This is what happened for OpenAppStack last month. We mostly worked on the user management/single sign on interface and Nextcloud. Apart from that we have worked on automatically testing that the monitoring system, Prometheus, works correctly.
We have a very basic first version of the single sign on system that consists of a login page and the capability of connecting to other applications using OpenID Connect. At the moment it is still very crude, but it works. There are two important next steps. The first is to incorporate this into the OAS setup. The second is that we also need an interface to manage the users (create new users, change existing users, etc.)
We added a restriction to Nextcloud. On a normal Nextcloud instance it is possible to install extensions from the “Nextcloud store”. There is no extensive vetting process before an extension can be added to the Nextcloud store. It boils down to the fact that Nextcloud allows people to install extensions that have been built by third parties, which can have malevolent intent.
Apart from that, allowing extensions to be installed on OAS Nextcloud setups can collide with the auto upgrade mechanism: if users install applications we don’t test, they could break when we upgrade their Nextcloud to the newest version.
For that reason we have decided we will restrict the list of extensions that can be installed to Nextcloud. If enough users need a specific extension, we can add that extension to our list and automatically test if that extension works with the newest Nextcloud before rolling out an upgrade.
We made an automatic Prometheus test that makes sure that Prometheus can connect to all the applications’ monitoring end points. Although the test does not succeed yet, this is an important addition to our setup process. It means that, eventually, whenever we change something, we can make sure that the monitoring of the changed product will not break.
Here’s a selection of other small but important tasks we did: