MDO Product Team Internal Access

Product Team developers will require appropriate platform access to run and monitor pipelines. Below is a step-by-step process for provisioning access.

Initial Access

Create a Platform One account. (Anyone on the internet can do this.)

ILX Authorized Access

IL2

• Have your designated Team Lead / Onboarding Supervisor fill out the access request form to grant you access.
• In the form, your Team Lead will request what type of access is needed (i.e., Jira, Confluence, Mattermost, and/or Gitlab).

Product Team Leads

To add new users to the Platform One Mattermost space, click Menu → Invite People → Add members

This will allow members to see all Public Platform One Mattermost channels.

IL4/IL5

• IL4/5 Authorized Access is granted automatically by logging in with a Common Access Card (CaC)–guidance for doing so can be found on the military CAC site.
• To request IL4/5 GitLab access, Open a service desk ticket . (NOTE: You can also request IL4/5 Jira and Confluence access within that ticket, though it's unlikely you'll need or use it, as the MDO team communicates with Product Teams exclusively through IL2 Jira and Confluence.)

Party Bus Tool Access

• Join the Pipeline Assist channel in Mattermost.
• Developers will have high-level GitLab access after acquiring ILX Authorized Access. Product Team leads must grant any additional, or application-specific access by adding new users to the appropriate GitLab groups.

MDO Tool Access

ASSUMPTION

All team members have been granted ILX/GITLAB, ILX ATLASSIAN, ILX MATTERMOST keycloak groups for access to the basic Platform One tools.

• If your application is being onboarded to Party Bus:
  • The MDO team requires a list of emails for the developers who need access to the below tools. Comment on your application's Epic on the Customer Onboarding and Tracking (COT) project with this list of emails.
• If your application is already running in Party Bus and you'd like to provision access for a new developer:
  • Open a service desk ticket

Tools

• SonarQube: Access is granted for the same Impact Level the application's code repository is stored in:

  • https://sonarqube.il2.dso.mil/
  • https://sonarqube.il4.dso.mil/
  • https://sonarqube.il5.dso.mil/

• Fortify: Access is granted for the same Impact Level the application's code repository is stored in:

  • https://fortify.il2.dso.mil/
  • https://fortify.il4.dso.mil/
  • https://fortify.il5.dso.mil/

• ArgoCD: Users will already be able to access ArgoCD, in whichever Impact Level they have access to. However, MDO must add users to specific groups that determine what users can view within ArgoCD. All developer users, regardless of Impact Level, will be added to the same access groups and have the same permissions (i.e., all developers will have the same IL2 view, or IL4 view). Before logging into ArgoCD, users should onboard their device by following the appgate installation instructions to install the CNAP AppGate SDP Client. This application must be running for the user to access ArgoCD.

  • https://argocd-il2.admin.dso.mil/
  • https://argocd-il4.admin.dso.mil/
  • https://argocd-il5.admin.dso.mil/

NOTE

Product Teams are not granted access to the Twistlock UI. (Twistlock failures are only viewable in pipeline logs.)