implement a sane way to share dotfiles across labs instances
Open, NormalPublic

Description

Especially since we are trying to get people to not use shared NFS homes unless absolutely necessary.

yuvipanda updated the task description. (Show Details)
yuvipanda raised the priority of this task from to Needs Triage.
yuvipanda added a project: Cloud-Services.
yuvipanda added a subscriber: yuvipanda.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJun 11 2015, 8:35 PM
greg added a subscriber: greg.Jun 11 2015, 8:39 PM

There may be sane way to use the production dotfiles for a user and include them?

chasemp triaged this task as Normal priority.Jun 11 2015, 9:47 PM
chasemp set Security to None.

Production users are manageable, but I don't think we really want every labs user and their dog sending their dotfiles for review into operations/puppet.git. Perhaps a separate repository included in labs somehow?

Oh yes, for sure.

Problem would be to figure out how to make sure that users can't affect each others' dotfiles. Perhaps have a file that points to a git repository that'll be cloned, and the git repository can live anywhere (gerrit, github, phabricator)?

scfc added a subscriber: scfc.Jun 12 2015, 3:05 PM

Per-user information about the repository should be in LDAP. However, if such a solution would be used on a bigger project (and I know that Tools isn't affected by this), this would mean that for each instance for each user a fetch from the repository is performed every 30 minutes. In total, that could be too much.

So, assuming in non-Tools projects the users/administrators will have some familiarity with Puppet and their number is "small", I would favour using a mechanism similar to/identical with modules/admin (could even be the same module if it does not try to create the user in Labs).

hashar added a subscriber: hashar.Jun 22 2015, 10:48 AM