Page MenuHomePhabricator

Create projects from external thing (extension to T3980)
Open, Needs TriagePublic

Description

As an addition to T3980 we'd like the ability to automatically construct projects based on an external thing. For example, instead of having to manually (or via a script) create projects it would be absolutely amazing for us if we can presume that '%ldap%-name-of-ldap-group` maps to an LDAP group. Similarly we have another internal grouping service for employee teams.
If we can automatically have projects be a referenable object it would make our lives a lot easier (as it would avoid us building out the syncing code)

Event Timeline

eadler created this task.Mar 18 2016, 4:40 PM
eadler moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Mar 18 2016, 4:49 PM

How do you imagine Phabricator learning about the existence of new external groups? Just polling a list of every group in LDAP every hour or whatever?

This isn't totally outside the realm of possibility, but I think synchronizing is a hard problem and synchronizing with datasources like LDAP (which don't have a standard format and which we can't access directly to test) makes it harder. At the least, we should weather the storm of T10538 (better-defined synchronization to a public datasource) first.

How do you imagine Phabricator learning about the existence of new external groups? Just polling a list of every group in LDAP every hour or whatever?

Yes.

This isn't totally outside the realm of possibility, but I think synchronizing is a hard problem and synchronizing with datasources like LDAP (which don't have a standard format and which we can't access directly to test) makes it harder. At the least, we should weather the storm of T10538 (better-defined synchronization to a public datasource) first.

Understood.

How do you imagine Phabricator learning about the existence of new external groups? Just polling a list of every group in LDAP every hour or whatever?

Thinking about this a bit more: we'd also be okay with some kind of automatic discovery. In other words only check to see if a new group exists when someone references #%name-of-ldap-group. We'd be okay with whatever you end up deciding is reasonable here.

eadler edited projects, added Restricted Project; removed Restricted Project.Apr 10 2016, 12:44 AM
epriestley moved this task from Backlog to Preflight on the Prioritized board.
cburroughs added a project: Restricted Project.Apr 20 2016, 3:24 PM
cburroughs moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Apr 20 2016, 3:56 PM

I think this was building up toward T10939, and the actual solutions we're looking at there probably don't involve this.

eadler moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Jun 6 2016, 5:34 PM
eadler moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Jul 4 2016, 9:06 PM