Transition CI/CD Infrastructure from Quansight to OpenTeams Resources

[Adam-D-Lewis]

Note: This is a coordinating issue drafted by an LLM to help organize the transition tasks. Please edit and update as needed.

Summary

We need to complete the transition of our CI/CD infrastructure and cloud resources from Quansight company resources to OpenTeams resources.

Background

• The project previously used Quansight company resources for CI/CD, cloud deployments, and bot accounts
• GCP credentials have already been transitioned to use OpenTeams ✅
• AWS and Azure credentials still need to be updated
• Various documentation and configuration references to Quansight need to be cleaned up

Tasks

High Priority - Cloud Credentials

• AWS: Update GitHub secrets for AWS integration tests
  • Create an OT AWS project for nebari CI usage
    • https://github.com/openteams-ai/ascot/issues/88
  • Update AWS_ROLE_ARN secret to use OpenTeams AWS account
  • Verify AWS integration workflow still works after update
• Azure: Update GitHub secrets for Azure integration tests
  • Create an OT Azure project for nebari CI usage
    • https://github.com/openteams-ai/ascot/issues/89
  • Update ARM_CLIENT_ID, ARM_TENANT_ID, ARM_SUBSCRIPTION_ID to use OpenTeams Azure account
  • Verify Azure integration workflow still works after update
• Transfer CloudFlare domain management from Quansight to OpenTeams #3133
  • Update DNS configurations and domain registrations as needed
  • Verify domain functionality after transfer
  • Create OT cloudflare taken and add to secrets of this repo and nebari-dev/nebari-mlflow-plugin
• Migrate CI deployment runners from Quansight to OpenTeams #3134
  • Migrate CIrun configuration to OpenTeams account
  • Verify local deployment workflows function correctly

Low Priority - Historical References

• None

Verification

• Run full CI/CD pipeline after credential updates
• Verify all cloud integration tests pass
• Test deployment workflows on all cloud providers

Security Considerations

• Ensure old Quansight credentials are properly revoked after transition
• Verify that OpenTeams accounts have appropriate permissions and security policies
• Review access logs to ensure no unexpected access from old accounts

Dependencies

• Access to OpenTeams AWS and Azure accounts
• Permissions to update GitHub repository secrets
• Coordination with OpenTeams infrastructure team for credential setup

[marcelovilla]

AWS: Update GitHub secrets for AWS integration tests

This is done. Updated the secret to reference the role in the OpenTeams AWS account and the workflow runs fine.

[Adam-D-Lewis]

Tried to transfer over Azure credentials today, but hit https://github.com/openteams-ai/ascot/issues/123

[Adam-D-Lewis]

Azure credentials have been transferred over