Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

This document outlines the steps to get all the accounts and tools required to develop with Minerva, Waterloo Rocketry’s slackbot.

Setting up your Local Development Environment

As Minerva is a Nodejs application, you will need to have it installed in your development environment to develop with it. While Minerva is currently running on Nodejs 16.x, you should be fine to download the latest LTS (Long Term Support) version, which at the time of writing is 18.x. You can download Nodejs here.

As Minerva’s codebase uses ESLint for linting, it is recommended that you install an ESLint integration for your code editor of choice, which can be found here.

Setting up the Codebase

The first step to setting up Minerva’s codebase locally is to clone it from GitHub. Once cloned, open up a terminal in the repo’s root directory and run the npm install command to install all required dependencies.

Once dependencies have been installed, you can verify that everything is working properly by running the application’s unit tests. This can be done through the npm test command.

If the tests run then you are most likely good to go!

Access to the Development Slack

The Development Slack is a free Slack workspace that is used to test the development deployment of Minerva. You can join it by either:

  • Using the “Development Slack Invite” link that is pinned in the #software channel in the main Waterloo Rocketry Slack

  • (if you are a single-channel guest who does not have access to software) Asking for the invite link from someone who has access to the #software channel

Note that since the development Slack is on a free plan, messages posted in it effectively have a 90-day retention period. Therefore, only use it for testing Minerva and leave conversations to the main Slack.

Access to the Development Google Calendar

The Development Google Calendar is the Google Calendar that the development Minerva interacts with. You can view it here.

In order to get edit access to the calendar, which is essential for testing Minerva’s calendar functionality, send a Slack DM to one of the primary contributors to the project, or to the Software Lead.

Instructions for onboarders

New users should be invited and given the “Make changes to events” permission on the Google Calendar once added. If you do not have “Make changes and manage sharing” permissions for the Google Calendar, and are therefore unable give them edit access, you can use the Development Google Account to give yourself the permissions to do so.

Access to the AWS Console

For making changes to Minerva’s infrastructure and viewing logs you will need access to the AWS console. This console can be accessed here.

Accessing the AWS console requires the creation of a user account to login with. To have a user account created for yourself, send a Slack DM to one of the primary contributors to the project, or to the Software Lead.

Instructions for onboarders

Overview

Three IAM user groups currently exist for our AWS account:

  • AWSAdmin - Only to be given to Software Lead + highly trusted developers. Gives the AdministratorAccess permission policy to users, which gives you access over everything (except for billing). This should also be the only role that can create new user accounts.

  • AWSUser - Gives full access to services such as Lambda, EventBridge, API Gateway, S3, and Cloudformation. To be only given to trusted users who actually need direct write access to AWS infrastructure, which is likely no one as changes can be made through the CDK stack in a much more transparent way.

  • AWSUser_ReadOnly - The default group to assign to new users. Gives read-only access to all the necessary services.

Note that the non-admin groups have the DenyKMS policy, which prevents them from viewing the environment variables that are used by all lambda functions on the account (and therefore the secrets that they use). This is necessary as AWS Secrets Manager does not have a free tier. When creating new user groups, ensure that this policy is applied to it unless it is an admin-like role.

Creating new AWS user accounts

  1. Navigate to the “create user” page in IAM

  2. Enter a user name for the account. Make it something straightforward, like the individual’s WatIAM ID (e.g. cwijesek)

  3. Check the “Provide user access to the AWS Management Console” box, check the “I want to create an IAM user” radio button (we’re not using AWS Identity Center…for now), and click “next”.

  4. Select the User group that you want the user to be a part of. In almost all cases, this is just the AWSUser_ReadOnly group. Click “next”.

  5. Verify that all the configurations are correct and if so, click on the “Create user” button.

  6. Send the listed user name and console password to the individual that you are creating the account for. Note that the password provided is temporary and on the user’s first login they will be prompted to change it.

(Optional) Access to the Development Google Account

  • No labels