-
Notifications
You must be signed in to change notification settings - Fork 43
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add docs for user management and invitations #3837
Merged
jhrozek
merged 7 commits into
mindersec:3795-add-docs-for-user-management-and-invitations
from
evankanderson:3795-add-docs-for-user-management-and-invitations
Jul 24, 2024
Merged
Changes from all commits
Commits
Show all changes
7 commits
Select commit
Hold shift + click to select a range
2016063
Add conceptual docs on projects, document how to create new projects,…
evankanderson ec393c0
Add role requirements to how-to prereqs
evankanderson 9d0dd93
Clarify one role per project
evankanderson b77c212
Rewrite adding users to describe invitations
evankanderson caea36c
Undo excessive prettier formatting
evankanderson e7cf2f8
Update docs/docs/how-to/create_project.md
rdimitrov 2a6988f
Switch naming from Stacklok (vendor) to Minder (project) in documenta…
evankanderson File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
--- | ||
title: Creating a New Project | ||
sidebar_position: 90 | ||
--- | ||
|
||
When you log in to Minder without a project, Minder will automatically create a | ||
new project to manage your entities (repositories, artifacts, etc). It is also | ||
possible to create additional projects after you have created your Minder | ||
profile, for example, to create different projects for different organizations | ||
or teams you are a part of. Note that | ||
[Minder Projects](../understand/projects.md) can collect resources from several | ||
upstream resource providers such as different GitHub organizations, so you can | ||
register several [entity providers](../understand/providers.md) within a | ||
project. | ||
|
||
## Prerequisites | ||
|
||
- A Minder account | ||
- A GitHub organization you are an administrator for which does not have the | ||
Minder app installed on. | ||
|
||
## Creating a New Project | ||
|
||
To create a new project, enable the Minder GitHub application | ||
([Minder by Stacklok](https://github.com/apps/minder-by-stacklok) for the | ||
cloud-hosted application) on a new GitHub organization. If the GitHub App is | ||
installed on a GitHub organization which is not already registered in Minder, | ||
Minder will create a new project to manage those resources. Using | ||
[`minder provider enroll`](../ref/cli/minder_provider_enroll.md) within a | ||
project to add a new GitHub provider will _not_ create a new project and will | ||
add the selected organization to an existing project. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unfortunately this is not like that right now. We still create a project, we just don't go through the onboarding flow and also show by default the oldest project in the UI (which is the one the user accepted the invite for).
We had a discussion with @jhrozek that we should separate the project creation part from the user creation part, ref. #3826 (implying changes on the client's side - UI and CLI)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ethomson -- are we okay shipping invitations with this change from the PRD & tech design, or do we need to address it before release?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Another note - if the user accepted an invite, but then selects their default project from the drop down menu they will be taken through the onboarding flow for it since it's what the front end does for every new project.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you give me a rough cost on separating user creation from project creation?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we need to figure out what the API call is that creates the user without the project. I need to look and see if it makes sense for
ResolveInvitation
to potentially set up a new user if it's called by someone who is known to Keycloak but not to Minder. If so, the flow for getting a Minder account would be either:ResolveInvitation -> ...
OR
CreateUser -> ...
Right now we're measuring projects primarily, so we probably wouldn't really "see" the additional users on a project from a metrics PoV, which may be okay in general.
The interesting question is what middleware and other plumbing might break by making ResolveInvitation not require a User object already stored in the database.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this will be a small change, if I'm right, I'm about 2/3rds done now (plus tests, so really 40% done).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I made it a medium-size change, and it will need a client release: #3909
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also @kantord for a heads-up; I commented on #3909, but the frontend should not call
CreateUser
before callingResolveInvitation
--ResolveInvitation
will take care of any bookkeeping needed in terms of getting user information. Note that before callingResolveInvitation
, theGetUser
call will also fail.