From d54f1156acb3c5fb7a1eed1c795329171228556e Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Fri, 2 May 2025 12:08:56 -0400 Subject: [PATCH] expanded with additional points to consider --- aws/proposals/github-concerns/README.md | 46 +++++++++++++++++++++++++ 1 file changed, 46 insertions(+) diff --git a/aws/proposals/github-concerns/README.md b/aws/proposals/github-concerns/README.md index 6e6cec7e..3de03ddc 100644 --- a/aws/proposals/github-concerns/README.md +++ b/aws/proposals/github-concerns/README.md @@ -112,6 +112,46 @@ The backup process will be implemented using the following approach: * Documentation for accessing backups * Scripts for bulk restoration if needed +5. GitLab Contingency Planning: + As part of our resilience strategy, we need to validate GitLab as a potential temporary alternative during GitHub outages. The following items require setup and validation: + + * Infrastructure Configuration: + * Mirror the GitHub naming convention (replacing "github" with "gitlab" in URLs) + * Deploy across the same locations (internal, t26, dmz) + * Configure on F5 similar to GitHub Enterprise (even as a single instance) + * Validate network access from internal networks, cloud, lab, and mobile devices + + * Authentication & Access: + * LDAP integration: + * GUI login functionality + * Group synchronization + * SAML access for web interface with MFA and Kerberos support + * SSH key upload and management process + * GPG key upload and verification workflow + * Token-based authentication for CLI operations + + * Repository Management: + * Terraform modules for GitLab repository configuration, settings, and teams + * Critical for our AWS account baseline management (~300 AWS account repos) + * Verification that CODEOWNERS files work as expected + * Markdown rendering compatibility check (important for our extensive documentation) + + * Developer Workflow: + * CLI tools for repository operations + * Cloning repositories + * Creating and managing Merge Requests (GitLab's equivalent to PRs) + * Batch operations across multiple repositories (equivalent to git-xargs) + * Identify and document necessary workflow adjustments + + * CI/CD Integration: + * OIDC configuration for cloud access via F5 and DMZ instance + * Pipeline configuration changes from GitHub Actions to GitLab CI + + * Communication Strategy: + * Documentation updates for development teams + * Training materials on GitLab-specific features and terminology + * Clear guidance for the transition period + ## Tagging In accordance with the [government funding lapse guidelines](../documentation/gov-funding-lapse/README.md), we'll use the following tags: @@ -127,6 +167,10 @@ Product Documentation Links: * [AWS S3](https://docs.aws.amazon.com/AmazonS3/latest/userguide/what-is-s3.html) * [AWS S3 Cross-Region Replication](https://docs.aws.amazon.com/AmazonS3/latest/userguide/replication.html) * [GitHub Enterprise Backup Utilities](https://github.com/github/backup-utils) +* [GitLab LDAP Integration](https://docs.gitlab.com/ee/administration/auth/ldap/) +* [GitLab SAML Configuration](https://docs.gitlab.com/ee/integration/saml.html) +* [GitLab Import from GitHub](https://docs.gitlab.com/ee/user/project/import/github.html) +* [GitLab CI/CD Documentation](https://docs.gitlab.com/ee/ci/) Internal Links: * [Government Funding Lapse Plans](../documentation/gov-funding-lapse/README.md) @@ -137,3 +181,5 @@ Internal Links: - 1.0.0 -- 2024-06-15 - initial proposal +- 1.1.0 -- 2024-06-22 + - added GitLab contingency planning requirements