1756-Added downtime incident management document

[abroddrick]

Ticket

Resolves #1756

Changes

• adds document for managing when the site is down
• links to a document for phone numbers

Context for reviewers

Setup

Code Review Verification Steps

As the original developer, I have

Satisfied acceptance criteria and met development standards

• Met the acceptance criteria, or will meet them in a subsequent PR
• Created/modified automated tests
• Added at least 2 developers as PR reviewers (only 1 will need to approve)
• Messaged on Slack or in standup to notify the team that a PR is ready for review
• Changes to “how we do things” are documented in READMEs and or onboarding guide
• If any model was updated to modify/add/delete columns, makemigrations was ran and the associated migrations file has been commited.

As a code reviewer, I have

Reviewed, tested, and left feedback about the changes

• Pulled this branch locally and tested it
• Reviewed this code and left comments
• Checked that all code is adequately covered by tests
• Made it clear which comments need to be addressed before this work is merged
• If any model was updated to modify/add/delete columns, makemigrations was ran and the associated migrations file has been commited.

Ensured code standards are met (Code reviewer)

• All new functions and methods are commented using plain language
• Interactions with external systems are wrapped in try/except
• Error handling exists for unusual or missing values
• (Rarely needed) Did dependency updates in Pipfile also get changed in requirements.txt?

[PaulKuykendall]

Just a couple comments for you, that I think could be clarified.

[PaulKuykendall]

We can put some effort into an "incident" template to be used during the outage, to capture the details as they happen.

[PaulKuykendall]

Perhaps we pin the template to the redalert channel, so the reporter can grab it and start logging information.

[abroddrick]

There is a template already in progress

[PaulKuykendall]

regarding the "critical bug in our code," we won't know the cause at the outset, only that the site is down. Also, it needs to be clear how this is different from a security incident.

[abroddrick]

Actually the point here is when there is only something critical in our code, but I could add in or third parties. The point being I don't want to make this doc about defining what a security attack could be, etc. This is about things in our control directly.

[abroddrick]

language updated see what you think now

re-requesting review

[abroddrick]

@PaulKuykendall, I made updates, re-review when you have a spare moment please

[h-m-f-t]

We should also have as a post- todo to review these steps as a team and update as useful.

[rachidatecs]

fullstops after every bullet point.

[abroddrick]

what? Chaotically switching between having periods and not having periods doesn't make sense?

Will change this

[h-m-f-t]

One small update and a request for a test.

Changes made, requesting re-review

[h-m-f-t]

🎉

[h-m-f-t]

@abroddrick – once merged, let's link to this document in redalert's canvas.