PR#271: Add communishift user documentation - infra-docs-fpo

infra-docs-fpo

#271 Add communishift user documentation

Merged 4 months ago by zlopez. Opened 5 months ago by zlopez.

zlopez/infra-docs-fpo Communishift into master

Add entry about personal data

Michal Konecny • 4 months ago

da97734

Add link to official documentation

Michal Konecny • 4 months ago

72c1fbe

Add note to end of the file

Michal Konecny • 4 months ago

0aae7a0

Add communishift user documentation

Michal Konecny • 4 months ago

1e1e823

modules/ROOT/nav.adoc

file modified

		`@@ -14,3 +14,4 @@`
		`** xref:services.adoc#_misc[Miscellaneous]`
		`** xref:sle.adoc[SLE]`
		`*** xref:sle_services.adoc[SLE of the services]`
		`+ * xref:communishift.adoc[Communishift]`

modules/ROOT/pages/communishift.adoc

file added

+57

		`@@ -0,0 +1,57 @@`
		`+ = User guide Communishift`
		`+`
		`+ The Communishift is a community`
		`+ link:https://www.redhat.com/en/technologies/cloud-computing/openshift[OpenShift] instance hosted`
		`+ by Fedora. It is meant to host PoC or test deployments for Fedora related projects.`
		`+`
		`+ == Request new namespace`
		`+`
		`+ To request a new namespace in Communishift go to`
		`+ link:https://pagure.io/fedora-infrastructure/issues[Fedora Infrastructure ticket tracker], open a`
		+ new issue and use `communishift` template (look at the `Types` field).
		`+`
		`+ If you need any help with your OpenShift project, please refer to official`
		`+ link:https://docs.openshift.com/dedicated/welcome/index.html[OpenShift documentation].`
		`+`
		`+ == Removal of the projects`
		`+`
		`+ All the projects on Communishift will be deleted every Fedora Linux release (6 months). If you need`
		`+ more than 6 months for your project, please open a ticket on`
		`+ link:https://pagure.io/fedora-infrastructure/issues[Fedora Infrastructure ticket tracker] and explain`
		`+ why your project should not be deleted.`
		`+`
		`+ == Request for additional resources`
		`+`
		`+ There is a quota set per project. In case you need additional resources for your project please`
		`+ open a ticket on`
		`+ link:https://pagure.io/fedora-infrastructure/issues[Fedora Infrastructure ticket tracker] with`
		`+ information about how much resources you need and why you need them.`
		`+`
		`+ == Service usage requirements`
		`+`
		`+ Following is the list of requirements you need to meet with your project to be allowed to have it`
		`+ on Communishift. If the project violates any of those requirements it will rejected and in case it's already`
		`+ running in Communishift it will be deleted.`
		`+`
		`+ . No malicious software`
		`+ +`
		`+ Don't use the namespace to host malicious service.`
		`+ +`
		`+ . Project needs to have some relation to Fedora project`
		`+ +`
		`+ Your project needs to be related to Fedora project. It could be either proof of concept for new Fedora`
		`+ service, test deployment for new Fedora service or some service that could be useful for Fedora community.`
		`+ +`
		`+ . No violation of community policies or code of conduct`
		`+ +`
		`+ Your project needs to adhere to link:https://docs.fedoraproject.org/en-US/legal/[Fedora community policies]`
		`+ and link:https://docs.fedoraproject.org/en-US/project/code-of-conduct/[Fedora Code of Conduct].`
		`+ +`
		`+ . Do not store or handle personal data on Communishift instance`
		`+ +`
		`+ We as Fedora are obligated to follow GDPR related requests and we don't have a way to do that in community`
		`+ managed services. If your service demands to work with user data for any reason, please use FAS for authentication`
		`+ and don't store anything on Communishift side.`
		`+`
		`+ Note that this list is not exhaustive, there may be other reasons we disable or delete your application,`
		`+ but we will make every effort to communicate with you about any such actions.`

zlopez commented 5 months ago

Signed-off-by: Michal Konecny mkonecny@redhat.com

patrikp commented on line 32 of modules/ROOT/pages/communishift.adoc 5 months ago

I think that this is what stopped us originally. How will we know if a project violates the requirements and that we should delete it? Will we (CPE team) police it? If not then who will?

kevin commented 5 months ago

I would suggest adding to the end something like "Note that this list is not exhaustive, there may be other reasons we disable or delete your application, but we will make every effort to communicate with you about any such actions"

I think that this is what stopped us originally. How will we know if a project violates the requirements and that we should delete it? Will we (CPE team) police it? If not then who will?

Well, I think it's like anything else in fedora (packages, git repos, wiki pages). We ask people to say they will not violate the requirements and then if someone tells us they do or we notice it, we take action.

1 new commit added

Add note to end of the file

5 months ago

zlopez commented 5 months ago

I added the note that @kevin mentioned. The template in fedora-infrastructure repo is now available as well, as I didn't noticed that this should be pushed directly to tickets repo. Thanks @kevin for pointing that out.

@patrikp As @kevin said, if somebody reports that the service hosted in communishift is doing something they shouldn't we will delete it. Otherwise we need to have a job or mention this in release documentation that all the projects will need to be deleted after new Fedora release. I'm not sure where the post release check list is documented right now, but it should be part of it.

Maybe having a ansible playbook that will do that with the list of whitelisted projects that should stay is a good idea as well.

1 new commit added