILS | -| -------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|----------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | Console | [Cloud Run service](https://console.cloud.google.com/run?project=sams-prod-ywuz) | | Service logs | [GCP logging](https://console.cloud.google.com/logs/query;query=resource.type%20%3D%20%22cloud_run_revision%22%20-logName%3D~%22logs%2Frun.googleapis.com%252Frequests%22;summaryFields=jsonPayload%252FInstrumentationScope,jsonPayload%252FBody,jsonPayload%252FAttributes%252Ferror:false:32:end?project=sams-prod-ywuz) | | Service traces | [Cloud Trace](https://console.cloud.google.com/traces/list?project=sams-prod-ywuz) | @@ -167,14 +169,14 @@ sg msp logs sams prod #### prod Redis -| PROPERTY | DETAILS | -| -------- | ------------------------------------------------------------------------------------------------------------------ | +| PROPERTY | DETAILS | +|----------|--------------------------------------------------------------------------------------------------------------------| | Console | [Memorystore Redis instances](https://console.cloud.google.com/memorystore/redis/instances?project=sams-prod-ywuz) | #### prod PostgreSQL instance -| PROPERTY | DETAILS | -| --------- | -------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|-----------|----------------------------------------------------------------------------------------------| | Console | [Cloud SQL instances](https://console.cloud.google.com/sql/instances?project=sams-prod-ywuz) | | Databases | `accounts`, `cody_management` | @@ -193,8 +195,8 @@ sg msp pg connect -write-access sams prod #### prod BigQuery dataset -| PROPERTY | DETAILS | -| --------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|-----------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | Dataset Project | `sams-prod-ywuz` | | Dataset ID | `sams` | | Tables | [`user_emails`](https://github.com/sourcegraph/managed-services/blob/main/services/sams/user_emails.bigquerytable.json), [`events`](https://github.com/sourcegraph/managed-services/blob/main/services/sams/events.bigquerytable.json), [`cody_events`](https://github.com/sourcegraph/managed-services/blob/main/services/sams/cody_events.bigquerytable.json), [`subscription_events`](https://github.com/sourcegraph/managed-services/blob/main/services/sams/subscription_events.bigquerytable.json) | diff --git a/content/departments/engineering/managed-services/sourcegraph-accounts.md b/content/departments/engineering/managed-services/sourcegraph-accounts.md index cf56110b0b51..794cc00a486d 100644 --- a/content/departments/engineering/managed-services/sourcegraph-accounts.md +++ b/content/departments/engineering/managed-services/sourcegraph-accounts.md @@ -3,8 +3,8 @@ This document describes operational guidance for Sourcegraph Accounts infrastructure. @@ -17,23 +17,72 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] ## Service overview -| PROPERTY | DETAILS | -| ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Service ID | `sourcegraph-accounts` ([specification](https://github.com/sourcegraph/managed-services/blob/main/services/sourcegraph-accounts/service.yaml)) | -| Owners | **core-services** | -| Service kind | Cloud Run service | -| Environments | [dev](#dev), [prod](#prod) | -| Docker image | `us-central1-docker.pkg.dev/sourcegraph-dev/sourcegraph-accounts/accounts-server` | -| Source code | [`github.com/sourcegraph/sourcegraph-accounts` - `cmd/accounts-server`](https://github.com/sourcegraph/sourcegraph-accounts/tree/HEAD/cmd/accounts-server) | +| PROPERTY | DETAILS | +|------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| Service ID | `sourcegraph-accounts` ([specification](https://github.com/sourcegraph/managed-services/blob/main/services/sourcegraph-accounts/service.yaml)) | +| Owners | **core-services** | +| Service kind | Cloud Run service | +| Environments | [dev](#dev), [prod](#prod) | +| Docker image | `us-central1-docker.pkg.dev/sourcegraph-dev/sourcegraph-accounts/accounts-server` | +| Source code | [`github.com/sourcegraph/sourcegraph-accounts` - `cmd/accounts-server`](https://github.com/sourcegraph/sourcegraph-accounts/tree/HEAD/cmd/accounts-server) | +| Rollout Pipeline | [sourcegraph-accounts-us-central1-rollout](https://console.cloud.google.com/deploy/delivery-pipelines/us-central1/sourcegraph-accounts-us-central1-rollout?project=sourcegraph-accounts-prod-csvc) | + + + +### Operators cheat sheet + +#### Get email domain stats +For Google sign-in abuse protection. + +```zsh +$ curl -s \ + -H "Authorization: Bearer $MANAGEMENT_SECRET" \ + https://accounts.sourcegraph.com/api/management/v1/email-domain-stats | jq +``` + +#### Create a new IdP client + +```zsh +$ curl -s -X POST \ + -H "Authorization: Bearer $MANAGEMENT_SECRET" \ + https://accounts.sourcegraph.com/api/management/v1/identity-provider/clients \ +--data '{"name": "", "scopes": [""], "redirect_uris": [""]}' | jq +``` + +#### Add new scope to an IdP client + +Connect to the "accounts" database: + +```sql +UPDATE idp_clients +SET scopes = scopes || '[""]'::jsonb +WHERE id = '' +``` + +#### Assign SSC admin role + +1. Connect to the "accounts" database. +1. Get the user ID via email: + ```sql + SELECT user_id FROM emails WHERE email = ''; + ``` +1. Insert metadata for `ssc`: + ```sql + INSERT INTO user_metadata (created_at, updated_at, user_id, scope, metadata) + VALUES (now(), now(), , 'ssc', '{ "roles": ["admin"] }'); + ``` ## Environments ### dev -| PROPERTY | DETAILS | -| ------------------- | --------------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|---------------------|-----------------------------------------------------------------------------------------------------------------------------| | Project ID | [`sourcegraph-accounts-dev-csvc`](https://console.cloud.google.com/run?project=sourcegraph-accounts-dev-csvc) | | Category | **test** | +| Deployment Type | rollout | | Resources | [dev Redis](#dev-redis), [dev PostgreSQL instance](#dev-postgresql-instance), [dev BigQuery dataset](#dev-bigquery-dataset) | | Slack notifications | [#alerts-sourcegraph-accounts-dev](https://sourcegraph.slack.com/archives/alerts-sourcegraph-accounts-dev) | | Alerts | [GCP monitoring](https://console.cloud.google.com/monitoring/alerting?project=sourcegraph-accounts-dev-csvc) | @@ -43,8 +92,8 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] MSP infrastructure access needs to be requested using Entitle for time-bound privileges. Test environments may have less stringent requirements. -| ACCESS | ENTITLE REQUEST TEMPLATE | -| ------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| ACCESS | ENTITLE REQUEST TEMPLATE | +|--------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | GCP project read access | [Read-only Entitle request for the 'Engineering Projects' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjIxNjAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiZGY3NWJkNWMtYmUxOC00MjhmLWEzNjYtYzlhYTU1MGIwODIzIiwidGhyb3VnaCI6ImRmNzViZDVjLWJlMTgtNDI4Zi1hMzY2LWM5YWE1NTBiMDgyMyIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | | GCP project write access | [Write access Entitle request for the 'Engineering Projects' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjIxNjAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiYzJkMTUwOGEtMGQ0ZS00MjA1LWFiZWUtOGY1ODg1ZGY3ZDE4IiwidGhyb3VnaCI6ImMyZDE1MDhhLTBkNGUtNDIwNS1hYmVlLThmNTg4NWRmN2QxOCIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | @@ -54,8 +103,8 @@ For Terraform Cloud access, see [dev Terraform Cloud](#dev-terraform-cloud). The Sourcegraph Accounts dev service implementation is deployed on [Google Cloud Run](https://cloud.google.com/run). -| PROPERTY | DETAILS | -| -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| PROPERTY | DETAILS | +|----------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | Console | [Cloud Run service](https://console.cloud.google.com/run?project=sourcegraph-accounts-dev-csvc) | | Service logs | [GCP logging](https://console.cloud.google.com/logs/query;query=resource.type%20%3D%20%22cloud_run_revision%22%20-logName%3D~%22logs%2Frun.googleapis.com%252Frequests%22;summaryFields=jsonPayload%252FInstrumentationScope,jsonPayload%252FBody,jsonPayload%252FAttributes%252Ferror:false:32:end?project=sourcegraph-accounts-dev-csvc) | | Service