[go: up one dir, main page]
Page MenuHomePhabricator
Create Task
Maniphest T371650

Requesting access to deployment shell access for toyofuku
Closed, ResolvedPublicRequest
Actions

Description

Requestor provided information and prerequisites

Complete ALL items below as the individual person who is requesting access:

  • Wikimedia developer account username: SToyofuku-WMF
  • Email address: stoyofuku@wikimedia.org
  • SSH public key (must be a separate key from Wikimedia cloud SSH access): ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILPzNLzxzF0+Sjy80bIrbKyCyoDqcEB95X9z0fWh3F7x toyofuku@wmf3417
  • Requested group membership: deployment
  • Reason for access: being able to self-service deploy for the web team to reduce load on other deployers. I have shadowed multiple times and read the recommended documentation
  • Name of approving party (manager for WMF/WMDE staff): @NBaca-WMF @thcipriani
  • Ensure you have signed the L3 Wikimedia Server Access Responsibilities document: I have
  • Please coordinate obtaining a comment of approval on this task from the approving party.

SRE Clinic Duty Confirmation Checklist for Access Requests

This checklist should be used on all access requests to ensure that all steps are covered, including expansion to existing access. Please double check the step has been completed before checking it off.

This section is to be confirmed and completed by a member of the SRE team.

  • - User has signed the L3 Acknowledgement of Wikimedia Server Access Responsibilities Document.
  • - User has a valid NDA on file with WMF legal. (All WMF Staff/Contractor hiring are covered by NDA. Other users can be validated via the NDA tracking sheet)
  • - User has provided the following: developer account username, email address, and full reasoning for access (including what commands and/or tasks they expect to perform)
  • - User has provided a public SSH key. This ssh key pair should only be used for WMF cluster access, and not shared with any other service (this includes not sharing with WMCS access, no shared keys.)
  • - The provided SSH key has been confirmed out of band and is verified not being used in WMCS.
  • - access request (or expansion) has sign off of WMF sponsor/manager (sponsor for volunteers, manager for wmf staff)
  • - access request (or expansion) has sign off of group approver indicated by the approval field in data.yaml

For additional details regarding access request requirements, please see https://wikitech.wikimedia.org/wiki/Requesting_shell_access

Details

SubjectRepoBranchLines +/-
data.yaml: Add toyofuku to deployment group.operations/puppetproduction+1 -1
Customize query in gerrit

Event Timeline

SToyofuku-WMF created this task.Aug 1 2024, 11:58 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptAug 1 2024, 11:58 PM
Fabfur subscribed.Aug 2 2024, 7:49 AM

Hi @NBaca-WMF @thcipriani, could you confirm this request please?

Fabfur claimed this task.Aug 2 2024, 7:51 AM
thcipriani updated the task description. (Show Details)Aug 2 2024, 3:52 PM
In T371650#10037668, @Fabfur wrote:

Hi @NBaca-WMF @thcipriani, could you confirm this request please?

👍 good from my side.

@SToyofuku-WMF has sat in on a few deploy sessions and we did a deploy together yesterday. Justification makes sense to me as well.

NBaca-WMF added a comment.Aug 2 2024, 8:07 PM

approved from my side as well! Thanks all

SLyngshede-WMF updated the task description. (Show Details)Aug 7 2024, 7:21 AM
gerritbot added a comment.Aug 7 2024, 7:23 AM

Change #1060338 had a related patch set uploaded (by Slyngshede; author: Slyngshede):

[operations/puppet@production] data.yaml: Add toyofuku to deployment group.

https://gerrit.wikimedia.org/r/1060338

gerritbot added a project: Patch-For-Review.Aug 7 2024, 7:23 AM
SLyngshede-WMF changed the task status from Open to In Progress.Aug 7 2024, 7:31 AM
SLyngshede-WMF triaged this task as High priority.
gerritbot added a comment.Aug 8 2024, 6:31 AM

Change #1060338 merged by Slyngshede:

[operations/puppet@production] data.yaml: Add toyofuku to deployment group.

https://gerrit.wikimedia.org/r/1060338

Maintenance_bot removed a project: Patch-For-Review.Aug 8 2024, 7:31 AM
Dzahn subscribed.Aug 8 2024, 5:27 PM

This should be resolved now. @SToyofuku-WMF I can see your user exists now on the deployment server. You should be able to login.

The currently active server is called deploy1003.eqiad.wmnet. You can look up what the current server is by looking up deployment.eqiad.wmnet in DNS from any other host in the WMF network.

[deploy1003:~] $ host deployment.eqiad.wmnet
deployment.eqiad.wmnet is an alias for deploy1003.eqiad.wmnet.
..
[deploy1003:~] $ id toyofuku
uid=45587(toyofuku) gid=500(wikidev) groups=500(wikidev),705(deployment)
SToyofuku-WMF added a comment.Aug 8 2024, 8:42 PM

Can confirm I just got in - thank you so much!!

Dzahn closed this task as Resolved.Aug 8 2024, 9:41 PM

Thanks for confirming! I'll call it resolved. Cheers

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits