Page MenuHomePhabricator
Create Task
Maniphest T360647

[Sprint 11 GOAL] SDS 2.5.5 Deliver working prototype for MP Instrumentation Configuration
Closed, ResolvedPublic
Actions

Description

SDS 2.5.5 Hypothesis:

If we build a service for instrument configuration, we can deliver a prototype that is flexible enough to scale in order to integrate with our future experimentation flagging solution.

Architecture diagram:
https://miro.com/app/board/uXjVMtGrgVc=/?moveToWidget=3458764579792923671&cot=14

Tickets:

  • Development Environment Setup:
    • Create gitlab repos
    • Wire CI
    • Create helm charts
    • Setup documentation
    • Create Dev Docker Env(s)
    • Deployment for each app and extension
    • Setup monitoring and dashboards
  • Authentication
    • openid-client to authenticate users using CAS-SSO
    • We propose authenticating and authorizing users using OpenID Connect, implemented in openid-client, and CAS-SSO as the OpenID Connect Issuer. Because the app will not make API requests to any third parties, we propose implementing the Authorization Code Flow and storing the user identity, session ID, and an HMAC in an httpOnly session cookie (herein “the session cookie”).
  • Security review of openid-client
    • Has it already been security reviewed? >> T358115
    • Request new LDAP group for users of the app
    • Implement Authorization Code Flow in app
    • Implement post-auth flow LDAP group check
    • Implement generic Double Submit Cookie methods for use when displaying forms
      • Generate
      • Validate
  • Backend:
    • Wikimedia’s service-scaffold-node
    • Routing
      • see Instrument Configurator – Design Document
      • All routes require authentication and authorization except where noted otherwise.
    • Logging - mwbot to add entries to the SAL
    • Datastore - knex or pg to query the Data Products PostgreSQL cluster
      • Setup DB see T331516
      • Data Model
      • Access from
        • Backend API
        • Frontend Client
  • Frontend:
  • MediaWiki Extension
    • The Metrics Platform MediaWiki extension will implement a hook handler for the ESC hook. The hook handler will fetch the instrument configuration from the app (via the GET /api/v1/instruments route), adapt the response to match the expected format, and return the result.
    • Deploy the stub as soon as possible(important avoid two week delay)
    • Approval process for deploying everywhere?
    • Hook handler for the hook that EventStreamConfigs will use
    • Fetch instrument config from Backend API
  • EventStreamConfiguration
    • We will update ESC to be able to fetch stream configurations from other sources via a hook. ESC will be responsible for merging the stream configurations.
      • No deep-merge multiple stream configurations
      • Static configuration gets highest priority
  • Caching - Instrument Configurator – Design Document

Related Objects
Search...

Event Timeline

VirginiaPoundstone created this task.Mar 21 2024, 3:31 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMar 21 2024, 3:31 PM
cjming updated the task description. (Show Details)Mar 21 2024, 3:45 PM
cjming updated the task description. (Show Details)Mar 21 2024, 3:54 PM
cjming updated the task description. (Show Details)
cjming updated the task description. (Show Details)Mar 21 2024, 4:05 PM
cjming updated the task description. (Show Details)Mar 21 2024, 4:18 PM
cjming updated the task description. (Show Details)Mar 21 2024, 7:35 PM
cjming mentioned this in T360707: [Epic] MP Instrument Configurator Backend.Mar 21 2024, 7:57 PM
cjming mentioned this in T360731: [Epic] MP Instrument Configurator Frontend.Mar 22 2024, 1:52 AM
cjming added a subtask: T360707: [Epic] MP Instrument Configurator Backend.Mar 22 2024, 2:44 AM
cjming added a subtask: T360731: [Epic] MP Instrument Configurator Frontend.
cjming mentioned this in T360736: [Epic] Build the mechanism to adapt and deliver the output of the MPIC application.Mar 22 2024, 3:34 AM
cjming added a subtask: T360736: [Epic] Build the mechanism to adapt and deliver the output of the MPIC application.Mar 22 2024, 4:01 AM
cjming mentioned this in T360740: [Epic] Setup a development environment for the MPIC.Mar 22 2024, 4:18 AM
cjming mentioned this in T360741: [Epic] Authentication/authorization for MPIC.Mar 22 2024, 4:26 AM
cjming mentioned this in T360742: [Epic] Build the MPIC data store.Mar 22 2024, 4:34 AM
brouberol mentioned this in T361335: Deploy the MP Instrumentation Configuration application to the DSE k8s cluster.Mar 29 2024, 8:03 AM
VirginiaPoundstone moved this task from Sprint Goals to Done on the Data Products (Data Products Sprint 11) board.Wed, Apr 17, 3:14 PM
WDoranWMF closed this task as Resolved.Wed, Apr 17, 3:18 PM
WDoranWMF claimed this task.
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL