FLX-ENG-RFC-002-US-1.6 - CodePulse Procurement¶
| Field | Value |
|---|---|
| Parent RFC | FLX-ENG-RFC-002 |
| GitHub Issue | #14 - US-1.6 |
| Owner | Raja for payment, Arun for setup |
| Priority | P0 |
| Status | Blocked until account/payment access is available |
| Target window | Day 1 |
Goal¶
Procure CodePulse through the shared Flexli GitHub/account path and connect it to Flexli repositories so passive DORA data collection starts immediately.
Security Rules¶
- Credentials must come from the approved password manager only.
- Do not exchange credentials over Discord, email, issue comments, PR comments, or chat.
- Use OAuth/GitHub App installation with least repository scope.
- Record who authorized the integration and when.
Approaches Considered¶
| Approach | Pros | Cons |
|---|---|---|
| CodePulse SaaS | Fastest DORA baseline, minimal build effort | Requires procurement and OAuth access |
| Harness Free | Budget fallback, usable DORA features | More setup and calibration |
| Build custom metrics | Full control | Not feasible in two days |
Verdict¶
Use CodePulse first. Switch to Harness Free only if CodePulse procurement is blocked for more than five business days.
Implementation Steps¶
- Confirm budget owner and billing approval.
- Sign in using the shared Flexli account through password manager.
- Install/authorize CodePulse GitHub OAuth or GitHub App.
- Select minimum required repositories:
- DMS repository
- mSORT Dashboard repository
- Confirm first PR data ingestion within 30 minutes.
- Share dashboard access with Raja.
- Record setup evidence in the Week 1 scan report.
- Track payment and password-manager access in #67 until setup is unblocked.
Test Cases¶
- CodePulse shows connected Flexli repositories.
- At least one historical PR appears.
- GitHub App permissions match selected repositories only.
- Raja can open the dashboard independently.
Gating¶
- Stop if credentials are unavailable through password manager.
- Stop if OAuth requests org-wide access beyond approved scope.
- Stop if billing owner has not approved payment.
- File a blocker issue if procurement cannot complete by end of Day 1.
Definition of Completion¶
- CodePulse account is live.
- DMS and mSORT Dashboard are connected.
- First PR data is visible.
- Dashboard access is shared with Raja.
Reviewer Reply Template¶
Thanks, I kept procurement gated on password-manager access and did not handle credentials in the PR.