Onboarding Dave Vigil
POPs Team Member Onboarding for Dave
This issue is used to track the progress of onboarding new team members to POPs. This process includes granting access, performing introductions (to code and to people), establishing team development processes, and so on.
Required tooling
-
docker
-
k3d
-
kubectl
-
flux
-
git
-
kpt
-
stern
-
sops
-
python
-
terraform/terragrunt
-
ansible
-
packer
-
AWS cli
-
buildah/rkt
Access
-
Keycloak account is created by self-registering at https://login.dso.mil -
Retrieve docker login
credentials from https://registry1.dso.mil after signing in with SSO -
Sign in to https://repo1.dso.mil to create user -
Sign in to https://code.il2.dso.mil to create user -
Ask Tim to add you to the VAT and IBFE groups
-
-
Access to bootstrap and pipeline repositories via the @ironbank-notifications/pops group -
Onboarding request put in viva gov lead (currently Zach) to get access to required groups in Keycloak -
Mattermost access -
IL2 -
IL4 -
Access to the POPs channel in both IL2 and IL4
-
-
-
Keycloak membership for the POPs admin endpoints/bastions -
AppGate installed and profile configured (see instructions linked for profile link [step 4]) -
AWS Access Keys -
Request AWS Access keys from POPs team member. Sent over IL4 chat OR DoD Safe.
-
-
Add your public key to this repo https://repo1.dso.mil/platform-one/private/big-bang/ironbank/ironbank-bastion-keys -
Kubeconfig for mario/zelda/prod -
Chat: https://il2.dso.mil -
Join Platform One team, and channels: -
POPs Not So Freeman -
Value Stream - Iron Bank -
Team - Container Hardening -
Team - Iron Bank Pipelines and Operations
-
-
Validation
-
New member can access the following endpoints: -
kubectl
commands can be run againstmario
andzelda
(prod
is privileged) -
Access to https://aws.cdl.af.mil/
Useful links to know
- Platform1
- ECA Token
- IronBank Pipelines
- IronBank Bootstrap
- IB Containers
- Confluence
- Harbor
- Staging - Zelda
- Staging - Mario
Cloud One notes
Cloud1 Access: Cloud1 login
Prerequisites:
-
CAC -
ECA
For ECA login:
Please send your full CN String. The required information is listed below.
ECA holders will need to request a manually created SLAM account for authentication to Cloud One. Please send an email to aflcmc.cce.helpdesk@us.af.mil with the following required information: ECA Certificate Subject - This information is equivalent to the CN string on a CAC. Examples ORC Issued Certificate:
-
CN=LastName.FirstName.MI.ORC(10 digit identifier).ID, -
OU=(Company), -
OU=ORC, -
OU=ECA, -
O=U.S. Government, -
C=US
IdenTrust Issued Certificate:
-
CN=FirstName MI LastName:(30 character alpha/numeric identifier), -
OU=(Company), -
OU=IdenTrust, -
OU=ECA, -
O=U.S. Government,C=US Email address of the ECA holder Citizenship - U.S. or Foreign National
C1_FAMS_Dev_Zone_C_Mission_System_User_Guide__1_.pdf
Access to:
-
platform1-il5-partybus #410581059089 -
platform1-il4-partybus-prod #804587861055 -
platform1-il2-deploy-dev #830707703829 -
platform1-il2-ironbank-dev #341294496617