modernisation-platform icon indicating copy to clipboard operation
modernisation-platform copied to clipboard

Published 20 hours ago verified publisher icon ministryofjustice

Spike: How to run configuration tasks via code on the platform

Open davidkelliott opened this issue 1 year ago • 1 comments

User Story

As an MP user I want to run configuration tasks on the modernisation platform via code So that I can manage my infrastructure reliably

User Type(s)

MP Users

Value

Enables users to run manage their infrastructure via code securely

Assumptions / Hypothesis / Questions / Unknowns

This has come out of from different requests with similar problems -

  1. Wanting to use Terraform to create, share and restore snapshots as part of a data refresh process.
  2. Wanting to use Terraform to manage a redshift cluster.
  3. Wanting to run Ansible against EC2s

Proposal

We look into how this is possible, potential ideas include pipelines using the configuration management repo and OIDC. See this slack thread for more context.

Unknowns

How to do this securely so that people can't access other people account if using a single repo. Which tools to use? Terraform, Ansible, both? Are there others which may be better or requested in the future?

Definition of done

  • [ ] spike completed and findings presented to the team
  • [ ] issues created if further action required
  • [ ] another team member has reviewed
  • [ ] tests are green
  • [ ] UR test OR added to continual research plan

Reference

How to write good user stories

davidkelliott avatar May 23 '23 14:05 davidkelliott

@davidkelliott to write an ADR for what we have so far

SimonPPledger avatar Jun 13 '23 10:06 SimonPPledger

https://github.com/ministryofjustice/modernisation-platform/pull/4814

davidkelliott avatar Aug 17 '23 15:08 davidkelliott