mgmt/mgmt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
efa55a661e60727adb405a213587f636a88f719d
mgmt/docs/notes.md
scott efa55a661e local changes
2026-04-07 13:34:26 -07:00

12 KiB
Raw Blame History

TODO

UI changes

  • Remove Attention needed card on dashboard
  • Add an Archived state for certs/licenses (not just expired)
  • Add expired in card for licenses and certs on Dashboard
  • Projects overview page- 1 column for people, make their names pills
    • fix tooltip email copy functionality
  • more padding on right edge for at a glance
    • cards within cards like screenshot

New work

  • add concept of paid, unpaid, non-billable user for that project core users, collaborators, standing
  • change from core to collaborator first check if someone else is paying for them or flag as standing
  • new Users page
    • Shows all groups person is attached to
    • show history of project movement/permissions modified
    • projects should be clickable

Integrations

  • RDS integration
    • easier swap via helm to connect to AWS RDS postgres instance
  • keycloak integration
    • to list users in Groups/Projects
    • add/remove users
    • get/modify permissions per user per project

TODO

Dashboard

OSA Suite -> OSA Tools Management Suite
logo in top left ![alt text](image.png)
whitespace on cards instead of dynamic sizing
Expiring Licenses section is a lie
Whole other dashboard for non-VELA users

Projects

Labels need more contrast from names
make PM leftmost
# Project details
    Make PM leftmost
    Userlist sortable, serchable, 15 names page size maybe editable
    Privileges are for this app only
    Cost calculator default users

Certs

remove project from Cert details have it prepopulate the fields on the detail screen? Click to View Private key notes under description why is common name a different font?

Licenses

why are they all onboarding?
Change onboarding to pending
How to retrieve attachments (want to view all and download multiple files)

Admin

Feedback > click on image doesn't open it
    Not allowed to navigate top frame to data URL:
default rate does nothing
Alerts per person?
link to it should be Settings

User

add to project list is too small, not full?
    make search box
Rule: Users can only be core on one project
make it clear permissions are just for this app

Round 3

Dashboard [x] Expiring Licenses/Certs > Show number of expiring [x] top cards > float pills to bottom [x] Expiring Licenses/Certs > five instead of three

Project [x] cost calculator needs commas [x] POCs > Title as a yellow pill on upper right [x] CSUM remove in addition to icon [x] add details: Last Verified, Service, Agency, Cost Center [x] add Verify Button (show when next due by) [x] Keycloak add attribute: "sponsor" [x] remove billing type dropdown, just show sponsored or Sponsored by another program [x] Via keycloak attribute? [x] remove add user [x] Change Edit Project button [x] At a glance > Users > +1 collab? [] Show how many will be billed next month [x] remove leading slash on Rate and Est Cost [x] if user added to permission, check if they are sponsored. If not, they must sponsor that person (warning message)

Certs [x] store passphrases [x] Issuing CA should be commonName of Issuer for DoD [x] CommonName column should show alt names too

Settings [x] default rate still does nothing? [x] Push to keycloak didn't work but connection is healthy? [x] grey in background in light mode [] settings > themes with colors

Users [x] Open users in keycloak link?? [x] breadcrumb has number instead of name [x] Add to project > search and full width [x] Deactivate button? [x] Add to project errored [x] Be able to switch sponsor project from user screen [] No sponsor account deletion countdown [] And email to other teams [x] Users can see all projects/permissions/sponsor for themselves, other people can see whichever teams they're also on

Round 4

[x] releasing sponsorship doesn't update table. I'm going to need more/better error messages [x] lock down sponsoring and project editing to admin users [] Make the app permissions clear [x] user selection kinda sucks for multiple [x] remove rate edit field from projects [] Replace At a glance "rate" card with Est cost next month based on current sponsored x rate [x] group mgmt- when filtered on left, reset user pane on right [x] User sync vs discrepancy management- why both? I want more of a BeyondCompare red/green sync Settings should get a red dot if sync is off [x] tooltip on verification button with things to verify [] POC's under details inline with Verification?

Users associated table [x] First Last, email underneath [x] last accessed

[x] User detail- mark which project is sponsoring the person on that row [x] some way to show they're on other projects too, but that info isn't allowed to be displayed

Debug

[x] Create user > How to sync to KC so we can add to project? [x] Settings: sync newly created user Keycloak error 400: POST /users [x] Project details: unsponsor Failed to clear sponsor in Keycloak [x] adding users does nothing, but shows "Member added". Even if trying to add pre-existing user

[x]

Downtime Tracker fields

[x]- service name [x]- enclave [x]- Disabled/limited [x]- planned/unplanned [x]- start/stop [x]- During/after work hours [x]- time to resolution [x]- Reason for outage [x]- Resolution

Future ideas to flesh out

[x] Group management roles/multi app select [] Normal user dashboards - statuses - outage log - portal tiles, links, etc [x] Billing mgmt area [x] scalability checks [x] backups via API? k8s cronjob? send to S3? database for sure, any other data?

[] CICD pipeline [x] Scan via bdba

Round 5

[x] rate is changed in Settings, and put out to all projects immediately [x] Users see it in the project details At a Glance and cost calculator [x] business rule: can't go back to onboarding [x] colors on PM pills on project overview page [x] eliminate redundant breadcrumbs [x] Project Details > Add Member: Can select same person again and again. [x] multi-select? [x] Just says they're not sponsored by the project, needs to reflect overall sponsorship [x] Service and Agency- user drop-down, setting in Settings [x] Dust off Helm Chart, prepare for deployment [] create argocd manifest [x] pull to local does not remove entry in discrepencies

[x] add external secret [x] trust our certs [x] option to ignore for keycloak? [x] OOM on frontend?

[x] audit log viewer [x] multiple cacerts

Round 6

[x] project verification setting - default 90 days [x] Dashboard > add Unverified count (and auto filters to verified status) [x] Dashboard > cards > show total of expiring [x] Users list- quick disable user via row button [x] Licenses - row level archive (and certs) [x] Total number of non-archived Licenses and certs [x] Users total count [x] Downtime tracker > required fields: App, start, enclave, scope, planned [x] Downtime tracker > Safari start/end time [x] Notify person who put downtime tracker entry in 3pm every day until Resolution is filled out [x] Audit log filters broken- no they aren't [x] audit log has numeric IDs instead of names in Target field [x] delete Unknown users [x] filter by service/agency [x] number of seats if license type is seats [x] unsponsor warning dialog is gone on project details [x] user detail page- see what permissions a user has per project [x] debug logs Cleanup failed: name 'datetime' is not defined

Round 7

[x] adding cert- name too long [] doesn't pull CN [x] adding private key to a cert later doesnt work [x] p7c p7b support [x] update table immediately with neew cert [x] drag and drop private key? [x] Project overview count/number [] some of the recent activities didn't have enough info [x] remove sponsored count from dashboard [x] expiring licenses/certs- back to 3 and a scroll list [x] Projects detail view - Have ability to export users list [x] Project detail view - Release sponsorship dialog - add section to suggest going to user view and "switch" projects as an option [x] Project detail view - Restrict PM POC to gov only - RCA: yes, true this is a rule but hard to implement; maybe based of email and look for .civ but I suspect there will be edge cases where a project pm does not have flankspeed. just have a line under the box saying this user should be a govvie [] service accounts [x] report of licenses, vendor, manufacture p/n, cost, start / end dates. [x] License add / edit view - add field for "manufacture's p/n" (part number) [x] Downtime tracker- app name as dropdown, settable in Settings [x] pod keeps trying to hit http://keycloak... URL. Needs to be HTTPS. [x] python is still using sqlite? — removed all SQLite, Postgres required everywhere [x] frontend dockerfile

Randy's notes

[o] Projects - list and detail view - admin is too vague; change to "project admin" or "technical POC" - RCA: since POC is assumed then "technical" by itself may not look right. adding project seems odd to me also. I disagree with the need for this change but going with the group input on this. [x] Projects detail view - Have ability to export users list [] Project detail view / groups in general - rename "mgmt." groups for managing this app to something clear - RCA: mgmtsuite? [x] Project detail view - Release sponsorship dialog - add section to suggest going to user view and "switch" projects as an option [x] Project detail view - Restrict PM POC to gov only - RCA: yes, true this is a rule but hard to implement; maybe based of email and look for .civ but I suspect there will be edge cases where a project pm does not have flankspeed. [] User / group management - add service account - RCA: this needs to be explored a bit but in general if we tie it to a project, then the service account should then show as a selectable user for that projects groups. Ok to assume service account matches the project key. To figure out is how to handle service account in keycloak, ignore inactivity rules, change password, create tokens in the apps for access. [x] License list view - provide export button for license list - RCA: I am not clear on the ask for this. I think chad requested. Update: I followed with Chad. They need a "report' of needed licenses, vendor, manufacture p/n, cost, start / end dates. This is a very valid need! Perhaps label as "generate report" vice "export" to prevent confusion on what the button does. [x] License add / edit view - add field for "manufacture's p/n" (part number) [x] Downtime Tracker - Affected application should be a dropdown only to prevent poorly entered data - RCA: provide area in settings to add application to populate the dropdown

Round 8

[x] api documentation [x] billing > can change cost center [x] funding doc # [x] when funding doc # is filled, parses files and auto-fills columns (total, spent, available) [x] api route to set funding doc. Funding doc gets encrypted, then used for that autopopulation. ability to upload manually too [x] billing screen password locked, password re-settable in settings. Warn that resetting will be logged, only govvies should access [x] billing upload- don't need popup about unused funding doc #s [x] more than blur- ensure data doesn't appear until password is entered [x] ensure only non-archived projects on billing page [x] billing page- project keys are links to projects [x] dont display funding doc # until password [x] settings page to upload cost center csv [x] psycopg2.OperationalError: connection to server at XX.rds.amazonaws.com", port 5432 [x] back to secret with cacerts [x] busybox from registry [x] csv upload didn't work- "No file provided" in UI, logs said "POST /api/settings/cost-centers/upload HTTP/1.1" 400 -"