Update `GitLab Workflow VS Code Extension` instance-wide OAuth Application on GitLab.com

Production Change

Change Summary

This change changes the instance-wide OAuth app in gitlab.com production the users of OSS Code with GitLab VS Code Extension can log in using OAuth2.0

Change Details

1. Services Impacted - Production gitlab.com (I didn't find the services list in the handbook)
2. Change Technician - @T4cC0re
3. Change Reviewer - @T4cC0re
4. Time tracking - 10 m
5. Downtime Component - none

Change Steps - steps to take to execute the change

Pre-Change Steps - steps to be completed before execution of the change

Estimated Time to Complete (mins) - 5

• Set label changein-progress on this issue

Change Steps - steps to take to execute the change

Estimated Time to Complete (mins) - 5

• Have admin access to GitLab.com

• On the top bar, select Menu > Admin.

• On the left sidebar, select Applications.

• Edit the "GitLab Workflow VS Code Extension" appliaction.

• Add this third line to the Redirect URI text area:

    vscode://gitlab.gitlab-workflow/authentication
    vscode-insiders://gitlab.gitlab-workflow/authentication
  + code-oss://gitlab.gitlab-workflow/authentication

• Save the application

• Set label changecomplete on this issue

Post-Change Steps - steps to take to verify the change

Estimated Time to Complete (mins) - 5

• let @viktomas (slack handle @Tomas Vik) know that the change has been made
  • the secret would be nice-to-have, but I don't want to go through the hustle of creating AR for SRE on Call to get access to the VS Code 1Password vault

Rollback

Rollback steps - steps to be taken in the event of a need to rollback this change

Estimated Time to Complete (mins) - 5

Same procedure as the change steps, but remove the third line:

  vscode://gitlab.gitlab-workflow/authentication
  vscode-insiders://gitlab.gitlab-workflow/authentication
- code-oss://gitlab.gitlab-workflow/authentication

Monitoring

Key metrics to observe

• Metric: Metric Name
  • Location: Dashboard URL
  • What changes to this metric should prompt a rollback: Describe Changes

Change Reviewer checklist

C4 C3 C2 C1:

• Check if the following applies:
  • The scheduled day and time of execution of the change is appropriate.
  • The change plan is technically accurate.
  • The change plan includes estimated timing values based on previous testing.
  • The change plan includes a viable rollback plan.
  • The specified metrics/monitoring dashboards provide sufficient visibility for the change.

C2 C1:

• Check if the following applies:
  • The complexity of the plan is appropriate for the corresponding risk of the change. (i.e. the plan contains clear details).
  • The change plan includes success measures for all steps/milestones during the execution.
  • The change adequately minimizes risk within the environment/service.
  • The performance implications of executing the change are well-understood and documented.
  • The specified metrics/monitoring dashboards provide sufficient visibility for the change.
    • If not, is it possible (or necessary) to make changes to observability platforms for added visibility?
  • The change has a primary and secondary SRE with knowledge of the details available during the change window.
  • The labels blocks deployments and/or blocks feature-flags are applied as necessary

Change Technician checklist

• Check if all items below are complete:
  • The change plan is technically accurate.
  • This Change Issue is linked to the appropriate Issue and/or Epic
  • Change has been tested in staging and results noted in a comment on this issue.
  • A dry-run has been conducted and results noted in a comment on this issue.
  • The change execution window respects the Production Change Lock periods.
  • For C1 and C2 change issues, the change event is added to the GitLab Production calendar.
  • For C1 and C2 change issues, the SRE on-call has been informed prior to change being rolled out. (In #production channel, mention @sre-oncall and this issue and await their acknowledgement.)
  • For C1 and C2 change issues, the SRE on-call provided approval with the eoc_approved label on the issue.
  • For C1 and C2 change issues, the Infrastructure Manager provided approval with the manager_approved label on the issue.
  • Release managers have been informed (If needed! Cases include DB change) prior to change being rolled out. (In #production channel, mention @release-managers and this issue and await their acknowledgment.)
  • There are currently no active incidents that are severity1 or severity2
  • If the change involves doing maintenance on a database host, an appropriate silence targeting the host(s) should be added for the duration of the change.