traces | [Cloud Trace](https://console.cloud.google.com/traces/list?project=sourcegraph-accounts-dev-csvc) | @@ -69,14 +118,14 @@ sg msp logs sourcegraph-accounts dev #### dev Redis -| PROPERTY | DETAILS | -| -------- | --------------------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|----------|-----------------------------------------------------------------------------------------------------------------------------------| | Console | [Memorystore Redis instances](https://console.cloud.google.com/memorystore/redis/instances?project=sourcegraph-accounts-dev-csvc) | #### dev PostgreSQL instance -| PROPERTY | DETAILS | -| --------- | ----------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|-----------|-------------------------------------------------------------------------------------------------------------| | Console | [Cloud SQL instances](https://console.cloud.google.com/sql/instances?project=sourcegraph-accounts-dev-csvc) | | Databases | `accounts` | @@ -95,8 +144,8 @@ sg msp pg connect -write-access sourcegraph-accounts dev #### dev BigQuery dataset -| PROPERTY | DETAILS | -| --------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|-----------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | Dataset Project | `sourcegraph-accounts-dev-csvc` | | Dataset ID | `sourcegraph_accounts` | | Tables | [`user_emails`](https://github.com/sourcegraph/managed-services/blob/main/services/sourcegraph-accounts/user_emails.bigquerytable.json), [`events`](https://github.com/sourcegraph/managed-services/blob/main/services/sourcegraph-accounts/events.bigquerytable.json) | @@ -128,10 +177,11 @@ sg msp tfc view sourcegraph-accounts dev ### prod -| PROPERTY | DETAILS | -| ------------------- | --------------------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|---------------------|-----------------------------------------------------------------------------------------------------------------------------------| | Project ID | [`sourcegraph-accounts-prod-csvc`](https://console.cloud.google.com/run?project=sourcegraph-accounts-prod-csvc) | | Category | **external** | +| Deployment Type | rollout | | Resources | [prod Redis](#prod-redis), [prod PostgreSQL instance](#prod-postgresql-instance), [prod BigQuery dataset](#prod-bigquery-dataset) | | Slack notifications | [#alerts-sourcegraph-accounts-prod](https://sourcegraph.slack.com/archives/alerts-sourcegraph-accounts-prod) | | Alerts | [GCP monitoring](https://console.cloud.google.com/monitoring/alerting?project=sourcegraph-accounts-prod-csvc) | @@ -141,8 +191,8 @@ sg msp tfc view sourcegraph-accounts dev MSP infrastructure access needs to be requested using Entitle for time-bound privileges. -| ACCESS | ENTITLE REQUEST TEMPLATE | -| ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| ACCESS | ENTITLE REQUEST TEMPLATE | +|--------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | GCP project read access | [Read-only Entitle request for the 'Managed Services ' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjEwODAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiYTQ4OWM2MDktNTBlYy00ODAzLWIzZjItMzYzZGJhMTgwMWJhIiwidGhyb3VnaCI6ImE0ODljNjA5LTUwZWMtNDgwMy1iM2YyLTM2M2RiYTE4MDFiYSIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | | GCP project write access | [Write access Entitle request for the 'Managed Services' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjEwODAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiODQzNTYxNzktZjkwMi00MDVlLTlhMTQtNTY3YTY1NmM5MzdmIiwidGhyb3VnaCI6Ijg0MzU2MTc5LWY5MDItNDA1ZS05YTE0LTU2N2E2NTZjOTM3ZiIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | @@ -152,8 +202,8 @@ For Terraform Cloud access, see [prod Terraform Cloud](#prod-terraform-cloud). The Sourcegraph Accounts prod service implementation is deployed on [Google Cloud Run](https://cloud.google.com/run). -| PROPERTY | DETAILS | -| -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|----------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | Console | [Cloud Run service](https://console.cloud.google.com/run?project=sourcegraph-accounts-prod-csvc) | | Service logs | [GCP logging](https://console.cloud.google.com/logs/query;query=resource.type%20%3D%20%22cloud_run_revision%22%20-logName%3D~%22logs%2Frun.googleapis.com%252Frequests%22;summaryFields=jsonPayload%252FInstrumentationScope,jsonPayload%252FBody,jsonPayload%252FAttributes%252Ferror:false:32:end?project=sourcegraph-accounts-prod-csvc) | | Service traces | [Cloud Trace](https://console.cloud.google.com/traces/list?project=sourcegraph-accounts-prod-csvc) | @@ -167,14 +217,14 @@ sg msp logs sourcegraph-accounts prod #### prod Redis -| PROPERTY | DETAILS | -| -------- | ---------------------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|----------|------------------------------------------------------------------------------------------------------------------------------------| | Console | [Memorystore Redis instances](https://console.cloud.google.com/memorystore/redis/instances?project=sourcegraph-accounts-prod-csvc) | #### prod PostgreSQL instance -| PROPERTY | DETAILS | -| --------- | ------------------------------------------------------------------------------------------------------------ | +| PROPERTY | DETAILS | +|-----------|--------------------------------------------------------------------------------------------------------------| | Console | [Cloud SQL instances](https://console.cloud.google.com/sql/instances?project=sourcegraph-accounts-prod-csvc) | | Databases | `accounts` | @@ -193,8 +243,8 @@ sg msp pg connect -write-access sourcegraph-accounts prod #### prod BigQuery dataset -| PROPERTY | DETAILS | -| --------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|-----------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | Dataset Project | `sourcegraph-accounts-prod-csvc` | | Dataset ID | `sourcegraph_accounts` | | Tables | [`user_emails`](https://github.com/sourcegraph/managed-services/blob/main/services/sourcegraph-accounts/user_emails.bigquerytable.json), [`events`](https://github.com/sourcegraph/managed-services/blob/main/services/sourcegraph-accounts/events.bigquerytable.json) | diff --git a/content/departments/engineering/managed-services/support-integration.md b/content/departments/engineering/managed-services/support-integration.md index 65f0d822a4f1..9b1315a03f0c 100644 --- a/content/departments/engineering/managed-services/support-integration.md +++ b/content/departments/engineering/managed-services/support-integration.md @@ -3,8 +3,8 @@ This document describes operational guidance for Support Integration infrastructure. @@ -17,8 +17,8 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] ## Service overview -| PROPERTY | DETAILS | -| ------------ | -------------------------------------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|--------------|----------------------------------------------------------------------------------------------------------------------------------------------| | Service ID | `support-integration` ([specification](https://github.com/sourcegraph/managed-services/blob/main/services/support-integration/service.yaml)) | | Owners | **Customer Support** | | Service kind | Cloud Run service | @@ -30,10 +30,11 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] ### prod -| PROPERTY | DETAILS | -| ------------------- | ------------------------------------------------------------------------------------------------------------- | +| PROPERTY | DETAILS | +|---------------------|---------------------------------------------------------------------------------------------------------------| | Project ID | [`support-integration-prod-549b`](https://console.cloud.google.com/run?project=support-integration-prod-549b) | | Category | **internal** | +| Deployment Type | manual | | Resources | | | Slack notifications | [#alerts-support-integration-prod](https://sourcegraph.slack.com/archives/alerts-support-integration-prod) | | Alerts | [GCP monitoring](https://console.cloud.google.com/monitoring/alerting?project=support-integration-prod-549b) | @@ -43,8 +44,8 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] MSP infrastructure access needs to be requested using Entitle for time-bound privileges. -| ACCESS | ENTITLE REQUEST TEMPLATE | -| ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| ACCESS | ENTITLE REQUEST TEMPLATE | +|--------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | GCP project read access | [Read-only Entitle request for the 'Internal Services' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjEwODAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiNzg0M2MxYWYtYzU2MS00ZDMyLWE3ZTAtYjZkNjY0NDM4MzAzIiwidGhyb3VnaCI6Ijc4NDNjMWFmLWM1NjEtNGQzMi1hN2UwLWI2ZDY2NDQzODMwMyIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | | GCP project write access | [Write access Entitle request for the 'Internal Services' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjEwODAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiZTEyYTJkZDktYzY1ZC00YzM0LTlmNDgtMzYzNTNkZmY0MDkyIiwidGhyb3VnaCI6ImUxMmEyZGQ5LWM2NWQtNGMzNC05ZjQ4LTM2MzUzZGZmNDA5MiIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | @@ -54,8 +55,8 @@ For Terraform Cloud access, see [prod Terraform Cloud](#prod-terraform-cloud). The Support Integration prod service implementation is deployed on [Google Cloud Run](https://cloud.google.com/run). -| PROPERTY | DETAILS | -| -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| PROPERTY | DETAILS | +|----------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | Console | [Cloud Run service](https://console.cloud.google.com/run?project=support-integration-prod-549b) | | Service logs | [GCP logging](https://console.cloud.google.com/logs/query;query=resource.type%20%3D%20%22cloud_run_revision%22%20-logName%3D~%22logs%2Frun.googleapis.com%252Frequests%22;summaryFields=jsonPayload%252FInstrumentationScope,jsonPayload%252FBody,jsonPayload%252FAttributes%252Ferror:false:32:end?project=support-integration-prod-549b) | | Service traces | [Cloud Trace](https://console.cloud.google.com/traces/list?project=support-integration-prod-549b) | diff --git a/content/departments/engineering/managed-services/telemetry-gateway.md b/content/departments/engineering/managed-services/telemetry-gateway.md index e8a5c004104b..197da09af738 100644 --- a/content/departments/engineering/managed-services/telemetry-gateway.md +++ b/content/departments/engineering/managed-services/telemetry-gateway.md @@ -3,8 +3,8 @@ This document describes operational guidance for Telemetry Gateway infrastructure. @@ -17,14 +17,15 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] ## Service overview -| PROPERTY | DETAILS | -| ------------ | -------------------------------------------------------------------------------------------------------------------------------------------- | -| Service ID | `telemetry-gateway` ([specification](https://github.com/sourcegraph/managed-services/blob/main/services/telemetry-gateway/service.yaml)) | -| Owners | **core-services** | -| Service kind | Cloud Run service | -| Environments | [dev](#dev), [prod](#prod) | -| Docker image | `index.docker.io/sourcegraph/telemetry-gateway` | -| Source code | [`github.com/sourcegraph/sourcegraph` - `cmd/telemetry-gateway`](https://github.com/sourcegraph/sourcegraph/tree/HEAD/cmd/telemetry-gateway) | +| PROPERTY | DETAILS | +|------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| Service ID | `telemetry-gateway` ([specification](https://github.com/sourcegraph/managed-services/blob/main/services/telemetry-gateway/service.yaml)) | +| Owners | **core-services** | +| Service kind | Cloud Run service | +| Environments | [dev](#dev), [prod](#prod) | +| Docker image | `index.docker.io/sourcegraph/telemetry-gateway` | +| Source code | [`github.com/sourcegraph/sourcegraph` - `cmd/telemetry-gateway`](https://github.com/sourcegraph/sourcegraph/tree/HEAD/cmd/telemetry-gateway) | +| Rollout Pipeline | [telemetry-gateway-us-central1-rollout](https://console.cloud.google.com/deploy/delivery-pipelines/us-central1/telemetry-gateway-us-central1-rollout?project=telemetry-gateway-prod-acae) |