Incubation Engineering GCP Project
Group Project Request
- Project / Group Name (<17 characters and start with
group-
): group-incubation - Project Administrator (email): jshaw@gitlab.com
/cc @bmarnane
Provide a brief overview of the reason for this project and why it is needed and for how long it will be used.
Incubation engineering department projects (https://about.gitlab.com/handbook/engineering/incubation/) will be able to use this project to stage systems that aren't built directly into the main GitLab.com project. This area will be used for staging and internal dogfooding.
This will be active alongside the Incubation Engineering department for the long term.
Initially this will be used to host the APM solution (https://about.gitlab.com/handbook/engineering/incubation/monitor-apm/). See existing APM design here - gitlab-org/incubation-engineering/apm/apm#7 (closed). An existing discussion thread for infrastructure for this project is here - gitlab-org/incubation-engineering/apm/apm#7 (comment 658857970)
Security
Provide a list of data and the corresponding classification that will be used in this project and how it will be accessed.
Initially, APM data (metrics, logs, traces with associated arbitrary tags) - used internally for staging and testing. No customer data in this environment.
Data classification depends on usage. If staging system data is ingested then this would likely be classified as YELLOW.
Group Project Access Checklist
Make sure the following criteria is met and understood by the project administrator.
-
If the gitlab.com database is copied, that data has been processed by the pseudonymization script. -
Regular security updates are applied to all nodes in the project. -
Unused instances will be removed in a timely manner -
The Project Administrator is responsible for any users or additional administrators that they add to the project -
The Project Administrator is responsible for justifying any cloud spend within the project. -
Group Projects are intended for development, test, or demo work. Everything in these projects is considered temporary.
Infrastructure Tasks
-
Create a new branch that is not the same as the group name and is less than 25 characters long. For example, add-telemetry-group
. -
Create file in https://ops.gitlab.net/gitlab-com/group-projects named environments/(group name from above).tfvars
by copying an existing file and changing the Administrator and Group Name variables -
Once the pipeline succeeds, review the changes are correct and stop the review by activating the stop_review
job -
Merge the change to master -
Create a branch from master named (group name from above)
and push -
Verify that the pipeline completed successfully at https://ops.gitlab.net/gitlab-com/group-projects/pipelines -
(Optional) If the group does not start with group-*
orgitlab-qa-*k
, add the newly created branch as a protected branch.