Projects

We utilize multiple Google Cloud projects and folders to organize our workloads and manage access control for our engineers, as well as limit the scope of roles and service accounts across projects.

All Permanent Projects and permissions are defined in infrastructure/gcp. Temporary projects should be created as needed in Engineering Projects

Root Projects

These projects contain per-project permissions.

• TelligentSourcegraph: Data pipeline and storage for pings and Cloud event logging.
• Universities: Sourcegraph instances for universities.
• sourcegraph-interviews: Shared project for interviews.

Folders

Engineering Projects

Contains projects used by individual engineers. Engineers are expected to remove all their resources once they are done testing. All projects must be prefixed with $name- (the name of the owner).

Generally, these projects should be short-lived and shutdown by the engineer when it is no longer needed (this will delete all resources in the project). Longer lived projects should be put in another folder and cloud-devops should be contacted for review. Short term projects do not need to be added via Terraform but longer term projects should be stood up via Terraform in the infrastructure repo.

Note: Customer Support team members should provision clusters within the cse-k8s project.

Sourcegraph Cloud

Sourcegraph Cloud projects.

• Sourcegraph: Services for sourcegraph.com.
• Sourcegraph Auxiliary: Testing clusters, deployments and VMs.
• sourcegraph-code-intel: Services for Code Intel code execution that are separated from our production project for extra isolation.
• Sourcegraph CI: Services for our CI cluster and temporary CI resources.

Sourcegraph Security