Monorepo allows for easier code sharing across projects. Locating all code in a single repo makes enforcing standards (such as lint rules) easier. Monorepos complicate access control. Multiple repositories on GitHub allow for repo based read/write access control. In a monorepo, all users have global read and write. To solve the write access problem, a land queue will be built. All users will still retain global read, however merges will be done exclusively via the land queue. The land queue will enforce security policy.
The GitHub meta API is used to fetch a list of GitHub's IP addresses. The AppEngine firewall is configured to drop traffic not coming from GitHub.
Favor asynchronous work over synchronous
GitHub expects that integrations respond within 10 seconds of receiving the webhook payload. If your service takes longer than that to complete, then GitHub terminates the connection and the payload is lost. https://developer.github.com/v3/guides/best-practices-for-integrators/#favor-asynchronous-work-over-synchronous
After a webhook payload is processed by Flask, it's submitted to Cloud Pub/Sub. An event listener then picks up the payload and processes it.
- AppEngine Standard
- Python 3.8
- Flask
- As an engineer, I want to merge my pull request by adding a
land requestedlabel so that the code is merged automatically. - As a security engineer, I want to ensure access control on folders in the monorepo so that engineers don't have global write access.
- As an infrastructure engineer, I want to calculate productivity metrics (such as diff land time) to understand the health of the land queue.
- Deploy a webhook server using doodla/octohook to parse the payload.
- Create an event listener for Cloud Pub/Sub.
- See contributebot for Pub/Sub example
- Define terraform rules to deploy AppEngine infrastructure automatically.
- See main.tf as an example.
- When a
land requestedlabel is applied to a pull request, squash merge the pull request.- The pull request title represents the commit title. The pull request body is the commit body.
- Ensure there's at least 1 non-author reviewer that has approved the pull request before merging.
- Dynamically apply AppEngine firewall rules via github meta to only accept inbound from GitHub's IP ranges
- Define access controls per directory. Store a file in
.github/.landqueueusing the code owners format (same as git ignore). Code can't be landed into a protected folder unless an owner has approved. - Build out a testing strategy using a mock server
- Define a strategy for handling merge conflicts / providing feedback to PR owners
- Detect when merges will conflict with other pull requests. Prefer to keep master stable by merging in a stack.