github-concerns

aws/proposals/github-concerns/README.md

@@ -112,6 +112,46 @@ The backup process will be implemented using the following approach:
    * Documentation for accessing backups
    * Scripts for bulk restoration if needed
 
+5. GitLab Contingency Planning:
+   As part of our resilience strategy, we need to validate GitLab as a potential temporary alternative during GitHub outages. The following items require setup and validation:
+
+   * Infrastructure Configuration:
+     * Mirror the GitHub naming convention (replacing "github" with "gitlab" in URLs)
+     * Deploy across the same locations (internal, t26, dmz)
+     * Configure on F5 similar to GitHub Enterprise (even as a single instance)
+     * Validate network access from internal networks, cloud, lab, and mobile devices
+
+   * Authentication & Access:
+     * LDAP integration:
+       * GUI login functionality
+       * Group synchronization
+     * SAML access for web interface with MFA and Kerberos support
+     * SSH key upload and management process
+     * GPG key upload and verification workflow
+     * Token-based authentication for CLI operations
+
+   * Repository Management:
+     * Terraform modules for GitLab repository configuration, settings, and teams
+       * Critical for our AWS account baseline management (~300 AWS account repos)
+     * Verification that CODEOWNERS files work as expected
+     * Markdown rendering compatibility check (important for our extensive documentation)
+
+   * Developer Workflow:
+     * CLI tools for repository operations
+       * Cloning repositories
+       * Creating and managing Merge Requests (GitLab's equivalent to PRs)
+       * Batch operations across multiple repositories (equivalent to git-xargs)
+     * Identify and document necessary workflow adjustments
+
+   * CI/CD Integration:
+     * OIDC configuration for cloud access via F5 and DMZ instance
+     * Pipeline configuration changes from GitHub Actions to GitLab CI
+
+   * Communication Strategy:
+     * Documentation updates for development teams
+     * Training materials on GitLab-specific features and terminology
+     * Clear guidance for the transition period
+
 ## Tagging
 
 In accordance with the [government funding lapse guidelines](../documentation/gov-funding-lapse/README.md), we'll use the following tags:
@@ -127,6 +167,10 @@ Product Documentation Links:
 * [AWS S3](https://docs.aws.amazon.com/AmazonS3/latest/userguide/what-is-s3.html)
 * [AWS S3 Cross-Region Replication](https://docs.aws.amazon.com/AmazonS3/latest/userguide/replication.html)
 * [GitHub Enterprise Backup Utilities](https://github.com/github/backup-utils)
+* [GitLab LDAP Integration](https://docs.gitlab.com/ee/administration/auth/ldap/)
+* [GitLab SAML Configuration](https://docs.gitlab.com/ee/integration/saml.html)
+* [GitLab Import from GitHub](https://docs.gitlab.com/ee/user/project/import/github.html)
+* [GitLab CI/CD Documentation](https://docs.gitlab.com/ee/ci/)
 
 Internal Links:
 * [Government Funding Lapse Plans](../documentation/gov-funding-lapse/README.md)
@@ -137,3 +181,5 @@ Internal Links:
 
 - 1.0.0 -- 2024-06-15
   - initial proposal
+- 1.1.0 -- 2024-06-22
+  - added GitLab contingency planning requirements