Description

This issue is meant to house conversation on finalizing the spec for modifications to Hubcast itself.

Exit Criteria

• Consensus reached on spec by hubcast team
• Finalized spec moved to appropriate location e.g. docs/specs

Hubcast

sequenceDiagram
	participant GitHub
	participant RelayServer
	participant SiteBoundary
	participant RelayClient
	participant Hubcast
	participant UserMappingService
	participant GitLab
	Note right of SiteBoundary: Site Internal
	RelayClient->>Hubcast: Forward events
	Note over RelayServer: Downtime
	Hubcast->>GitHub: Retrieve missed events from downtime
	Hubcast->>GitHub: Validate events
	Hubcast->>GitHub: Check approval
	Hubcast->>UserMappingService: Map GitHub user to Site user
	Hubcast->>GitLab: Git push as Site user

Description

Hubcast will operate in much of the same way as it does prior to these enhancements except for a few notable changes:

• Events are untrusted on receipt and must be validated against their source e.g. GitHub
• Events are not acted upon unless there is explicit approval via comment on GitHub
• The commenter is evaluated for trust against the UserMappingService and the resulting user (if found) is used for evaluating approval and performing git operations (if approved).
• In the event of a downtime at the RelayServer, Hubcast can reach out to GitHub to retrieve events from a given interval

API

• events
  • POST event
• Calls GET event on GitHub
• Calls GET pull-request on GitHub
• Calls GET user on UserMappingService
• Calls git fetch github from GitHub
• Calls git push gitlab <ref> to GitLab